Privacy Policy

Last updated: December 31, 2025

1. Introduction

Welcome to Dyson Sphere Blueprints ("we", "our", or "us"). We are committed to protecting your personal data and respecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website dysonsphereblueprints.com (the "Site") and use our services.

This policy applies to all users of the Site, whether or not you create an account. By using the Site, you agree to the collection and use of information in accordance with this policy.

2. Data Controller

For the purposes of the General Data Protection Regulation (GDPR), the data controller is the operator of Dyson Sphere Blueprints. You can contact us at:

3. Information We Collect

3.1 Account Information

When you create an account or log in using OAuth providers, we collect:

  • Email address: Provided through OAuth (Google, GitHub, Steam, Discord) or direct registration
  • Username: Your chosen display name or OAuth profile name
  • Profile information: OAuth provider ID, avatar URL (if available)
  • Authentication tokens: Encrypted OAuth tokens for maintaining your session

3.2 User-Generated Content

When you use our services, you may provide:

  • Blueprint data: Dyson Sphere Program blueprint strings you upload
  • Collections: Blueprint collections you create and organize
  • Metadata: Titles, descriptions, tags, and game version information you add to blueprints
  • Images: Screenshots and preview images you upload
  • Interactions: Likes, favorites, and tracking preferences

3.3 Analytics and Usage Data

With your consent, we collect analytics data through Google Analytics:

  • Page views: Which pages you visit and how long you stay
  • User behavior: Clicks, scrolling, and navigation patterns
  • Device information: Browser type, operating system, screen resolution
  • Location data: Approximate geographic location (country/city level, anonymized IP)
  • Traffic sources: How you found our Site (search, direct, referral)

3.4 Technical Data

We automatically collect certain technical information:

  • IP address: Anonymized for analytics and security purposes
  • Session data: Stored in secure, encrypted cookies to maintain your login
  • Log files: Server logs for debugging and security monitoring

4. How We Use Your Information

We use the collected information for the following purposes:

4.1 Service Provision (Legal Basis: Contract)

  • To create and manage your user account
  • To authenticate your identity when you log in
  • To store and display your blueprints and collections
  • To enable social features (likes, favorites, user profiles)
  • To process and display user-generated content

4.2 Service Improvement (Legal Basis: Legitimate Interest / Consent)

  • To analyze usage patterns and improve Site functionality
  • To understand user preferences and optimize the user experience
  • To identify and fix bugs or technical issues
  • To develop new features based on user behavior

4.3 Communication (Legal Basis: Legitimate Interest)

  • To respond to your inquiries and support requests
  • To notify you of important changes to the Site or policies
  • To send technical or security notifications (account security, service disruptions)

4.4 Security and Compliance (Legal Basis: Legitimate Interest / Legal Obligation)

  • To protect against fraud, abuse, and unauthorized access
  • To enforce our Terms of Service
  • To comply with legal obligations and law enforcement requests

5. Legal Basis for Processing (GDPR)

Under the GDPR, we process your personal data based on the following legal grounds:

  • Contract (Article 6(1)(b)): Processing necessary to provide our services (account management, blueprint storage)
  • Consent (Article 6(1)(a)): Analytics cookies and non-essential data processing (you can withdraw consent anytime)
  • Legitimate Interest (Article 6(1)(f)): Service improvement, security, and communications (balanced against your rights)
  • Legal Obligation (Article 6(1)(c)): Compliance with laws and legal requests

6. Third-Party Services and Data Sharing

We share your information with the following third-party service providers:

6.1 OAuth Providers

When you log in using OAuth, we share authentication requests with:

6.2 Analytics Services

  • Google Analytics: With your consent, we use Google Analytics to analyze Site usage. Google may use this data per their Privacy Policy. We have enabled IP anonymization.

6.3 Hosting and Infrastructure

Your data is stored on secure cloud infrastructure providers. We use industry-standard encryption and security practices.

6.4 No Data Sales

We do not sell, rent, or trade your personal information to third parties for marketing purposes.

7. Data Retention

We retain your personal data for as long as necessary to provide our services and comply with legal obligations:

  • Account data: Retained until you delete your account, then permanently deleted within 30 days
  • Blueprints and collections: Retained as long as your account is active; deleted with account deletion
  • Analytics data: Retained by Google Analytics for 26 months, then automatically deleted
  • Consent records: Retained for up to 5 years as proof of compliance
  • Server logs: Retained for up to 90 days for security and debugging purposes

8. Your Rights Under GDPR

If you are located in the European Economic Area (EEA), you have the following rights:

8.1 Right of Access (Article 15)

You can request a copy of all personal data we hold about you.

8.2 Right to Rectification (Article 16)

You can update or correct inaccurate personal data through your account settings.

8.3 Right to Erasure / "Right to be Forgotten" (Article 17)

You can request deletion of your personal data by deleting your account or contacting us.

8.4 Right to Data Portability (Article 20)

You can request your data in a machine-readable format (JSON export of blueprints available).

8.5 Right to Object (Article 21)

You can object to processing based on legitimate interest (e.g., analytics, profiling).

8.6 Right to Withdraw Consent (Article 7(3))

You can withdraw consent for analytics cookies at any time using the "Cookie Settings" link in the footer.

8.7 Right to Lodge a Complaint

You can file a complaint with your local data protection authority if you believe your rights have been violated.

To exercise these rights, contact us via GitHub Issues or Reddit (links in Section 2).

9. International Data Transfers

Your data may be transferred to and processed in countries outside the European Economic Area (EEA), including the United States. When we transfer data internationally, we ensure adequate safeguards are in place, such as:

  • Standard Contractual Clauses (SCCs) approved by the European Commission
  • Third-party services that comply with GDPR (e.g., Google Analytics with IP anonymization)

10. Data Security

We implement appropriate technical and organizational measures to protect your personal data against unauthorized access, alteration, disclosure, or destruction. These measures include:

  • Encrypted data transmission (HTTPS/TLS)
  • Encrypted storage of authentication tokens
  • Secure session management with encrypted cookies
  • Regular security updates and monitoring
  • Access controls and authentication requirements

However, no method of transmission over the internet or electronic storage is 100% secure. While we strive to protect your data, we cannot guarantee absolute security.

11. Children's Privacy

Our Site is not directed to individuals under the age of 13 (or 16 in the EEA). We do not knowingly collect personal data from children. If you become aware that a child has provided us with personal data, please contact us, and we will delete such information promptly.

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements. When we make changes:

  • We will update the "Last updated" date at the top of this policy
  • For significant changes, we will notify users through a prominent notice on the Site
  • Your continued use of the Site after changes constitutes acceptance of the updated policy

13. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or your personal data, please contact us:

Related: Cookie Policy | Terms of Service