Privacy Policy

Effective Date: January 20, 2024
Last Updated: January 20, 2024

Introduction

Game Framework ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our package repository and distribution platform.

By using Game Framework, you agree to the collection and use of information in accordance with this policy.

Information We Collect

2.1 Information You Provide

Account Information
Name and email address
Username and password (encrypted)
Organization name (for workspace accounts)
Profile information (optional)

Billing Information
Payment method details (processed by third-party payment processors)
Billing address
Tax identification numbers (if applicable)
Purchase and transaction history

Content and Files
Packages you publish (code, assets, metadata)
Package descriptions and documentation
README files and release notes
Issue reports and comments

Communications
Support tickets and correspondence
Survey responses
Newsletter subscriptions
Feedback and feature requests

2.2 Information We Collect Automatically

Usage Data
Package downloads and installations
API requests and responses
CLI tool usage
Feature usage patterns
Search queries

Technical Information
IP addresses
Browser type and version
Device information
Operating system
Referring/exit pages
Date and time stamps
Clickstream data

Cookies and Tracking
Session cookies for authentication
Preference cookies for settings
Analytics cookies for usage tracking
Performance cookies for optimization

2.3 Information from Third Parties

Authentication Providers
OAuth data from GitHub, GitLab, Google (if used)
Public profile information
Email addresses

Payment Processors
Transaction confirmations
Payment status
Billing dispute information

How We Use Your Information

3.1 Service Operation
Creating and managing your account
Processing payments and subscriptions
Providing package hosting and distribution
Enabling API access and CLI tools
Managing team members and permissions

3.2 Service Improvement
Analyzing usage patterns and trends
Identifying and fixing bugs
Developing new features
Optimizing performance
Conducting security audits

3.3 Communication
Sending service-related notifications
Responding to support requests
Announcing new features and updates
Sending billing and payment reminders
Marketing communications (with consent)

3.4 Security and Fraud Prevention
Detecting and preventing abuse
Investigating security incidents
Enforcing our Terms of Service
Complying with legal obligations
Protecting our rights and property

3.5 Analytics and Research
Understanding user behavior
Measuring feature adoption
Conducting market research
Creating anonymized reports
Publishing usage statistics

How We Share Your Information

4.1 With Your Consent
We may share your information when you explicitly consent or direct us to share.

4.2 Service Providers
We share data with third-party vendors who help us operate:

Infrastructure Providers
Cloud hosting (AWS, Google Cloud, Azure)
CDN services (Cloudflare, Fastly)
Database services

Payment Processors
Stripe for payment processing
PayPal for alternative payments
Tax calculation services

Analytics and Monitoring
Sentry for error tracking
Posthog for product analytics
Google Analytics (anonymized)

Communication Services
Email delivery (SendGrid, Postmark)
Support ticketing systems
Chat and messaging platforms

4.3 Legal Requirements
We may disclose information when required by law, including:
Court orders and subpoenas
Government investigations
Compliance with regulations
Protection of our legal rights
Public safety concerns

4.4 Business Transfers
If we are involved in a merger, acquisition, or sale of assets, your information may be transferred. We will notify you before this occurs.

4.5 Public Information
Some information is publicly accessible:
Public package metadata and descriptions
Public profile information (if you choose to make it public)
Package download statistics
Public comments and discussions

4.6 Aggregate Data
We may share anonymized, aggregate statistics about:
Platform usage trends
Popular packages and technologies
Geographic distribution
Industry benchmarks

Data Retention

5.1 Active Data
Account data: Retained while your account is active
Package data: Retained indefinitely for public packages
Usage logs: Retained for 90 days
Analytics data: Retained for 2 years

5.2 Deleted Data
Deleted packages: 30-day grace period, then permanently deleted
Closed accounts: 30-day grace period, then data anonymized or deleted
Support tickets: Retained for 5 years
Billing records: Retained for 7 years (legal requirement)

5.3 Backup Data
Backups retained for disaster recovery purposes
Backup data purged after 90 days
Cannot be used to restore deleted individual data

Data Security

6.1 Security Measures
We implement industry-standard security measures:
Encryption in transit (TLS/SSL)
Encryption at rest for sensitive data
Password hashing (bcrypt)
Regular security audits
Access controls and authentication
DDoS protection
Intrusion detection systems

