top of page

Void Arc Games

Privacy Policy

The "Void Arc Series Games" (hereinafter referred to as "the Games") are independently developed and operated by Void Arc Games Inc (hereinafter referred to as "we/us"). We respect users' privacy and data security. This Privacy Policy aims to clarify our policies regarding the collection, use, storage, and protection of user information, as well as the rights enjoyed by users. Please carefully read and understand this Policy before using the Games. Your use of the Games will be deemed acceptance of this Policy.​

1. Collected Information and Permission Disclosure​

(I) Sensitive Permissions and Information Collection (Sorted by Sensitivity)​

  1. Biometric Permissions​

  • Collection Method: Temporarily collects facial feature points and voiceprint feature data through the device's built-in sensors only when the user actively enables functions such as "Face ID Login" and "Voiceprint Verification for Transactions".​

  • Collected Content: Facial feature point coordinates (not complete facial images) and voiceprint spectrum data, which are only used for identity verification. Raw biometric information is not stored.​

  • Collection Objects: Users who choose to enable the corresponding functions, based entirely on users' voluntary authorization.​

  1. Health Data Permissions​

  • Collection Method: Obtains data through device health application interfaces (such as HealthKit) only when the user uses the "Game Health Management" module (e.g., fatigue monitoring, heart rate-adapted game difficulty).​

  • Collected Content: Health indicators related to gaming experience, such as heart rate, exercise duration, and screen usage time. It does not involve core health data such as disease diagnosis and medical records.​

  • Collection Objects: Users who actively enable the health management function, which requires separate user authorization.​

  1. Precise Geolocation Permissions​

  • Collection Method: Real-time obtains location data through the device's GPS module when the user enables functions such as "Same-City Matching" and "Offline Event Registration". Collection stops immediately after the function is disabled.​

  • Collected Content: GPS coordinates (accurate to the neighborhood level) used to match same-city players or push offline event information. Indoor positioning data is not collected.​

  • Collection Objects: Users who choose to participate in same-city interactions or offline events. Users can disable the permission at any time.​

  1. Financial Data Permissions​

  • Collection Method: Obtains transaction-related data through third-party payment platform (such as PayPal, Stripe) interfaces when users make in-game purchases. We do not directly store payment card information.​

  • Collected Content: Transaction records such as transaction amount, payment time, and order number, used for reconciliation and order inquiry. Sensitive financial information such as credit card numbers and passwords is not collected.​

  • Collection Objects: Users who perform payment operations. Data transmission complies with the Payment Card Industry Data Security Standard (PCI DSS).​

  1. Personal Identifier Permissions​

  • Collection Method: Provided voluntarily by users during account registration or obtained through device identifier association.​

  • Collected Content: Username, email address, mobile phone number (for account verification), device unique identifiers (IDFA/AAID), and Social Security Number (only used for tax filing when users participate in large-value bonus activities, stored separately with encryption).​

  • Collection Objects: All registered users. The only mandatory fields are username and email address; other information is optional.​

(II) General Permissions and Information Collection​

  1. Device Permissions: Collects device model, operating system version, memory, storage capacity, network type, and other information to adapt to the game's operating environment and optimize performance, without requiring additional user authorization.​

  1. Log Permissions: Automatically records user game behavior logs (such as login time, game level progress, and function usage frequency) to analyze game experience issues and improve product functions.​

  1. Photo Album/Storage Permissions: Obtains permission only when users actively upload custom avatars or share screenshots. Collects image files selected and uploaded by users, and does not access other files on the device.​

  1. Microphone/Camera Permissions: Authorized for use when users participate in in-game voice chat or video interaction functions. Collected voice data and video images are only used for real-time communication and are automatically deleted after the communication ends without retaining raw data.​

(III) Data Sharing and Profit Statement​

  1. Third-Party Sharing Restrictions: We only share data with U.S.-based third parties under the following circumstances, and will clearly inform users and obtain separate authorization before sharing (except as required by law):​

  • Payment Processing: Shares transaction-related data with U.S. payment service providers such as PayPal and Stripe to complete the payment process;​

  • Cloud Services: Shares data with U.S. cloud service providers such as Amazon Web Services (AWS) and Microsoft Azure for server storage and computing;​

  • Security Protection: Shares abnormal behavior data with U.S. cybersecurity service providers such as Palo Alto Networks and CrowdStrike to prevent cyberattacks;​

  • Compliance Requirements: Provides necessary data to law enforcement agencies in accordance with legal requirements such as U.S. court subpoenas and Department of Justice directives. We do not share any data with "covered countries" (China, Cuba, Iran, North Korea, Russia, Venezuela) and their affiliated entities.​

  1. Data Sale Statement: We will never sell users' personal information (including sensitive data and general data) to third parties for profit in any form. Data is only used for product operation and service optimization purposes as agreed in this Policy.​

(IV) Data Storage Servers​

All collected user data is stored on U.S.-based servers of AWS (Oregon Data Center) and Microsoft Azure (Virginia Data Center), strictly complying with the U.S. International Emergency Economic Powers Act and Executive Order 14117. Data will not be transmitted to servers in "covered countries". Cross-border data transmission requires the approval of the U.S. Department of Justice (if applicable).​

2. Data Security Protection Measures​

  1. Technical Protection: Adopts AES-256 encryption algorithm for storage encryption of sensitive data, and uses TLS 1.3 protocol for data transmission to prevent data leakage and tampering; deploys firewalls, Intrusion Detection Systems (IDS), and data desensitization technologies to restrict internal personnel access permissions.​

  1. Compliance Audits: Conducts regular data security compliance audits (at least twice a year), with audit reports issued by U.S.-based third-party audit firms such as Deloitte and KPMG to ensure compliance with relevant regulatory requirements including COPPA and PCI DSS.​

