Privacy Policy

1. Data Controller

EpochalStorm Games S.R.L.
Registered office: Via della Cerquetta 22 Rome 00123 Italy
Contact email: epochalstorm@gmail.com

2. Types of Data Collected

• Identification and contact data: email, account ID, login credentials.
• User profile data: username, motto, personalized player photo, gender, age, country (all of these data are optional)
• Technical data: IP address, device model, operating system, settings, advertising identifiers.
• Usage data: game statistics, progress, in-game interactions.
• Messaging data: content of public, Club, and private chats.
• Payment data: managed by third-party providers (e.g., Apple, Google, PayPal).
• Data from third parties: social login, analytics platforms, support channels.

3. Purposes of Processing

• Account management and provision of Services;
• Execution of in-app purchases and payments.
  It is specified that the Controller does not store card numbers.
• Security and prevention of fraud or illicit behavior;
• Moderation and control of User-generated content.
  It is specified that the Controller does not access private messages through automated methods but only in case of reporting by Users;
• Statistical analysis and improvement of the gaming experience;
• Service communications and assistance;
• Marketing activities and personalized advertising (e.g., Unity Ads);
• Legal and tax compliance.

4. Legal Basis for Processing

• Performance of a contract (Art. 6(1)(b) GDPR);
• Legal obligation (Art. 6(1)(c) GDPR);
• Legitimate interest (Art. 6(1)(f) GDPR);
• Explicit consent (Art. 6(1)(a) GDPR).

5. Communication and Transfer of Data

Personal data may be communicated to:

• Providers of technical services, hosting, analytics, advertising, and customer support;
• Business partners who manage game components;
• Competent authorities, if required by law.

Transfers to countries outside the EEA take place in compliance with Articles 44–49 of the GDPR, with adequate security measures (e.g., Standard Contractual Clauses).

6. Data Retention

Data is kept for the time necessary to keep the account active, fulfill legal obligations, or defend rights in court, or until consent is withdrawn.
Automated procedures provide for the "aging" of data (including personal data) with a view to minimizing stored personal data and ensuring platform efficiency.

7. User Rights

The User may exercise the rights provided for in Articles 15–22 of the GDPR: access, rectification, erasure, restriction, portability, objection, and withdrawal of consent.

Requests: epochalstorm@gmail.com

8. Minors

The Services are not intended for minors under 18 years of age. If we learn that we have inadvertently collected personal data from minors, it will be promptly removed from our archives, and the contract with the User in question will be terminated.

9. Changes to This Policy

The Controller may update this Policy at any time. Significant changes will be communicated within the game or through our official channels.

10. Data Protection Officer

The Controller utilizes a Data Protection Officer (or DPO) who is responsible for all matters related to data protection and Privacy.
The DPO can be reached at the following address: dpo@epochalstorm.com .

For the following cases, however, it is recommended to contact Customer Support:

• if you wish to request access to the information the Controller has on file for you;
• if you want to request the deletion of information;
• if you want to rectify information.

11. Processing by Third Parties

Below is a list of companies that the Controller utilizes for the provision of its services, along with information regarding their personal data processing.

Unity Ads

Description / Purpose: Advertising platform integrated into Unity 3D to display personalized ads.
Type of data processed: Device identifiers, usage data, advertising preferences.
Legal basis: Consent (Art. 6(1)(a) GDPR).
Place of processing: EU / USA (Standard Clauses).
Link to privacy policy: https://unity.com/legal/privacy-policy

App Store Billing

Description / Purpose: Management of in-app payments and purchases.
Type of data processed: Transaction data, purchase history.
Legal basis: Performance of a contract.
Place of processing: United States
Link to privacy policy: https://www.apple.com/legal/privacy/

Google Play Billing

Description / Purpose: Management of in-app payments and purchases.
Type of data processed: Transaction data, payment information, purchase history.
Legal basis: Performance of a contract.
Place of processing: Ireland
Link to privacy policy: https://policies.google.com/privacy

Apple Login

Description / Purpose: Quick access or game progress synchronization using the Sign in with Apple option.
Type of data processed: Profile data (ID, email).
Legal basis: Consent / performance of a contract.
Place of processing: According to the policies of the respective stores.
Link to privacy policy: https://www.apple.com/legal/privacy/

Google Play Login

Description / Purpose: Quick access or game progress synchronization using the Sign in with Google option.
Type of data processed: Profile data (ID, email).
Legal basis: Consent / performance of a contract.
Place of processing: According to the policies of the respective stores.
Link to privacy policy: https://policies.google.com/privacy

Zendesk

Description / Purpose: Service for creating tickets for customer support management.
In performing their service, Staff members may request additional data, limited to the best management of the support to be provided to the Users. Registration for the Service is necessary for the provision of Customer Support but is not mandatory.
Type of data processed: Profile data (email).
Legal basis: Consent / performance of a contract.
Place of processing: According to the service policies.
Link to privacy policy: https://www.zendesk.com/it/trust-center/#

Last updated: February 2, 2026