Privacy

Summary for operators. Replace with counsel-reviewed text before production marketing.

Controller

The operator of this deployment is responsible under applicable law. Contact via the Support email in the site footer when configured.

Data we process

Account: name, email, password hash, role, XP, rank, streaks, activity flags.
Training record: mission completions (timestamps, linked mission titles).
Entry protocol: if you apply for access, applicant email, protocol answers, physical task distribution, and related email delivery metadata may be stored.
Billing (optional): if Stripe is enabled, customer and subscription identifiers may be stored on your account.

Purposes

Authentication, delivering assignments and standings, operating the entry protocol, and (when configured) payment and support.

Retention

Data is kept for as long as the account exists or as required for legal obligations. Deletion workflows depend on deployment policy.

Your rights

Depending on jurisdiction (e.g. GDPR), you may have rights to access, rectify, erase, restrict, or port data, and to object. Contact Support to exercise them.