Privacy Policy

1. Scope and Data Controller Context

This Privacy Policy describes how Thronestead collects, uses, discloses, retains, and safeguards personal information when you use Thronestead websites, game clients, account systems, support operations, and official community channels.

Privacy Snapshot

• We collect account, gameplay, and security data needed to run and protect the service.
• We do not sell personal data in exchange for money.
• You may request access, deletion, correction, and export where your local law provides those rights.
• Security and abuse-prevention processing may continue where required to protect users and platform integrity.

2. Categories of Information We Collect

Data categories can include account details (email, username, auth tokens), gameplay telemetry (match events, progression states, alliance interactions), transaction metadata, support correspondence, moderation evidence, browser/device signals, and anti-abuse security logs.

3. Sources of Information

We receive data from information you provide directly, data generated through your use of Services, and trusted vendors such as payment providers, fraud-detection partners, hosting vendors, and support tooling operators.

4. Purposes of Processing

We process personal information to operate gameplay features, maintain accounts, authenticate sessions, deliver purchases, enforce community safety rules, investigate abuse, provide support, analyze service health, and improve design quality and stability.

5. Legal Bases (Where Applicable)

Depending on jurisdiction, legal bases can include contract performance, legitimate interests, legal obligations, consent for optional activities, and protection of vital interests related to safety and fraud prevention.

6. Cookies and Similar Technologies

We use essential storage for sign-in and security, functional storage for preferences, and analytics instrumentation for aggregate service performance insights. Where required by law, non-essential storage operates under consent controls.

7. Sharing and Disclosure

We may share data with vetted processors for infrastructure, analytics, payments, communications, customer support, and abuse prevention. We may also disclose data for legal obligations, rights protection, user safety, and merger/acquisition due diligence.

8. Cross-Border Transfers

Data may be processed outside your country of residence. We use transfer safeguards appropriate for applicable law, including contractual protections, risk assessments, and relevant technical/organizational controls.

9. Data Retention Principles

We keep data no longer than needed for service operation, contractual delivery, legal compliance, fraud prevention, and dispute resolution. Retention periods differ by category and may extend for legal holds, investigations, or policy appeals.

10. Security and Integrity Controls

We use layered safeguards such as encryption in transit, role-based access, audit logging, monitoring, and incident response controls. No system is perfectly secure; users should protect credentials and report suspicious activity promptly.

11. Your Rights and Choices

Subject to local law, you may request access, correction, deletion, data export, objection, restriction, and consent withdrawal for optional processing. We may request verification to protect account ownership and prevent unauthorized disclosure.

12. Communications and Marketing Controls

You can opt out of non-essential marketing communications through account settings or links in supported messages. Service-critical notices (security alerts, legal notices, incident updates) may still be sent where operationally required.

13. Children and Age-Restricted Processing

Thronestead is not directed to children under age 13. If we learn personal data was collected from a child without required consent, we will take reasonable steps to delete data and disable or restrict affected account functions.

14. Automated Monitoring and Moderation

Automated systems and human reviewers are used to detect abuse, exploit behavior, fraud, and policy violations. Significant enforcement outcomes can include temporary restrictions while investigations are conducted and appeals are evaluated.

15. Regional Privacy Disclosures

Additional rights may apply under regional frameworks (for example, state privacy laws, GDPR/UK GDPR, and equivalent statutes). Region-specific request pathways and disclosures are provided through support and legal hub resources.

16. Data Breach and Incident Response

We maintain breach response procedures to triage, contain, investigate, and remediate incidents. Where required, notifications are provided to regulators and affected users within applicable legal timelines.

17. Updates to This Policy

We may update this policy due to legal, technical, or product changes. Material changes are announced through in-service messages, legal updates, or direct account communication where legally required.

18. Contact and Complaints

Submit privacy requests via Contact Support under "Privacy Request." You may contact local supervisory authorities where your laws provide that right. Additional policy navigation is available in the Legal Hub.

19. Data Protection Contact Point

Where required, Thronestead designates a privacy contact channel routed through support workflows to ensure region-aware handling, identity verification, and legally compliant response timelines.

20. Interpretation and Language Controls

If translated versions conflict, the controlling version is the policy designated for your account jurisdiction except where local law mandates otherwise.

21. Request Verification and Response Timelines

To prevent unauthorized disclosure, we verify requester identity before fulfilling privacy rights requests. Verified requests are handled within statutory timelines, with extension notices provided when legally permitted due to complexity or volume.

22. Policy Cross-References

This Privacy Policy operates alongside the Terms of Service and Code of Conduct. Where obligations overlap, the stricter privacy, safety, or legal standard applies.