Menu
Close
Edit Content

Home

Blog

Whizblitz event

Terms of use

Privacy Policy

Contact us

WhizToonz Privacy Policy

Last Updated: 14 September 2025

Controller: Oaks Intelligence Limited (t/a “WhizToonz”), Company No. 14560141, 20 Foxborough Gardens, Bradley Stoke, Bristol, England, BS32 0BT.

1) Scope & Who We Are

This Policy explains how WhizToonz collects, uses, shares, stores, and deletes personal data across our apps, games, website, and related services (“Platform”). By using the Platform, you agree to this Policy and our Terms of Use. We are committed to children’s privacy and global compliance (GDPR/UK GDPR, COPPA, Nigeria’s NDPR/NDPA, CCPA/CPRA).

2) What We Collect

  • Account & Age Info: Parent or user email/phone, age or date of birth, country/region (to place users in Kiddiez (≈5–12) or Toonz (13+) and apply safeguards).
  • Profile (Optional): Nickname and optional avatar (real names not required; avoid identifiable child images). No collection of sensitive details like address or school.
  • Usage/Device Data: Device type/OS/app version, feature use, episode views, game progress, diagnostics; no precise GPS; generally aggregated or linked to account for support/personalization.
  • Children’s Data (Minimised): For under-13s we collect only what’s necessary (e.g., username/age, parent contact).
  • No Special Categories: We don’t intentionally collect sensitive categories (health, religion, etc.).

3) How We Use Data

  • Provide & Personalise: Operate accounts, deliver content, age-appropriate experiences, localisation.
  • Safety & Compliance: Enforce age gates, limit features for kids (e.g., no open chat), moderate content, investigate violations.
  • Support & Comms: Account/security notifications; no marketing to children.
  • Improve & Secure: Analytics, debugging, fraud/abuse prevention.
  • Transactions: Process purchases and in-app currency operations (see §10).

We do not use children’s data for targeted ads. Kiddiez is ad-free. Toonz (13+) may see limited, family-friendly ads (contextual/generic).

4) Legal Bases (GDPR/UK GDPR & similar)

  • Consent: Especially for children (parental consent) and optional uses.
  • Contract: To provide the service you request (account, content access, payments).
  • Legitimate Interests: Improve security, prevent fraud, enhance features—balanced against your rights.
  • Legal Obligations: Accounting/tax, regulatory, child-privacy requirements.

You can withdraw consent at any time but this may affect features.

5) Children’s Privacy (Kiddiez, ≈5–12)

  • Parental Consent: We seek verifiable parental consent where required (COPPA/GDPR). Parents can review/delete their child’s data.
  • Built-In Protections: No open chat or DMs; only pre-approved phrases/emojis in limited contexts; no public posting by kids.
  • No Targeted Ads / No Sharing with Advertisers: Kiddiez is ad-free; no behavioral profiling.

6) Sharing Data

We do not sell personal data. We share only as needed with:

  • Service Providers: Hosting, analytics, support—bound by confidentiality and DP terms.
  • Cloud Storage: Data is hosted on MongoDB Atlas (East US) with security controls.
  • Payments: Stripe/Paystack process payments; we don’t store full card data.
  • Legal/Protection: To comply with law, enforce Terms, prevent fraud.
  • Business Transfers: If ownership changes, equivalent protections will apply.

7) Storage, Security & International Transfers

  • Location: Data is stored in the United States (East US).
  • Security: Encryption in transit, hashed passwords, restricted access, reviews/audits. No system is 100% secure—please protect your credentials.
  • Transfers: We use appropriate safeguards (e.g., Standard Contractual Clauses for EU/UK) and comply with NDPR/NDPA for Nigerian data.

8) Your Rights

Depending on your region, you may have rights to:

  • Access / Copy your data, Correct inaccuracies, Delete (“erasure”), Restrict or Object to processing, Portability, and Withdraw Consent. Parents can exercise these for their children.

To exercise rights, contact privacy@whiztoonz.com. We’ll verify requests and respond within legal timeframes.

9) Retention & Deletion

  • Soft Delete: Deleted/deactivated accounts are removed from active use but may persist in secure archives/backups for a time to meet business/legal needs (e.g., financial records, abuse investigations) and disaster recovery.
  • Hard Delete on Request: Where the law grants a right to erasure (e.g., GDPR/UK GDPR), we will permanently delete or anonymize personal data except where retention is legally required (e.g., transaction records). Backup remnants are purged on rotation and are not returned to active systems. 

10) Payments & Virtual Currency

  • Processors: Stripe / Paystack handle card data; we may store non-sensitive billing details (e.g., last four digits, expiry) and transaction info for support/compliance—never full card numbers or CVV.
  • WhizBits & Gold Coins: See Terms for currency rules, conversion (WhizBits only), and fees; records retained for compliance and fraud prevention. 

11) Cookies & Tracking

  • Current Approach: No traditional cross-site tracking cookies; mobile apps may use local storage for preferences; no precise geolocation. We’ll update this Policy and seek consent if our web experience adds non-essential cookies.

12) Advertising

  • Kiddiez: Ad-free.
  • Toonz (13+): Limited, family-friendly ads; generally contextual/generic. We do not share personal data with advertisers without consent; no behavioral targeting of children.

13) Changes to this Policy

We may update this Policy to reflect changes in law, technology, or our services. We’ll post updates in-app/on-site with a new “Last Updated” date and notify you of significant changes.

14) Contact Us

Data/Privacy: privacy@whiztoonz.com

General Support: support@whiztoonz.com

Legal: legal@whiztoonz.com

Postal:

Oaks Intelligence Limited (WhizToonz)

Attn: Data Protection Officer / Privacy Team

20 Foxborough Gardens, Bradley Stoke, Bristol, England, BS32 0BT