1. Who We Are

• Service name: Horde RPG
• Website: https://wwww.horde-rpg.com
• Contact email: [email protected]
• Data controller: Laurent Callarec
• Country of operation: France
• Contact email: [email protected]

If you have any questions about this Privacy Policy or your personal data, you can contact us using the details above.

2. Date We Collect

We collect data strictly necessary to operate a virtual tabletop platform with accounts, real-time communication, analytics, payments, and email notifications.

2.1 Data You May Provide

• Account information (e.g. email address)
• Profile information (e.g. display name, avatar)
• User-generated content (e.g. maps, tokens, characters, notes)
• Chat messages and real-time communications
• Billing information (handled by third-party payment providers)
• Communications with us (e.g. support requests, emails)

2.2 Data Collected Automatically

• IP address
• Device, browser, and operating system information
• Date and time of access

2.3 Cookies and Similar Technologies

We use cookies and similar technologies to:

• Enable authentication and session management
• Store user preferences
• Enable real-time features
• Analyze usage and performance (analytics)
• Ensure security and prevent abuse

3. How We Use Your Data

We use personal data to:

• Create and manage user accounts
• Provide real-time virtual tabletop and chat functionality
• Process payments and manage subscriptions
• Send service-related emails (account notifications, billing, system messages)
• Improve performance, stability, and user experience through analytics
• Monitor usage and prevent fraud, abuse, or security incidents
• Comply with legal and regulatory obligations

4. Legal Basis for Processing (GDPR)

If you are located in the European Economic Area (EEA), we process your personal data based on the following legal grounds:

• Contractual necessity: to provide the Service
• Consent: where you have given explicit consent
• Legitimate interests: to improve and secure the Service
• Legal obligation: to comply with applicable laws

5. Data Sharing

We do not sell your personal data.

We may share data with trusted third parties acting as data processors, including:

• Hosting and cloud infrastructure providers
• Analytics providers
• Payment processors (for billing and subscriptions)
• Email delivery services
• Error monitoring and logging services
• Legal or regulatory authorities when required by law

All third-party providers are contractually required to process data in compliance with the GDPR and applicable data protection laws.

6. Data Storage and Retention

• Personal data is stored on secure servers located in: France, Germany
• We retain personal data only as long as necessary to provide the Service or comply with legal obligations
• You may request deletion of your account and associated data at any time

Some data may be retained in backups for a limited period.

7. Security Measures

We implement appropriate technical and organizational measures to protect personal data, including:

• Encrypted connections (HTTPS)
• Password hashing
• Access controls
• Regular security updates

However, no system is 100% secure, and we cannot guarantee absolute security.

8. Your Rights

Depending on your location, you may have the right to:

• Access your personal data
• Correct inaccurate data
• Withdraw consent at any time

9. Children’s Privacy

The Service is not intended for children under the age of 13.

We do not knowingly collect personal data from children. If you believe a child has provided us with personal data, please contact us so we can delete it.

10. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. Changes will be posted on this page with an updated revision date.

Continued use of the Service after changes means you accept the updated Privacy Policy.

11. Contact

If you have any questions about this Privacy Policy or our data practices, contact us at:

Email: [email protected]