GamingFrameworkX logo
GamingFrameworkX

Data Integrity & Player Privacy

At GamingFrameworkX, we treat user data with the same precision we apply to our engine architecture. This document outlines our commitment to data hygiene, transparency, and the secure handling of information across our development tools and public-facing assets.

We operate under a strict "Zero-Handshake" policy for non-essential data. If we don't need it to build better tools for Italian indie developers, we don't ask for it.

Information Ingestion & Usage

We categorize data into two distinct streams: Operational Necessity and Enhancement Signals. Operational Necessity includes strictly technical identifiers required for framework authentication and API stability. Enhancement Signals are voluntary telemetry that helps us optimize the engine's performance profile for specific hardware configurations prevalent in the Italian market.

When you request beta access via our contact portal, we capture Name, Email, and Studio Affiliation. This data is used solely for whitelisting and communication regarding update cycles. It is never cross-referenced with third-party marketing databases, nor is it sold to advertising networks. Our revenue model is B2B licensing, which liberates us from the data-aggregation economy that plagues ad-driven platforms.

Furthermore, any telemetry generated by the Performance Profiler within the framework is anonymized at the source using a salted hash algorithm. We aggregate this to identify bottlenecks in the Core Engine, but we cannot trace a specific stack trace back to a specific user or studio.

Data Flow Visualization

Data Retention Logic

  • Authentication Tokens: Session-based (volatile)
  • Support Tickets: 24 months (active)
  • Telemetry Aggregates: 12 months (anonymized)
  • Marketing Consent: Until explicit revocation

Third-Party Sharing Protocols

We maintain a strict isolationist stance on data sharing. We do not share, sell, or rent your personal information to entities outside of GamingFrameworkX. There are, however, three specific edge cases where encrypted data may leave our infrastructure.

Infrastructure Partners Encrypted backups stored on secure EU-based cloud servers (GDPR compliant).
Legal Obligation If compelled by Italian court order or EU regulation enforcement.
Consolidated Metrics Non-identifiable usage statistics shared with academic research partners.
Access Log LIVE
req.postencrypted
auth.tokenverified
audit.legpending
sync.eucomplete

*Access logs are simulated for illustration. Actual logs are stored locally and rotated every 24 hours.

Your Control Deck

Under EU GDPR and Italian Privacy Code (D.Lgs. 196/2003), you possess complete sovereignty over your data.

Right to Access

Request a complete dump of all personal data we hold on you.

Right to Erasure

The "Delete My Profile" command. Total erasure within 30 days.

Rectification

Update email, name, or affiliation details at any time.

Portability

Export your data in a machine-readable JSON format.

Policy Versioning & Notification

We reserve the right to update this policy to reflect changes in our technology stack or legal obligations. Material changes will be highlighted on the Home page for at least 30 days. We do not utilize "dark patterns" to force consent; continued use of the framework constitutes acceptance of the current terms.

Last Updated: May 24, 2026

Legal Basis

Processing is conducted under Article 6(1)(b) and 6(1)(f) of the GDPR. We rely on legitimate interest for security logging and contractual necessity for beta access management.