1. Data We Collect

1.1 Automatically Collected Data

We collect the following information as part of delivering our game service and protecting platform integrity:

• IP Address: Used to establish and maintain network connections.
• Country and Region: Derived from IP address to help tailor in-game events to user demographics and measure our global reach.
• Latitude/Longitude: In cases of severe abuse or threat, approximate location data may be logged to detect regional patterns of misconduct or support abuse investigations. This information is not used for profiling or analytics.

1.2 User-Provided Account Data

• Email Address: Used for account and password recovery and to communicate important updates about your account or game features.
• Optional Fields (User-controlled visibility):
  • Real name
  • X (Twitter) handle
  • Other social media handles – used to provide ways for people to contact you should you so wish.
  • Date of birth (used for birthday recognition in-game)

  These optional fields are not required and may be left blank or hidden.

2. Legal Basis for Data Processing

We rely on the following legal bases under GDPR:

• Article 6(1)(b) – Processing is necessary to perform a contract (i.e., provide game functionality).
• Article 6(1)(f) – Legitimate interests, such as preventing abuse, protecting users and staff, and ensuring fair gameplay.
• Article 17(3)(e) – Data may be retained after an erasure request if necessary for the establishment, exercise, or defence of legal claims.

3. IP Address Storage and Hashing

In recognition of our legacy systems, direct access control to raw IP addresses is limited. To mitigate this risk, the following practices are in place:

• Raw IP addresses are stored only where necessary for blacklisting and connection security. These records are strictly access-controlled and retained only for defined enforcement purposes.
• All other long-term retention of IP data is performed using cryptographic hashing with a server-side salt, making user identification impossible without explicit administrative access.
• Hashed IPs are used for:
  • Detecting re-registrations from known abusive sources
  • Linking repeat incidents of misconduct across accounts
  • Supporting long-term enforcement of bans and restrictions

These hashed identifiers do not contain personally identifiable data on their own and are not used for profiling or analytics.

4. Moderation Records and Abuse Prevention

To uphold a fair and safe gaming environment, we maintain minimal moderation records in the event of user violations. These include:

• Date of incident
• Action taken (e.g., warning, temporary ban)
• General reason (e.g., harassment, policy breach)
• Associated hashed IP for tracking

Once an account is deleted, all personal data is removed, but anonymised moderation records may be retained to detect patterns of abuse and defend future moderation actions.

5. Right to Erasure (Right to be Forgotten)

Users may request the permanent deletion of their personal data. Upon receiving a valid request:

1. A 24-hour grace period will be provided, during which the request may be cancelled.
2. Following the grace period, personal data (including email, character information, and optional profile fields) will be irreversibly deleted.
3. Moderation records will be retained in anonymised form where a legitimate interest to do so exists.
4. A non-identifiable audit record (e.g., hashed ID + deletion date) may be kept for administrative reference.

In situations where staff availability limits immediate processing, the grace period may be extended up to 7 days. Deleted characters and accounts cannot be restored once purged.

6. Detection of Returning Users After Erasure

Where a user has previously submitted a right to erasure request, but re-registers for a new account, we may use hashed connection data (e.g., hashed IP) to match them with existing anonymised moderation records. This process:

• Is used solely for abuse prevention and enforcement
• Does not involve profiling or automated decision-making
• Is reviewed manually before being acted upon
• Is disclosed to users transparently in this policy

This ensures users cannot repeatedly evade bans or moderation action by deleting and recreating accounts.

7. IP Blacklisting

In the case of severe or repeated abuse (e.g., harassment, hate speech, malicious disruption), raw IP addresses may be blacklisted to protect our game and users. This action is only taken where:

• A clear and documented breach of policy has occurred
• Less restrictive enforcement methods have failed or are not possible
• Retention is limited to what is necessary for enforcement

Blacklisting records are stored securely and access is limited to senior moderation staff.

8. Security and Data Minimisation

All retained data is protected using reasonable technical and organisational security measures. We apply:

• Cryptographic hashing for long-term identifier storage
• Role-limited access to raw connection data
• Strict controls on moderation record visibility
• Periodic review and purging of expired or unnecessary data

We do not sell, share, or otherwise transfer personal data to third parties.

9. Contact and Data Requests

To request access to your data, request erasure, or inquire about our data processing practices, contact the administration team via in-game channels or our designated support email.

We are committed to respecting your rights and complying fully with applicable data protection regulations.