Privacy

Privacy Policy

Effective date: July 13, 2026

Last updated: July 13, 2026

This Privacy Policy explains how Grafito collects, uses, stores, and protects personal information when you use playgrafito.com, sign in with an OAuth provider, or participate in Devlog discussions.

1. Who is responsible for your data

Grafito is an independent game project operated by the site owner.

Privacy contact: privacy@playgrafito.com

2. Information we collect

When you sign in using Google or Facebook, the provider may send us:

  • your display name
  • your email address
  • your profile image
  • your provider name
  • your provider account identifier

When you use the community features, we may also store:

  • comments you publish
  • comment creation and edit dates
  • moderation status
  • session information
  • security and diagnostic logs, such as IP address, browser information, and request timestamps, when generated by our hosting or authentication services

We do not request access to your inbox, files, contacts, repositories, pages, advertising accounts, or unrelated provider data.

3. How we use information

We use personal information to:

  • authenticate users
  • maintain active sessions
  • display comment authors
  • allow users to edit or delete their comments
  • prevent spam and abuse
  • moderate community discussions
  • maintain security
  • diagnose technical problems
  • respond to privacy and data deletion requests

We do not sell personal information or use it for targeted advertising.

4. Legal basis and consent

By choosing to sign in and use community features, you authorize the processing required to provide those features.

You may stop using the service, sign out, delete your comments, or request deletion of your account data at any time.

5. Service providers

The site uses third-party providers that may process information on our behalf, including:

  • Google and Meta for authentication
  • Vercel for hosting, delivery, logs, and file storage
  • Neon for database hosting

These providers process information according to their own terms and privacy policies.

6. International processing

Our service providers may process and store information in countries outside your place of residence.

7. Data retention

Account information is retained while your account remains active or while it is needed to provide community features.

Comments remain available until they are deleted, hidden, anonymized, or removed through moderation.

Security and diagnostic records may be retained for a limited period according to the practices of the service providers used by the site.

8. Data security

We use reasonable technical and organizational safeguards, including authenticated access, restricted administrative operations, encrypted HTTPS connections, and managed infrastructure.

No internet service can guarantee absolute security.

9. Your privacy rights

You may request:

  • access to your personal information
  • correction of inaccurate information
  • deletion or cancellation
  • objection to certain processing
  • revocation of consent
  • account and comment deletion

Send requests to privacy@playgrafito.com from the email associated with your OAuth account.

We may request additional information to verify identity.

10. Children

Grafito community accounts are not intended for children under 13.

If local law requires a higher minimum age or parental consent, that requirement also applies.

If we learn that personal information was collected from a child without valid authorization, we will take reasonable steps to delete it.

11. Third-party links

The site may link to external websites and social platforms. Their privacy practices are governed by their own policies.

12. Changes to this policy

We may update this Privacy Policy as the website and community features evolve.

The latest version and its effective date will always be published on this page.

13. Contact

Privacy questions and requests: privacy@playgrafito.com