Gameflip Privacy Policy

Effective July 15, 2020

You're trusting us with your information when you use our Services. For this reason, we work hard to protect your information.

This Privacy Policy describes how IJJI, INC. (“Gameflip” or “we”) collects, stores, uses and shares information about users of our Services (as defined in our Terms of Use). This Privacy Policy (this “Privacy Policy”) is incorporated into and is subject to our Terms of Use. By using the Services, you agree to our collection, storage, use and disclosure of your information as described in this Privacy Policy. If you disagree with anything in this Privacy Policy, please do not use the Services.

1. What information we collect

We collect information so that we can provide the best possible experience when you use our Services. Much of what you likely consider personal data is collected directly from you when you:

  • Create an account with our Services (e.g. email address, phone number);
  • Make a purchase (e.g. billing information, including name, address, credit card number);
  • Request assistance from our customer support team (e.g. account information, screenshots you uploaded, government identification when applicable); and
  • Participate in contests and surveys or otherwise participate in activities we promote that might require information about you.

However, we also collect additional information when you are using our Services to provide the optimal experience. We use various technologies to collect and store information, including cookies, pixel tags, local storage, such as browser web storage or application data caches, databases, and server logs.

These methods of collection may not be as obvious to you, and so we highlight and explain below a bit more about what these might be (as they vary from time to time) and how they work.

Your browsers and devices

We collect information about the browsers and devices you use to access our Services, which helps us troubleshoot bugs or issues you may experience and to protect your account from unauthorized access of your account.

The information we collect includes unique identifiers, browser information, device information, operating system, mobile network information including carrier name, and application version number. We also collect information about the interaction of your browsers and devices with our Services, including your location (IP address), the date, time, and referrer URL of your request.

We collect this information when you are using our Services — for example, when you login to our Services, information about your browser or device is analyzed to prevent unauthorized access of your account.

Your activity

We collect information about your activity in our Services, which we use to do things like recommend a listing you might like or assist you with a purchase. The activity information we collect may include:

  • Terms you search for;
  • Listings you view;
  • Purchase activity; and
  • Messages between you and another buyer or seller

2. How we use the information

We strongly believe in both minimizing the data we collect and limiting its use and purpose to only (1) that for which we have been given permission, (2) as necessary to deliver the Services or (3) as we might be required or permitted for legal compliance or other lawful purposes. Our uses include:

Provide, update, and improve our Services

We collect various information relating to your use and/or interactions with our Services. We utilize this information to:

  • Create, develop, operate, deliver, and improve our Services;
  • Diagnose problems and identify any security risks, errors, or needed enhancements to our Services;
  • Detect and prevent fraud and abuse of our Services and systems;
  • Generate aggregated statistics about use of our Services; and
  • Understand and analyze how you use our Services and what products and Services are most relevant to you.

Often, much of the data collected is aggregated or statistical data about how individuals use our Services, and is not linked to any personal data. However, to the extent it is personal data, or is linked or linkable to personal data, we treat it accordingly.

Communicating with you

We may contact you directly or through a third party service provider regarding our Services, such as to deliver transactional or service related communications. We may also contact you with offers for additional Services we think you'll find valuable if you give us consent, or where allowed based upon legitimate interests. You don't need to provide consent as a condition to use our Services. These contacts may include:

  • Email;
  • Mobile app push notification;
  • Text (SMS) messages; and
  • Telephone calls.

You may also update your preferences with respect to receiving communications from us and/or our partners by signing into your account and visiting account "Settings" page.

3. When we share your information

We do not share your personal information with companies, organizations, or individuals outside of Gameflip except in the following cases:

With your consent

We'll share personal information outside of Gameflip when we have your consent. We'll ask for your explicit consent to share any sensitive personal information.

Please note that when you transact with another user, you are consenting to the sharing of your information with such other user as necessary to complete the transaction, including, without limitation, your delivery address and/or payment information.

For external processing with trusted third parties

We may share your personal data with third parties with which we have partnered to allow you to integrate their services into our own Services, and with trusted third party service providers as necessary for them to perform services on our behalf, such as:

  • Processing credit card payments;
  • Communicating with you, such as by way of email;
  • Conducting contests or surveys; and
  • Providing customer support.

We only share your personal data as necessary for any third party to provide the Services as requested or as needed on our behalf. These third parties (and any subcontractors) are subject to strict data processing terms and conditions and are prohibited from utilizing, sharing or retaining your personal data for any purpose other than as they have been specifically contracted for (or without your consent).

For compliance with legal, regulatory and law enforcement requests

From time to time, it may be necessary − by law, legal process, litigation, and/or requests from governmental and law enforcement authorities within or outside your country of residence − for us to disclose your personal information. We may also disclose information about you if we determine that it is necessary or appropriate to respond to claims and legal processes (such as subpoena requests), to protect the safety of the public or any person, or to prevent or stop any illegal activity.

To the extent we are legally permitted to do so, we will take reasonable steps to notify you in the event that we are required to provide your personal information to third parties as part of a legal process.

