Privacy Policy

How Candidum Games handles personal data

Last updated: 8 July 2026. This notice explains what personal data we collect, why we use it, who we share it with, how long we keep it, and the rights available to you.

Who we are

This notice applies to personal data processed by Candidum Games Ltd when you use this website, contact us, or work with us.

Privacy contact: contact@candidumgames.com

Contact address: Candidum Games Ltd, 124 City Road, London, United Kingdom, EC1V 2NX.

We have not appointed a data protection officer. Please use the privacy contact above for data protection questions.

Personal data we collect

  • Contact and identity details, such as your name, email address, company, role, and the contents of messages you send to us.
  • Business enquiry details, such as information about a project, service request, partnership, licensing discussion, publishing enquiry, or support question.
  • Website and technical data, such as IP address, device and browser information, pages visited, approximate location derived from technical data, and security logs.
  • Marketing preferences, such as whether you have asked to receive updates from us or withdrawn from future messages.
  • Public or third-party business information where relevant to a B2B enquiry, for example company websites, public profiles, or information supplied by a partner.

Why we use personal data and our lawful bases

  • To respond to enquiries and discuss possible services, partnerships, publishing, localization, rendering software, game development, or open source collaboration. We rely on legitimate interests and, where a request may lead to a contract, steps taken before entering into a contract.
  • To provide services, manage customer or supplier relationships, keep business records, and handle billing or administration. We rely on contract, legitimate interests, and legal obligations where they apply.
  • To send product, company, or project updates where you have asked to receive them. We rely on consent where required, or legitimate interests for limited B2B communications where the law allows.
  • To operate, maintain, secure, and improve the website. We rely on legitimate interests in running a secure and reliable website.
  • To comply with legal, tax, accounting, regulatory, or dispute-resolution obligations. We rely on legal obligations and legitimate interests.

Who we share personal data with

  • Service providers that help us run our website, email, hosting, business systems, analytics, security, and communications.
  • Professional advisers, such as accountants, lawyers, insurers, auditors, and other advisers where needed for ordinary business administration.
  • Public authorities, courts, regulators, or law enforcement where we are legally required to share information or need to protect our rights.
  • Business partners involved in a project or enquiry, but only where sharing is necessary and appropriate for that interaction.
  • We do not sell personal data.

International transfers

  • Some service providers or partners may process personal data outside the UK or European Economic Area.
  • Where personal data is transferred internationally, we use appropriate safeguards where required, such as adequacy regulations, adequacy decisions, standard contractual clauses, or other lawful transfer mechanisms.
  • You can contact us if you would like more information about the safeguards relevant to a particular transfer.

How long we keep personal data

  • General enquiries are usually kept for up to 24 months after the last meaningful contact, unless a longer period is needed for an ongoing relationship or dispute.
  • Customer, supplier, tax, accounting, and transaction records are usually kept for up to seven years, or longer if required by law.
  • Marketing subscription records are kept until you unsubscribe or ask us to delete them, plus a limited suppression record so we can respect your opt-out.
  • Technical logs are kept only for as long as needed for security, troubleshooting, analytics, and website maintenance.
  • If no fixed period applies, we decide retention by considering the amount, nature, and sensitivity of the data, the purpose it was collected for, legal requirements, and the risk of harm from unauthorised use or disclosure.

Your privacy rights

  • Depending on where you live and the lawful basis for processing, you may have rights to access your personal data, correct it, delete it, restrict how it is used, receive a portable copy, or object to certain processing.
  • You can withdraw consent at any time where we rely on consent, for example for optional marketing messages. Withdrawing consent does not affect processing that happened before withdrawal.
  • You can complain to a data protection supervisory authority. In the UK, this is the Information Commissioner's Office.

Your right to object

You have the right to object to our processing of your personal data where we rely on legitimate interests, including any direct marketing. You can object by contacting contact@candidumgames.com. We will stop direct marketing when you object.

Cookies and similar technologies

We may use cookies or similar technologies that are necessary to provide the website, remember preferences, understand site performance, and protect the site. If we add optional analytics or marketing cookies, we will provide any required consent choices before using them.

Automated decision-making

We do not use personal data from this website to make solely automated decisions, including profiling, that produce legal or similarly significant effects for individuals.

Complaints

Please contact us first if you have a privacy concern. You also have the right to complain to the Information Commissioner's Office in the UK.

Changes to this notice

We may update this notice when our website, services, company structure, or legal requirements change. The latest version will be posted on this page.