  1. Emergency Response: Establishes an emergency response plan for data security incidents. In the event of a data breach, affected users will be notified through email, in-game notifications, etc., within 72 hours, and a report will be submitted to the U.S. Federal Trade Commission (FTC) with remedial measures taken to minimize user losses.​

  1. Employee Management: Conducts background checks and privacy protection training for employees with access to user data, and requires them to sign confidentiality agreements. Employees who improperly disclose data will bear corresponding legal responsibilities.​

3. Data Retention and Deletion Mechanisms​

  1. Retention Periods:​

  • General Data (e.g., device information, game logs): Retained for 12 months after user account cancellation, used for handling historical order disputes and compliance audits;​

  • Sensitive Data (e.g., biometric data, financial transaction records): Biometric data only retains encrypted feature values required for verification and is deleted immediately after the user disables the function; financial transaction records are retained for 7 years (in compliance with U.S. tax filing requirements);​

  • Minor Data: Retained until 12 months after the minor reaches the age of 13, or within 30 days after the guardian requests deletion.​

  1. Deletion Mechanisms:​

  • Active Account Cancellation by Users: Users can submit a request through the in-game "Account Settings - Cancel Account" function. We will complete the deletion of all data (except as required by law) within 30 days and provide a deletion confirmation certificate;​

  • Automatic Deletion: Data exceeding the retention period will be deleted through the system's automatic cleaning program and cannot be recovered;​

  • Guardian Request: Guardians of minors can request the deletion of minor data with valid identification. They need to submit proof of guardianship relationship via email, and the deletion will be completed within 15 days after approval.​

4. Protection of Minors' Rights and Interests​

  1. Scope of Application: Strictly complies with the U.S. Children's Online Privacy Protection Act (COPPA) and formulates special protection measures for minors under the age of 13 ("Child Users").​

  1. Consent Requirements: Before collecting and using Child Users' personal information, explicit consent must be obtained from their parents or legal guardians through verifiable methods such as email or phone call. No personal information of Child Users will be collected without consent.​

  1. Information Restrictions: Does not collect sensitive information such as biometric data and financial data from Child Users. Only collects necessary basic information such as username and guardian contact information, which is not used for personalized advertising.​

  1. Guardian Rights: Guardians have the right to inquire about, modify, or delete Child Users' personal information, and can apply to cancel the Child User's account through the contact information provided in this Policy. We will provide such services free of charge.​

  1. Content Review: Game content accessible to Child Users undergoes special review to block inappropriate content such as violence and pornography. A daily game time limit (no more than 2 hours per day) is set to protect minors' physical and mental health.​

5. User Rights​

  1. Right to Know: Users have the right to inquire about the collection, use, and sharing of their personal information through the in-game "Privacy Center", and we will provide a clear information inquiry interface.​

  1. Right of Access: Users can request a copy of their personal data (in CSV or PDF format). After submitting the request via email, we will provide it within 15 days.​

  1. Right to Rectification: If personal information is incorrect (e.g., contact information, address), users can modify it directly through in-game settings or contact customer service for assistance. The rectification will take effect immediately.​

  1. Right to Erasure: Except for information required to be retained by law, users have the right to request the deletion of their personal information at any time. For specific procedures, refer to the "Data Retention and Deletion Mechanisms" section of this Policy.​

  1. Right to Withdraw Consent: Users can withdraw authorization for various permissions (e.g., disable geolocation, microphone permissions) through device system settings or in-game permission management functions. Withdrawal of consent does not affect the use of information based on legal authorization prior to withdrawal.​

  1. Right to Complain: If users believe that our information processing activities infringe on their privacy rights and interests, they can file a complaint with the U.S. Federal Trade Commission (FTC) or through the contact information provided in this Policy. We will respond to the handling result within 10 days.​

6. Use of Cookies and Similar Technologies​

  1. Purpose of Cookies: Uses HTTP Cookies and Local Storage technologies to remember user login status, preference settings (e.g., game language, graphics quality), and track game usage to optimize user experience. They are not used to collect sensitive personal information.​

  1. Control Options: Users can disable Cookies through browser settings (e.g., Chrome Browser: "Settings - Privacy and Security - Site Settings - Cookies"). However, disabling Cookies may prevent the use of functions such as automatic login and personalized settings.​

  1. Third-Party Cookies: Only allows U.S.-based third-party service providers (e.g., Google Analytics, Facebook Pixel) to set Cookies for statistical game traffic and advertising effectiveness. The use of third-party Cookies is subject to their own privacy policies, and we are not responsible for them.​

7. Policy Updates​

  1. We may revise this Privacy Policy in accordance with changes in U.S. laws and regulations or product function updates. The revised Policy will be notified to users through in-game announcements, emails, etc., and the update date will be marked at the top of the Policy.​

  1. If the revised content involves significant changes to rights and interests (e.g., adding sensitive data collection, expanding the scope of third-party data sharing), a 30-day public notice period will be provided. Users can choose whether to accept the revised Policy during the public notice period. Continued use of the Games by users will be deemed acceptance of the revised Policy.​

  1. Historical Versions: Users can query previous versions of the Privacy Policy through the in-game "Privacy Center - Historical Policies", which are retained for 2 years.​

8. Contact Information​

If you have any questions, complaints, or data-related requests (e.g., inquiry, deletion of data) regarding this Privacy Policy, you can contact us through the following methods:​

  • Physical Address: 405 Anglers Dr Steamboat Springs, CO 80487, USA​

We will respond to your inquiry or handling request within 15 business days.​

bottom of page