Arzolath

Data Protection

Privacy Policy

This policy explains what information may be collected, used, stored, disclosed, and retained across Arzolath websites, VR games, PC games, creator tools, Dashboard, and related support or community services.

Last Updated

May 20, 2026

Policy Details

The sections below explain scope, game and platform data, portal-specific storage, third-party providers, retention, transfers, and your rights.

1. Scope

This Privacy Policy applies to Arzolath-operated websites, downloadable products, VR games, PC games, creator tools, customer-facing account services, support communication, and related online services.

This includes, for example:

  • https://arzolath.com and related pages
  • Games and software products distributed by Arzolath, including VR-enabled titles and connected online features
  • Dashboard, used to connect storefront accounts and verify ownership
  • Support or business communication by email or forms
  • Linked community or social integrations such as Discord and X

2. Technical and Usage Data

Depending on the service, technical and operational data may be collected for security, fraud prevention, debugging, analytics, gameplay operations, and service reliability.

  • IP address
  • Browser and device type
  • Operating system
  • Game client version, platform, and build information
  • VR headset, controller, or hardware class information when relevant to compatibility, performance, or support
  • Language and regional settings
  • Referring page or source
  • Timestamps of requests and sign-ins
  • Session duration, connection events, and basic feature usage events
  • Error logs, crash data, and rate-limit events

3. Information You Provide Directly

You may voluntarily provide information when contacting Arzolath, making a purchase, requesting support, joining a community space, or using account features.

  • Email address
  • Optional nickname used for portal display
  • Display name or username
  • Messages, attachments, and support details
  • Order-related information you choose to share
  • Any information submitted through forms, email, Discord, or future social integrations

4. Game, Platform, and Leaderboard Data

When you use Arzolath games or connected game features, Arzolath may collect and store account, gameplay, and ranking-related information needed to operate the game, save progress, provide online features, prevent abuse, and display competitive or social features.

  • Internal player ID or account identifier
  • Platform account ID and platform name, such as Steam
  • Steam username, display name, profile name, or similar public-facing account label
  • Player score, rank, leaderboard placement, match results, progression, achievements, unlocks, or comparable gameplay records
  • Save or profile metadata needed to maintain game functionality
  • Anti-cheat, anti-abuse, moderation, and service integrity records

If a leaderboard, profile page, multiplayer feature, or similar public feature is offered, your username, display name, score, rank, or other related game results may be visible to other users.

5. Portal Account Data

When you use Dashboard, information is stored to operate your Dashboard account and link it to supported providers.

  • Portal user record and internal account identifier
  • Nickname and notification email if you add or update them in your portal profile
  • Connected provider name, provider user ID, username, display name, and email if supplied by the provider
  • Provider avatar or profile image URL if supplied by the provider
  • Login timestamps, account connection timestamps, and sync timestamps
  • Session, CSRF, and rate-limit related security records

The portal does not ask for or store your provider password. Authentication happens directly with the provider you choose.

6. Provider Tokens, Purchase Sync, and Platform Data

When you connect a provider to the portal or use a platform-linked feature, OAuth or API credentials and related metadata may be stored so identity, ownership, entitlements, cloud-linked services, or community features can function.

  • Access tokens and, where available, refresh tokens
  • Provider-specific account metadata returned during sign-in
  • Purchase or ownership records needed to determine whether you own a supported product
  • Platform, purchase date, license type, status, price, and related verification metadata
  • Steam account identifiers, usernames, display names, profile URLs, or other comparable platform data made available through platform APIs

Product presentation in the portal may use current product images and metadata defined by Arzolath configuration rather than historical images stored at purchase time.

7. Social Integrations

When Discord, X, or similar accounts are linked, Arzolath may collect and store the categories of data needed to operate those integrations.

  • Platform user ID
  • Username, display name, handle, or discriminator
  • Email address if the provider shares it
  • Avatar URL and basic public profile metadata
  • Connection timestamps and related tokens needed for the integration

Portal login and account connection flows use provider-hosted authentication rather than asking for your password directly.

8. How Data Is Used

  • Provide and maintain websites, games, tools, and portal features
  • Operate multiplayer, account, leaderboard, progression, save, and social features
  • Authenticate users and keep accounts secure
  • Verify ownership or entitlement for supported products
  • Operate customer support and respond to inquiries
  • Send support-related email notices about ticket creation, replies, reopening, or closure
  • Investigate abuse, fraud, errors, and technical failures
  • Detect cheating, manipulation of scores, or unauthorized access to online features
  • Improve service quality, usability, and stability
  • Comply with legal obligations and enforce terms

Personal data is not sold.

9. Legal Basis for Processing

Where GDPR or similar laws apply, processing may rely on one or more of the following bases:

  • Performance of a contract or requested service
  • Legitimate interests in operating, securing, and improving services
  • Consent, where a feature requires it
  • Compliance with legal obligations

10. Sharing and Third Parties

Information may be shared only as needed with service providers and platforms that support operation of the services.

  • Hosting and infrastructure providers
  • Payment, storefront, and distribution platforms such as Steam, itch.io, or Gumroad
  • Leaderboard, cloud, crash-reporting, analytics, moderation, or anti-abuse providers if used for a product
  • Social or community providers such as Discord and X
  • Professional advisers or authorities when required by law

Third-party services handle their own data under their own privacy policies.

11. Retention and Security

Data is retained only as long as reasonably necessary for account operation, game functionality, purchase verification, leaderboard integrity, fraud prevention, legal compliance, dispute resolution, and support history.

If you add a notification email in the portal profile, it may be used to send support workflow notices so you know when a ticket is opened, answered, reopened, or closed.

Leaderboard, match history, score, or account integrity records may be retained for longer where reasonably necessary to maintain competitive fairness, detect abuse, enforce rules, or respond to disputes.

Reasonable technical and organizational safeguards are used to reduce the risk of unauthorized access, misuse, disclosure, alteration, or loss. No system can guarantee absolute security.

12. Cookies and Similar Technologies

Cookies, local session storage, or similar technologies may be used in Dashboard for sign-in state, CSRF protection, account security, and related preferences.

The cookie message is shown in Dashboard, where required session cookies must be accepted before signing in.

If all cookies are rejected, cookie-dependent sections such as Dashboard cannot be used properly.

If Arzolath later adds non-essential analytics, advertising, or similar third-party tracking technologies, this policy and the related consent flow may be updated.

You can usually control cookies through your browser settings, though some features may stop working correctly if they are disabled.

13. International Transfers

Because hosting, platform, analytics, support, or infrastructure providers may operate in multiple countries, personal data may be processed or transferred outside your country of residence, including outside the European Economic Area where applicable.

Where required by law, reasonable steps will be used to rely on appropriate safeguards for such transfers.

14. Children's Privacy and Sensitive Data

The services are not intentionally directed to children in violation of applicable law, and Arzolath does not knowingly collect personal data from children where parental consent is legally required but has not been obtained.

Arzolath does not intentionally collect biometric identifiers or health data through VR games unless a product-specific notice clearly says otherwise.

15. Your Rights

Depending on your jurisdiction, you may have the right to request access, correction, deletion, restriction, objection, or portability for personal data.

To make a request, contact privacy@arzolath.com. Reasonable verification may be required before processing a request.

16. Data Controller, Changes, and Contact

Unless a product-specific notice states otherwise, the controller for personal data covered by this policy is the provider identified on the Imprint page.

This Privacy Policy may be updated from time to time. The latest version will be posted on this page with a revised update date.

For privacy questions, contact:

Email: privacy@arzolath.com
Website: https://arzolath.com