1. Introduction
We respect your privacy. This Privacy Policy explains what data we collect, how we use it, and your rights regarding your personal information.
2. Data Controller
WOSmeta is operated from Singapore. For data protection enquiries, please use our Contact form.
3. Data We Collect
Data you provide directly: Registry submissions (state governance data), identity information (in-game name, alliance, home state, WOS ID), account information (Google or Discord profile), verification screenshots, contact form messages, and transfer applications.
Data collected automatically: Server logs including IP address, browser type, operating system, and pages visited (collected by our cloud hosting and database infrastructure). We use essential authentication cookies only. We do not use advertising or tracking cookies.
4. How We Use Your Data
Registry submissions — to operate the public registry (legitimate interest).
In-game name and alliance — for public display alongside submissions (legitimate interest).
WOS ID — for identity verification and linking submissions to verified accounts (legitimate interest). Never displayed publicly.
Google/Discord profile — for authentication (contractual necessity).
Verification screenshots — for OCR analysis to verify identity (consent).
Contact messages — to respond to enquiries (legitimate interest).
Server logs — for security and abuse prevention (legitimate interest).
5. What We Share Publicly
Public: State governance data, submission type (observer/registrar), submission date, in-game name, alliance, and home state.
NEVER public: WOS ID, email address, Google or Discord account details, verification screenshots, or IP addresses.
6. Data Sharing with Third Parties
We do not sell your personal data to anyone.
Service providers: Cloud database provider (AWS infrastructure), cloud hosting provider, Google (OAuth authentication), Discord (OAuth authentication). These providers process data on our behalf under their respective privacy policies.
7. Data Retention
Registry submissions: Retained indefinitely as part of the public record.
Account data: Deleted within 30 days of a deletion request.
Verification screenshots: Automatically deleted 90 days after verification.
Contact messages: Retained for 12 months.
Server logs: 30–90 days per provider defaults.
8. Your Rights
You have the right to: access your personal data, request correction of inaccurate data, request deletion of your data, data portability, object to processing, and withdraw consent where processing is based on consent.
To exercise your rights, please use our Contact form. We will respond within 30 days.
Note: Governance data may be retained in anonymized form after account deletion, as it forms part of the historical public record.
9. International Data Transfers
Our cloud database and hosting infrastructure may process data outside your country of residence, including in the United States. These transfers are protected by standard contractual clauses and provider certifications.
10. Children's Privacy
WOSmeta is not directed at children under 13. If we discover that a child under 13 has provided personal data, we will delete it promptly.
11. Changes to This Policy
Changes will be posted on this page with an updated date. We encourage you to review this policy periodically.
12. Contact
For privacy-related enquiries, please use our Contact form.