Legend · Hyper Garden
Privacy Policy
Effective: July 18, 2026
Hyper Garden operates Legend and is responsible for the product data described here. This policy explains what Legend collects during public-site visits, account access, First Passage play, and support.
Data we collect
- Account and security data, including email, authentication events, invitation state, and program membership.
- Exact play records, including build, seed or replay reference, choices, presented passages, state transitions, deaths or endings, resume state, locale, and translation-bundle identity.
- Run-credit records, including grants, reservations, usage, adjustments, and future Paddle customer or transaction identifiers. Hyper Garden does not receive raw card details from Paddle.
- Feedback linked to the relevant account and run, plus support and email correspondence.
- Browser, viewport, accessibility preference, diagnostics, abuse-prevention, and configured public-site analytics data.
Why we use it
We use data to provide and secure accounts, create and reproduce runs, enforce credits, answer support requests, operate First Passage, investigate failures or abuse, and evaluate the game with human feedback. Automated telemetry does not establish whether a player had fun, understood a choice, or found an outcome fair.
Sources and recipients
Data comes from you, your browser, the deterministic game service, and service providers used for authentication, database hosting, email, monitoring, analytics, and future payment processing. Relevant providers may process data in other countries under their contractual and legal transfer safeguards. We do not sell personal data.
Cookies and local storage
Legend uses essential browser storage for authentication, security, language, theme, and run continuity. Public analytics loads only when a production analytics configuration is present and is excluded from dashboard and admin paths. See the Cookie Policy for the current inventory.
Retention
Account, security, credit, and transaction records are kept while needed to provide the service, meet legal obligations, resolve disputes, and prevent fraud. Exact run and feedback evidence may be retained for pre-release research; account deletion may leave a de-identified record when the link to the person is no longer needed. Retention periods will be narrowed as the program produces real operational evidence.
Your choices and rights
Depending on where you live, you may request access, correction, deletion, restriction, objection, withdrawal of consent, or portability, and may complain to a data-protection authority. Optional research feedback, marketing email, and nonessential analytics are separate from essential account and run processing.
Security and children
We use access controls, encrypted provider settings, auditable server-side credit operations, and data minimization appropriate to a pre-release service. No system is perfectly secure. First Passage is not offered to people under 18.
Contact
For privacy requests, email [email protected]. You may also write to Hyper Garden, 2143 Spruce Street B, Boulder, CO 80302, United States, or call +1 404-855-1462.