We use cookies

This website uses cookies to enhance your browsing experience, analyze site traffic, and support essential site functionality.

By continuing to use Xydarion, you agree to our use of cookies.

Privacy Policy

1. Introduction and scope

This Privacy Policy explains how Kromelith Sp. z o.o. collects, uses, discloses, and protects personal data when you visit Kromelith.com, create an account, play games embedded on our site, or contact us. We follow the General Data Protection Regulation (EU) 2016/679 (“GDPR”) and applicable Polish law.

2. Who we are (data controller)

Kromelith Sp. z o.o. is the controller for personal data processed through this website.
Contact Kromelith
Kromelith Sp. z o.o.
Rondo ONZ 1, 00-124 Warszawa, Poland
Email: [email protected]
Phone: +48 22 307 89 14
Office hours: Monday–Friday, 09:00–17:00 CET

3. What data we collect

We collect only what is necessary for the services we provide.
  • Account and profile data: username, email address, age group, preferences, favorites, saved settings.
  • Gameplay and usage data: games played, session length, in-game events exposed by the game frame, progress or scores (where supported), crash reports.
  • Device and network data: browser type and version, operating system, language, IP address, time zone, cookie identifiers, referrer URL.
  • Cookies and similar technologies: required cookies for core functions and optional analytics—see Section 10.
  • Support and moderation data: messages you send to us, bug reports, abuse reports, and related metadata.
  • Purchase context: if a game offers optional purchases via a third-party provider, we receive confirmation and non-financial metadata (e.g., item and timestamp). We do not store full payment card details.
We collect the data directly from you, automatically through your device, and from trusted service providers that help operate analytics, anti-abuse measures, and hosting.

4. Why we use your data (purposes)

  • Provide and maintain site features, user accounts, and game embeds.
  • Save progress, favorites, and device settings across sessions.
  • Measure performance, fix problems, and improve stability and responsiveness.
  • Keep the community safe (fraud prevention, abuse detection, moderation).
  • Communicate about service updates, security notices, and—where you agree—news and promotions.
  • Comply with legal obligations, tax and accounting rules, and requests from authorities where required.

5. Legal bases under the GDPR

  • Contractual necessity – to deliver the website, account features, and game functionality you request.
  • Legitimate interests – to run, protect, and improve the platform, prevent abuse, and understand feature usage (balanced against your rights).
  • Consent – for non-essential cookies/analytics and direct marketing. You may withdraw consent at any time.
  • Legal obligation – for record-keeping, security, and compliance duties.

6. Retention

We store data only as long as needed for the purposes above:
  • Account data: kept while the account is active; deleted or anonymised within a reasonable period after closure.
  • Analytics logs: typically up to 12 months, then aggregated or deleted.
  • Support tickets and moderation records: as long as needed to resolve the matter and for safety or compliance.
  • Legal and tax records: according to statutory retention periods.

7. Sharing and international transfers

We share personal data only with:
  • Service providers (processors) that host the website, deliver analytics, security, content delivery, email communications, or customer support—bound by contracts and confidentiality.
  • Game partners to the limited extent required to run a game frame or diagnose issues.
  • Authorities or legal advisers where required by law or to protect our rights and users.
  • Business transactions (e.g., merger or acquisition) where data transfer follows GDPR safeguards.
Data may be processed outside the EEA. When this happens, we use approved safeguards such as the European Commission’s Standard Contractual Clauses (SCCs) and additional measures where appropriate.
We do not sell personal data.

8. Your rights

Under the GDPR, you may have the right to:
  • Access your data and receive a copy.
  • Rectify inaccurate or incomplete data.
  • Erase data (“right to be forgotten”), where applicable.
  • Restrict or object to certain processing, including processing based on legitimate interests or for direct marketing.
  • Data portability in a structured, commonly used, machine-readable format.
  • Withdraw consent at any time (processing prior to withdrawal remains lawful).
  • Lodge a complaint with the Polish supervisory authority, Urząd Ochrony Danych Osobowych (UODO) – uodo.gov.pl.
To exercise these rights, contact us using the details in Section 2.

9. Security

We apply technical and organisational measures to protect data, including encryption in transit, access controls, logging, and regular reviews of our vendors. No internet service can guarantee absolute security, but we work to minimise risk and respond promptly to incidents.

10. Cookies and similar technologies

We use:
  • Essential cookies for authentication, load balancing, and user settings.
  • Analytics cookies (with your consent) to understand aggregate usage and improve performance.
  • Preference cookies to remember choices such as language and content filters.
You can manage or disable non-essential cookies through our cookie banner or your browser settings. For details, see our Cookie Policy.

11. Children’s privacy

Our catalogue includes titles suitable for younger audiences, but we do not knowingly collect personal data from children under 16 without verifiable consent from a parent or guardian (in line with Polish requirements). If you believe a child provided personal data without consent, contact us and we will take appropriate action.

12. Third-party links and games

Some games are provided by third parties and run inside an embedded frame. Their own terms or privacy notices may apply to specific in-game features or purchases. We encourage you to review those notices when applicable.

13. Changes to this policy

If we make material changes, we will update this page and, when appropriate, notify you through the site or by email. Continued use of the service after the effective date constitutes acceptance of the updated policy.