top of page

Privacy Policy
> **Trademark notice:** Minecraft® is a registered trademark of
> Mojang Synergies AB / Microsoft Corporation. The mod
> "Intelligent Villagers / VR Realistic Worlds" (VRRW) is an
> independent fan project; it is **not an official Minecraft
> product** and has neither been approved nor endorsed by Mojang
> or Microsoft. All rights in Minecraft trademarks, textures and
> game mechanics remain with their respective holders.
This privacy policy applies **both to our website** at
[https://www.vrrw.online](https://www.vrrw.online) **and to the Minecraft mod "Intelligent Villagers
/ VR Realistic Worlds"** (hereinafter: "the mod"). The website and the mod
use a common backend and share the same account and rewards system, so we
describe the processing for both platformsaa in one document.
Personal data (usually referred to just as "data" below) will only be
processed by us to the extent necessary and for the purpose of providing a
functional and user-friendly website, including its contents, and the
services offered there, as well as for the operation of the mod.
Per Art. 4 No. 1 of Regulation (EU) 2016/679, i.e. the General Data
Protection Regulation (hereinafter referred to as the "GDPR"), "processing"
refers to any operation or set of operations such as collection, recording,
organization, structuring, storage, adaptation, alteration, retrieval,
consultation, use, disclosure by transmission, dissemination, or otherwise
making available, alignment, or combination, restriction, erasure, or
destruction performed on personal data, whether by automated means or not.
The following privacy policy is intended to inform you in particular about
the type, scope, purpose, duration, and legal basis for the processing of
such data either under our own control or in conjunction with others. We
also inform you below about the third-party components we use to optimize
our website and improve the user experience which may result in said third
parties also processing data they collect and control.
**Scope:** This Privacy Policy deals exclusively with the processing of
personal data. All non-privacy-related provisions (order processing,
subscriptions, right of withdrawal, user content, licenses, mod usage
rules, VRRW Points, liability) can be found in our **Terms of Use**
at [https://www.vrrw.online/agb](https://www.vrrw.online/agb). A detailed overview of the cookies
we use can be found in our **Cookie Policy** at
[https://www.vrrw.online/cookies](https://www.vrrw.online/cookies).
## Contents
- [I. Information about us as controllers of your data](#i-information-about-us-as-controllers-of-your-data)
- [II. The rights of users and data subjects](#ii-the-rights-of-users-and-data-subjects)
- [III. Information about the data processing](#iii-information-about-the-data-processing)
- [III.A Basic website operation](#iiia-basic-website-operation)
- [III.B Contact](#iiib-contact)
- [III.C Member accounts](#iiic-member-accounts)
- [III.D Online shop, subscriptions and payments](#iiid-online-shop-subscriptions-and-payments)
- [III.E Community (groups, profiles, events)](#iiie-community-groups-profiles-events)
- [III.F Loyalty, challenges and points](#iiif-loyalty-challenges-and-points)
- [III.G User-generated content (server directory, Playercreations etc.)](#iiig-user-generated-content-server-directory-playercreations-etc)
- [III.H Newsletter, follow-up comments, competitions and general user posts](#iiih-newsletter-follow-up-comments-competitions-and-general-user-posts)
- [III.I Intelligent Villagers / VR Realistic Worlds Minecraft mod](#iiii-intelligent-villagers--vr-realistic-worlds-minecraft-mod)
- [III.J Task lockers / embedded advertising offers (OGAds)](#iiij-task-lockers--embedded-advertising-offers-ogads)
- [III.K Kinetic Hosting affiliate link](#iiik-kinetic-hosting-affiliate-link)
- [III.L Hosting and data processing by Wix.com Ltd.](#iiil-hosting-and-data-processing-by-wixcom-ltd)
- [III.M Web analytics (Google Analytics and others)](#iiim-web-analytics-google-analytics-and-others)
- [III.N Linked external community channels (YouTube, Discord)](#iiin-linked-external-community-channels-youtube-discord)
- [III.O Embedded YouTube videos](#iiio-embedded-youtube-videos)
- [IV. Final provisions](#iv-final-provisions)
---
## I. Information about us as controllers of your data
The party responsible for the website [https://www.vrrw.online](https://www.vrrw.online) **and** for
the "Intelligent Villagers / VR Realistic Worlds" Minecraft mod (the
"controller") for purposes of data protection law is:
**VR Realistic Worlds**
Sebastian Elsner
Kolonnenstraße 8
10827 Berlin
Germany
E-mail: vr.realistic.worlds@gmail.com
(Full legal notice: see Impressum at
[https://www.vrrw.online/impressum](https://www.vrrw.online/impressum).)
