Dragons of Camelot – Privacy Policy

Last Updated: 23/12/2025

Your privacy is important to us. This Privacy Policy explains what personal data we collect when you use Dragons of Camelot (the “game” or “Services”), how we use and share that data, and your rights regarding your information. We are committed to processing personal data in accordance with applicable data protection laws, including the UK General Data Protection Regulation (UK GDPR) and the EU GDPR where applicable, as well as the Data Protection Act 2018.

By using the game, you acknowledge that you have read and understood this Privacy Policy. If you have any questions, we encourage you to contact us using the information in Section 11.

1. Who We Are and How to Contact Us

• Data Controller: PPKL Ltd., the operator of Dragons of Camelot (“we” or “us”).
• Contact Email: support@dragonsofcamelot.com (for privacy inquiries)

2. Personal Data We Collect

When you use Dragons of Camelot, we collect different types of information about you. “Personal data” means any information that relates to you as an identified or identifiable individual.

2.1 Information You Provide to Us

• Account Registration: When you create an account, we ask for a username and an email address. We also record the date you registered and your account ID. If the game allows profile customization, any information you add to your profile (such as an avatar image or bio) will be stored as well.
• Contact Information: If you sign up for newsletters or provide an email for support, we collect that contact info. If you participate in surveys, contests, or events, you may provide your name, mailing address, or other details.
• Customer Support: If you contact us (email, ticket, or chat), we receive whatever information you choose to provide (contact details, issue description, screenshots, attachments). We keep records of support requests and our responses.
• Community and Communication: If the game includes chat/forums/messaging, and you post or send messages, we process the content of those communications. Messages may be monitored or logged as needed to enforce our Terms and keep the community safe.

2.2 Information We Collect Automatically

• Device and Connection Info: Device type, operating system, browser type, device identifiers, and your IP address (which may indicate approximate location). We use this for functionality, regional settings, analytics, and security/fraud prevention.
• Usage Data: Logins, session lengths, features used, in-game actions and gameplay statistics, and telemetry such as error logs/crash reports.
• Cookies and Similar Tech: We use cookies and similar technologies to operate the site, keep you logged in (where applicable), and gather analytics. See Section 5.

2.3 Information from Third Parties

• Social Login Data (if used): If you register/log in via a third party (e.g., Google/Facebook), we may receive information such as your name, user ID on that service, and email address, depending on what you authorize.
• Payment Processors: If you make purchases, we receive limited information from providers such as Stripe (e.g., transaction ID, country, payment method type, success/failure), plus fraud-related signals (e.g., disputes/chargebacks). We do not receive your full card number or bank details.
• Advertising Partners: As of the “Last Updated” date, Dragons of Camelot does not serve third-party ads in a personal-data-collecting way. If that changes, we will update this policy.

We aim to collect only the data necessary for the purposes described in this Policy.

3. How We Use Your Personal Data

We use personal data to operate, secure, and improve Dragons of Camelot. We only process data where we have a lawful basis under UK GDPR/EU GDPR. Examples include:

3.1 Provide the Game and Services

We use registration and gameplay data to create and maintain your account, save your progress, enable multiplayer features, and provide region/language settings (including using IP-derived country where relevant). Legal basis: contract performance (GDPR Art. 6(1)(b)).

3.2 Account Administration

We use your email for verification and essential service messages (password resets, important notices, policy updates). We also use account and security data to enforce our Terms and prevent abuse. Legal basis: contract performance and/or legitimate interests (GDPR Art. 6(1)(b) and 6(1)(f)).

3.3 Game Operations and Analytics

We analyze usage and telemetry to fix bugs, improve performance, balance gameplay, and enhance content. Where feasible, we use aggregated or pseudonymized analytics. Legal basis: legitimate interests (GDPR Art. 6(1)(f)).

