Privacy Policy

Last Updated: November 20, 2025

This Privacy Policy describes how Through A Thousand Eyes ("we", "us", or "the game") collects, uses, and protects your information when you play our browser-based game. We are committed to protecting your privacy and being transparent about our data practices.

			TL;DR: We collect minimal data necessary for the game to function. You can play without an account using only local saves. If you create an account, we store your save data in the cloud. We never sell your data to third parties. We use cookies and local storage for game functionality. We comply with GDPR and other privacy regulations.
		

1. Information We Collect

1.1 Information You Provide

When you create an optional account for cloud save functionality, we collect:

Email address: Used for account creation, authentication, and account recovery
Password: Stored securely using industry-standard encryption (we never store plaintext passwords)
Optional profile information: If you choose to provide a display name or other profile details

1.2 Game Data We Collect Automatically

To provide game functionality, we automatically collect and store:

Save game data: Your progress including levels, allies, items, upgrades, achievements, and all other in-game data
Game settings: Your preferences for audio, graphics, and other configurable options
Session data: Information about when you play and for how long (used for idle earnings calculations)
Device information: Browser type, operating system, and screen resolution (used for optimization and bug fixing)

1.3 Analytics and Technical Data

We collect anonymous analytics to improve the game:

Gameplay metrics: Which features are used, progression rates, common difficulty walls (aggregated and anonymized)
Performance data: Load times, frame rates, crash reports (to identify and fix technical issues)
Error logs: When bugs occur, diagnostic information to help us fix them

This analytics data is anonymized and cannot be linked back to individual users.

1.4 Payment Information

If you choose to purchase premium currency (golden silk):

Payment processing: Handled by third-party providers (Stripe, PayPal) - we do not store your credit card or payment details on our servers
Transaction records: We store minimal transaction information (amount, date, item purchased) for support and fraud prevention
Billing information: If required by payment processors, this is stored by them, not by us

2. How We Use Your Information

We use the collected information for the following purposes:

2.1 Game Functionality

Saving and loading your game progress across devices (cloud saves)
Calculating idle earnings when you're offline
Implementing game features like leaderboards, achievements, and social features (if applicable)
Personalizing your game experience with your settings and preferences

2.2 Service Improvement

Analyzing gameplay patterns to balance difficulty and progression
Identifying bugs, crashes, and performance issues
Understanding which features are popular and which need improvement
Optimizing the game for different devices and browsers

2.3 Communication

Sending account-related notifications (password resets, security alerts)
Responding to your support requests and feedback
Notifying you of major updates or important changes (only if you opt-in)

2.4 Legal and Security

Preventing cheating, fraud, and abuse
Enforcing our Terms of Service
Complying with legal obligations
Protecting the rights and safety of our users and the game

3. Data Storage and Security

3.1 Where Your Data is Stored

Local storage: Save data is stored in your browser's local storage by default. This data never leaves your device unless you create a cloud save account.
Cloud storage: If you create an account, your save data is stored on Firebase (Google Cloud Platform) servers with encryption in transit and at rest.
Server location: Our cloud infrastructure is hosted on servers primarily located in the United States and Europe.

3.2 How We Protect Your Data

We implement industry-standard security measures:

All data transmission uses HTTPS encryption (SSL/TLS)
Passwords are hashed using bcrypt or similar secure algorithms
Database access is restricted and monitored
Regular security audits and updates
Automated backups to prevent data loss
Protection against common web vulnerabilities (XSS, CSRF, SQL injection, etc.)

However, no method of transmission over the internet or electronic storage is 100% secure. While we strive to protect your data, we cannot guarantee absolute security.

4. Cookies and Tracking Technologies

4.1 Cookies We Use

The game uses cookies and similar technologies for functionality:

Essential cookies: Required for authentication, session management, and game functionality. These cannot be disabled without breaking the game.
Preference cookies: Store your settings and preferences (audio volume, graphics quality, etc.)
Analytics cookies: Help us understand how players use the game (anonymous)

4.2 Local Storage

We use browser local storage extensively to save your game progress locally. This data persists between sessions and is not transmitted to our servers unless you enable cloud saves. You can clear this data through your browser settings, but this will delete your local save.

4.3 Third-Party Cookies

Third-party services we use may set their own cookies:

Google AdSense: For displaying advertisements (if you don't use an ad blocker). See Google's privacy policy for details.
Firebase/Google Analytics: For authentication and analytics. See Google's privacy policy for details.
Payment processors: Stripe and PayPal may use cookies during payment processing.