---
## II. The rights of users and data subjects
With regard to the data processing to be described in more detail below,
users and data subjects have the right:
- to **confirmation** of whether data concerning them is being processed,
**information** about the data being processed, further information
about the nature of the data processing, and copies of the data (cf.
also Art. 15 GDPR);
- to **correct** or complete incorrect or incomplete data (cf. also
Art. 16 GDPR);
- to the **immediate deletion** of data concerning them (cf. also Art. 17
GDPR), or, alternatively, if further processing is necessary as
stipulated in Art. 17 Para. 3 GDPR, to **restrict** said processing per
Art. 18 GDPR;
- to receive copies of the data concerning them and/or provided by them
and to have the same transmitted to other providers/controllers
(**data portability**; cf. also Art. 20 GDPR);
- to file **complaints** with the supervisory authority if they believe
that data concerning them is being processed by the controller in
breach of data protection provisions (see also Art. 77 GDPR). The
authority competent for us is the Berlin Commissioner for Data
Protection and Freedom of Information
(*Berliner Beauftragte für Datenschutz und Informationsfreiheit*),
Friedrichstr. 219, 10969 Berlin, Germany.
In addition, the controller is obliged to inform all recipients to whom
it discloses data of any such corrections, deletions, or restrictions
placed on processing the same per Art. 16, 17 Para. 1, 18 GDPR. However,
this obligation does not apply if such notification is impossible or
involves a disproportionate effort. Nevertheless, users have a right to
information about these recipients.
**Likewise, under Art. 21 GDPR, users and data subjects have the right to
object to the controller's future processing of their data pursuant to
Art. 6 Para. 1 lit. f) GDPR. In particular, an objection to data
processing for the purpose of direct advertising is permissible.**
If processing is based on your consent (Art. 6 Para. 1 lit. a GDPR), you
may withdraw that consent at any time with effect for the future pursuant
to Art. 7 Para. 3 GDPR. The withdrawal of consent does not affect the
lawfulness of processing carried out before the withdrawal.
### Concrete deletion paths
Depending on what content you want removed, you can use the following
paths:
| Content | Path |
|---|---|
| VRRW account (e-mail, points, all linked content) | **Self-service (new in v4):** Mod "Profile → Privacy → Delete account" or website account area. Backend performs full deletion / pseudonymisation per II.b. A written request to the e-mail in Section I remains an alternative. |
| Profile, name, avatar | Wix login → "Account Settings" on the website |
| Individual group posts | In the mod directly on the post "⋯ → Delete" **or** via the Wix front-end under "My Groups" → post → "Delete". |
| Cancel subscription (Gold / Silver / Copper) | Website → "My Subscriptions" |
| Server directory entries (including images) | **In the mod** at "Multiplayer → Manage my Servers → Delete" **or** on the website at "Serverlisting" / "Server entry Informations" / "Server Event management" |
| Comments and reviews | Delete yourself via the respective interface; otherwise on request |
| Locally stored mod auto-login credentials | Disable "Stay logged in" in the mod and log out (removes the locally stored credentials) |
| In-mod embedded browser cookies | Reset the mod's Minecraft instance directory if desired; we will provide the exact path on request |
| Browser cookies (website) | Cookie settings in the footer or browser settings |
---
### II.0 Response time (new in v4)
We process requests under Art. 15-22 GDPR without undue delay and
**within one month** at the latest from receipt (Art. 12 Para. 3
GDPR). For particularly complex or numerous requests this period
may be extended by up to two further months; in such a case we
will inform you of the extension and the reasons within one month
of receipt of your request.
Self-service requests via the mod profile (see II.a) are normally
**executed within seconds** automatically — the one-month limit is
only relevant for manual requests by email.
### II.a Self-service data access + export inside the mod (new in v4)
The data-subject rights set out in this Section II (in particular
Art. 15 right of access and Art. 20 right to data portability) can
now be exercised **directly in the mod as a self-service** — without
a separate written request:
- **"Download my data"** (profile section): downloads a complete
JSON-file copy of all backend-stored data about you and saves it
to `intelligentvillagers-mydata-.json`. Content: profile +
privacy preferences, consent history (which legal version you
accepted, when), purchase history (texture packs, date, price),
user-authored content (bug reports, feature requests, tutorials),
rewards status (VRRW Points, OG-Ads consent).
