Privacy Policy

Allegiance of Deceit - Privacy Policy Last updated: 2026-03-19 This Privacy Policy explains how Allegiance of Deceit ("we", "us") collects, uses, and shares personal data when you use our website and online game (the "Service"). 1. Who we are Allegiance of Deceit is operated by us. If you have questions about this Privacy Policy, use the Contact page in the footer of the site. 2. Data we collect We collect personal data that you provide directly and data generated by your use of the Service, including: Account information - Username and email address - Password (stored as a secure hash, not plaintext) Profile information (optional) - Display choices such as selected avatar and cosmetics - Bio text you enter Game activity - Game participation records (game codes, phases reached, scores/coin balances) - Chat messages you send in game - Votes and outcomes you contribute to Payments (Square) - When you buy coin bundles, we use Square to process your payment securely. - We do not store your credit or debit card details. Card/payment details are handled securely by Square. - We may store payment references and statuses related to your purchase (for example, the Square order/payment identifiers and whether the payment is completed) so we can credit the coins you purchased and manage completed/refunded payments. - If you complete checkout using Square features (such as Square Instant Profile, if enabled in Square), Square may provide limited customer information (for example, name/email for receipts). We use any data Square shares only to provide the receipt and complete your purchase. - Square sends payment confirmation to us via webhooks. We verify the webhook signature before processing the update, and then we credit the purchased coin bundles automatically. Technical data - Session cookies and CSRF token cookies required to keep you logged in and protect form submissions - WebSocket presence signals (for example, to show who is currently online). Presence is stored in Redis with a short time-to-live. 3. Why we use your data We use your personal data to: - Provide the Service and enable gameplay (including storing game outcomes, scores, and coins) - Secure your account (authentication and account protection) - Communicate with you when needed (for example, account recovery emails) - Process coin bundle purchases and credit coins after payment confirmation from Square - Maintain safety and moderation (for example, preventing abuse and responding to reports) 4. Legal basis Where required by law, we process personal data based on one or more of the following legal bases: - Performance of a contract (to provide the Service and fulfill purchase orders) - Legitimate interests (to secure the Service, prevent abuse, and maintain gameplay integrity) - Consent where applicable - Legal obligations 5. Square and payment privacy Square is responsible for processing card payments and related customer data through its own systems. We do not receive your full card details from Square. For more information about how Square processes data, review Square's privacy practices and policies. 6. Data sharing We share personal data only as needed to operate the Service and comply with legal requirements, for example: - Square, to process payments for coin bundles - Service providers that support infrastructure (for example, hosting and email delivery), where applicable - Law enforcement or regulators, if required by law 7. Data retention We keep your data for as long as you have an account and/or as needed to operate the Service, comply with legal obligations, resolve disputes, and enforce our agreements. We may purge or anonymize old game data as described in our Terms of Service and for maintenance, fairness, or privacy reasons. 8. Your rights and data requests Depending on your location, you may have rights such as: - Accessing the personal data we hold about you - Correcting inaccurate data - Requesting deletion of your data - Objecting to or restricting certain processing To make a data request, use the Contact page in the footer of the site. If you submit a request, we will verify your identity as needed and respond within a reasonable time. 9. Security We use appropriate technical and organizational measures to protect personal data, including secure authentication and transport encryption where available. No method of transmission or storage is completely secure, but we work to reduce risk. 10. Changes to this Privacy Policy We may update this Privacy Policy from time to time. When we do, the "Last updated" date will be revised.