Back to home

Privacy Policy

Last updated: April 25, 2026This Privacy Policy explains what personal data webgame.cloud collects, why we collect it, how we use it, and what rights you have over it. Our promise is simple: collect only what we need, keep it secure, never sell it, and never use your project content to train AI models.

1. Who we are

webgame.cloud is the data controller for the personal information described in this Policy. If you have questions about how we handle your data, email [email protected].

2. Information we collect

We collect only what's needed to run the Service:

  • Account data — your email address and the OAuth identifiers we receive from Discord, GitHub, or Google when you sign in.
  • Profile data — display name, optional country and locale, and avatar if you provide one.
  • Project content — the assets, configs, schemas, dialogues, fonts, localizations, and metadata you upload or create in the console.
  • Usage data — IP address, browser and device information, request logs, and feature-usage events used to operate, secure, and improve the Service.
  • Billing data — your plan, billing address, and payment status. Card numbers and bank details are handled directly by our payment processor; we never see or store them.

3. How we use your information

We use your data to: provide and maintain the Service; authenticate you and protect your account; process subscriptions and storage purchases; send transactional emails (sign-in confirmations, billing receipts, security notices, account changes); diagnose problems and improve performance; prevent abuse and fraud; and meet legal and tax obligations. We do not use your project content to train AI or machine-learning models, and we do not run third-party advertising on the Service.

4. Legal bases (EU/UK users)

If you're in the EU or the UK, we rely on the following legal bases under the GDPR:

  • Contract — to provide the Service you've signed up for and to process payments.
  • Legitimate interests — to keep the Service secure, prevent abuse, and improve features (balanced against your rights).
  • Legal obligation — to comply with tax, accounting, and lawful information requests.
  • Consent — for any optional communications, such as a one-time launch announcement to early-access signups.

5. How we share information

We do not sell your personal data. We share it only with:

  • Sub-processors — vetted vendors that operate parts of the Service on our behalf (cloud hosting and storage, transactional email delivery, payment processing). They're contractually bound to handle data only on our instructions and to industry-standard security.
  • Authorities — if compelled by valid legal process, and only with the narrowest possible scope. We push back on overbroad requests.
  • Successors — if we are merged with or acquired by another company, your data may transfer as part of that transaction. We'll notify you in advance, and the acquirer will be bound by this Policy or one no less protective.

6. Cookies & tracking

We use strictly necessary cookies for sign-in, session management, and security. We do not run third-party advertising trackers or social-media pixels on the Service. If we use product analytics, identifiers are pseudonymized and we don't combine them with marketing data.

7. Data retention

We keep your account and project content for as long as your account is active. After you delete your account or your subscription has been canceled and inactive for more than 60 days, we erase project content within 30 days. We may keep limited records longer where required by law (typically tax records for up to 7 years) or where necessary to defend against legal claims, in which case the data is locked down and used only for that purpose.

8. Your rights

Depending on where you live, you may have the right to:

  • Access the personal data we hold about you.
  • Correct inaccurate or incomplete data.
  • Delete your data ("right to be forgotten").
  • Receive a copy in a portable format.
  • Restrict or object to certain processing.
  • Withdraw consent for any consent-based processing.

Email [email protected] to exercise any of these rights — we'll respond within 30 days. You can also lodge a complaint with your local data protection authority.

9. Data security

We protect your data with TLS encryption in transit and at-rest encryption for stored content. Access by our staff is on a need-to-know basis and audited. We run regular security reviews of our infrastructure and dependencies. No system is perfectly secure, but if a breach affects you, we'll notify you and the relevant authorities within the timeframes the law requires.

10. Children's privacy

The Service is not directed to children under 16, and we do not knowingly collect data from them. If you believe a child has provided us with personal data, please email [email protected] and we will delete it promptly.

11. International data transfers

Your data may be processed in countries other than the one you live in, including by sub-processors located in jurisdictions with different data-protection laws. When we transfer personal data out of the European Economic Area, the United Kingdom, or Switzerland, we use Standard Contractual Clauses or other appropriate safeguards.

12. Changes to this Policy

We may update this Policy as the Service evolves. For material changes, we'll notify you by email or in-console at least 14 days before they take effect. The "Last updated" date at the top of this page always reflects the current version.

13. Contact

For any privacy-related question or request, email [email protected]. We aim to respond within two business days.