Privacy Policy
Last updated: December 5, 2025
Welcome to MapAssault. We take the protection of your personal data very seriously. This privacy policy explains what information we collect, how we use it, and what rights you have regarding your data.
1. Data Controller
The data controller for personal data is:
- Name: MapAssault
- Contact: contact@MapAssault.app
2. Data We Collect
2.1. Account Data
When you register, we collect:
- Email address
- Username (nickname)
- Password (stored encrypted)
2.2. Geolocation Data
For the game to function, we collect:
- GPS Position: Your real-time geographic location when the app is active
- Purpose: Enable territory conquest mechanics and verify your physical presence in game zones
- Retention: Location data is not stored beyond the current gaming session
2.3. Health and Physical Activity Data
With your explicit consent, we access:
- Step Count: Via Apple HealthKit (iOS) or Google Health Connect (Android)
- Purpose: Convert your physical activity into "Kinetic Energy" usable in the game
- Processing: Only the total step count is transmitted to our servers, no other health data is collected
2.4. Gameplay Data
We collect data related to your progress:
- Kinetic Energy accumulated and spent
- Territories conquered and lost
- Guild membership
- Guild chat messages
- Game statistics (rankings, scores)
2.5. Technical Data
- Unique device identifier
- Device type and operating system
- Connection and error logs
3. Legal Basis for Processing
We process your data based on the following legal grounds:
- Contract Performance: Data necessary for game operation (account, gameplay)
- Consent: Health data (step count) and geolocation
- Legitimate Interest: Security, cheat prevention, service improvement
4. Use of Data
Your data is used to:
- Enable game mechanics to function
- Authenticate your account and secure access
- Display leaderboards and statistics
- Detect and prevent cheating (GPS spoofing, step simulation)
- Improve user experience and fix bugs
- Contact you regarding your account (if necessary)
5. Data Sharing
Your personal data is never sold to third parties.
It may be shared with:
- Other Players: Your username, guild, and game statistics visible in leaderboards
- Technical Providers: Hosting (secure servers), only for service operation
- Authorities: Only when legally required
6. Data Retention
- Account Data: Retained while your account is active, then 3 years after deletion
- Gameplay Data: Retained while your account is active
- Geolocation Data: Not retained beyond the session
- Chat Messages: Retained for 90 days
- Technical Logs: Retained for 12 months maximum
7. Data Security
We implement appropriate technical and organizational measures:
- Password encryption (bcrypt)
- Secure communications (HTTPS/TLS)
- JWT token authentication
- Restricted employee access to data
- Hosting on secure servers
8. Your Rights (GDPR)
In accordance with the General Data Protection Regulation (GDPR), you have the following rights:
- Right of Access: Obtain a copy of your personal data
- Right to Rectification: Correct inaccurate data
- Right to Erasure: Request deletion of your data
- Right to Portability: Receive your data in a structured format
- Right to Object: Object to certain processing
- Right to Withdraw Consent: At any time for health and geolocation data
To exercise your rights, contact us at privacy@MapAssault.app
9. Children's Data
MapAssault is intended for users aged 13 and older. We do not knowingly collect personal data from children under 13. If you are a parent and discover that your child has provided us with personal data, please contact us.
10. International Transfers
Your data is primarily processed and stored within the European Union. In case of transfer outside the EU, we ensure appropriate safeguards are in place (standard contractual clauses, etc.).
11. Cookies and Similar Technologies
The MapAssault mobile app does not use cookies. For the website, we only use technical cookies necessary for operation (no advertising or tracking cookies).
12. Policy Changes
We may update this privacy policy. In case of substantial changes, you will be notified via the app or by email. We encourage you to regularly check this page.
13. California Privacy Rights (CCPA)
If you are a California resident, you have additional rights under the California Consumer Privacy Act:
- Right to Know: What personal information we collect and how it's used
- Right to Delete: Request deletion of your personal information
- Right to Opt-Out: Of the sale of personal information (we do not sell your data)
- Right to Non-Discrimination: For exercising your privacy rights
14. App Store Requirements
Apple App Store
In compliance with Apple's requirements:
- We access HealthKit data only with your explicit permission
- HealthKit data is used solely to calculate in-game Kinetic Energy
- We never use HealthKit data for advertising or share it with third parties
- You can revoke HealthKit access at any time in iOS Settings
Google Play Store
In compliance with Google's requirements:
- We access Health Connect data only with your explicit permission
- Location permission is required for core gameplay functionality
- You can manage permissions at any time in Android Settings
📧 Contact Us
For any questions about this privacy policy or your personal data:
- Email: privacy@MapAssault.app
- General Email: contact@MapAssault.app
If you are in the European Union, you also have the right to lodge a complaint with your local data protection authority if you believe our processing of your data is not compliant with regulations.