6.2 Your Responsibilities
Keep your password secure and confidential
Enable two-factor authentication
Protect your API keys
Report security vulnerabilities
Keep your recovery codes safe

6.3 Data Breaches
In the event of a security breach:
We will investigate promptly
Affected users will be notified within 72 hours
Authorities will be notified as required by law
We will take steps to prevent future incidents

Your Privacy Rights

7.1 GDPR Rights (EU Users)
If you are in the European Economic Area, you have the right to:
Access: Request a copy of your personal data
Rectification: Correct inaccurate data
Erasure: Request deletion of your data ("right to be forgotten")
Restriction: Limit how we process your data
Portability: Receive your data in a structured format
Objection: Object to processing for certain purposes
Withdrawal: Withdraw consent at any time

7.2 CCPA Rights (California Users)
California residents have the right to:
Know what personal information is collected
Know if personal information is sold or disclosed
Opt-out of the sale of personal information (we don't sell data)
Access personal information
Request deletion of personal information
Non-discrimination for exercising rights

7.3 Other Jurisdictions
We comply with privacy laws in all jurisdictions where we operate.

7.4 How to Exercise Rights
To exercise your privacy rights:
Email: privacy@gameframework.dev
Account settings: https://gameframework.dev/settings/privacy
Data export: Available in your account settings
Response time: Within 30 days

Cookies and Tracking Technologies

8.1 Types of Cookies

Essential Cookies
Authentication and session management
Security and fraud prevention
Cannot be disabled

Functional Cookies
User preferences and settings
Language selection
Theme preferences

Analytics Cookies
Usage statistics
Performance monitoring
Feature adoption tracking

Marketing Cookies (optional)
Advertising campaigns
Conversion tracking
Retargeting

8.2 Cookie Management
You can control cookies through:
Browser settings
Our cookie consent banner
Privacy settings in your account
Third-party opt-out tools

8.3 Do Not Track
We honor Do Not Track signals where technically feasible.

Third-Party Links and Services

9.1 External Links
Our Service may contain links to third-party websites. We are not responsible for their privacy practices.

9.2 Integrations
If you connect third-party services (GitHub, GitLab), their privacy policies apply to data they collect.

9.3 Third-Party Packages
Package publishers are responsible for their own privacy practices. Read package-specific privacy policies.

Children's Privacy

Game Framework is not intended for children under 13. We do not knowingly collect data from children under 13. If we discover we have collected such data, we will delete it immediately.

International Data Transfers

11.1 Data Location
Your data may be stored and processed in:
United States
European Union
Other countries where our service providers operate

11.2 Transfer Safeguards
We use appropriate safeguards for international transfers:
Standard Contractual Clauses (EU)
Adequacy decisions
Privacy Shield (where applicable)
Binding Corporate Rules

California Shine the Light Law

California residents can request information about data shared with third parties for marketing purposes. We do not share personal information for third-party marketing.

Changes to Privacy Policy

13.1 Notification
Material changes will be notified via email
Changes will be posted on this page
"Last Updated" date will be revised
Continued use constitutes acceptance

13.2 Review
We recommend reviewing this policy periodically for updates.

Contact Information

14.1 Privacy Inquiries
Email: privacy@gameframework.dev
Data Protection Officer: dpo@gameframework.dev
Address: [Your Company Address]

14.2 EU Representative
For EU users: [EU Representative Contact if applicable]

14.3 UK Representative
For UK users: [UK Representative Contact if applicable]

Data Protection Authority

If you are in the EU or UK, you have the right to lodge a complaint with your local data protection authority:
EU: https://edpb.europa.eu/about-edpb/board/members_en
UK: https://ico.org.uk/

Additional Disclosures

16.1 Automated Decision Making
We do not use automated decision-making or profiling that produces legal effects.

16.2 Sensitive Data
We do not intentionally collect sensitive personal data (health, biometric, etc.).

16.3 Marketing Communications
You can opt-out of marketing emails:
Unsubscribe link in emails
Account settings
Email marketing@gameframework.dev

Open Source and Transparency

17.1 Privacy Reports
We publish annual transparency reports detailing:
Data requests received
Security incidents
Privacy policy updates

17.2 Open Source
Our privacy tools and documentation are available at:
https://github.com/gameframework/privacy

---

Last Reviewed: January 27, 2026

Acknowledgment: By using Game Framework, you acknowledge that you have read and understood this Privacy Policy.