Privacy Policy

Effective 22 April 2026 · Last updated 22 April 2026

This policy describes how Persistent World Games ("we", "us") handles personal data when you play EDGE: Survive or visit pwg.studio. We aim for the minimum data needed to run the game, credit your progress, and pay on-chain rewards. We do not sell your data and we do not run ads.

EDGE: Survive is a devnet alpha. You are playing an early build and some behaviour described here may evolve before mainnet launch. Material changes will bump the "Last updated" date and, where required, will surface an in-game notice.

TL;DR

We store your Solana wallet address, your run history, and a session token so you can play from any device.
We do not ask for or store email, real name, phone, seed phrase, or private key. Ever.
Third parties we use: Supabase (hosting), Cloudflare (DDoS + CDN), Solana RPC providers (on-chain reads), Google Fonts (site typography). Each sees only what it needs to do its job.
You can ask us to delete your server-side data at any time by emailing privacy@pwg.studio.

1. Who is the data controller?

Persistent World Games is the controller for data collected through EDGE: Survive and pwg.studio. For any privacy question, data subject request, or complaint, contact: privacy@pwg.studio.

2. What we collect

2.1 Account identifier: your Solana wallet address

When you connect a Solana wallet, we store its public address as your account identifier. This is a public blockchain address. It is not a government ID, not an email, and not tied to your legal identity unless you separately disclose it. We never request or accept your seed phrase, private key, or device unlock code.

2.2 Game state

Permanent stats (STR, VIT, SPD, DEX, INT, PER, DEF, EVA, FAVOR) and credited level.
Run history: start time, end time, wave reached, kills, cores earned, whether you extracted or died, client version.
Inventory held server-side (per item + currency tender).
Monster Core (MC) and Crystal Core (CCORE) balances, and ledger entries for every earn, spend, sell, and conversion event.
Stat-gem reset counter and cooldown timestamp.

2.3 Session + device context

A session token (ES256 JWT, 2-hour lifetime) that you get back after signing an auth challenge with your wallet. Rotated every time you authenticate, so only one device is active at a time.
Your client version string (e.g. 0.11b) on every request, so we can gate stale builds.
Your IP address is visible to our hosting and CDN providers during each request (Cloudflare, Supabase) for security, DDoS mitigation, and rate limiting. We do not store IPs in the game database ourselves.

2.4 Website visits (pwg.studio)

The marketing site is a static page served by Cloudflare. We do not run Google Analytics, Facebook Pixel, or any equivalent third-party tracker on this site. Cloudflare receives your IP and User-Agent to serve the page; Google Fonts receives them to serve the typefaces. No cookies are set by our site.

3. Why we process each category (lawful basis)

Contract (Art. 6(1)(b) GDPR): running the game you signed up to play. Storing your wallet, progress, runs, and balances so the game actually works.
Legitimate interest (Art. 6(1)(f) GDPR): anti-cheat (rejecting impossible runs), abuse prevention (rate limiting, IP controls at Cloudflare), and cryptographic session rotation. Your interest in fair play is assumed to align.
Legal obligation (Art. 6(1)(c) GDPR): any record retention we must keep for tax or regulatory reasons tied to on-chain payouts.

4. Who we share data with

We use the following processors. Each only sees the data needed for its function.

Supabase: managed Postgres + Edge Functions. Stores everything in section 2.2 and 2.3. EU or US region. Supabase privacy policy.
Cloudflare: CDN + DDoS protection for pwg.studio and download.pwg.studio. Sees IP + User-Agent per request. Cloudflare privacy policy.
Solana RPC providers: read-only blockchain queries (token balances, transaction confirmations). Providers vary; we log only the signatures we sign, never the request payloads.
Google Fonts: serves the typefaces used on the website. Receives your IP + User-Agent at font load time. Google privacy policy.

We do not sell personal data. We do not share it with advertisers.

5. On-chain data is permanent

CCORE transfers happen on the Solana blockchain (devnet during alpha). Every send from the treasury to your wallet, and every pull from your wallet to the treasury (for CC purchases), is recorded publicly and cannot be deleted, even by us. Your wallet address is not linkable to your legal identity unless you choose to publish that link.

6. How long we keep data

Run history and ledger rows: retained indefinitely to support replay detection, anti-cheat forensics, and your lifetime progression display.
Session tokens: invalidated after 2 hours or on the next auth, whichever comes first.
Nonces: pruned from the auth table once past their 5-minute validity window.
Inactive accounts: we may archive or delete accounts inactive for more than 24 months. On-chain balances are not affected by any server-side deletion.

7. Your rights (GDPR / UK-GDPR)

Because your wallet address is the sole identifier we hold, requests that touch your data must be accompanied by a signed message from that wallet so we can verify you control it. You have the right to:

Access the data we hold about you.
Rectification of inaccurate data.
Erasure of server-side data ("right to be forgotten"). On-chain data is out of our control. See section 5.
Data portability: export of your progression and run history as JSON.
Object to processing based on legitimate interest. In practice this means we stop processing your data for those purposes, which generally ends your ability to play.
Lodge a complaint with your local supervisory authority.

To exercise any of these, email privacy@pwg.studio from a channel you control, and include a signed auth challenge from your wallet. We aim to respond within 30 days.

8. Children

EDGE: Survive is not directed at children under 13 (or the equivalent minimum age in your jurisdiction). We do not knowingly process data from children. If you believe a child has connected a wallet to the game, contact us and we will delete associated server-side data.

9. International transfers

Our processors operate in the United States and the European Union. Where data is transferred outside your region, processors rely on Standard Contractual Clauses or equivalent transfer mechanisms.

10. Security

We sign session tokens with ES256 (elliptic curve) and rotate your active session on every authentication. Database access is restricted to service accounts; every sensitive table has row-level security policies that ensure you only see your own rows. Treasury private keys used to sign on-chain payouts are not stored in application code and are rotated on a schedule. Mainnet launch will move treasury custody to a multi-signature wallet.

11. Changes to this policy

We will update the "Last updated" date at the top when this policy changes. For material changes we will surface an in-game notice on your next hub load.

12. Contact

Email: privacy@pwg.studio
Controller: Persistent World Games
Website: pwg.studio

← Back to pwg.studio