- **"Purchase history"** (profile section): lists all your
purchases inside the mod — without needing a full export — sorted
newest first.
- **"Delete my account"** (profile section): triggers the deletion
described in Section II; a written request is no longer required.
Data export format: machine-readable JSON per Art. 20 GDPR. Rate
limit: 1 export per hour per account. The request is authenticated
(Bearer token) and requires an explicit confirmation in the mod
dialog. The same rights are available on the website under
"My Account → Privacy".
### II.b Retention despite deletion — what remains pseudonymized (new in v4)
When you delete your account under Art. 17 GDPR, most data is
erased irreversibly. A small subset of records may still be kept by
the controller for legal-retention obligations or for the defence
of legal claims (Art. 17 Para. 3 GDPR). We strictly apply data
minimisation here:
| Record | Retention reason | Method |
|---|---|---|
| Purchase + invoice data | 147 AO (DE) — 10-year retention | Slot data (pack, price, date) is kept — `memberId` is replaced by HMAC-SHA256 pseudonym |
| Bug reports + complaints | Art. 17(3)(e) defence of legal claims | `memberId` → pseudonym; `memberName`/`email` removed |
| Unban requests | Art. 17(3)(e) moderation history | as above |
| Boost-Rank applications + votes | voting integrity | as above |
| Consent proof (legal-acceptance versions + timestamps) | Art. 7(1) burden of proof | PII (user-agent etc.) removed; `legalVersions` map + `legalAcceptedAt` kept |
The pseudonym is generated with a **fresh 16-byte salt for every
deletion** and our server-side token key `VRRW_TOKEN_KEY`
(HMAC-SHA256), and is not reversible. Re-registration with the same
memberId would produce a different pseudonym — so a re-link is
impossible.
**Backup retention (new in v4)**: our backend provider Wix runs
rolling automated CMS-database snapshots for disaster-recovery
purposes. These snapshots are **technically isolated**, not
queryable and only restored in case of disaster (data loss through
hardware defect, cyber attack etc.). On account deletion under
Art. 17 GDPR your data is **immediately removed or pseudonymised
in the live CMS database** (see above). It remains in backup
snapshots for **at most 35 days** (Wix standard retention) and is
subsequently irrevocably purged by the regular backup rotation.
Should a disaster recovery happen within those 35 days, we will
**immediately re-delete** any restored data of a previously
deleted account and inform you within 72 hours of the incident
(analogous to Art. 33 GDPR).
### II.c "Anonymous" posts — pseudonymization rather than anonymization (new in v4)
**Legally crucial clarification:** when you publish a post,
comment, rating or bug report with the **"anonymous"** option,
this is **not anonymization** in the sense of Recital 26 GDPR
from a GDPR perspective, but rather **pseudonymization** within
the meaning of Art. 4 No. 5 GDPR — with all consequences flowing
from that for you as a data subject.
**What that means technically:**
- **Other users** see "Anonymous" or a random pseudonym instead
of your name. They have no access to your memberId, login name,
profile picture or other identifying attributes.
- **We as controller** store your post internally linked to your
memberId (in the CMS column `slotUser` of a GroupMessageBuffer
row, or in the `anonymousKeyHash` field for bug reports). We CAN
— where legally required — reconstruct your identity.
**Why this is so (a protective function for other users and the
public):**
- **Moderation:** so that our 3-strike system (Terms 9.16) can
function, a violation must be attributable to a member — even
inside a post marked "anonymous". Otherwise abusive content
(insults, hate speech, spam) could not be sanctioned.
- **Self-service:** you can edit or delete your own anonymous
posts later because the backend knows the link to your account.
- **Legal obligation:** in case of justified requests by law-
enforcement authorities (Art. 6 Para. 1 lit. c) GDPR in
conjunction with 24 BDSG, 113 TKG and the respective
applicable legal bases) we may have to disclose the identity
behind unlawful content. Full anonymization would render this
obligation impossible to fulfil — and effectively turn our
platform into a lawless space.
**Your rights remain fully preserved:** since your posts remain
pseudonymized (= personal) data from a GDPR perspective, ALL
data-subject rights from Section II apply unchanged:
- **Right of access (Art. 15):** in the data export (see II.a)
your anonymously posted contributions are listed — explicitly
flagged as such.
