Privacy Policy

1. Introduction & scope

This Privacy Policy explains how Living Realms, Inc. (“Living Realms,” “we,” “us,” or “our”), a Texas corporation, collects, uses, and shares personal information when you interact with our Services: our marketing website at playlivingrealms.com, our email waitlist, and the Living Realms game and related products once they are available.

By using the Services you agree to this Policy. If you do not agree, please do not use the Services. This Policy is incorporated into our Terms of Service.

Questions, requests, and complaints can be sent to legal@playlivingrealms.com or to our mailing address in Section 14.

2. Age requirement

The Services are intended for users who are at least 13 years old. We do not knowingly collect personal information from children under 13. If you are a parent or legal guardian and believe we have collected personal information from a child under 13, please contact us at legal@playlivingrealms.com and we will delete the information promptly.

If you are between 13 and the age of majority in your jurisdiction (typically 18), you may only use the Services with the review and consent of a parent or legal guardian.

3. Information we collect

3.1 Website

• Waitlist information. When you submit the waitlist form we collect the email address you provide and a short identifier for the form that produced the signup (e.g., the hero form versus the footer form).
• Technical data. Our hosting infrastructure (Azure Front Door and Azure Functions) automatically records standard request data such as IP address, user‑agent string, referring URL, and timestamp. This data is used for security, abuse prevention, and operating the Services.
• No cookies, analytics, or local storage. The marketing website does not currently set cookies, run third‑party analytics, or use localStorage or sessionStorage. If that ever changes we will update this Policy and, where required by law, obtain your consent before placing non‑essential cookies or similar technologies.

3.2 Game (when available)

The Living Realms game is in development. When it is released we expect to collect the following categories of information. We will update this Policy (including the sub‑processor list in Section 6) before the game collects new categories in practice.

• Account information — email address, display name, a salted and hashed password or other authentication credential, date of account creation.
• Gameplay data — progress, inventory, choices, in‑world location, session times, and other information needed to run the game and support multiplayer features.
• Communications — in‑game text chat and, where enabled, voice communications. These may be retained for moderation and safety.
• User‑generated content — creations, builds, adventures, puzzles, and other content you submit, together with associated metadata.
• Device and crash telemetry — device type, operating system, game version, crash dumps, and performance metrics.
• Payment metadata — billing country, order and receipt identifiers, and status information. Full payment card data is processed by a third‑party payment processor that we will identify in this Policy at launch; we do not store full card numbers.

4. How we use information

We use personal information only for clearly defined purposes:

• To deliver the waitlist newsletter and development updates that you have asked to receive.
• To operate, secure, and improve the Services, including the future game.
• To moderate multiplayer conduct and enforce our Terms of Service.
• To process purchases and administer accounts (once the game is available).
• To respond to support requests, legal requests, and regulatory inquiries.
• To comply with applicable law, including tax and consumer‑protection obligations.

We do not sell personal information. We do not share personal information for cross‑context behavioral advertising.

5. Legal bases (GDPR / UK GDPR)

If you are in the European Economic Area or the United Kingdom, we rely on the following legal bases for processing your personal information:

6. How we share information

We share personal information only with the categories of recipients described below.

6.1 Sub‑processors

We use a small number of trusted service providers (“sub‑processors”) to operate the Services. Each is bound by a written contract that limits their use of your information to what we direct.

• Beehiiv, Inc. (United States) — newsletter hosting and delivery for the waitlist.
• Microsoft Corporation (Microsoft Azure, global with primary processing in the United States) — hosting, Azure Front Door, Azure Functions, and log storage.

When the game launches we expect to add additional sub‑processors (for example, a game backend provider, a payment processor, an anti‑cheat provider, and a customer‑support platform). We will update this section before production data is routed to a new sub‑processor.

6.2 Other recipients

• Legal & safety. We may disclose information in response to lawful requests from government authorities or when we believe in good faith that disclosure is necessary to comply with the law, enforce our Terms, protect the rights, property, or safety of Living Realms or others, or investigate fraud or abuse.
• Business transfers. If Living Realms is involved in a merger, acquisition, financing, reorganization, or sale of assets, personal information may be transferred as part of that transaction. We will notify you of any such transfer that affects how your information is handled.

