🔥

Due to high demand, all servers are currently sold out.

Leave your email and be the first to know when capacity is back.

Legal

Privacy Policy

Last updated: February 12, 2025

Overview

Realm.fun ("we", "us", "our") is operated by Stubbemann UG (haftungsbeschränkt), Bahnhofstrasse 13, 26122 Oldenburg, Germany. We respect your privacy and are committed to protecting your personal data. This policy explains what data we collect, why we collect it, and your rights regarding that data.

The short version: We collect only what we need to provide our service. We don't sell your data. We don't use tracking cookies. We don't do creepy stuff.

What we collect

Account information

When you create an account, we collect your email address and password (hashed, never stored in plain text). If you sign up via a third-party provider (e.g., Discord, Google), we receive your email and display name from that provider.

Payment information

Payments are processed by Stripe. We do not store your credit card details. Stripe provides us with a token, the last four digits of your card, and your billing address for invoice purposes. Stripe's Privacy Policy.

Server data

Your game server files, configurations, and backups are stored on our infrastructure. This data belongs to you. We access it only when necessary to provide support (with your permission) or to maintain the service.

Usage data

We collect basic usage data to operate and improve our service: server start/stop events, resource usage metrics, and error logs. This data is used for debugging, capacity planning, and service improvement.

What we don't do

  • - We don't use cookies for tracking or advertising
  • - We don't sell or share your data with third parties for marketing
  • - We don't use third-party analytics that track you across the web
  • - We don't read your server files unless you ask us to help with something

Third-party services

We use the following third-party services:

  • - Stripe - Payment processing
  • - Supabase - Authentication and database
  • - Cloudflare - DNS, DDoS protection, and content delivery

Each of these services has their own privacy policy. We've chosen them because they have strong privacy practices and are GDPR compliant.

Data retention

We keep your account data as long as your account is active. Server backups are retained for 30 days after deletion. If you delete your account, we remove your personal data within 30 days, except where we're legally required to retain it (e.g., invoices for tax purposes, which we keep for 10 years).

Your rights (GDPR)

If you're in the EU, you have the right to:

  • - Access your personal data
  • - Correct inaccurate data
  • - Delete your data ("right to be forgotten")
  • - Export your data in a portable format
  • - Object to or restrict processing

To exercise these rights, contact us. Get in touch.

Security

We use industry-standard security measures: encrypted connections (TLS), hashed passwords, access controls, and regular security audits. Your server data is stored on encrypted drives in data centers with physical security controls.

Changes to this policy

We may update this policy from time to time. If we make significant changes, we'll notify you by email or through our service. The "last updated" date at the top tells you when it was last revised.

Contact

Questions about this policy? Contact us. Get in touch.