Legal

Privacy Policy

Last updated: April 2, 2026

1. Data Controller

2. Overview

VØID Arc is designed to work fully offline. An internet connection is needed only for optional account-based features: cross-device progression sync, online leaderboards, and in-app supporter purchases. We collect only the data strictly necessary to provide these features.

3. Data We Process

3.1 Local data (stays on your device)

Settings such as language preference and volume levels, and cached scores for offline play, are stored exclusively on your device using standard OS storage mechanisms (SharedPreferences / Hive). This data is never transmitted to us.

3.2 Anonymous use (no account required)

VØID Arc is fully playable without an account. When you play without signing in, all scores, settings, and progression are stored locally on your device only. No game data is transmitted to our servers in this mode. An internet connection is only required when you actively choose to sign in with Google or Apple.

3.3 Signed-in account (optional)

If you choose to sign in with Google or Apple to enable cross-device sync and named leaderboard entries:

• Data: Email address, display name, Google/Apple user ID
• Purpose: Account management, cross-device progression sync, named leaderboard entries
• Legal basis: Performance of a contract with you (Art. 6(1)(b) GDPR)
• Retention: Until you delete your account

3.4 Game progression sync

When signed in, the following game state is synced to our secure backend:

• High scores per game mode
• Cumulative jump count (used for unlocking themes and trails)
• Currently equipped theme and trail style

• Purpose: Cross-device continuity and leaderboard accuracy
• Legal basis: Performance of a contract (Art. 6(1)(b) GDPR)

3.5 In-app purchases (Supporter Pack)

If you make an in-app purchase we validate the receipt with Google Play or the Apple App Store. We store only your entitlement status (supporter: yes/no) and the validation timestamp. Payment data is never transmitted to or stored by us — it is handled exclusively by Google or Apple.

• Legal basis: Performance of a contract (Art. 6(1)(b) GDPR)
• Processors: Google LLC (Google Play), Apple Inc. (App Store)

3.6 Advertising (Google AdMob)

VØID Arc may display advertisements from Google AdMob to non-supporter users. When ads are active, Google may collect your device’s advertising identifier (Google Advertising ID on Android, IDFA on iOS) and use it to serve contextual or personalised advertisements in accordance with Google’s own privacy policy.

On iOS, the app may ask for Apple’s App Tracking Transparency (ATT) permission before personalised advertising is requested. On Android and other regulated regions, the app may display a Google User Messaging Platform (UMP) consent form before loading ads, where required by law.

• Purpose: Funding the free-to-play version of the game
• Legal basis: Consent (Art. 6(1)(a) GDPR) — where required by law we will request your consent before serving personalised ads
• Consent platform: Google User Messaging Platform (UMP), where applicable
• Opt-out: You can reset or opt out of ad personalisation at any time via your device’s privacy settings (Ads section under Privacy or Google services)
• Google Privacy Policy: policies.google.com/privacy

4. Backend Infrastructure (Supabase)

We use Supabase as our backend for authentication, database storage, and real-time features. Data is stored on infrastructure hosted in the European Union (AWS eu-central-1, Frankfurt, Germany). A Data Processing Agreement (DPA) is in place with Supabase Inc.

Supabase Privacy Policy: supabase.com/privacy

5. Authentication Providers

Google Sign-In

If you sign in with Google, Google LLC processes your authentication request. VØID Arc receives only the basic profile information (email address, display name, user ID) required to create your in-game account. See Google’s Privacy Policy.

Sign in with Apple

If you sign in with Apple, Apple Inc. processes your authentication request. Apple gives you the option to hide your real email address using a private relay address. See Apple’s Privacy Policy.

6. International Data Transfers

Our primary backend stores data within the EU (Frankfurt). However, Google LLC and Apple Inc. are US-based companies. Transfers of personal data to the US are covered by Standard Contractual Clauses (SCCs) as approved by the European Commission under Art. 46(2)(c) GDPR.

7. Data Retention

• Account data and progression: Retained while your account is active; deleted within 30 days of an account deletion request
• Purchase entitlement records: Retained for up to 7 years for legal and tax compliance, held in anonymised form after account deletion

8. Your Rights under GDPR

Under EU data protection law you have the right to:

• Access: Request a copy of all personal data we hold about you
• Rectification: Have inaccurate data corrected
• Erasure: Request deletion of your data (“right to be forgotten”)
• Restriction: Request restricted processing while a dispute is resolved
• Portability: Receive your data in a structured, machine-readable format
• Object: Object to processing based on legitimate interests
• Withdraw consent: Withdraw any consent at any time without affecting the lawfulness of prior processing

To exercise any of these rights, email privacy@void-arc.com. We will respond within 30 days.

You also have the right to lodge a complaint with the supervisory authority responsible for Bavaria:

9. Children’s Privacy

VØID Arc is not directed at children under the age of 16. We do not knowingly collect personal data from children under 16. If you believe a child has provided us with personal data, please contact us at privacy@void-arc.com and we will delete it promptly.

10. Changes to This Policy

Material changes will be reflected by updating the “Last updated” date at the top of this page. For changes that significantly affect your rights, we will also provide an in-app notification.

11. Contact