Find Us

2883 Dulles Ave, Missouri City, TX 77459

Email

info@tinypitsandplay.com

Phone

+1 346-585-4016

Contact Us

Privacy Policy

  • Home
  • //
  • Privacy Policy

Privacy Policy

Effective from: 1st February 2026

 

This policy explains what personal information we collect, why we collect it, and how we use, store, and share it. It also explains the controls parents, guardians, and customers have over their information. We keep things simple and safe so families can enjoy playtime without worry.

1.1 WHO WE ARE AND SCOPE

Tiny Pits and Play is a family-owned business based in Houston, Texas. We run an indoor play venue and provide party services, equipment rentals (ball pits, soft play, bounce houses), and event bookings. This privacy policy applies to:

  • Information collected in person at our venue.
  • Information collected when you book, rent, or contact us (phone, email, forms).
  • Information collected through our website and online booking systems.

If you are a parent or guardian, please read the section about children’s privacy — it’s important. For legal reasons we sometimes provide extra steps and confirmations for data relating to children.

1.2 SUMMARY

Here’s the thing, we collect only what we need to run the business and to keep kids safe. That includes booking details, emergency contacts, and payment records. We do not knowingly collect personal data from children online under 13 without verifiable parental consent. Parents can ask us to see, correct, or delete their personal data. If you live in California or the EU, you have additional rights described below.

1.3 WHAT INFORMATION WE COLLECT

We collect different types of information depending on how you use our services.

1.3.1 INFORMATION YOU GIVE US DIRECTLY

(via booking forms, emails, phone calls, in-person):

  • Parent/guardian name, email, phone number.
  • Child’s name, age/date of birth, any medical/allergy notes needed for safe supervision.
  • Booking details: date, package, theme, number of guests.
  • Payment details needed to process orders (we do not store full credit card numbers on our systems when processed by third-party payment processors).
  • Photographic consent forms or media release choices provided at booking.

1.3.2 INFORMATION COLLECTED AUTOMATICALLY

(website and online tools):

  • Device and browser details, IP address, pages visited, and booking widget activity.
  • Cookie identifiers and analytics data to help us improve our site and booking flow.

1.3.3 VISUAL RECORDS AND EVENT MEDIA

Photos and videos taken at events when parents/guardians have given permission. We will not use images of children for marketing without explicit consent.

1.3.4 OTHER INFORMATION

Communications with customer service (calls, emails, messages) for bookings, support, or inquiries.

1.4 HOW WE USE PERSONAL INFORMATION

(why we collect it)

We use information to:

  • Provide and manage bookings, rentals, parties, and on-site services.
  • Contact you about your booking, schedule changes or safety issues.
  • Process payments and meet tax and accounting needs.
  • Improve our services and website via analytics.
  • Send marketing or special offers if you opt in. You can opt out at any time.
  • Comply with legal obligations (for example safety records, tax law, and incident reporting).

These uses are based on contract performance (to deliver your booking), consent (marketing and photos), and our legitimate business interests (keeping our service safe and improving user experience). If you are an EU resident, the legal bases include consent, contract performance, and legitimate interests under GDPR.

1.5 CHILDREN’S PRIVACY — IMPORTANT (COPPA)

Here’s the key part: we serve children. We follow US law about children’s data. We do not knowingly collect personal information online from children under 13 without verifiable parental consent. That means:

  • If we need to collect a child’s personal data online (for example registration of a profile for a child under 13), we will first get verifiable parental consent. We will explain what data we collect and how we will use it.
  • For bookings and rentals that require a child’s name and age, we collect only what is necessary for safety and to run the event; we collect parent/guardian contact details rather than online-only child accounts.
  • Parents can review information we have about their child, ask for deletion, or revoke consent any time. We will follow the FTC’s guidance on verifiable parental consent and COPPA compliance.

If you believe we have collected information from a child under 13 without parental consent, contact us immediately at [info@domain.com]

1.6 PHOTO, VIDEO, AND MARKETING CONSENT

We may take photos or short video clips at the venue to capture parties or events. We will:

  • Ask for your consent at booking and again at events when practical.
  • Use photos for marketing only when we have explicit permission (written or checked consent).
  • Allow you to opt out: if you do not want images of your child used publicly, tell us at booking or contact [info@domain.com] and we will not use those photos.
  • Retain event images for a reasonable time for backup and documentation and delete upon request when no legal requirement to retain exists.

