Privacy Policy

Privacy at a Glance

• We collect only the account, gameplay, and security data needed to run and protect the service.
• We do not sell your personal data for money.
• You can request access, deletion, correction, and export of your data where your local law provides those rights.
• Security and abuse-prevention processing may continue where necessary to protect users and the platform.

1. Scope

This Privacy Policy explains how Thronestead collects, uses, shares, retains, and protects personal information when you use Thronestead websites, game clients, account systems, support channels, and official community spaces.

2. What We Collect

We may collect account details (email, username, authentication tokens), gameplay telemetry (match events, progression, alliance interactions), transaction metadata, support correspondence, moderation evidence, browser and device signals, and anti-abuse security logs.

3. How We Collect It

Information comes from three sources: data you provide directly, data generated through your use of the Services, and data from trusted partners such as payment providers, fraud-detection services, hosting vendors, and support tooling.

4. Why We Process It

We process personal information to operate gameplay features, maintain accounts, authenticate sessions, fulfill purchases, enforce community rules, investigate abuse, provide support, monitor service health, and improve the overall experience.

5. Legal Bases

Depending on your jurisdiction, processing may rely on contract performance, legitimate interests, legal obligations, your consent for optional activities, or protection of vital interests related to safety and fraud prevention.

6. Cookies and Similar Technologies

We use essential cookies for sign-in and security, functional cookies for preferences, and analytics tools for aggregate performance insights. Where required by law, non-essential cookies operate under consent controls.

7. Sharing and Disclosure

We may share data with vetted service providers for infrastructure, analytics, payments, communications, customer support, and abuse prevention. We may also disclose data to comply with legal obligations, protect rights and safety, or support merger and acquisition processes.

8. Cross-Border Transfers

Your data may be processed outside your country of residence. We apply transfer safeguards appropriate to applicable law, including contractual protections, risk assessments, and relevant technical and organizational controls.

9. How Long We Keep Data

We retain data only as long as needed for service operation, legal compliance, fraud prevention, and dispute resolution. Retention periods vary by data category and may be extended for legal holds, investigations, or active appeals.

10. Security

We use layered safeguards including encryption in transit, role-based access controls, audit logging, monitoring, and incident response procedures. No system is perfectly secure, so please protect your credentials and report suspicious activity promptly.

11. Your Rights

Subject to local law, you may request access, correction, deletion, data export, objection to processing, restriction, and withdrawal of consent for optional processing. We may verify your identity before fulfilling requests to protect account ownership.

12. Marketing Communications

You can opt out of non-essential marketing through account settings or unsubscribe links. Service-critical notices such as security alerts, legal updates, and incident reports may still be sent when operationally required.

13. Children

Thronestead is not directed at children under 13. If we learn that personal data was collected from a child without required consent, we will take reasonable steps to delete that data and restrict the affected account.

14. Automated Monitoring

Automated systems and human reviewers work together to detect abuse, exploits, fraud, and policy violations. Significant enforcement outcomes may include temporary restrictions while investigations and appeals proceed.

15. Regional Privacy Rights

Additional rights may apply under regional frameworks such as GDPR, UK GDPR, US state privacy laws, and equivalent statutes. Region-specific request pathways are available through support and the Legal Hub.

16. Breach Response

We maintain breach response procedures to triage, contain, investigate, and remediate incidents. Where required, we notify regulators and affected users within applicable legal timelines.

17. Policy Updates

This policy may be updated for legal, technical, or product reasons. Material changes are announced through in-service messages, legal update notices, or direct account communication where legally required.

18. Contact and Complaints

Submit privacy requests through Contact Support under "Privacy Request." You may also contact your local supervisory authority where your law provides that right. All policies are listed in the Legal Hub.

19. Privacy Contact Point

Where required by law, Thronestead designates a privacy contact channel routed through support to ensure region-aware handling, identity verification, and legally compliant response timelines.

20. Language and Interpretation

If a translated version of this policy conflicts with the version designated for your account jurisdiction, the designated version controls unless local law requires otherwise.

21. Verification and Response Timelines

To prevent unauthorized disclosure, we verify your identity before fulfilling privacy requests. Verified requests are processed within statutory timelines, with extension notices provided when legally permitted due to complexity or volume.

22. Related Policies

This Privacy Policy works alongside the Terms of Service and Code of Conduct. Where obligations overlap, the stricter privacy, safety, or legal standard applies.