Privacy Notice

Last updated: 30/06/2026

This Privacy Notice explains how we collect, use, store and protect personal data when you visit, register for or play Sarachovia.

Sarachovia is a browser-based strategy game operated by:

[INSERT LEGAL NAME OR TRADING NAME - TBC]

[INSERT COMPANY NUMBER IF APPLICABLE - TBC]

[INSERT REGISTERED ADDRESS OR BUSINESS CONTACT ADDRESS - TBC]

[INSERT CONTACT EMAIL - TBC]

For privacy questions or requests, contact: [INSERT PRIVACY CONTACT EMAIL - TBC]

1. What data we collect

We aim to collect only what we need to operate, secure and improve the game.

Depending on how you use Sarachovia, we may collect:

Account data

  • email address;
  • username;
  • encrypted/hashed password;
  • account ID;
  • registration date;
  • email verification status;
  • account settings;
  • login history.

Technical and security data

  • IP address;
  • browser type and version;
  • device type;
  • operating system;
  • screen size;
  • approximate location derived from IP address;
  • request logs;
  • session identifiers;
  • security events;
  • failed login attempts;
  • suspicious activity signals.

Gameplay data

  • base location;
  • buildings and upgrades;
  • resources;
  • personnel;
  • operations;
  • map activity;
  • scouting, raid and transfer history;
  • rankings;
  • alliance or faction activity;
  • combat and economy logs;
  • anti-cheat and rule enforcement records.

Communication data

  • support tickets;
  • contact form messages;
  • bug reports;
  • feedback;
  • in-game messages, alliance messages, chat messages or forum posts if those features are enabled.

Payment data

Sarachovia may not currently use paid features. If payments are added later, we may process payment-related records such as product purchased, transaction ID, payment status, time of purchase, invoice information and fraud-prevention signals.

We should avoid storing full card numbers. Payment processing should be handled by a payment provider such as Stripe, Paddle, Lemon Squeezy or another provider chosen before launch.

Cookie and analytics data

We may use cookies or similar technologies for login, security, preferences and analytics. See the Cookie Notice for more detail.

2. How we collect data

We collect data when:

  • you visit the website;
  • you create an account;
  • you log in;
  • you play the game;
  • you submit messages, tickets or feedback;
  • you interact with game systems;
  • your browser or device sends technical data;
  • our systems generate logs for security, moderation, anti-cheat and service operation.

3. Why we use your data

We use personal data to:

  • create and manage accounts;
  • let you log in and play;
  • save game progress;
  • operate the persistent world map;
  • provide game features;
  • detect cheating, bots, exploits and multi-account abuse;
  • investigate rule breaches;
  • moderate content;
  • provide support;
  • secure the service;
  • prevent fraud and abuse;
  • fix bugs and improve performance;
  • understand how the game is used;
  • communicate important account, security, service and policy updates;
  • comply with legal obligations.

4. Legal basis

Where UK GDPR or EU GDPR applies, we rely on the following legal bases:

Contract

We process data needed to provide Sarachovia to you, including account creation, login, game progress, support and core gameplay.

Legitimate interests

We process data for legitimate interests such as security, fraud prevention, anti-cheat, moderation, service improvement, analytics, bug fixing and protecting the game community.

Consent

We ask for consent where required, such as for non-essential cookies, marketing emails or optional analytics where consent is legally required.

Legal obligation

We may process or retain data where required by law, tax rules, consumer protection rules, court orders, law enforcement requests or regulatory obligations.

5. Anti-cheat and fair play

To protect Sarachovia and its players, we may analyse technical data, gameplay data, account patterns, login activity, IP data, browser data and reports from other players.

This may be used to detect:

  • bots;
  • scripts;
  • automation;
  • exploit abuse;
  • multi-accounting;
  • account sharing;
  • suspicious transfers;
  • ranking manipulation;
  • unauthorised tools;
  • attempts to bypass bans or limits.

We may keep enforcement records to prevent repeat abuse and protect the integrity of the game.

6. Who we share data with

We may share data with trusted service providers that help us operate Sarachovia, such as:

  • hosting providers;
  • database providers;
  • authentication providers;
  • email providers;
  • analytics providers;
  • error monitoring providers;
  • payment providers, if payments are added;
  • customer support tools;
  • security and anti-abuse services.

Potential providers may include, depending on the final build:

[INSERT HOSTING PROVIDER - TBC]

[INSERT DATABASE PROVIDER - TBC]

[INSERT AUTH PROVIDER - TBC]

[INSERT EMAIL PROVIDER - TBC]

[INSERT ANALYTICS PROVIDER IF USED - TBC]

[INSERT PAYMENT PROVIDER IF USED - TBC]

We do not sell your personal data.

We may disclose information if required by law, to enforce our rules, to protect users, to investigate abuse, or to protect our legal rights.

7. International transfers

Some providers may process data outside the UK or European Economic Area. Where this happens, we will use appropriate safeguards where required, such as adequacy decisions, standard contractual clauses or equivalent protections.

8. How long we keep data

We keep personal data only as long as needed for the purposes described in this notice.

Typical retention periods:

  • account data: while your account exists;
  • gameplay data: while needed to operate the persistent game world;
  • server logs: usually up to [INSERT PERIOD, e.g. 90 DAYS - TBC], unless needed for security or investigation;
  • support tickets: usually up to 24 MONTHS;
  • anti-cheat and enforcement records: as long as needed to prevent abuse and enforce bans;
  • payment records: as required by tax, accounting and legal rules if payments are added.

We may keep limited records after account closure where needed for legal, security, anti-abuse or accounting reasons.

9. Your rights

Depending on where you live, you may have rights to:

  • access your personal data;
  • correct inaccurate data;
  • delete your data;
  • restrict processing;
  • object to processing;
  • request data portability;
  • withdraw consent;
  • complain to a data protection authority.

To make a request, contact: [INSERT PRIVACY CONTACT EMAIL - TBC]

We may need to verify your identity before acting on a request.

10. Account deletion

You may request account deletion by contacting:

[INSERT SUPPORT EMAIL OR ACCOUNT DELETION URL - TBC]

Deleting an account may remove access to game progress, bases, rankings, messages and purchases. Some data may be retained where needed for legal, security, anti-cheat, fraud prevention or accounting reasons.

11. Children

Sarachovia is not intended for children under 16.

If you believe a child under the minimum age has created an account, contact us so we can review and take appropriate action.

12. Security

We use reasonable technical and organisational measures to protect personal data, including access controls, encrypted password storage, secure hosting, logging and monitoring.

No online service can be guaranteed completely secure. You should use a strong unique password and keep your login details private.

13. Marketing

We will not send marketing emails unless you have opted in or unless the law allows us to contact you about similar services.

You can unsubscribe from marketing messages at any time.

Service emails, security notices and account-related messages are not marketing and may still be sent where needed.

14. Changes to this notice

We may update this Privacy Notice as Sarachovia develops. If changes are significant, we will try to notify users through the website, email or in-game notice.

15. Contact

For privacy questions, contact:

[INSERT PRIVACY CONTACT EMAIL - TBC]

You also have the right to complain to the UK Information Commissioner's Office or your local data protection authority if you believe your data rights have been breached.