3.4 Customer Support

We use support messages and account details to respond, troubleshoot, and resolve issues. Legal basis: contract performance and/or legitimate interests (GDPR Art. 6(1)(b) and 6(1)(f)).

3.5 Community and Moderation

We facilitate chat, forums, guilds, and multiplayer features. Usernames/avatars and certain game stats may be visible to others. We may log and review communications to enforce rules and keep the community safe. Legal basis: legitimate interests and, where needed, legal obligation (GDPR Art. 6(1)(f) and 6(1)(c)).

3.6 Payments and Purchases

We process purchase records to deliver virtual goods/subscriptions and keep accounting/tax records. Payments are processed through Stripe (see Section 4). Legal basis: contract performance and legal obligation (GDPR Art. 6(1)(b) and 6(1)(c)).

3.7 Marketing and Communications (Opt-In)

We may send newsletters and offers only if you opt in. You can unsubscribe at any time. Legal basis: consent (GDPR Art. 6(1)(a)).

3.8 Push Notifications (If enabled)

If you allow web/app notifications, we may send game-related reminders. You can disable notifications at any time. Legal basis: consent (GDPR Art. 6(1)(a)).

3.9 Fraud Prevention and Security

We use technical and activity data to prevent hacking, abuse, and fraud, and to enforce bans and protect users. Legal basis: legitimate interests and, where applicable, legal obligation (GDPR Art. 6(1)(f) and 6(1)(c)).

3.10 Legal Compliance

We may process and retain data to comply with legal requirements and to establish, exercise, or defend legal claims. Legal basis: legal obligation (GDPR Art. 6(1)(c)).

4. How We Share or Disclose Personal Data

We do not sell your personal data to third parties for their own marketing. We may share data as follows:

4.1 Service Providers (Processors)

• Payment Processing: Stripe (and any other payment partners) processes payment details. We receive only limited non-sensitive payment confirmations and transaction metadata.
• Hosting and Infrastructure: Hosting/cloud providers that store and transmit data under our instructions to run the Services.
• Email and Communications Tools: Email delivery services used to send verification emails, service messages, and newsletters (where opted in).
• Analytics and Crash Reporting: Tools (e.g., Google Analytics for the website, and error/crash tools for debugging) used under our instructions.
• Support/Moderation Tools: Platforms used to manage support tickets or moderation, if applicable.

We require processors to protect personal data, use it only on our instructions, and keep it confidential. Where required, we put data processing agreements in place.

4.2 Within Our Corporate Group

If PPKL Ltd. is part of a corporate group, we may share data within the group to operate the Services (e.g., IT support, customer service), under consistent privacy safeguards.

4.3 Other Players and Public Information

Some information is visible to other players by nature of the game (e.g., username, avatar, rankings, guild rosters, public chat/forum posts). Please be mindful of what you share publicly.

4.4 Legal Compliance and Protection

We may disclose data to comply with law, enforce Terms, protect rights/safety, and investigate fraud, including responding to lawful requests from authorities. Where possible and lawful, we may notify affected users.

4.5 Business Transfers

If we undergo a merger, acquisition, reorganization, or asset sale, personal data may be transferred as part of the transaction, subject to appropriate protections and notice where required.

4.6 Aggregated or Anonymized Data

We may share aggregated/anonymized data that cannot reasonably identify you (e.g., gameplay statistics, regional player distribution).

4.7 International Data Transfers

Data may be processed outside the UK/EEA by service providers. Where required, we use appropriate safeguards such as Standard Contractual Clauses or other lawful transfer mechanisms. You can contact us to request more information.

5. Cookies and Analytics Technologies

5.1 Cookies on Our Website

Cookies are small files stored on your device. We use:

• Essential Cookies: Required for site functionality (e.g., login sessions).
• Preference Cookies: Remember choices (e.g., language).
• Analytics Cookies: Help us understand site usage (typically with consent where required).
• Advertising Cookies: Not used for third-party ads as of the Last Updated date.

