Legal
Privacy Policy
Last updated: 23 February 2026
1. Introduction & Who We Are
Phantom Development ("we", "us", "our") operates the Phantom Dungeons software product and the associated web platform located at phantomdungeon.com (the "Site").
We are the data controller for personal data collected through the Site. This Privacy Policy explains what personal data we collect, why we collect it, how we use it, and your rights regarding that data. Please read it carefully before creating an account or purchasing a subscription.
If you have questions, contact us at: privacy@phantomdungeon.com
2. Data We Collect
2.1 Account Data
When you register for an account we collect:
- Email address — used for login, email verification, and transactional communications.
- Password — stored exclusively as a bcrypt hash. We never store or transmit your plain-text password.
- Account creation date and last login timestamp.
2.2 License & Server Data
When your Minecraft server contacts our licensing API, we record and store the IPv4/IPv6 address of that server for the purpose of license validation. IP addresses stored for licensing purposes are treated as technical identifiers and are not shared with third parties beyond what is necessary to operate the service. We store a configurable maximum number of IP addresses per license; older addresses are replaced when the limit is reached.
2.3 Payment Data
Payment processing is handled entirely by Stripe, Inc. We never receive, process, or store raw card numbers, CVV codes, or full bank account details. We store only:
- Your Stripe Customer ID (a pseudonymous reference token).
- Your Stripe Subscription ID and status (active, cancelled, past_due, etc.).
- Whether you hold Founders pricing and the associated price ID.
Stripe's own privacy policy applies to data processed on their infrastructure: stripe.com/gb/privacy.
2.4 Technical & Log Data
Our hosting infrastructure (Netlify) and database provider (Neon) may collect standard web server logs including request timestamps, HTTP status codes, and IP addresses in transit. These are retained in accordance with those providers' own data retention policies. We do not proactively log end-user IP addresses beyond what is described in §2.2 above.
2.5 Admin Audit Logs
Actions taken by internal administrators on the admin panel (e.g. suspending a license, resetting IPs) are recorded in an audit log. These logs capture: the administrator ID, the action taken, the target user or resource, a timestamp, and the administrator's request IP. Audit logs are retained for a minimum of 12 months.
3. How We Use Your Data
We process your personal data for the following purposes and on the following legal bases:
| Purpose | Legal Basis (UK/EU GDPR) |
|---|---|
| Creating and managing your account | Contract performance (Art. 6(1)(b)) |
| Email verification and security notifications | Contract performance / Legitimate interests |
| Processing subscription payments via Stripe | Contract performance (Art. 6(1)(b)) |
| License key generation and server IP validation | Contract performance (Art. 6(1)(b)) |
| Preventing fraud, abuse, and unauthorised access | Legitimate interests (Art. 6(1)(f)) |
| Responding to support requests | Legitimate interests / Contract performance |
| Complying with legal obligations | Legal obligation (Art. 6(1)(c)) |
We do not sell your personal data. We do not use your data for advertising or marketing profiling.
4. Cookies & Session Data
We use a single httpOnly, sameSite=strict session cookie set upon login. This cookie contains a signed JWT session token and is used solely to authenticate your requests to our API. It is not a tracking cookie and is not readable by client-side JavaScript.
We do not use advertising cookies, analytics cookies, or third-party tracking pixels. No consent banner is required for strictly necessary session cookies under UK PECR / EU ePrivacy Directive.
5. Third-Party Sub-Processors
We share data with the following sub-processors to operate the service:
| Sub-Processor | Purpose | Location |
|---|---|---|
| Stripe, Inc. | Payment processing & subscription management | USA (SCCs / adequacy) |
| Netlify, Inc. | Web hosting & serverless functions | USA (SCCs) |
| Neon Inc. | PostgreSQL database hosting | USA (SCCs) |
All international transfers are governed by appropriate Standard Contractual Clauses (SCCs) or equivalent adequacy mechanisms under UK/EU GDPR.
6. Data Retention
- Account data: Retained for the duration of your account plus 90 days after account deletion, to satisfy any outstanding billing queries.
- Payment records: Retained for 7 years to comply with financial and tax obligations.
- Server IP addresses: Retained while your license is active. Upon license revocation or account deletion, IP records are purged within 30 days.
- Audit logs: Retained for 12 months, then archived or deleted.
7. Your Rights
Under UK/EU GDPR and applicable data protection law, you have the right to:
- Access — request a copy of the personal data we hold about you.
- Rectification — request correction of inaccurate personal data.
- Erasure ("Right to be Forgotten") — request deletion of your account and associated personal data, subject to legal retention requirements.
- Restriction — request that we restrict processing of your data in certain circumstances.
- Portability — receive your data in a structured, machine-readable format.
- Objection — object to processing based on legitimate interests.
- Withdraw Consent — where processing is based on consent, withdraw it at any time without affecting prior lawful processing.
To exercise any of these rights, contact us at privacy@phantomdungeon.com. We will respond within 30 days. If you are unsatisfied with our response, you have the right to lodge a complaint with your national data protection authority (e.g. the UK ICO at ico.org.uk).
8. Security
We implement appropriate technical and organisational measures to protect your personal data, including:
- bcrypt password hashing with a minimum cost factor of 10.
- HTTPS enforced across all endpoints; cookies are httpOnly and sameSite=strict.
- Admin panel protected by two-factor authentication (TOTP) and session timeouts.
- Database credentials and secret keys stored exclusively as environment variables — never in source code.
- License API requests validated using HMAC-signed tokens to prevent forgery.
No method of transmission over the internet is 100% secure. In the event of a data breach affecting your rights and freedoms, we will notify you and the relevant supervisory authority within 72 hours of becoming aware.
9. Children's Privacy
The Site and Software are not directed at children under the age of 13 (or 16 where required by local law). We do not knowingly collect personal data from children. If you believe a child has provided us with personal data, please contact us immediately and we will delete it.
10. Changes to This Policy
We may update this Privacy Policy from time to time. When we make material changes, we will update the "Last updated" date above and, where appropriate, notify you by email. Continued use of the Site after the effective date of any changes constitutes your acceptance of the revised policy.
11. Contact Us
For privacy-related queries, please contact:
Phantom Development
Email: privacy@phantomdungeon.com
Discord: discord.gg/nWgTDTTYQt