Analyze and measure performance

We use data for analytics and measurement to understand how our Services are used. For example, we analyze data about your visits to our sites to do things like optimize product design. We use a variety of tools to do this, including Google Analytics and Facebook Analytics. These tools use techniques such as browser cookies to identify you as a unique user the next time you visit our website. Each cookie cannot be used by anyone other than the service provider (e.g. Google for Google Analytics). Though information collected does not include personal data such as name, address, billing information, etc., the information collected is used and shared by these service providers in accordance with their individual privacy policies.

Third-party websites

Our website and our mobile applications may contain links to third-party websites. We are not responsible for the privacy practices or the content of third-party sites. Please read the privacy policy of any website you visit.

4. How we protect your information

We built our Services with strong security features that continuously protect your information. We constantly monitor and automatically block security threats. If we do detect something risky that we think you should know about, we'll notify you and help guide you through steps to stay better protected.

We work hard to protect you and our Services from unauthorized access, alteration, exposure, or destruction of information we hold. Among other things, we:

  • Use encryption to keep your data private while in transit;
  • Include security features like 2-Step Verification to help you protect your account;
  • Review and update our information collection, storage, and processing practices to prevent unauthorized access to our systems; and
  • Restrict access to personal information to Gameflip employees, contractors, and agents who need that information to provide our Services, and anyone with this access is subject to strict contractual confidentiality obligations and may be disciplined or terminated if they fail to meet these obligations.

5. You can access, update or delete your data

To access, view, update, or delete your personal data (where available), please sign into your Account and visit "Profile" and "Settings" or contact us.

If you make a request to delete your personal data, the request will be honored pursuant to applicable laws, or otherwise to the extent it is no longer necessary for any Services or required for our legitimate business purposes or legal or contractual record keeping requirements.

We retain personal data only for as long as necessary to provide the Services you have requested and thereafter for a variety of legitimate legal or business purposes. These might include retention periods:

  • mandated by law, contract or similar obligations applicable to our business operations;
  • for preserving, resolving, defending or enforcing our legal/contractual rights; or
  • needed to maintain adequate and accurate business and financial records.

We may decline to process requests that are frivolous/vexatious, jeopardize the privacy of others, are extremely impractical, or for which access is not otherwise required by local law. Access, correction, or deletion requests can be made by contacting our Customer Support.

6. Children access restrictions

Our Services are available for only for those of the age of 18 or over. Our Services are not intended to be used by or designed to entice individuals under the age of 18. If you know of or have reason to believe anyone under the age of 18 has provided us with any personal data, please contact us.

7. Changes to this policy

We may change this Privacy Policy from time to time. If we decide to change our Privacy Policy, we will post those changes to this Privacy Policy and any other places we deem appropriate, so that you are aware of what information we collect, how we use it, and under what circumstances, if any, we disclose it. If changes are significant, we'll provide a more prominent notice by email, or by means of a notice on our website or mobile app.

8. How to contact us

Please contact us with any questions or comments about this Privacy Policy, information we have collected or otherwise obtained about you, our use and disclosure practices, or your consent choices by email to

9. Additional Notice - European Economic Area

Your rights

We respect your privacy rights and provide you with reasonable access and rights to the Personal Data, as this term is referred to for individuals located in the European Economic Area (EEA), pursuant to the European Directives 95/46/EC and 2002/58/EC (EU General Data Protection Regulations Legislation, also known as GDPR), that you may have provided through your use of the Services. If you live in one of those countries, and wish to access, amend, delete, or transfer any Personal Data we hold about you, you may contact us as set forth in the “How to contact us” section in the Privacy Policy.

You may update, correct, or delete your Personal Data and preferences at any time by request to us. Please note that while any changes you make will be reflected in active user databases instantly or within a reasonable period of time, we may retain all information you submit for backups, archiving, prevention of fraud and abuse, analytics, satisfaction of legal obligations, or where we otherwise reasonably believe that we have a legitimate reason to do so.

You may decline to share certain Personal Data with us, in which case we may not be able to provide to you some of the features and functionality of the Services.

At any time, you may object to the processing of your Personal Data, on legitimate grounds, except if otherwise permitted by applicable law. If you believe your right to privacy granted by applicable data protection laws has been infringed upon, please contact us as set forth in the “How to contact us” section in the Privacy Policy. You also have a right to lodge a complaint with data protection authorities.

Legal basis for processing Personal Data; retention

We will only collect and process Personal Data when we have lawful bases for doing so. These lawful bases include when you provide consent, when we have a contractual obligation to collect or process your Personal Data, and when we have a legitimate interest in processing your Personal Data.

When we collect Personal Data, we keep it for as long as we need it for the purpose it is being processed for. For example, we will retain your email information for as long as the Services are active or as needed to provide the Services to you. After that, we will keep the Personal Data for a period which enables us to handle or respond to any complaints, queries or concerns relating to your use of the Products. We retain the identifiable data we collect directly for targeting purposes for as little time as possible, after which we employ measures to permanently delete or anonymize or de-identify the data. We will periodically review the Personal Data we hold and delete it securely when there is no longer a legal, business, or consumer need for it to be retained.


If we transfer your Personal Data outside the EEA, we will rely on approved standard EEA Model Clauses so these transfers are conducted in accordance with applicable laws and using adequate and appropriate safeguards.