Please upgrade your browser to make full use of this site.  chrome

Privacy Policy

This privacy policy has been updated to comply with GDPR (General Data Protection Regulation).

This Policy applies as to all products and services provided by CryptoCities, and yourself the User of CryptoCities. This Policy applies to our use of any and all Data collected by us in relation to your use of CryptoCities and any Services or Systems therein. Please read the following carefully to understand our views and practices regarding your personal data and how we treat it.

1. Definitions & interpretations

The following terms shall have the following meanings:

Account” means collectively the personal information, payment information and credentials used by Users to access material and/or any communications System on CryptoCities

Content” means any text, graphics, images, audio, video, software, data compilations and any other form of information capable of being stored in a computer that appears on or forms part of CryptoCities

Cookie” means a small text file placed on your computer by CryptoCities when you visit certain parts of the Website

Data” means collectively all information that you submit to the Website. This includes, but is not limited to, Account details and information submitted using any of our Services or Systems

CryptoCities” (‘We’/‘Us’) means the Website.

Service”/“Services” means collectively any online facilities, tools, services or information made available through CryptoCities either now or in the future

System” means any online communications infrastructure that CryptoCities makes available through CryptoCities either now or in the future. This includes, but is not limited to, web-based email, message boards, live chat facilities and email links

User”/“Users” means any third party that accesses CryptoCities and is not employed by CryptoCities and acting in the course of their employment

Website” means the website that you are currently using ( and any sub-domains of this site

2. Our lawful basis

We rely on legitimate interests as our lawful basis for processing personal data. Different legitimate interests apply for each category of personal data that we process. These are described in the next section.

3. The personal data that we process

We have grouped the personal data that we process into multiple categories. Each has a different level of privacy, and the processing that applies to each is different too.

3a. Email Addresses

This personal data refers to any email address provided by yourself. We treat this personal data separately because it is generally considered private. It has different legitimate interests to public data.

We have a legitimate business interest to communicate with our users. We want to be able to provide you with important information about your account when the need arises. We also use email to provide user support and respond to queries. It is in your best interest to receive support as quickly as possible.

These legitimate interests are a sound lawful basis for processing email addresses privately and securely. We have provided a safeguard by allowing you to opt-out of email addresses being processed should you wish. In addition to collecting and storing email address, we also comply with PECR requirements when sending email.

3a. Public Ethereum Addresses

This data refers to the public ethereum addresses that we process from the blockchain and from MetaMask. Although it is debateable whether this is personal data or not, we have decided to classify it as such. This data is publically available via many sources.

We have a legitimate interest in processing your public ethereum addresses in order to provide you with this game and marketplace. We collect, store, and display these addresses on our website in order provide our service. Without using these addresses we would not be able to track ownership of the location assets in smart contracts.

This data is immutable and can't be deleted from the blockchain. It is public and as such we see no risk to the individual by us processing it. This is our lawful basis for doing so.

3c. IP Address, Device Info, Usage Data

This personal data refers to the IP address and other information we receive about your browser, such as the type, user agent string, and cookies. It also includes the usage information we collect and log about your visits. We process this data in order to provide better security and monitoring of the service. It is in our legitimate interest to ensure that users are conforming to rules and policy, not just for us but for twitter too.

It also allows us to identify security issues, such as hacking attempts. We also conduct long-term analysis of this data in order to improve the service. This data helps us to provide support to you by being able to analyse what is occurring in your account and to determine how to fix it.

You benefit from this data being processed by receiving a more secure and higher quality service. These legitimate interests are a lawful basis for processing this data.

4. Retention period

We retain personal data only for as long as it is needed. This means that the personal data listed above is retained based on it's legitimate interest usefulness, and whether it is still valid. In the case of email addresses we retain these indefinitely, but stop sending emails to them if your account becomes dormant. The reason we retain these is that this is often the only way you can identify your account if you have been gone a long time.

For IP Address, device info, and usage data we may retain some of this indefinitely. As an example, an IP address that has been blacklisted my be kept forever. But most other data is retained for less than 5 years, eg. detailed usage logs. Some high level analysis data is retained indefinitely, but this is not linked to your account and is retained in unidentifiable aggregated form.