1.7 COOKIES AND TRACKING ON OUR WEBSITE

We use cookies and similar tools to make the website work and to improve it. This includes:

  • Essential cookies — necessary for booking forms and secure site function.
  • Functional cookies — to remember choices you make on the site.
  • Analytics cookies — to understand site usage and fix problems.
  • Advertising cookies — only if you opt in to marketing.

You can control cookies through your browser settings, and most browsers allow you to refuse or delete cookies. If you block certain cookies, some parts of the website may not work as intended.

1.8 SHARING AND THIRD PARTIES

We share personal information only where required or helpful to provide our services:

  • Service providers who support our operations (payment processors, booking platform providers, email and messaging services). They act as processors and only handle data per our instructions.
  • Law enforcement, government, or regulatory bodies when required by law (for example a valid subpoena).
  • Business buyers in the event of a sale or reorganization — we will notify customers of any material change in ownership.

We do not sell personal information for advertising purposes. If we ever change that practice, we will provide a clear opt-out option and a “Do Not Sell My Personal Information” link for California residents, as required by California law.

1.9 DATA SECURITY AND BREACH RESPONSE

We protect personal data with industry-standard safeguards such as access controls, encryption for sensitive records, and routine security reviews. We limit access to staff who need information to do their job.

If a security breach occurs that affects personal data, we will follow applicable laws, including Texas breach-notification rules. For example, Texas law requires notification to affected residents and, in some cases, the state attorney general when a breach affects 250 or more residents. We will notify affected individuals without undue delay and take steps to reduce harm.

1.10 HOW LONG WE KEEP PERSONAL DATA (RETENTION)

We keep personal information only as long as necessary for the purposes described here or as required by law. Typical retention times:

  • Booking and transaction records: retained to meet accounting and tax obligations (usually several years).
  • Emergency and medical notes: retained while relevant to care and then removed unless legal reasons require longer retention.
  • Marketing opt-in records: retained until you unsubscribe or ask us to delete them.

If you want specific retention times for certain records, email  [info@domain.com] and we’ll explain how long we keep that category of data.

1.11 YOUR RIGHTS AND CHOICES

We try to keep things simple. Depending on where you live, you may have the following rights:

1.11.1 FOR EU RESIDENTS (GDPR)

Right to access, correct, erase, restrict processing, object to processing, data portability, and to lodge a complaint with a data protection authority. We will respond to requests within the GDPR time limits (usually one month).

1.11.2 FOR CALIFORNIA RESIDENTS (CCPA/CPRA)

Right to request disclosure of categories of personal information collected, right to deletion, right to opt out of any sale of personal information, and right to non-discrimination for exercising privacy rights. We will follow the CCPA process and timelines for verification and response. If you are a California resident, use the email [info@domain.com].

General: You can:
• Ask to see the personal data we hold about you.
• Ask us to correct mistakes.
• Ask us to delete data (subject to legal obligations to retain certain records).
• Opt out of marketing at any time by following unsubscribe links or emailing  [info@domain.com]

To protect privacy and security, we will require verification before fulfilling rights requests.

1.12 INTERNATIONAL TRANSFERS

If personal data is transferred outside the country where you live (for example, to a cloud service provider), we will take steps to protect it and follow applicable law. EU residents may request details about transfer safeguards.

1.13 LINKS AND THIRD-PARTY WEBSITES

Our site may link to third-party sites such as vendors, social media, or local partners. We are not responsible for their privacy practices. Please review third-party privacy policies before sharing personal data with them.

1.14 CHANGES TO THIS POLICY

We may update this policy from time to time. If we make material changes, we will post the updated policy on our website and update the effective date. For material changes that reduce your rights, we will provide notice and obtain consent if required by law.

1.15 HOW TO CONTACT US

For questions or to exercise your privacy rights, contact:
Email: info@tinypitsandplay.com

Mail: Tiny Pits and Play — Privacy Requests, [2883 Dulles Ave, Missouri City, TX 77459]

If you are not satisfied with our response, EU residents may complain to their supervisory authority; California residents may contact the California Attorney General’s office. For questions about COPPA compliance, visit the Federal Trade Commission’s guidance pages.

1.16 IMPORTANT LEGAL NOTES

  • COPPA applies to online collection of children’s personal information and requires verifiable parental consent for covered activities. We comply with the COPPA rule and follow FTC guidance.
  • California and EU privacy laws give consumers and residents specific rights; we follow the processes and timelines those laws require.
  • Texas breach-notification laws may require us to notify affected residents and the state attorney general in certain events.