- **Rectification (Art. 16) + erasure (Art. 17):** you can delete
individual anonymous posts at any time or request full account
deletion. Anonymous posts are removed from the slot buffers of
all recipients on account deletion.
- **Data portability (Art. 20):** your anonymous posts are part
of the self-service data export.
**Legal basis for the backend linkage:** Art. 6 Para. 1 lit. f)
GDPR (overriding legitimate interest in anti-abuse measures and
evidence preservation) and Art. 6 Para. 1 lit. c) GDPR
(compliance with statutory disclosure obligations). Full
anonymization would be incompatible with these protective duties
towards the other users and the public.
**We will NOT disclose your identity** to other members,
external third parties or the public — re-identification
remains strictly limited to the protective functions above and
is subject to our documented internal procedure. In particular,
disclosure to other users is also impermissible when those users
— e.g. because they feel personally addressed by an anonymous
post — request the identity.
## III. Information about the data processing
Your data processed when using our website and the mod will be deleted or
blocked as soon as the purpose for its storage ceases to apply, provided
the deletion of the same is not in breach of any statutory storage
obligations (in particular under commercial and tax law) and unless
otherwise stipulated below for individual processing activities.
### III.A Basic website operation
#### a) Server log files
For technical reasons, the following data sent by your internet browser
to us or to our webspace provider (Wix) will be collected, especially to
ensure a secure and stable website. These server log files record the
type and version of your browser, operating system, the website from
which you came (referrer URL), the webpages on our site visited, the date
and time of your visit, as well as the IP address from which you visited
our site.
The data thus collected will be temporarily stored, but not in
association with any other of your data.
Legal basis: Art. 6 Para. 1 lit. f) GDPR. Our legitimate interest lies in
the improvement, stability, functionality, and security of our website.
Retention period: no more than seven days, unless continued storage is
required for evidentiary purposes.
#### b) Cookies and cookie manager
We use cookies on our website and inside the mod's embedded Chromium
browser (MCEF, see III.I.6). Cookies are small text files or other
storage technologies stored on your computer by your browser. These
cookies process certain specific information about you, such as your
browser or location data or your IP address.
We distinguish between:
- **session cookies**, which are automatically deleted when you close
your browser, and **persistent cookies**, which remain stored until the
expiry of their lifetime or until actively deleted;
- **technically necessary cookies** (e.g. session ID, cart content,
cookie preferences, login session) and **technically non-essential
cookies** (e.g. web analytics, advertising targeting, third-party
cookies).
Legal basis for technically necessary cookies: Art. 6 Para. 1 lit. b)
GDPR (contract initiation/performance) or Art. 6 Para. 1 lit. f) GDPR
(legitimate interest in operating a functional website), as well as
25 (2) TDDDG.
Legal basis for technically non-essential cookies: exclusively your
consent pursuant to Art. 6 Para. 1 lit. a) GDPR and 25 (1) TDDDG, which
you can grant via our cookie manager (consent banner) on your first
visit.
To obtain and document your consent, we use a **cookie manager / consent
banner**. When the website is called up, a cookie with the settings
information is stored on your end device so that the request for consent
does not have to be made on a subsequent visit. This cookie is required
to obtain and document legally compliant user consent and to enable you
to manage your choices. You can change or withdraw your consent at any
time via the cookie settings on our website.
You can also prevent or restrict the installation of cookies by adjusting
your browser settings and can delete already-stored cookies at any time;
however, this may impair the functionality of our website.
Detailed information on the individual cookies we use is available on
our cookie page at [https://www.vrrw.online/cookies](https://www.vrrw.online/cookies).
### III.B Contact
If you contact us via e-mail or contact form, the data you provide
(e-mail address, name, content of the request, any further voluntary
information) will be used for the purpose of processing your request and
for possible follow-up questions. Without your consent, we do not share
this data with third parties.
Legal basis: Art. 6 Para. 1 lit. b) GDPR where the request serves to
fulfil or initiate a contract, and Art. 6 Para. 1 lit. f) GDPR
(legitimate interest in processing requests).
Retention period: until your request has been fully answered and there
is no further legal obligation to store your data (e.g. from commercial
or tax law).
### III.C Member accounts
You can create a single member account on our website and inside the
mod. The accounts are stored in our Wix-hosted backend (see III.L).
Registration is possible both directly on the website at "Account
Settings" and inside the mod via the integrated login/registration
screen. In both cases the same account is created — you log in to
the same account from website **and** mod.