Ethereum addresses are never deleted. They live in the blockchain forever.

5. Protecting your privacy

We use the latest technologies and processes to ensure that any information (personal data) that you supply us is kept secure at all times.

This policy (together with our Terms and any other documents referred to on it) sets out the basis on which any personal data we collect from you, or that you provide to us, will be processed by us.

6. Cookies

We use cookie files which are stored on your browser, or the hard drive of your computer or the memory of your mobile device. They help us to provide you with a secure service. The session and security cookies that we use do not require consent as per the exemptions provided in the Privacy and Electronic Communications Regulations for these types of cookies. More detail on the cookies we use can be found here.

7. How your data is stored

The data we collect from you may be transferred to, and stored at, a destination outside the European Economic Area ("EEA"). It may also be processed by staff operating outside the EEA who work for us or for one of our suppliers. Such staff may be engaged in, among other things, the fulfilment of your order, the processing of your payment details and the provision of support services. By submitting your personal data, you agree to this transfer, storing or processing. We will take all steps reasonably necessary to ensure that your data is treated securely and in accordance with this privacy policy.

All information you provide to us is stored on our secure servers. Where we have given you (or where you have chosen) a password which enables you to access certain parts of our site, you are responsible for keeping this password confidential. We ask you not to share a password with anyone.

Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted to our site; any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access.

8. Third party websites & services

We may use your data, or permit selected third parties to use your data, to provide you with information about goods and services which may be of interest to you.

If you are an existing member, we will only contact you by electronic means (e-mail or SMS) with information about goods and services similar to those which were the subject of a previous sale to you.

If you are a new member, and where we permit selected third parties to use your data, we (or they) will contact you by electronic means only if you have consented to this.

Twiends may, from time to time, employ the services of other parties for dealing with matters that may include, but are not limited to, payment handling, delivery of purchased items, search engine facilities, advertising and marketing. The providers of such services do have access to certain personal Data provided by Users of CryptoCities. Any Data used by such parties is used only to the extent required by them to perform the services that CryptoCities requests. Any use for other purposes is strictly prohibited. Furthermore, any Data that is processed by third parties must be processed within the terms of this Policy and in accordance with the Data Protection Act 1998.

9. Disclosure of your information

We may disclose your personal information to any member of our group, which means our subsidiaries, our ultimate holding company and its subsidiaries, as defined in section 1159 of the UK Companies Act 2006.

The reasons we may disclose your personal information are:

9.1 In the event that we sell or buy any business or assets, in which case we may disclose your personal data to the prospective seller or buyer of such business or assets.

9.2 If our assets are acquired by a third party, in which case personal data held by it about its members will be one of the transferred assets.

9.3 If we are under a duty to disclose or share your personal data in order to comply with any legal obligation or law enforcement request, or in order to enforce or apply our terms of use.

10. Your rights

You may access certain areas of CryptoCities without providing any Data at all. However, to use all Services and Systems available on CryptoCities you may be required to submit Account information or other Data.

You have the right to ask us not to process your personal data for marketing purposes. We will usually inform you (before collecting your data) if we intend to use your data for such purposes or if we intend to disclose your information to any third party for such purposes. You can exercise your right to prevent such processing by checking certain boxes on the forms we use to collect your data.

Our site may, from time to time, contain links to and from the websites of our partner networks, advertisers and affiliates. If you follow a link to any of these websites, please note that these websites have their own privacy policies and that we do not accept any responsibility or liability for these policies. Please check these policies before you submit any personal data to these websites.

You may contact us at any time via email.

You have the right to lodge a complaint with a supervisory authority at any time.

11. Access to your information

The Act gives you the right to access information held about you. Your right of access can be exercised in accordance with the Act. Any repeat access requests may be subject to a fee of £10 to meet our costs in providing you with details of the information we hold about you.

12. Changes to our policy

Any changes we may make to our privacy policy in the future will be posted on this page and, where appropriate, notified to you by e-mail.