RadiumPublic/policy
3
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Update PRIVACY_POLICY.md

Browse Source
This commit is contained in:
nexusverypro
2026-06-02 17:48:42 +00:00
parent 4482acf5c8
commit 4776f7400a
1 changed files with 33 additions and 46 deletions
Download Patch File Download Diff File Expand all files Collapse all files

79
PRIVACY_POLICY.md
View File

@@ -2,24 +2,25 @@
**Last Updated: April 2026**
Radium (we, our, or us) collects and uses data to operate the game, maintain security, and provide support. This policy explains what information we collect and how it is used.
Radium, a project by Rec Room Archive ("we", "our", or "us") collects and uses data to operate the game, maintain security, and provide support. This policy covers all services operated by Radium, including the game itself, the [Data Exporter tool](https://help.radie.app/data-exporter/) (used to preserve and migrate your Rec Room data via Rec Room Archive), and any other associated platforms or features. This policy explains what information we collect across these services and how it is used.
---
## 1. Information We Collect
We collect information required to operate Radium and manage user accounts.
We collect the information necessary to operate Radium and manage user accounts. For your account, this includes your username, Discord User ID (required for account creation and linking), and optionally your email address if you choose to provide one. Passwords are never stored in plain text - they are securely hashed using [PBKDF2](https://en.wikipedia.org/wiki/PBKDF2) via [ASP.NET Identity](https://learn.microsoft.com/en-us/aspnet/core/security/authentication/identity), a standard industry approach to credential security. On the technical side, we collect an encrypted form of your IP address, hardware-based Device IDs, the platforms and devices you use to log in, and the timestamp of your last login per platform. We also collect gameplay and activity data, including room interactions, in-game activity, chat messages, and any reports, moderation actions, or bans associated with your account.
### Account Information
* Username
* Discord User ID (required for account creation and linking)
* Passwords (securely hashed using PBKDF2 via ASP.NET Identity)
* Discord User ID (required for account creation and linking — [what is a Discord ID?](https://support.discord.com/hc/en-us/articles/206346498-Where-can-I-find-my-User-Server-Message-ID))
* Email address (optional)
* Passwords (securely hashed using [PBKDF2](https://en.wikipedia.org/wiki/PBKDF2) via [ASP.NET Identity](https://learn.microsoft.com/en-us/aspnet/core/security/authentication/identity) — never stored in plain text)
### Technical Information
* Encrypted IP address (stored per account)
* Hardware-based Device IDs
* Encrypted IP address (stored per account — [what is an IP address?](https://en.wikipedia.org/wiki/IP_address))
* Hardware-based Device IDs (unique identifiers tied to the device you play on — [what are Device IDs?](https://en.wikipedia.org/wiki/Device_fingerprint))
* Platform information (devices used to log in)
* Last login time per platform
@@ -33,86 +34,72 @@ We collect information required to operate Radium and manage user accounts.
## 2. How We Use Your Information
We use collected information to:
* Identify users across devices and sessions
* Prevent ban evasion and enforce rules
* Link Radium accounts to Discord users for access and support
* Review moderation actions and resolve reports
* Operate and maintain the game and its features
We use the information we collect solely to operate and improve Radium. This includes identifying users across devices and sessions, preventing ban evasion and enforcing community rules, linking Radium accounts to Discord users for access control and support, reviewing moderation actions and resolving player reports, and maintaining the general stability and functionality of the game and its infrastructure. We do not use your data for advertising or any purpose unrelated to operating the service.
---
## 3. Data Security
We take steps to protect your data:
* IP addresses are stored in **encrypted form**
* Passwords are **securely hashed** and never stored in plain text
* Access to sensitive data is restricted to authorized use only
We take reasonable steps to protect your personal data from unauthorized access or disclosure. IP addresses are stored in encrypted form, passwords are hashed using [PBKDF2](https://en.wikipedia.org/wiki/PBKDF2) and never stored in plain text, and access to sensitive data is restricted to authorized personnel and systems only. While no system can guarantee complete security, we are committed to applying appropriate technical measures to safeguard your information.
---
## 4. Data Sharing
We do **not sell or share your personal data with third parties**.
All data is handled internally and used only for operating Radium, except where disclosure is required by law.
We do not sell, rent, or share your personal data with third parties for their own purposes. All data is handled internally and used exclusively for operating Radium. The only exception is where disclosure is required by applicable law, such as in response to a valid legal request or court order.
---
## 5. Third-Party Services
We use infrastructure services to operate Radium, including:
* Hosting providers (VPS)
* Authentication systems (IdentityServer)
* Storage systems (S3-compatible storage such as MinIO)
* Messaging systems (RabbitMQ)
These services support the platform but do not receive your data for independent use.
To operate Radium, we rely on a small number of infrastructure providers, including hosting providers (VPS), authentication systems ([IdentityServer](https://duendesoftware.com/products/identityserver)), [S3-compatible](https://en.wikipedia.org/wiki/Amazon_S3) storage (such as [MinIO](https://min.io/)), and messaging systems ([RabbitMQ](https://www.rabbitmq.com/)). These services are used solely to support the platform's operation and do not receive your data for their own independent use. We select these providers carefully and limit the data shared with them to what is strictly necessary.
---
## 6. Cookies
Our website uses cookies only for session management (such as keeping you logged in).
We do **not use analytics or tracking cookies**.
