Privacy policy

Controller

Josef Sibein
c/o Frey Services GmbH
Eggstrasse 14f
8134 Adliswil
Switzerland

Email: impressum@sibein.ch

Scope

This privacy policy applies to the browser games Pinball and Pinball World War and their related pages on pinball.sibein.ch. It is intended in particular for visitors from Switzerland, Germany and the European Union.

Hosting and server logfiles

This website is hosted by ALL-INKL.COM - Neue Medien Münnich, owner René Münnich, Hauptstraße 68, 02742 Friedersdorf, Germany.

When the website is accessed, the server processes technically necessary access data. This may include IP address, date and time of access, requested file, amount of data transferred, browser type, operating system, referrer and status code.

This data is processed to deliver the website, maintain stability and security, detect technical errors and defend against misuse. Server data is stored only as long as necessary for these purposes or as required by law.

The hosting provider is used for the technical delivery of the website. The details are governed by the hosting contract and, where required, by a data processing agreement pursuant to Art. 28 GDPR.

Contact form

When the contact form is used, the entered information is processed. This may include name, email address, message and the answer to the security question. Name and email address are optional. A reply is only possible if a reachable email address is provided.

The form message is sent by email to kontakt0815@sibein.ch. The technical sender address is formular0815@sibein.ch. The form contents are not stored in a separate database. The incoming email may remain stored in the mailbox for as long as necessary to handle the request or document the matter.

The processing is carried out to handle the request, answer follow up questions and prevent simple automated form use. To prevent rapid repeated submissions, a technical delay of about 60 seconds is used. For this purpose, a non public short record derived from technical access data may be created on the server; it is used only to protect the form against misuse and is not used to create user profiles. Where the General Data Protection Regulation applies, processing is based on Art. 6(1)(b) GDPR or Art. 6(1)(f) GDPR depending on the content of the request.

Game counter

The games use small PHP files to increase the visible total counters “Destroyed Bricks Worldwide” and “Destruction worldwide”. During play, newly destroyed bricks or targets are shown immediately in the browser. In the normal web version, the browser sends the accumulated increase to the server about every 10 seconds and also fetches the current shared total about every 10 seconds. In the installed app view, this synchronization is reduced to about every 60 seconds to save data and reduce network activity. When the page or app view is closed, hidden or left, the browser additionally tries to send any remaining unsent increase.

Only one shared total number is stored on the server. These counters do not store names, user accounts, device profiles or individual game histories. Because the visible number is a worldwide shared total, it may jump when other players destroy bricks or targets at the same time.

Online display

For the visible “online” display, the browser creates a random short lived session identifier in JavaScript memory when a game page is opened. This identifier is not stored in cookies, localStorage or sessionStorage. About every 60 seconds, the browser sends a short activity signal to a PHP file on this website.

The online counter stores only this anonymous temporary identifier, the selected game and the last activity time. Entries that have not been updated for about 120 seconds are automatically removed. When the page is closed or hidden, the browser additionally tries to send a removal signal. The online counter itself does not store names, email addresses, IP addresses, device profiles or game histories.

Highscore

After game over, players may voluntarily enter a self chosen name together with the achieved score in a highscore list. A real name is not required. Names are limited to letters A to Z and numbers 0 to 9. Only the entered name, score, game and time of entry are stored. No email address, user account or password is used for the highscore list.

To prevent rapid repeated submissions and simple manipulation attempts, the highscore list uses a short technical delay, a minimum play time of 60 seconds and a simple security question. For this purpose, non public technical short records may be created on the server, for example a game session token and a record derived from technical access data. These records are not displayed publicly and are not used for user profiles.

The highscore list is used only to display the best game results. Inappropriate or clearly abusive entries may be removed. The legal basis is voluntary submission under Art. 6(1)(a) GDPR and the legitimate interest in a functional game offer under Art. 6(1)(f) GDPR.

Local browser storage

The games may use local browser storage so that counter updates can be retried after connection errors and so that technical game state can be preserved. In the installed app, unsent counter increases can remain locally queued while the device is offline and are sent later only as a combined number when a connection is available again. This data remains in the browser on the device and can be deleted through the browser or app settings.

JavaScript and browser service utility

The games use JavaScript for gameplay. The installable app uses a browser service worker to store the current app files locally and to make the game more robust when the connection is poor. The app uses a technical version name, currently V1, and a versioned cache so that older cached app files can be replaced by newer ones. This app versioning does not identify individual players.

Cookies, advertising and analytics

The game itself does not set analytics cookies, advertising cookies or external visitor analytics tools. There is no personalized advertising and no user profiling for these games.

Legal bases and legitimate interest

Technically necessary data is processed to provide the website, maintain security and fix errors. Where the General Data Protection Regulation applies, this processing is based on Art. 6(1)(f) GDPR. Under Swiss data protection law, processing is carried out for the purpose bound, proportionate and transparent provision of the website.

Data sharing

Personal data is not sold and is not shared for advertising purposes. Data is shared only where required for technical website delivery, required by law or necessary to defend against attacks and misuse.

Storage period

Personal data is stored only as long as necessary for the stated purposes. Local browser data can be deleted by the user in the browser. The visible total game counter is not individual personal data. Temporary identifiers for the online display are removed automatically after about 120 seconds without activity. Locally cached app files remain on the device until the browser replaces or deletes them. Entries in the highscore list remain visible until they are replaced, cleaned up or removed upon request.

Data subject rights

Where the legal requirements are met, rights may exist to access, rectification, deletion, restriction of processing, objection and data portability. Under Swiss law, rights may include access, rectification and, under certain conditions, deletion.

Right to complain

Data subjects may contact the competent data protection authority. In Switzerland, this is the Federal Data Protection and Information Commissioner. In the European Union, complaints may be filed with a competent data protection supervisory authority.

Contact

Privacy requests may be sent to:

impressum@sibein.ch

Last updated: 25 June 2026