← Back to games

Privacy Policy

Last updated: March 20, 2026

1. Who We Are

buster.games is operated by Tensor Wave Inc., a company incorporated in the State of Delaware ("we," "us," or "our"). We are the data controller responsible for your personal data. You can contact us at hey@tensorwave.co.

2. Information We Collect

Automatically Collected Data

When you visit the Site, we may automatically collect:

  • IP address
  • Browser type and version
  • Device type and operating system
  • Screen resolution
  • Referring URL
  • Pages visited and time spent on the Site
  • Game play data and interactions

Information You Provide

Currently, buster.games does not require user accounts. If you contact us via email, we will collect the information you choose to provide (such as your name and email address).

3. How We Use Your Information

We use the information we collect to:

  • Provide, maintain, and improve the Site and our games
  • Analyze usage patterns to enhance user experience
  • Ensure the security and integrity of the Site
  • Respond to inquiries and provide support
  • Comply with legal obligations

4. Legal Basis for Processing (GDPR)

If you are located in the European Economic Area (EEA) or the United Kingdom, our legal basis for processing your data includes:

  • Legitimate Interest: To operate and improve the Site
  • Consent: For non-essential cookies and tracking (see our Cookie Policy)
  • Legal Obligation: To comply with applicable laws

Right to Lodge a Complaint: If you are in the EEA or UK, you have the right to lodge a complaint with your local data protection supervisory authority if you believe that our processing of your personal data violates applicable law. You can find your supervisory authority at edpb.europa.eu (EEA) or ico.org.uk (UK).

Automated Decision-Making: We do not engage in automated decision-making or profiling that produces legal effects or similarly significant effects on you.

5. Cookies & Tracking Technologies

We use cookies and similar technologies to operate the Site and analyze usage. For detailed information about the cookies we use and how to manage them, please see our Cookie Policy.

6. Categories of Recipients & Third-Party Services

We share data with the following categories of third-party service providers:

  • Cloud Hosting: Vercel (hosting and deployment of the Site)
  • Database Services: Neon (database storage and management)
  • Analytics: We may use analytics services to collect aggregated and anonymized usage data to improve the Site

We do not sell your personal data to third parties. We may share data with service providers who assist us in operating the Site, subject to appropriate data processing agreements. These providers are contractually obligated to process your data only on our behalf and in accordance with our instructions.

7. Data Retention

We retain data for the following periods, depending on the category:

  • Server logs (IP addresses, browser data): Retained for up to 90 days, then automatically deleted
  • Analytics data (page views, game interactions): Retained in aggregated/anonymized form for up to 26 months
  • Cookie consent preferences: Retained for up to 12 months from the date of consent
  • Email correspondence: Retained for as long as needed to address your inquiry, then deleted within 24 months

We may retain data for longer periods where required by law or to establish, exercise, or defend legal claims.

8. Children's Privacy

We do not knowingly collect personal information from children under the age of 13. The Site does not require user accounts or the submission of personal data to play games. If you are a parent or guardian and believe your child has provided us with personal information, please contact us at hey@tensorwave.co and we will take steps to delete such information.

9. International Data Transfers

Your data may be transferred to and processed in countries other than your own. Our hosting and database providers may store data in various regions, including the United States.

For transfers of personal data from the EEA or UK to countries that have not been deemed to provide an adequate level of data protection, we rely on the following safeguards:

  • Standard Contractual Clauses (SCCs): We use EU-approved Standard Contractual Clauses as the basis for data transfers to our service providers outside the EEA/UK
  • EU-US Data Privacy Framework: Where applicable, we rely on our service providers' certifications under the EU-US Data Privacy Framework for transfers to the United States

10. Your Rights

Depending on your location, you may have the following rights regarding your personal data:

  • Access: Request a copy of the data we hold about you
  • Rectification: Request correction of inaccurate data
  • Erasure: Request deletion of your data
  • Portability: Request your data in a portable format
  • Objection: Object to certain processing of your data
  • Restriction: Request that we limit processing of your data

To exercise any of these rights, contact us at hey@tensorwave.co.

11. Your California Privacy Rights (CCPA/CPRA)

If you are a California resident, the California Consumer Privacy Act (CCPA), as amended by the California Privacy Rights Act (CPRA), provides you with specific rights regarding your personal information.

Categories of Personal Information Collected

  • Identifiers: IP address, email address (if you contact us)
  • Internet or Network Activity: Browser type, pages visited, referring URL, game play data
  • Geolocation Data: Approximate location derived from IP address

Categories of Sources

We collect personal information directly from your device automatically when you visit the Site, and from you directly if you contact us via email.

Business Purposes for Collection

  • Operating, maintaining, and improving the Site
  • Detecting security incidents and protecting against malicious or fraudulent activity
  • Debugging and repairing errors
  • Short-term, transient use (e.g., session management)

Categories of Third Parties with Whom We Share Personal Information

  • Cloud hosting providers (Vercel)
  • Database service providers (Neon)
  • Analytics service providers (aggregated data only)

Sale and Sharing of Personal Information

We do not sell your personal information. We do not share your personal information for cross-context behavioral advertising. This applies to all categories of personal information we collect.

Your Rights Under the CCPA/CPRA

  • Right to Know: You have the right to request that we disclose the categories and specific pieces of personal information we have collected about you
  • Right to Delete: You have the right to request the deletion of personal information we have collected from you
  • Right to Correct: You have the right to request the correction of inaccurate personal information
  • Right to Opt-Out of Sale/Sharing: We do not sell or share your personal information, so no opt-out is necessary
  • Right to Limit Use of Sensitive Personal Information: We do not collect sensitive personal information as defined under the CCPA/CPRA
  • Right to Non-Discrimination: We will not discriminate against you for exercising any of your CCPA/CPRA rights

How to Submit a Request

To exercise your rights, contact us at hey@tensorwave.co. We will verify your identity by matching information you provide with information we have on file. We will respond to verifiable consumer requests within 45 days of receipt. If we require more time (up to an additional 45 days), we will inform you of the reason and extension period in writing.

12. Do Not Track & Global Privacy Control

The Site does not currently respond to "Do Not Track" (DNT) signals from web browsers, as there is no universally accepted standard for how to respond to such signals.

We do recognize and honor Global Privacy Control (GPC) signals. If your browser or an extension sends a GPC signal, we will treat it as a valid opt-out request for the sale or sharing of your personal information under applicable laws, including the CCPA/CPRA.

13. Data Breach Notification

In the event of a data breach that compromises the security, confidentiality, or integrity of your personal data, we will:

  • Investigate and take steps to contain the breach promptly
  • Notify affected individuals without unreasonable delay, and no later than as required by applicable law (e.g., 72 hours for GDPR-reportable breaches to the supervisory authority)
  • Notify relevant regulatory authorities as required by applicable law
  • Provide details of the breach, the types of data affected, and steps you can take to protect yourself

14. Security

We implement reasonable technical and organizational measures to protect your data against unauthorized access, alteration, disclosure, or destruction. However, no method of transmission over the Internet is 100% secure.

15. Changes to This Policy

We may update this Privacy Policy from time to time. Changes will be posted on this page with an updated effective date. We encourage you to review this policy periodically.

16. Contact Us

For questions or concerns about this Privacy Policy, contact us at: hey@tensorwave.co