Effective Date: August 15, 2025
At Roxy Tag (“we,” “our,” or “us”), protecting your privacy is central to how we design, operate, and improve our VR experiences. When you enter our VR world, you are trusting us with your personal information, gameplay data, device identifiers, and digital identity.
This Privacy Policy explains:
The types of data we collect
How and why we collect and process it
How we secure and store it
How long we retain it
Your rights and how to exercise them
Special protections for children and younger players
We strictly follow Meta’s Virtual Reality Checks (VRC), including VRC.Quest.Privacy.2, and comply with laws and regulations such as COPPA (Children’s Online Privacy Protection Act), GDPR, and GDPR-K (children-specific GDPR provisions).
We collect information strictly to make Roxy Tag safe, fun, and responsive, and to comply with legal obligations. Below is a detailed explanation of what we collect, why, and how we store it.
These are data points that identify you as a player or are tied to your Meta account:
Meta User ID – Enables multiplayer connections, cloud saves, and device syncing. Stored encrypted on secure servers and never shared outside authorized Meta systems.
Display Name & Avatar – Pulled from Meta to show other players who you are. Used for social interactions, leaderboards, and matchmaking. Not permanently stored on our servers.
Email Address (if provided) – For account recovery, support, and legal notices. Stored encrypted; never sold or used for marketing.
Age Group & Birth Year – Provided via Meta to enforce age-appropriate content, social access, and purchase restrictions.
Region & Language Preferences – Collected automatically to optimize localization, server assignment, and network performance.
Data collected to ensure performance, stability, security, and fair play:
Device Model & OS Version – For optimization and troubleshooting.
Unique Device ID – For entitlement restoration, cross-device syncing, and enforcing device bans if terms are violated.
Network Information – IP addresses for matchmaking, server optimization, and detecting suspicious activity.
System Performance Metrics – Frame rate, latency, VR motion telemetry, and crash logs to improve experience and prevent cheating.
Diagnostics & Error Reports – Logs of crashes or unusual device behavior; do not include personal identifiers unless voluntarily provided.
We collect information on how you interact with the game to enhance experience and maintain fair play:
Session Data – Login/logout times, duration, and frequency for gameplay analytics and troubleshooting.
Positional Tracking & Gestures – Movement, hand/controller positions, gestures, and orientation; processed locally or in Meta cloud for multiplayer.
Player Movement Metadata – Speed, jump distance, collisions, and physics interactions; used to detect cheating or abnormal gameplay.
Multiplayer Interaction Metadata – Parties, match history, scores, wins/losses, and reports; monitored for fair play and compliance.
In-Game Preferences & Settings – Graphics/audio settings, control layouts, accessibility features, and comfort modes; stored locally or synced via Meta cloud.
Data regarding in-app purchases, ownership, and anti-fraud measures:
Purchase Records – Product IDs, timestamps, entitlement status. Payments are processed entirely through Meta.
Entitlement Management – Tracks content ownership across devices, enabling restoration after reinstall or switching devices.
Fraud Detection & Device Ban Metadata – Transaction patterns, account history, and device ID linkage; used to prevent ban evasion, unauthorized purchases, and enforce device bans.
Feature Exclusivity Tracking – Confirms eligibility for premium content, cosmetics, or exclusive items; ensures fairness in multiplayer.
Data you may choose to share:
Beta Program or Survey Data – Feedback, survey responses, or reported bugs; anonymized if aggregated.
Player Reports or Support Requests – Screenshots, videos, or logs provided for issue resolution; stored securely.
Personal & account data – Enable login, matchmaking, identity, and account recovery.
Device & technical data – Optimize performance, stability, and enforce device bans.
Gameplay behavior – Detect cheating, balance gameplay, and improve engagement.
Purchase & entitlement data – Secure transactions, restore purchases, and prevent fraud.
Optional data – Gather feedback, resolve support requests, and enhance gameplay.
We process your data to operate, secure, improve, and personalize Roxy Tag:
Gameplay & Personalization – Enable matchmaking, avatar display, session syncing, and age-appropriate content.
Account & Progress Management – Track achievements, virtual currency, and restore purchased content.
Performance Optimization & Technical Support – Identify device-specific issues and improve graphics, networking, and stability.
Fair Play, Safety, & Anti-Cheating – Detect cheating, modding, or ban evasion using device IDs and metadata; enforce temporary or permanent bans, including device bans.
In-App Purchases & Monetization Integrity – Verify purchases, restore entitlements, prevent fraud, and maintain exclusive content access.
Legal Compliance & Platform Requirements – Comply with COPPA, GDPR, GDPR-K, and Meta platform obligations; retain logs for regulatory inquiries.
Analytics & Game Improvement – Aggregate gameplay data for UI/UX improvements, accessibility, and future content.
Important: We never sell your data, target you with third-party ads, or share your personal information outside Meta systems for unrelated purposes.
Data Sharing
Only with Meta for authentication, multiplayer, cloud saves, purchase verification, and compliance.
No sharing with advertisers or unrelated third parties.
Data Retention
Gameplay session data: Up to 30 days for analysis.
Purchase & entitlement records: Retained as long as your account exists.
Diagnostic logs: Up to 90 days or until resolved.
Player ban history & anti-cheat metadata (including device ID bans): Retained 1–3 years depending on severity.
Data Security
End-to-end encryption for sensitive data.
Strict access controls and role-based permissions.
Regular security audits and vulnerability testing.
No Personal Data Without Consent – We do not knowingly collect personal data from children under 13 without parental consent.
Parental Controls & Rights – Parents may request access, review, or deletion of their child’s data at nathanpfrom@gmail.com.
Minimal Data Collection – Only essential data for age-appropriate gameplay.
Age-Appropriate Experiences – Controls access to features, social interactions, and purchases.
Monitoring & Protection – Automated systems limit exposure to harmful content.
Access & Correct – Request a copy of your personal data or correct inaccuracies.
Delete – Request deletion, subject to operational or legal obligations.
Manage Permissions – Adjust privacy and tracking via Meta Quest settings.
Data Portability – Request a machine-readable copy of your data.
Objections – Object to certain processing for analytics or marketing.
Contact: nathanpfrom@gmail.com
We may update this policy to reflect changes in law, technology, or operations. The Effective Date will be updated accordingly. Review periodically for the most current version.
Contact Us At: nathanpfrom@gmail.com