5. Data Sharing and Third Parties

5.1 We Do NOT Sell Your Data

We do not and will never sell, rent, or trade your personal information to third parties for marketing purposes.

5.2 Service Providers We Share With

We share limited data with trusted service providers who help us operate the game:

Firebase (Google Cloud): Authentication and cloud save storage
Payment processors (Stripe, PayPal): Processing purchases of premium currency
Analytics providers: Anonymous gameplay analytics
CDN providers (Cloudflare): Content delivery for fast loading

These providers are contractually obligated to protect your data and use it only for providing their services to us.

5.3 Legal Requirements

We may disclose your information if required by law, such as:

Responding to legal process (subpoenas, court orders)
Enforcing our Terms of Service
Protecting the rights, property, or safety of the game, our users, or the public
Investigating fraud or security issues

6. Your Privacy Rights

6.1 Access and Control

You have the right to:

Access your data: Request a copy of all personal data we have about you
Correct your data: Update inaccurate or incomplete information
Delete your data: Request deletion of your account and associated data
Export your data: Download your save data in a portable format
Opt-out: Unsubscribe from optional communications

6.2 GDPR Rights (European Users)

If you're in the European Economic Area, you have additional rights under GDPR:

Right to be forgotten: Complete deletion of your data
Data portability: Receive your data in a machine-readable format
Right to restrict processing: Limit how we use your data
Right to object: Oppose certain types of data processing
Withdraw consent: Revoke consent for data processing at any time

6.3 California Privacy Rights (CCPA)

If you're a California resident, you have rights under the California Consumer Privacy Act:

Right to know what personal information we collect and how it's used
Right to delete your personal information
Right to opt-out of sale of personal information (we don't sell data)
Right to non-discrimination for exercising your privacy rights

6.4 How to Exercise Your Rights

To exercise any of these rights, contact us through the contact page. We will respond within 30 days and may request verification of your identity to protect your data.

7. Children's Privacy

Through A Thousand Eyes is intended for general audiences. We do not knowingly collect personal information from children under 13 (or under 16 in the EU) without parental consent. The game does not require an account to play, so children can enjoy the game using only local saves without providing any personal information.

If you believe we have inadvertently collected information from a child, please contact us immediately, and we will delete it promptly.

8. Data Retention

We retain your data for as long as necessary to provide the game service:

Active accounts: Data retained while your account is active
Inactive accounts: After 2 years of inactivity, we may delete cloud saves (you'll receive notice first)
Deleted accounts: After account deletion, data is removed within 30 days (except what we're legally required to keep)
Analytics data: Anonymized analytics retained indefinitely for historical analysis
Legal data: Data required for legal compliance retained as legally mandated

9. International Data Transfers

If you access the game from outside the United States, your data may be transferred to and stored on servers in the US or other countries. These countries may have different data protection laws than your country. By using the game, you consent to this transfer. We use appropriate safeguards (like Standard Contractual Clauses) to protect your data during international transfers.

10. Changes to This Privacy Policy

We may update this Privacy Policy occasionally to reflect changes in our practices, technology, legal requirements, or other factors. When we make significant changes, we will:

Update the "Last Updated" date at the top of this policy
Notify users through in-game announcements or email (if applicable)
For material changes, request your consent if required by law

Continued use of the game after changes constitutes acceptance of the updated policy. If you don't agree with changes, please stop using the game and delete your account.

11. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or how we handle your data, please contact us through:

Contact Page: spudergame.com/contact.html
Email: [email protected] (if applicable)

We will respond to privacy inquiries within 30 days.

12. Additional Information

12.1 Do Not Track

Some browsers have "Do Not Track" features. Currently, there is no industry standard for how to respond to these signals. Our analytics providers may not respond to Do Not Track signals, but you can opt-out of tracking through your browser settings or by using ad blockers.

12.2 Your California Privacy Rights

California Civil Code Section 1798.83 permits California residents to request certain information about disclosure of personal information to third parties for direct marketing. As stated above, we do not share personal information with third parties for their direct marketing purposes.

12.3 EU-U.S. and Swiss-U.S. Privacy Shield

While the Privacy Shield framework is no longer valid, we continue to apply its principles and use Standard Contractual Clauses for data transfers from the EU to the US.

			Summary of Key Points:
			You can play without an account using only local saves - no data sent to us
Cloud saves are optional and require an account
We collect minimal data necessary for game functionality
We never sell your personal information
You can request data deletion, export, or correction at any time
We use encryption and security best practices
We comply with GDPR, CCPA, and other privacy regulations

		

Thank you for trusting us with your information. We are committed to protecting your privacy while providing an enjoyable gaming experience.

← Back to Game