Data Integrity Protocol
What we collect isn't just data—it's the foundation of your gaming experience, and we treat it as such.
This privacy policy outlines our commitment to transparency. We collect only what's necessary to enhance your gameplay, secure your account, and improve our services—all while adhering to international data protection standards like GDPR. Your data never leaves our command center without your explicit consent.
The Data We Process: A Tactical Breakdown
Understanding our data pipeline is key to trusting our platform. We categorize information by necessity and sensitivity.
ACCOUNT & AUTHENTICATION
- •Email & Username: Essential for account creation, login, and essential service notifications.
- •Encrypted Password Hash: Stored using industry-standard bcrypt. We never see your raw password.
GAMEPLAY METRICS
- •Session Duration & Frequency: Aggregated to measure engagement and identify stability issues.
- •Performance Data (FPS, Ping): Anonymized and sent via telemetry to optimize game engine performance.
NOTE: All telemetry data is stripped of personal identifiers before processing. We analyze trends, not individuals.
In practice, this means your gameplay data is siloed from your identity. Performance metrics are anonymized at source. Payment details are handled exclusively by PCI-compliant third parties. We have the architecture of a vault: multiple layers, strict access controls, and no single point of failure.
Your Control Panel: Data Rights
Key Privacy Terms: From the Commander's Manual
Pseudonymization
Replacing identifiable data with a consistent but non-identifiable token (e.g., 'Player7A3B9'). We use this for session data to debug crashes without knowing who the player is.
Telemetry
Automated transmission of performance data (frame rates, load times). We view this as diagnostic health data for the game engine, not a portrait of the user.
Third-Party Processor
A trusted vendor (e.g., payment gateway, analytics service) that handles data on our behalf under strict contractual agreements. We remain the data controller.
Data Minimization
The principle of collecting the absolute minimum data required for a task. We do not collect location data, browsing history, or social connections.
Implementation & Compliance Log
Our privacy framework is not theoretical. It's applied daily. Here's a snapshot of our operational constraints and choices.
Encryption in Transit & At Rest
All data moving between client and server uses TLS 1.3. Stored data (e.g., hashed passwords) is encrypted using AES-256. Keys are managed via a separate, isolated service.
GDPR & Turkish KVKK Alignment
As a company based in Istanbul, we adhere to Turkey's KVKK (Personal Data Protection Law). For our EU players, we additionally apply GDPR's stricter mandates (e.g., explicit consent for marketing).
Anonymization vs. Personalization
We chose to limit personalized recommendations (e.g., friend suggestions) to preserve anonymity. The trade-off is a less 'sticky' social layer for a stronger privacy foundation.
Questions or Amendments
This policy is a living document. We may update it as our services evolve. The latest version is always available on this page. For questions about our data practices, contact our Data Protection Officer directly.
Data Protection Officer
MarkVex
İstiklal Caddesi No: 123
Beyoğlu, Istanbul