You can manage cookies via browser settings and (where provided) our cookie banner/preferences tool. Disabling cookies may affect site functionality.

5.2 Google Analytics

We use Google Analytics on our website to understand and improve the site. Google Analytics is provided by Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland). It uses cookies to collect information such as browser type, device identifiers, pages visited, time on pages, and referring pages. We configure Google Analytics to anonymize IP addresses where applicable.

• Legal basis: legitimate interests and/or consent for analytics cookies depending on your jurisdiction.
• Opt-out options: Use cookie settings (if available), block/delete cookies in your browser, or use the Google Analytics opt-out browser add-on.

For more information, see Google’s Privacy Policy on their website and their information on partner sites/apps.

5.3 Other Analytics or Tracking Tools

Aside from Google Analytics for the website, we currently do not use third-party ad tracking tools for targeted ads. If this changes, we will update this policy and obtain any required consents.

5.4 Do-Not-Track Signals

There is no universal standard for “Do Not Track.” We follow the practices described above regardless of DNT signals. You can use the opt-out choices above to manage cookies and analytics.

6. Data Retention

We keep personal data only as long as necessary for the purposes described and to meet legal, accounting, and reporting requirements.

• Account Data: Kept while your account is active; deleted/anonymized after account deletion (typically within 30 days), subject to lawful retention needs (e.g., fraud prevention, disputes).
• Gameplay Data: Kept while your account exists; deleted/anonymized after deletion unless needed for legitimate reasons.
• Transaction Records: Retained as required by tax/accounting laws (often around 6 years in the UK), even if you delete your account.
• Support Tickets: Often retained 2–3 years for continuity and quality assurance unless deletion is requested and we have no lawful reason to keep it.
• Analytics Data: Retained per our analytics settings (e.g., Google retention settings).
• Logs and Backups: Logs kept for a short period for security/diagnostics; backups are rotated and securely destroyed when expired.

7. Your Rights and Choices

You have rights under data protection law, including:

• Right of Access (obtain a copy of your data).
• Right to Rectification (correct inaccurate data).
• Right to Erasure (delete data in certain cases).
• Right to Restrict Processing (limit use in certain cases).
• Right to Data Portability (receive data you provided in a machine-readable format in certain cases).
• Right to Object (to processing based on legitimate interests; absolute right to object to direct marketing).
• Right to Withdraw Consent (where processing is based on consent).
• Rights related to Automated Decision-Making: We do not make legal or similarly significant decisions solely by automated means.

To exercise your rights, contact us using the details in Section 11. We may need to verify your identity. We normally respond within one month (extendable for complex requests as permitted by law). You also have the right to lodge a complaint with a supervisory authority (see Section 11).

8. Children’s Privacy

Dragons of Camelot is not intended for children under 16. We do not knowingly collect personal data from anyone under 16. If we learn we have collected such data, we will delete it. Parents/guardians who believe a child has provided data should contact us immediately.

9. Security Measures

We use technical and organizational measures to protect data, including encryption in transit (HTTPS/TLS), password hashing, access controls, monitoring, backups, and staff training. No system is 100% secure, so please use a strong password and be cautious of phishing. If you suspect account compromise, contact us immediately.

10. Changes to This Privacy Policy

We may update this Privacy Policy to reflect changes in practices or law. If changes are material, we will provide notice (e.g., email, website, or in-game). The “Last Updated” date reflects the latest revision. Continued use after the effective date means you accept the updated policy to the extent permitted by law.

11. Contact Information and Complaints

• Email: support@dragonsofcamelot.com

Complaints (UK): You can complain to the Information Commissioner’s Office (ICO).

Complaints (EU): If applicable, you can contact your local data protection authority in the EU.

By playing Dragons of Camelot, you trust us with your data. We take that responsibility seriously and are committed to safeguarding your privacy. Thank you for reading our Privacy Policy. Enjoy the game, and may your quests in Camelot be successful!