Our website uses [cookies](https://en.wikipedia.org/wiki/HTTP_cookie) only for session management purposes, such as keeping you logged in while you browse. We do not use analytics cookies, advertising cookies, or any other form of tracking technology that monitors your behavior across websites. You can control cookie settings through your browser, though disabling session cookies may affect your ability to stay logged in.
---
## 7. Data Retention
We retain data as long as necessary to operate and secure the service.
* Some temporary data, such as notifications and game invites, is automatically cleared
* Other data is retained unless no longer needed for service operation or moderation
We retain your data for as long as it is necessary to operate the service and uphold our moderation responsibilities. Some data, such as notifications and game invites, is cleared automatically after a short period. Other data, such as account information and moderation history, is kept for as long as your account is active or as needed to protect the integrity of the platform. If your account is closed or data is deleted upon request (see Section 8), we will remove your information within a reasonable timeframe, except where retention is required by law.
---
## 8. Account Control
## 8. Your Rights & Data Deletion
* Creating a Radium account is required to play
* Accounts are currently **not self-deletable**
* Data access and deletion requests may be supported in the future
We respect your rights over your personal data under applicable privacy laws. Depending on where you live, you may have the following rights:
* **[GDPR](https://en.wikipedia.org/wiki/General_Data_Protection_Regulation) (EU/EEA/UK users):** You have the right to access, correct, or erase your personal data; to restrict or object to its processing; and to [data portability](https://en.wikipedia.org/wiki/Data_portability). You also have the right to lodge a complaint with your local [data protection authority](https://www.edpb.europa.eu/about-edpb/about-edpb/members_en).
* **[CCPA](https://en.wikipedia.org/wiki/California_Consumer_Privacy_Act) (California, USA users):** You have the right to know what personal information we collect and how it is used, to request deletion of your data, and to not be discriminated against for exercising these rights.
* **Other jurisdictions:** Users in other regions with applicable privacy laws (such as Canada's [PIPEDA](https://www.priv.gc.ca/en/privacy-topics/privacy-laws-in-canada/the-personal-information-protection-and-electronic-documents-act-pipeda/), Brazil's [LGPD](https://en.wikipedia.org/wiki/Lei_Geral_de_Prote%C3%A7%C3%A3o_de_Dados), or Australia's [Privacy Act](https://www.oaic.gov.au/privacy/the-privacy-act)) may have similar rights to access and request deletion of their data.
At this time, accounts cannot be self-deleted through the game interface. To submit a data access or deletion request, please contact us through the official Radium or Rec Room Archive Discord server (see Section 11). We will respond to verified requests within 30 days, or within the timeframe required by applicable law. Please note that some data — such as moderation records — may be retained even after a deletion request where there is a legitimate legal or safety basis for doing so.
---
## 9. Age Requirements
Radium is **not intended for users under the age of 13**.
We do not knowingly collect data from users under 13.
Radium is not intended for users under the age of 13, in line with the [Children's Online Privacy Protection Act (COPPA)](https://www.ftc.gov/legal-library/browse/rules/childrens-online-privacy-protection-rule-coppa). We do not knowingly collect personal data from children under 13. If we become aware that a user under 13 has created an account or provided personal information, we will take steps to delete that data promptly. If you believe a minor has registered on our platform, please contact us through our Discord server.
---
## 10. Changes to This Policy
## 10. Data Exporter (Rec Room Archive)
This policy may be updated over time.
Radium operates a [Data Exporter tool](https://help.radie.app/data-exporter/) in partnership with [Rec Room Archive](https://www.recroomarchive.org/), which was created to preserve player data ahead of Rec Room's shutdown. When you use the Data Exporter, most of your Rec Room account data — including rooms, inventions, and related content — is saved onto Rec Room Archive's servers for potential future migration into Radium. This data is held separately from your active Radium account and is not immediately imported. Migration of exported data is not guaranteed and is subject to development progress. Users will be notified if and when migration becomes available.
If any significant changes are made, we will notify users at least 7 days in advance through the website before the changes take effect.
Exported data is stored server-side, you do not need to keep your computer running for an export to complete. At this time, there is no self-service way to download a personal copy of your exported data, though this may be added in the future. Once a room or creation has been exported, it cannot be re-exported to overwrite the stored version. You may export data from multiple Rec Room accounts if you own them. Data collected through the Data Exporter is used solely for the purpose of migrating your content into Radium and is not shared with third parties or used for any purpose beyond preservation and migration. For full details, visit [help.radie.app/data-exporter](https://help.radie.app/data-exporter/).
---
## 11. Contact
## 11. Changes to This Policy
If you have questions about this policy, you can reach out through official Radium or Rec Room Archive discord server.
This policy may be updated from time to time to reflect changes in our practices or legal obligations. If we make any significant changes, we will notify users at least 7 days in advance through the Radium website before those changes take effect. We encourage you to review this policy periodically. Continued use of Radium after changes take effect constitutes your acceptance of the updated policy.
---
## 12. Contact
If you have any questions about this privacy policy, wish to exercise your data rights, or have concerns about how your information is handled, you can reach us through the official [Radium Discord server](https://discord.gg/radium-rr). We aim to respond to all inquiries in a timely manner, and to privacy-related requests within the timeframe required by applicable law.