Privacy Policy - Arphros
Last updated: July 11, 2026
1. Introduction
This Privacy Policy explains how Arphros collects, uses, stores, shares, and protects information when you use the game, website, accounts, level sharing, community features, support tools, and premium features.
If you do not agree with this Privacy Policy, do not use Arphros. This policy should be read together with our Terms of Service and Community Rules.
2. Information We Collect
Depending on how you use Arphros, we may collect:
- Account information: username, email address, password hash, account ID, joined date, login tokens, activation status, and account settings.
- Public profile information: username, avatar, banner, about me text, badges, skins, supporter status, published levels, public stats, and online status.
- Gameplay and progression data: level, EXP, coins, tickets, performance points (PP), play counts, replay counts, level completions, ratings, likes, dislikes, comments, and leaderboard data.
- User content: uploaded levels, level archives, embedded audio files, level names, descriptions, difficulty, genre, theme, music metadata, banners, comments, reports, and profile text.
- Device and security information: IP address, device ID, user agent, device make/model/company, app version, crash/feedback metadata, login events, blacklisted IP/device status, ban records, and moderation logs.
- Supporter donation information: transaction IDs, product/tier information, supporter status, purchase verification results, and supporter expiry. Full payment details are handled by payment providers or app stores.
- Support and portal submissions: ban appeals, issue reports, level verification requests, copyright complaints, screenshots, and other information you choose to submit.
- Communications: emails or messages you send to us, Discord/portal submissions, and related support history.
3. Public Information
- Public profile information may be visible to other users on the website or in the game.
- Public information may include username, avatar, profile banner, about me text, badges, PP, coins, EXP, published levels, featured levels, verified levels, comments, and leaderboard placement.
- Do not include private personal information in public profile fields, level descriptions, comments, banners, or other public content.
- Email address, password hash, device ID, IP address, private support requests, and private moderation notes are not intentionally displayed publicly.
4. How We Use Information
- To create, authenticate, secure, and maintain accounts.
- To provide gameplay features, level publishing, downloads, comments, likes, ratings, leaderboards, profiles, rewards, and supporter donation benefits.
- To process purchases, subscriptions, premium entitlements, refunds, chargebacks, and transaction verification.
- To moderate content, investigate reports, detect cheating or abuse, enforce bans, prevent spam, and protect users.
- To respond to support requests, ban appeals, verification requests, copyright complaints, takedown notices, counter-notices, and privacy requests.
- To debug, analyze, secure, and improve the service, including crash reports, feedback, analytics, and server logs.
- To send account, support, security, moderation, or service-related notices.
- To comply with legal obligations, enforce our Terms, and protect the rights, safety, and integrity of Arphros and its users.
5. Legal Bases and Consent
Where privacy laws require a legal basis, we process information because it is necessary to provide the service, perform our agreement with you, protect legitimate interests such as security and moderation, comply with legal obligations, or because you consented.
You may withdraw consent where processing is based on consent, but this may limit access to features that require that information.
6. Cookies, Local Storage, and Tokens
- We may use cookies, local storage, and authentication tokens to keep you signed in, remember preferences, protect sessions, and operate the website.
- You can clear cookies or local storage in your browser, but doing so may log you out or break some features.
- If we add advertising or cross-site tracking technologies in the future, we will update this policy and provide required controls.
7. Sharing and Third Parties
- We do not sell your personal information.
- We do not knowingly share personal information for cross-context behavioral advertising. If that changes, we will update this policy and provide required opt-out controls.
- We may share information with service providers that help operate Arphros, such as hosting, database, storage, analytics, AI moderation, payment processing, app stores, email, support/reporting tools, and security tools.
- Discord webhooks or admin notification tools may receive limited activity, moderation, login, report, or level-publishing metadata for operational and moderation purposes.
- Payment providers and app stores may receive transaction and subscription information needed to process or verify purchases. They may handle payment details under their own policies.
- We may disclose information if required by law, legal process, safety investigations, security incidents, fraud prevention, or to protect the rights and safety of Arphros, users, or others.
- Public content you upload may be visible to other users and may be copied, downloaded, or shared by them outside Arphros.
8. International Transfers
Arphros and its service providers may process information in countries other than where you live. Those countries may have different data protection laws. Where required, we use appropriate safeguards or rely on legally permitted transfer mechanisms.
9. Data Retention
- Account information is generally retained while your account is active.
- Public content such as levels, level archives, embedded audio, comments, profile text, avatars, and banners may remain until deleted, removed by moderation, or no longer needed to operate the service.
- Security logs, IP/device records, login records, abuse reports, copyright complaints, takedown logs, ban records, moderation notes, and deleted-level backups may be retained as needed for safety, anti-abuse, appeals, legal compliance, and service integrity.
- Transaction and premium records may be retained as needed for accounting, fraud prevention, refunds, chargebacks, tax, and legal obligations.
- Backups may retain deleted information for a limited period before they are overwritten or deleted in the normal backup cycle.
- When information is no longer needed, we will delete, anonymize, or archive it where reasonably possible.
10. Your Choices and Rights
- You may update certain account, profile, and about me information through the website or app.
- You may request access to, correction of, deletion of, or export of your personal information by contacting us.
- You may object to or request restriction of certain processing where applicable law gives you that right.
- You may ask us to delete your account. Some information may be retained where needed for security, anti-abuse, legal compliance, transaction records, backups, or legitimate moderation purposes.
- We may verify your identity before processing sensitive requests to protect your account and other users.
- If you are in a region with specific privacy rights, such as GDPR/UK GDPR, CCPA/CPRA, PIPL, PDPA, or similar laws, we will handle requests according to applicable law.
- To submit a privacy request, email [email protected].
11. Children's Privacy
- Arphros is intended for users who are at least 13 years old.
- We do not knowingly collect personal information from children under 13.
- If we learn that an account belongs to a child under 13, we may disable the account and delete or restrict the information associated with it, unless the law requires another process.
- If you are a parent or guardian and believe a child under 13 provided personal information to Arphros, contact us at [email protected].
- Users under the age of majority in their region should use Arphros with permission from a parent or guardian where required by law.
12. Security
- We use reasonable administrative, technical, and organizational safeguards designed to protect personal information.
- Passwords are stored using hashing rather than plaintext storage.
- No online service can be guaranteed to be perfectly secure. You should use a strong password, keep your login token private, and contact us if you believe your account was compromised.
- Access to private data is limited to authorized admins, developers, or service providers who need it for operation, support, security, moderation, or legal compliance.
13. Automated Tools and Moderation
Arphros may use automated systems, filters, or AI-assisted tools to detect spam, abuse, inappropriate comments, cheating, security threats, or policy violations. These tools may support moderation decisions, but enforcement may also involve human review. You may appeal moderation actions through our portal or contact email.
14. Changes to This Policy
We may update this Privacy Policy when our service, technology, third-party providers, legal requirements, or data practices change. Updates will be posted on our website and/or app. If changes are material, we will provide a more prominent notice where reasonably possible.
15. Contact
For privacy questions, account deletion, data access, correction, export, or other privacy requests, email [email protected].
By using Arphros, you acknowledge this Privacy Policy.