PRIVACY POLICY

NEMESIS (“the Game”) is a browser-based roguelike developed by Tiny Gang (“we”, “us”). We collect the minimum data necessary to run the game and improve it over time:

• Character data — the operative handle you type in, class choice, level, credits, soul shards, floor reached, inventory, achievements, and other gameplay state. This is stored server-side so your progress survives across sessions.
• Run history — a summary of each run you complete (floor reached, shards earned, end time). Used for leaderboards and personal stats.
• Account data (if you sign in with Google) — your Google email address and a unique Google-provided user ID, used solely to identify your account so your progress syncs across devices. We do not receive your Google password.
• Guest device identifier — if you play as a guest (without Google sign-in), we generate a random device ID stored locally in your browser and on the server. It is not linked to your real identity and lets us keep your local characters separate from other guests. Clearing your browser data removes this ID, which means loss of guest characters on that device.
• Anonymous analytics — Google Analytics 4 event data such as page views, session duration, and high-level gameplay events (run started, boon picked, etc.). This contains NO personally identifying information.
• Purchase records (optional) — if you make an in-app purchase, we store a record of the transaction: the item name, amount paid, and Stripe customer/subscription IDs. We do not store your credit card number, billing address, or other payment credentials — those are handled entirely by Stripe.
• Technical metadata — standard web request data (IP address, browser/user-agent, timestamp) retained briefly for abuse prevention and crash diagnosis.

We do not collect your real name, phone number, location, contacts, photos, microphone, or camera. The game never asks for any of these. The only optional personal data is your Google email, and only if you choose to sign in with Google to sync your characters.

Collected data is used exclusively for:

• Running the game (saving progress, rendering your operative, calculating combat).
• Showing leaderboards and your personal run history.
• Diagnosing bugs and improving balance based on aggregated, anonymous play patterns.
• Protecting the service from abuse (spam, cheating, denial-of-service).

We do not sell, rent, or trade your data to third parties. We do not show ads. We do not use your data for advertising profiles.

NEMESIS uses a small number of third-party services to operate. Each one receives only the data it needs:

• Google Analytics 4 — anonymous usage and gameplay event metrics. Governed by Google’s Privacy Policy. IP anonymization is enabled.
• Google Sign-In (OAuth) — optional. If you sign in with Google to sync progress across devices, Google shares your email address and a stable Google user ID with us. We use these only to recognize your account. Governed by the same Google Privacy Policy.
• Hosting & database — the game is hosted on secure managed cloud infrastructure. Character save data lives in an encrypted PostgreSQL database.
• Stripe (payment processing) — if you make an optional in-app purchase (cosmetics, boost tokens, or subscriptions), the transaction is handled by Stripe. We never see or store your card number, billing address, or other payment details — Stripe processes those directly. We receive only a confirmation that the purchase succeeded, the amount, and a Stripe customer ID to link the purchase to your account. If you delete your account, any active subscription is cancelled automatically.
• Google Play (if installed from Play Store) — Google may collect standard app install and device data per their policies.

You have the following rights regarding your data:

• Delete your data — delete individual operatives from the main menu, or wipe your entire account (all operatives, run history, achievements, and inventory) from the Delete Account page.
• Access your data — email us at contact@tinygang.dev and we’ll send you a copy of the data associated with your operative name.
• Opt out of analytics — use a privacy-focused browser, ad blocker, or the Google Analytics opt-out add-on.
• Request correction — contact us if any data appears wrong.

Residents of the EU, UK, and California have additional rights under GDPR and CCPA including the right to object to processing and the right to data portability. Contact us to exercise these rights.

Character save data and run history are kept until you delete the operative. Anonymous analytics events follow Google Analytics’ standard retention (up to 14 months). Request logs are rotated within 30 days.

NEMESIS is designed for players aged 13 and older due to its cyberpunk themes and stylized combat. We do not knowingly collect data from children under 13. If you believe a minor has submitted data, contact us and we will delete it promptly.

We may update this Privacy Policy as the game evolves. Material changes will be reflected in the “Last Updated” date at the top of this page. Continued use of the game after changes constitutes acceptance of the updated policy.

Questions, requests, or takedowns? Reach the studio at:

We aim to respond to data requests within 30 days.