Stichting Nekrova Games Privacy Policy.
We could write a big privacy policy about how we value your privacy and all kinds of legalese talk to cover our asses. But no one would really understand any of it.
Hence, this policy is written in plain ol’ English.
Here at Nekrova Games, we actually give a shit about your privacy and what we collect on you.
Following you can read what the fuck we collect, what we do with it,
and who we share it with.
(Spoiler, we don’t really share your data, nor sell it.)
What we collect:
THE WEBSITE:
WE COLLECT THE FOLLOWING AUTOMATICALLY WHEN YOU ACCESS THE WEBSITE:
WE COLLECT THE FOLLOWING AUTOMATICALLY WHEN YOU ACCESS THE WEBSITE:
- Your IP Address.
- Your MAC Address.
- Your browser’s user agent.
WHY DO WE COLLECT THIS SPECIFIC INFORMATION?
We don’t, Cloudflare collects this information automatically for us.
This is to ensure that an actual person accesses our website and not some bot trying to hack into accounts or DDOS the webserver.
This information is not stored permanently in any way shape or form, and after the connection is deemed secure is automatically deleted per Cloudflare’s policy.
Our webserver itself only sees an incoming connection originating from CLOUDFLARE. And will never see your IP, MAC or User Agent.
WE COLLECT THE FOLLOWING INFORMATION PER YOUR REQUEST WHEN USING THE WEBSITE:
- Username
- Password (Hashed + Salted + Peppered)
- Email Address
- Reference token
WHY DO WE COLLECT THIS SPECIFIC INFORMATION?
We collect this information to allow you to login to the game.
Your email address is stored to allow you to reset your password should you forget it and to allow us to send you Patreon rewards if you were to use that feature.
The reference token is only used to hand out referral rewards and is not used anywhere else.
HOW DO WE PROTECT THIS INFORMATION?
Passwords are stored in a hashed form with a SALT and a PEPPER. This means that it’s impossible to reverse the password back into its original state.
Nor is it possible to use automation to “crack” the passwords.
Additionally, this information is stored in a database that uses AES256 encryption. And we monitor the database 24/7 for un-authorized access.
The database is not accessible to the outside world and can only be reached by the internal applications to ensure adequate security.
Lastly the server that operates the database is in a secure location that’s fully under our control. No third party has access to said database or will ever gain access to said database.
THE GAME:
WE COLLECT THE FOLLOWING AUTOMATICALLY WHEN YOU’RE LOGGED IN:
- Your IP Address
- Your MAC Address
- Unique Hardware Identifiers
- Your Game’s Language settings
- Login & Logout Dates/Times
WHY WE COLLECT IT:
We collect your IP, MAC and Hardware Identifiers to ensure a fair and equal gaming experience.
This information allows us to restrict cheaters and abusers of the system(s) and keep them out of the game.
The Game’s Language setting is used by the game to provide the proper text and localization information when interacting with the game and chat. We do not see this information and it’s handled by the game automatically.
The login and logout dates/times are used for your security. It allows us to notice intrusions into the account and block the account when we notice un-authorized access. We do not share this information with third parties.
Additionally, we use this information for analytical purposes, allowing us to see how active the server is and how many players are connected.
HOW WE PROTECT IT:
The same way we protect usernames, passwords, emails, etc. See the website section for clarification.
WE COLLECT THE FOLLOWING PER YOUR REQUEST:
- Character names
- Friends List
- Guild List
- Guild Name
- Guild Description
- Chat Messages
WHY WE COLLECT IT:
We collect your character name, friends list, guild list, guild name, guild description etc.
To enable the game to operate. When you provide this information, it gets stored so other players can find you and interact with you and vice versa.
This information is needed to enable normal game operation.
The chat messages automatically get stored by the system to enable the chat system to operate as normal. Not all messages get send or received straight away and the system stores these as a result.
Public chat messages aren’t accessible to any analytical tools nor staff.
Staff may request the board of directors’ access to a select scope of chat messages that are collected. However, this scope needs to be narrow and specific. E.G., 1 user, time span of 2 hours.
Under no circumstance will third party access to this information be granted.
A player may always request their own chat log if they so desire.
Private messages between two players will NEVER be accessed by staff, nor the board of directors. Nor are they able to. Private messages are ALWAYS encrypted by the system using keys generated by the two players involved. Staff cannot and will not access this information.
HOW WE PROTECT IT:
All the above information is stored encrypted. And the decryption of said information can only be done by the game and the board of directors.
No third party can access this information, ever.
Staff can only access a limited scope of information
through the tools needed for their duty as staff.
Law enforcement may request this information if provided a proper legal basis. However, we retain the right to notify the affected user(s) of this request for information. Some information, however, can never be shared with law enforcement due to the fact that some of this information is hashed, or stored in a way that prevents us from decrypting said information.
Users retain the right to request the information regarding their own accounts.
Additionally, users may request the deletion of this information if they so desire.
However, we cannot delete the information that’s used to suspend accounts.
In the case of a banishment/Suspension
Players retain the right to request information about their banishment.
We will always do our best to provide a fair judgement and will provide a user with the reasoning and information we used for his/her banishment from the game.
If a user submits a valid request for deletion of their information, we will comply by removing the identifiable information.
However, the data necessary to uphold the suspension/banishment will not be removed, but instead altered enough to uphold said suspension/banishment.
This is to ensure the continued fairness of the system.
Players that are banished/suspended and have not received a notice of staff about their reason for suspension can reach out to us by email.
Third party data collection:
When accessing our site or servers, certain third parties are involved that may collect data.
Sadly, we cannot prevent these parties from collecting said information since we rely on these parties to provide our services to you.
The parties involved are:
- SmartDC
- Cloudflare
- Hetzner
SmartDC and Hetzner are our hosting providers and thus are able to see some part of the traffic between us and you.
This data is limited to MAC Addresses, IP Addresses and Network Ports. All data between us and you is encrypted using TLS or other encryption methods.
Cloudflare is used to provide security against DDOS attacks and to prevent our servers from various other attacks.
All 3 third parties likewise delete your information once they’re done processing the data between us and you.