Privacy Policy (for Meta Quest listing & website)

Effective date: September 8, 2025

Who we are: Enterality Studio (“Enterality”, “we”, “us”) — Istanbul, Türkiye
Contact: hello@enterality.com

This Privacy Policy explains how we process information when you play our VR game(s) (including Security Inc.) and when you visit our website (enterality.com and sub-domains). Platform providers (e.g., Meta) and analytics providers (e.g., GameAnalytics) process certain data under their own terms and act as independent controllers for their parts.

1) What we collect

A) In our Games (Quest)

We collect pseudonymous usage and diagnostics so we can run, improve, and protect the game:

• Device & runtime info: device model, OS/SDK versions, language/region setting, platform identifiers provided by the store/platform (app-scoped or device IDs).
• Gameplay & performance events: installs/launches, session length, retention, level/progression/state events you trigger, basic engagement funnels.
• Diagnostics & crash data: error codes, stack traces, performance metrics (FPS, memory), non-content crash snapshots.
• Fraud/security signals: e.g., repeated crashes from modified clients or tamper flags.

We do not collect your real name, email, contacts, photos, or precise location from the headset, and we do not record or store microphone or camera passthrough content. The game is single-player and has no online voice chat.

B) If you contact us

Support email: your email address, the content of your message, and any info/logs you share with us.

C) On our Website

• Server logs (hosted by our provider) for reliability and security.
• Embedded media (e.g., YouTube trailers) may set their own cookies. Where feasible we use privacy-enhanced embeds.

2) Why we use the data (purposes & legal bases)

• Provide and operate the game/website (perform the contract or legitimate interests).
• Analytics & quality — understand performance and fix bugs (legitimate interests).
• Security & anti-abuse — detect crashes/tampering (legitimate interests).
• Communications — reply to support requests (legitimate interests / consent where required).
• Compliance — meet legal and tax/record obligations (legal obligation).
• Cookies/embeds that are non-essential are used only with consent where required.

3) Sources & sharing

• Sources: data is generated by your device during play; platform-provided identifiers; information you email us.
• Processors (service providers): we use trusted vendors to host analytics/diagnostics and email.
• Analytics: we use GameAnalytics to process gameplay/telemetry and diagnostics. See GameAnalytics’ privacy information for details on their processing and safeguards.
• Platform providers: Meta and other stores process data under their own policies and may share aggregated reports with us (for example, entitlements or installs).
• No selling of personal data.
• Disclosures required by law or in connection with a merger/acquisition may occur.

4) International transfers

Where data is transferred internationally, we rely on appropriate safeguards (e.g., Standard Contractual Clauses) or other lawful mechanisms, as applicable, and we take steps to protect your information.

5) Retention

• Game telemetry & diagnostics: retained for product analytics and troubleshooting and then deleted or aggregated/anonymized per our internal schedules and provider defaults.
• Support emails: kept as long as needed to process your request and meet legal requirements.
• Website/server logs: kept for short operational periods unless needed for security.

6) Your rights & choices

You have the right to access, delete, correct, object to or restrict processing, and port your data, regardless of your geographic location. You can also withdraw consent where we rely on it. We honour deletion requests from all users worldwide.

Data deletion (Quest / GameAnalytics)

Email hello@enterality.com with the subject “Deletion Request – Security Inc.” and include:

• the platform (Meta Quest),
• your approximate play dates/timezone, and
• any in-game/device identifier you can provide (for example, your headset’s app-scoped ID or crash/analytics ID if available).

We’ll verify your request, delete data we control, and instruct our processors (e.g., GameAnalytics) to delete the linked records. We never charge a fee for deletion requests.

7) Children

Our games are not directed to children under the applicable digital consent age (typically 13–16). If you believe we collected data from a child, contact us and we’ll remove it.

8) Security

We use reasonable technical and organizational measures to protect data. No system is 100% secure, but we actively remediate vulnerabilities and crashes as we become aware of them.

9) Changes

We may update this Policy. We’ll post the new version with an updated “Effective date.”

10) Contact

Enterality Studio — Istanbul, Türkiye
Email: hello@enterality.com