> **DRAFT — REVIEW BY LEGAL COUNSEL BEFORE PUBLIC LAUNCH** > > This document is a draft prepared for legal review. It does not constitute > legal advice and must not be published or relied upon until reviewed and > approved by qualified legal counsel. Version string: `2026-06-15`. --- # CLAUDE://NIGHTGRID — Privacy Policy **Effective Date:** To be set by legal counsel upon final approval. **Service:** CLAUDE://NIGHTGRID (the "Game"), operated by the studio owner ("we," "us," "our"). **Contact:** [Insert contact email / mailing address before launch] This Privacy Policy explains what personal information we collect when you use the Game, how we use it, and what rights you have over it. It applies to residents of the United States and, where relevant, to users in other jurisdictions. --- ## 1. Who We Are [Insert legal entity name, address, and contact information before launch.] --- ## 2. Information We Collect ### 2.1 Account registration data - **Username** — chosen by you; displayed to other players. - **Password** — stored as a one-way scrypt hash; we cannot read it. - **Date of birth (DOB)** — used solely to verify you are 13 or older (COPPA compliance). We store the raw DOB; we do not infer other demographic data from it. - **IP address at registration** (`registration_ip`) — logged for abuse detection and legal compliance. - **Terms of Service acceptance** — timestamp (`tos_accepted_at`), version accepted (`tos_version`), and the IP used at acceptance. ### 2.2 Session and login data - **IP address at each login** (`last_login_ip`) — retained to detect account compromise and enforce IP bans where required by moderation. - **Auth tokens** — stored in the database, expire after `AUTH_TOKEN_TTL_HOURS` (default 168 hours / 7 days). ### 2.3 Character data - **Character name, class, level, inventory, currency, progress** — stored in Postgres as part of normal gameplay and saved periodically (every 30 s, on logout, and on server shutdown). ### 2.4 Chat logs - **Chat messages** (public, crew, whisper, trade channels) — stored in the `chat_logs` table. We retain chat logs for up to **`CHAT_LOG_RETENTION_DAYS` days** (default 90 days). After that period logs are purged automatically. - Chat is **not end-to-end encrypted**; server operators and authorized moderators may read chat content for safety and legal compliance. - A default-on profanity/slur filter is applied to public chat. Reported messages may be reviewed by moderators. ### 2.5 Economy and transaction data - **Economy ledger** — every vendor purchase/sale, market listing, and player-to-player trade is logged with character name, item, and quantity. This ledger is append-only and retained indefinitely for economy integrity and dispute resolution. ### 2.6 Moderation data - **Player reports** — submitter, target, reason, and timestamp. - **Mutes, suspensions, and bans** — account id, reason, expiry, and the moderator who applied the action. - **IP ban records** — IP address, reason, and moderator. ### 2.7 Technical / analytics data - **Server logs** — standard HTTP/WebSocket access logs (IP, path, status code, timestamp). Retained for up to 30 days. - We do not use third-party advertising trackers. Error reporting (if `SENTRY_DSN` is configured) sends crash stack traces to Sentry, Inc.; see [Sentry's Privacy Policy](https://sentry.io/privacy/). --- ## 3. How We Use Your Information | Data | Purpose | |---|---| | Username, password hash | Account authentication | | Date of birth | COPPA age verification (13+) | | Registration & login IPs | Abuse detection, IP ban enforcement, legal compliance | | ToS acceptance record | Legal compliance — proof of consent | | Character data | Gameplay; persistence across sessions | | Chat logs | In-game communication; safety moderation; log retention | | Economy ledger | Economy integrity; dispute resolution | | Moderation records | Player safety; ban enforcement | | Server/error logs | Reliability, debugging | We do not sell your personal information. We do not use your data for targeted advertising. --- ## 4. Legal Basis for Processing (US Context) We process personal information because: - You have **consented** at registration (DoB collection, ToS/Privacy acceptance). - Processing is **necessary to perform the service** you requested (account, characters, gameplay). - We have a **legitimate interest** in security, fraud prevention, and moderation. *[Note to legal: if California (CCPA/CPRA) or other state privacy law obligations apply, additional disclosures — categories sold/shared, opt-out rights — must be added here.]* --- ## 5. Children's Privacy (COPPA) We do not knowingly collect personal information from children under 13. Date of birth is collected at registration, and any account where the computed age is under 13 is rejected at sign-up. If we discover we have inadvertently collected data from a child under 13, we will delete the account and all associated data without delay. Parents or guardians may contact us at [Insert contact email] to request deletion of a child's data. --- ## 6. Data Sharing We do not sell or share your personal data with third parties for their marketing purposes. We may share data: - **With service providers** acting on our behalf (hosting provider, database, error monitoring) under data processing agreements. - **As required by law** — court orders, government requests, or to protect the rights, property, or safety of users or the public. - **In a business transfer** — if the service is acquired or merged, your data may be transferred to the successor entity, which will be bound by a policy no less protective than this one. --- ## 7. Data Retention | Data category | Retention | |---|---| | Account record (username, DOB, IPs, ToS) | Until account deletion | | Character data | Until account deletion | | Chat log message text | `CHAT_LOG_RETENTION_DAYS` days (default 90) | | Auth tokens | `AUTH_TOKEN_TTL_HOURS` hours from issue (default 168 h) | | Economy ledger | Indefinite (append-only audit log) | | Moderation records | Indefinite (safety history) | | Server/access logs | Up to 30 days | Upon **account deletion**, we: - Delete the account row and all character records (CASCADE). - **Purge** the text content of all chat messages attributed to your characters (message text set to `[deleted]`, character name to `[deleted]`). - Economy ledger rows are retained but become permanently disassociated from your account (no FK; character name remains as a historical record). --- ## 8. Your Rights You have the right to: - **Access / Export** — download a JSON export of your account, character, and chat-log data at any time from in-game Settings → Export My Data. The export includes: account metadata (username, DOB, ToS acceptance date and version, creation date, last-login date), all characters (name, class, level, created date), and your chat-log messages within the retention window. - **Delete** — permanently delete your account and purge your chat messages from in-game Settings → Delete Account. Deletion is immediate and irreversible. - **Correction** — contact us to correct inaccurate account data. - **Opt-out of error reporting** — if Sentry is enabled and you do not wish crash data to be sent, do not use the Game during that period (we cannot selectively disable it per user). *[Note to legal: confirm which state-law rights apply (CCPA/CPRA, Virginia CDPA, Colorado CPA, etc.) and whether response timelines (45 days, etc.) must be stated.]* --- ## 9. Security We use scrypt for password hashing, TLS for data in transit (when a reverse proxy is configured), and database-level access controls. No security measure is perfect; in the event of a data breach we will notify affected users in accordance with applicable state breach-notification laws. --- ## 10. Changes to This Policy We may update this Privacy Policy from time to time. We will post notice of material changes in-game. The `tosVersion` date at registration identifies the policy version you accepted; your continued use after notice of changes constitutes acceptance of the updated policy. --- ## 11. Contact For privacy questions, access/deletion requests, or COPPA inquiries: **[Insert contact email / mailing address]** --- *Document version: `2026-06-15` — DRAFT, not in effect.*