Last updated: March 1, 2026
This Privacy Policy explains how we collect and process personal data when you use www.argames15.eu (the “Website”), including registration/login, blog comments, and contacting us.
Controller: Alexander Ritter
Address: Please see our Legal Notice / Impressum page on this Website.
E-Mail: argames15.alexander@gmail.com
Depending on how you use the Services, we may process: (a) usage and device data (e.g., IP address, browser/app details, timestamps), (b) account data (username, email, password hash), (c) authentication data (when using Google Login), (d) content you submit (contact messages, comments), (e) technical identifiers (session cookies for login, advertising identifiers for ads), and (f) analytics and ad measurement data.
The Website (and related backend services, including the database) are hosted using Railway. For operating and delivering the Website, Railway may process personal data on our behalf (e.g., hosting, infrastructure, and related logs).
Legal basis: Art. 6(1)(f) GDPR (legitimate interest in providing a secure and reliable service) and, where applicable, Art. 6(1)(b) GDPR (providing requested services such as an account).
.When you visit the Website, technical log data may be processed (e.g., IP address, date/time, requested URL, status code, referrer, browser/user agent). This data is used to operate the Website, maintain security, and troubleshoot issues.
Legal basis: Art. 6(1)(f) GDPR.
If you register an account, we process your username, email address, and a password hash. We do not store your plaintext password. Passwords are hashed using bcrypt as part of our Spring-based authentication flow.
Purpose: Creating and managing your account, enabling login, and securing the service.
Legal basis: Art. 6(1)(b) GDPR (performance of a contract / providing the requested account service).
We use technically necessary session cookies to keep you logged in and to protect your session. These cookies are required for the login feature to work.
Legal basis: Art. 6(1)(b) GDPR (providing requested functionality) and/or Art. 6(1)(f) GDPR (legitimate interest in secure operation).
Storage duration: Typically until you log out or the session expires.
You can log in using Google. If you use Google Login, Google processes personal data under its own responsibility. We receive the information needed to authenticate you and to create or link your account (typically your email address and a unique identifier; potentially additional basic profile information depending on your Google settings and our configuration).
Purpose: Authentication and account access via Google Login.
Legal basis: Art. 6(1)(b) GDPR (providing the login method you request).
If you contact us, your request (including the data you provide, such as email address and message content) is stored in our database so that we can review and respond.
Purpose: Communication and support.
Legal basis: Art. 6(1)(f) GDPR (legitimate interest in handling inquiries) or Art. 6(1)(b) GDPR (if your request relates to pre-contractual steps or a contract).
If you post comments on our blog, we process the content of your comment and the account identifier displayed with it (e.g., your username). Based on our current setup, we do not intentionally store commenters’ IP addresses specifically for comment moderation.
Purpose: Publishing and administering comments, preventing abuse, and maintaining a functional community space.
Legal basis: Art. 6(1)(b) GDPR (providing the commenting feature) and Art. 6(1)(f) GDPR (legitimate interest in platform security and abuse prevention).
We use custom fonts (e.g., DM Sans, Plus Jakarta Sans, Roboto) on this Website. These font files are hosted locally on our own server and are delivered directly from our domain. No connection to Google’s servers is required to load fonts.
Legal basis: Art. 6(1)(f) GDPR (legitimate interest in a consistent and appealing presentation of our Website).
We display ads both on this Website and inside our apps/games. For this we may use advertising services such as Unity Ads and/or Google AdMob. These providers may process personal data (in particular device identifiers and IP address, and in some cases advertising identifiers such as Android Advertising ID / Apple IDFA) to deliver, measure, and improve ads, and to prevent fraud.
Data that may be processed: IP address, approximate location (derived from IP), device and browser/app information (model, OS, language), usage events (ad impressions, clicks, interactions), identifiers (e.g., advertising ID), and diagnostic data (for ad delivery and fraud prevention). The exact data depends on your device, settings, and our ad configuration.
Purposes: Showing ads, frequency capping, measuring ad performance, preventing fraud/abuse, and (if enabled) personalizing ads.
Legal basis: If required, we process advertising and tracking data only with your consent (Art. 6(1)(a) GDPR), especially for personalized ads and the use of advertising identifiers. For strictly necessary processing for security/fraud prevention and basic operation, we may rely on legitimate interests (Art. 6(1)(f) GDPR).
Your choices: Where we provide it, you can manage consent/privacy options in the apps and cookie settings on the Website. You can also manage ad personalization in your device settings (e.g., reset/limit your advertising ID / IDFA).
Recipients: Unity Technologies (Unity Ads) and Google (AdMob), and potentially their partners (depending on the configuration and consent choices). We may receive aggregated performance reports but do not receive full advertising profiles.
On the Website, we use technically necessary cookies (such as login session cookies). Advertising and analytics may involve cookies or similar technologies (e.g., local storage). Where required, we ask for your consent before setting/reading non-essential advertising or analytics technologies.
We may use Firebase Analytics to understand how users interact with our apps/games and/or the Website, to improve performance, stability, and user experience. Firebase is provided by Google, and Firebase may process information such as device/app details, usage events (e.g., screens viewed, session duration), approximate location (derived from IP), and identifiers used for analytics.
Purposes: Measuring usage, improving features, diagnosing issues, and understanding which content/functions are used.
Legal basis: If required (especially in the EU/EEA), we process analytics data only with your consent (Art. 6(1)(a) GDPR). If configured in a strictly privacy-friendly way and where permitted, we may rely on legitimate interests (Art. 6(1)(f) GDPR) for basic, non-marketing measurement.
Your choices: Where consent is required, Firebase Analytics will only be activated after you opt in, and you can withdraw consent at any time via our privacy options (if available) and/or device settings.
We share personal data only when necessary to operate the Services or provide features you request. This may include:
- Hosting/infrastructure providers (e.g., Railway) as processors.
- Google, if you use Google Login and/or if you consent to Google services such as Firebase Analytics or AdMob (each under Google’s responsibility for its own processing).
- Unity Technologies, if you use Unity Ads.
We do not sell your personal data.
Depending on the locations of our service providers (e.g., hosting, Unity, and Google), personal data may be processed in countries outside the EU/EEA. Where required, we rely on appropriate safeguards (e.g., standard contractual clauses) and implement additional measures as necessary.
We store personal data only as long as necessary for the purposes described in this Privacy Policy.
Account deletion: If you request deletion of your account, we aim to delete your account data within 72 hours, unless longer retention is required for legal reasons or necessary for establishing, exercising, or defending legal claims (e.g., to investigate abuse).
Contact requests: Stored as needed to handle the inquiry and then deleted according to our retention needs and legal obligations.
Comments: Stored as long as they remain published or until deletion is requested/available, subject to legal retention needs.
Logs: Server/security logs are retained for a limited period as needed for security and troubleshooting.
Under the GDPR, you have the right to request: access (Art. 15), rectification (Art. 16), erasure (Art. 17), restriction (Art. 18), data portability (Art. 20), and to object to processing based on legitimate interests (Art. 21).
To exercise your rights, contact us at: argames15.alexander@gmail.com.
You have the right to lodge a complaint with a data protection supervisory authority, particularly in the EU member state of your habitual residence, place of work, or place of the alleged infringement.
We use appropriate technical and organizational measures to protect your data. Passwords are stored as bcrypt hashes and are not stored in plaintext.
The Services are not intentionally directed at children. If you believe a child has provided personal data to us, please contact us so we can delete it.
We may update this Privacy Policy from time to time (for example, if we add new features). The “Last updated” date at the top shows when it was last revised.