7. International data transfers

Living Realms is based in the United States, and our sub‑processors may process your information in the United States or other countries. When we transfer personal data from the European Economic Area, the United Kingdom, or Switzerland to a country that has not received an adequacy decision, we rely on Standard Contractual Clauses (SCCs) approved by the European Commission and, for UK transfers, the UK International Data Transfer Addendum (IDTA) or the UK Addendum to the SCCs. Copies of the clauses relevant to a specific transfer are available on request to legal@playlivingrealms.com.

8. Data retention

• Waitlist emails — retained until you unsubscribe, plus up to 30 days for operational cleanup.
• Azure request logs — retained for approximately 90 days for security and abuse investigation.
• Game data — retention periods for account, gameplay, and user‑generated content will be described in a Game Privacy Addendum published when the game launches.
• Legal hold. We may retain information longer where required by law or where it is the subject of an active legal claim, investigation, or regulatory request.

9. Your rights

Depending on where you live, you have some or all of the rights below. To exercise any of them, email legal@playlivingrealms.com from the address on file, or write to us at the mailing address in Section 14. We do not charge a fee except where permitted by law (for example, for manifestly unfounded or repetitive requests), and we will not discriminate against you for exercising your rights.

9.1 Everyone

• Access the personal information we hold about you.
• Ask us to correct inaccurate information.
• Ask us to delete your information.
• Unsubscribe from marketing emails at any time using the link in every email.

9.2 EEA and UK (GDPR / UK GDPR)

• Access, rectification, erasure, restriction, data portability.
• Object to processing based on our legitimate interests, including direct marketing.
• Withdraw consent at any time without affecting the lawfulness of earlier processing.
• Lodge a complaint with your local data‑protection supervisory authority. UK users may complain to the Information Commissioner’s Office at ico.org.uk.

We will respond to verifiable requests within 30 days, extendable by an additional 60 days where the request is complex or we receive a high volume.

9.3 California (CCPA / CPRA)

• Right to know what personal information we collect, use, disclose, and (if applicable) sell or share.
• Right to delete personal information.
• Right to correct inaccurate personal information.
• Right to opt out of the sale or sharing of personal information. We do not sell or share personal information as those terms are defined in the CCPA.
• Right to limit the use and disclosure of sensitive personal information.
• Right to non‑discrimination for exercising these rights.

You may submit a request through an authorized agent by sending a written authorization along with the request to legal@playlivingrealms.com. We will respond to verifiable consumer requests within 45 days, extendable once by an additional 45 days with notice.

10. Security

We use reasonable administrative, technical, and physical safeguards designed to protect personal information, including TLS encryption in transit, access controls, and logging. No service can guarantee absolute security on the open internet. If we become aware of a security incident that affects your personal information, we will notify you and any relevant regulator as required by applicable law.

11. Do Not Track

Some browsers offer a “Do Not Track” (DNT) signal. Because we do not track users across third‑party websites, we do not respond to DNT signals.

12. Cookies & similar technologies

The marketing website does not currently use cookies, tracking pixels, web beacons, or similar technologies. If we add them in the future (for example, essential cookies to secure an account session, or analytics cookies), we will update this Policy and, where required by applicable law such as the ePrivacy rules in the EU and the UK, obtain your consent before placing non‑essential cookies.

13. Changes to this Policy

We may update this Policy from time to time. If we make material changes we will notify waitlist subscribers by email and post a prominent notice on the Services. The “Last updated” date at the top of this page reflects the most recent revision.

14. Contact & complaints

Questions, rights requests, and complaints can be sent to:

Living Realms, Inc.
Attn: Legal Department
12600 Hill Country Blvd, Ste R130 #5221
Austin, TX 78738, USA
legal@playlivingrealms.com

If you are an EEA or UK user and we are later required to appoint a representative under Article 27 of the GDPR or the UK GDPR, the representative’s contact details will be listed in this section.