Privacy Policy

EscapeTrace (“we,” “us,” or “our”) is committed to protecting your privacy. This Privacy Policy explains how we collect, use, store, and share your personal data when you use our website and services.

1. What information we collect We collect the following types of personal data when you interact with our services: Name Email address Usage data (pages visited, time spent, interactions) Stripe payment data (e.g., subscription status) Authentication and session data (via NextAuth.js) IP address and device information Cookies and similar technologies

2. Why we collect your data We process your data for the following purposes: To create and manage your account To deliver the EscapeTrace game experience To process and manage subscriptions and payments (via Stripe) To understand how users interact with our platform (analytics) To ensure security and prevent abuse To communicate with you (e.g., onboarding, product updates)

3. Legal basis for processing (GDPR) We process your data based on: Consent (e.g., accepting cookies) Performance of a contract (e.g., account creation, game delivery) Legitimate interest (e.g., analytics, improving product) Legal obligations (e.g., accounting and fraud prevention)

4. How long we retain your data We keep your personal data: As long as your account is active Or until you request deletion Some data (e.g., payment records) may be kept longer for legal reasons (e.g., accounting laws)

5. Who we share data with We only share your data with: Stripe (for payment processing) Vercel (for website hosting and performance) MongoDB Atlas (for storing user and game data) NextAuth.js (for session and authentication handling) Analytics providers (e.g., Plausible, PostHog or similar, if used) We never sell your personal data.

6. International transfers Your data may be processed or stored on servers outside your country (e.g., EU, USA). We ensure all transfers follow legal safeguards, including: Standard Contractual Clauses (SCCs) where applicable Hosting partners with strong data protection standards

7. Your rights under GDPR & similar laws Depending on your region (EU, UK, Canada, Australia, USA), you may: Request access to your data Request correction of inaccurate data Request deletion (“right to be forgotten”) Request data portability Object to certain processing Lodge a complaint with a data protection authority To exercise your rights, contact us at: 📧 albin.escapetrace@gmail.com

8. Cookies & tracking We use cookies to: Maintain your session Remember preferences Analyze traffic and user behavior (only anonymized where possible) You can manage cookie preferences in your browser settings.

9. Security We use encryption (HTTPS), authentication, and server protections to keep your data secure. However, no system is 100% secure. Use a strong password and contact us if you suspect any unauthorized access.

10. Contact If you have any questions or concerns about this Privacy Policy or your data: 📧 albin.escapetrace@gmail.com 🌍 EscapeTrace, Sweden

11. Changes to this policy We may update this Privacy Policy from time to time. When we do, we’ll post the revised version and update the “Effective Date” at the top.

You may request access, correction, or deletion of your data by contacting us at albin.escapetrace@gmail.com.

For users in the EU, UK, Canada, and the US, we ensure compliance with applicable data privacy laws including the GDPR and CCPA.