DATA RETENTION AND DESTRUCTION POLICY
1. Purpose
This policy defines how personal data is collected, retained, anonymized, and destroyed during and after test releases of the Game in selected regions.
The purpose is to:
- Protect player privacy
- Limit data exposure during test phases
- Ensure compliance with applicable data protection laws
2. Scope
This policy applies to:
- All users participating in test or soft-launch versions of the Game
- All personal and gameplay-related data processed during the test phase
- All internal teams, partners, and service providers handling test data
3. Data Categories Collected
During test releases, data collection is strictly limited to the following:
3.1 Personal Data (Minimal)
- Device identifiers (advertising ID, device ID – where permitted)
- IP address (used only for fraud prevention and security)
- Country / region
- Platform and OS version
No real-name, email, phone number, or payment data is collected during test releases unless explicitly required and disclosed.
3.2 Gameplay & Technical Data
- Session duration
- Level progression
- Match count
- Crash logs and error diagnostics
- Performance metrics
- Retention and engagement events
All gameplay data is pseudonymized and cannot be directly linked to an identifiable individual.
4. Legal Basis for Processing
Data is processed based on:
- Legitimate interest for testing, balancing, and improving the Game
- User consent, where required by local regulations
- Compliance with applicable data protection laws (GDPR, KVKK, LGPD, PDPA)
5. Data Retention Periods
Retention periods are aligned with industry standards.
| Data Type | Retention Period |
| Gameplay & analytics data | Up to 24 months |
| Crash logs & diagnostics | Up to 12 months |
| Security & fraud logs | Up to 24 months |
| Raw IP addresses | Up to 90 days |
| Test account identifiers | Until test completion + 6 months |
After these periods, data is either deleted or irreversibly anonymized.
6. Test Phase Data Handling
For test releases:
- Test data is logically separated from live production data
- Test accounts are flagged and excluded from long-term user databases
- No data collected during test phases is used for:
- Marketing profiling
- Advertising personalization
- Third-party monetization
- Marketing profiling
7. Data Destruction & Anonymization
At the end of a test phase:
7.1 Deletion
- Personal identifiers are permanently deleted
- Deletion is performed using secure, irreversible methods
7.2 Anonymization
- Aggregated analytics may be retained in fully anonymized form
- Anonymized data cannot be re-identified or linked back to users
8. User Rights
Users may request:
- Access to their personal data
- Correction of inaccurate data
- Deletion of personal data
- Restriction of processing
Requests are processed within 30 days, unless local law requires a shorter period.
9. Third-Party Processors
Third-party services (analytics, crash reporting, hosting) must:
- Comply with this policy
- Follow equivalent or stricter data retention standards
- Process data only on documented instructions
Examples:
- Analytics providers
- Cloud hosting services
- Crash reporting tools
10. Security Measures
Data is protected using:
- Encryption at rest and in transit
- Access control and role-based permissions
- Regular security audits
- Monitoring and logging of access
11. Policy Updates
This policy may be updated to reflect:
- Changes in applicable laws
- Changes in game features
- Expansion to new regions or live releases
Material changes will be communicated where required.
12. Contact
For data protection inquiries:
Data Protection Officer (DPO)
Email: beastrikers@runegames.com