A.R.C Foundation
Volunteer

Privacy Policy

How A.R.C Foundation collects, uses, shares, and protects information across our websites, games, and community spaces.

Last updated: September 2025

Who We Are

  • A.R.C Foundation (the “Controller”). Contact: support@arcfoundation.net.
  • This policy applies to our websites, forms (e.g., applications), community hubs, and playtests.

Information We Collect

  • Account & contact data you provide (e.g., email, handle, application details).
  • Operational data: server logs, moderation logs, and limited analytics (page path, timestamp, anonymized IP hash, user-agent).
  • Playtest telemetry where disclosed (e.g., crash logs, gameplay metrics).
  • Optional submissions: portfolios, GitHub links, or survey answers.

How We Use Information

  • Operate websites and services; review volunteer applications; coordinate teams and tests.
  • Moderate communities, investigate abuse, and enforce policies.
  • Improve product quality, stability, and accessibility.
  • Legal compliance and safety obligations.

Legal Bases (GDPR)

  • Performance of a contract (e.g., providing requested services).
  • Legitimate interests (e.g., securing services, preventing abuse, basic analytics).
  • Consent where required (e.g., certain communications or region-specific requirements).
  • Legal obligations (e.g., responding to lawful requests).

Sharing

  • Vendors processing data on our behalf (hosting, email, crash/analytics) bound by contracts.
  • Platform providers when you interact via their systems (e.g., Discord, Steam).
  • Authorities where required by law or to prevent harm.
  • We do not sell personal information.

Cookies & Analytics

  • We use strictly necessary cookies for session and security.
  • We may use privacy-focused analytics with minimal data (e.g., page path, timestamp, anonymized IP hash).
  • Your browser/platform controls allow you to manage cookies and tracking preferences.

Data Retention

  • We retain personal data only as long as needed for the purposes above or as required by law.
  • Telemetry/logs may be retained briefly for security and stability.

Security

  • Role-based access, least-privilege principles, and encrypted transport.
  • No system is 100% secure; promptly report suspected incidents to privacy/security contacts.

Your Rights

  • Access, correction, deletion, and portability of your data (subject to verification and applicable law).
  • Object or restrict certain processing where legally permitted.
  • EU/EEA/UK: exercise rights under GDPR; contact support@arcfoundation.net.
  • California residents: rights under CCPA/CPRA; we do not sell personal information.

Children

  • Our services are not directed to children under the age required by local law.
  • If we learn we collected data from a child without verifiable consent where required, we will delete it.

International Transfers

  • Where data is transferred internationally, we use recognized safeguards (e.g., SCCs) where applicable.
  • Some vendors may process data in multiple regions subject to contractual protections.

Contact & Complaints

  • Questions or requests: support@arcfoundation.net.
  • EU/UK: you may lodge a complaint with your local data protection authority if you believe your rights are infringed.

Changes to This Policy

  • We may update this policy to reflect changes in law or our services.
  • Material changes will be announced via the site and effective on posting unless otherwise stated.

Note: This policy summarizes our practices and does not create contractual rights beyond those required by law or our terms where applicable.