Impostorplay
Sign in Create account
ES | EN

Legal documentation

Privacy policy

Last updated: 04 de February de 2026

Data we process

  • Identifying data: name, email, and encrypted password (we never store the password in plain text).
  • Usage information: created matches, entered player list, and game states required for gameplay.
  • Technical data: IP address, access logs, device type, and basic events to diagnose issues and prevent abuse.
  • Communications: emails exchanged with you, support tickets, or consents granted.

Purpose and legal basis

Processing is carried out to: (i) manage your registration and access (performance of the contract/requested service); (ii) verify the account by email (security obligation); (iii) preserve game progress (legitimate interest in providing the game experience); and (iv) send you notices about relevant changes or technical incidents (legitimate interest). In no case will your data be used for advertising purposes without explicit consent.

Retention and storage

We keep the information while you have an active account. If you decide to close it, we will delete or anonymize your data within a maximum of 30 days, except for those we must keep to comply with legal obligations or resolve potential claims. Encrypted backups are rotated periodically.

User rights

You can exercise your rights of access, rectification, erasure, objection, restriction, and portability by sending an email to privacy@impostorplay.test from the linked account. You must provide sufficient identity to prevent improper access. If you are not satisfied with our response, you can also contact the Spanish supervisory authority (AEPD) or the one that applies in your country.

Recipients and international transfers

We only share data with providers that act as processors (for example, hosting, email, and monitoring services) and that offer appropriate safeguards (standard contractual clauses or certifications). We do not sell personal data nor transfer it to third parties without a legal basis. If we integrate services located outside the EEA in the future, we will notify you in accordance with the GDPR.

Information security

We implement reasonable security measures (TLS, password encryption with bcrypt, access controls, activity logs) to protect your data. Even so, no system is completely invulnerable. If we detect a security breach that significantly affects your privacy, we will inform you as soon as possible.

Minors

Impostorplay is intended for users over 14 years old. If we detect registrations of minors without parental or guardian authorization, we will delete the data and notify legal guardians.