#### a) Direct registration with e-mail and password
At registration we collect:
- **e-mail address** (mandatory, used as login identifier and for
communication with you),
- **self-chosen password** — the password is hashed directly by our
backend provider. We never receive your plain-text password on our
own systems,
- an internal member identifier assigned by our backend,
- timestamp of registration and IP address,
- optionally provided profile information (name, display name, avatar,
location, description, etc.).
#### b) Login via the external login flow (OAuth)
As an alternative to direct sign-in you can log in via an externally
hosted OAuth flow operated by our backend provider. To do so, the mod
opens the embedded browser on the official login page. After
successful authentication the login page passes the session data
required to access your account to our backend. These session
tokens are used to identify your account to our backend and are
refreshed periodically as long as you use the mod.
#### c) Profiles and account settings
Under "Account Settings" and "Profiles" you can view and manage your
master data, in particular:
- **Display info:** display name, title, profile image (visible to
other members),
- **Personal info:** first name, last name, phone number,
- **Login info:** login email, password (changes are carried out in
the account settings of our backend provider),
- **Visibility and privacy:** profile URL, profile visibility
(public / members only / hidden),
- **My Wallet:** overview of already stored payment methods — see
III.D.d,
- **My Addresses:** delivery and billing addresses for orders.
Under the "Profiles" tab you can additionally manage your public
community profile (description, cover, location, additional
information — all fields are optional).
Processing of this data is based on Art. 6 Para. 1 lit. b) GDPR
(contract performance of the usage relationship) or Art. 6 Para. 1
lit. a) GDPR (consent, where you provide voluntary additional data).
#### d) Notifications
We use the notifications feature of our backend provider to inform
you about events in your account (e.g. joining a group, replies to
your posts, points credits, order status). Processing is for the
purpose of contract performance (Art. 6 Para. 1 lit. b) GDPR). You
can disable individual notification types in your account settings
at any time.
#### e) Auto-login in the mod ("Stay logged in")
If you select "Stay logged in" at the mod's login screen, your
credentials are stored **encrypted on your local computer** inside your
Minecraft instance directory. They are never transmitted to us or to any
third party. Your plain-text password never leaves your computer.
Legal basis: Art. 6 Para. 1 lit. a) GDPR (your explicit consent given by
enabling the option). You can withdraw consent at any time by disabling
the option in the mod; see also Section II ("Concrete deletion paths")
for manual removal.
#### f) Retention period
All account data is stored until you delete the account yourself (via
the account settings or on request by e-mail to the address in
Section I). After deletion, the data is irrevocably removed within the
statutory deadlines, unless statutory retention obligations (in
particular commercial and tax law) prevent this.
#### g) Age verification and rewards-program eligibility
**(1) Mandatory date of birth at registration.** When you register a
VRRW member account — either via the website or via the mod — you are
asked to provide your date of birth. The date is used **strictly
server-side** to calculate your age and is **discarded immediately
after the calculation**; it is **never stored in our database**. Our
database only retains two simple yes/no entries, namely whether at
the time of the check you were at least 16 and whether you were at
least 18. As the site operator we have no technical means of
recovering your actual date of birth or exact age from the stored
entries.
**(2) Minimum age of 16 for account creation.** Creation of a VRRW
member account requires you to be at least 16 years old. This
threshold follows from Art. 8 GDPR and 8 BDSG, which set the
digital consent age in Germany at 16. If you enter an age below 16,
registration is rejected with an error message; no account is
created, and no personal data is retained.
**(3) Additional minimum age of 18 for the rewards program (OGAds).**
Access to the rewards program (OGAds offer wall, see III.J) is only
available to members who have completed their 18th year. This age
gate is enforced technically: the mod client will not load the
offer wall unless we hold, for the currently logged-in account, the
confirmation of a successful 18+ age check. If you were under 18 at
registration you can re-verify at any time via your mod profile; if
your actual age is now 18 or over, the 18+ status is unlocked on a
one-off basis.
**(4) Voluntary opt-in to the rewards program.** Participation in the
rewards program is strictly voluntary even for 18+ members. You can
enable or disable it at any time via the mod profile. The only
thing we store for this purpose is whether you wish to participate
in the rewards program.
**(5) Legal basis.** Age verification relies on Art. 6 Para. 1 lit. c
GDPR in conjunction with Art. 8 GDPR resp. 8 BDSG (legal
obligation to observe the digital consent age) and on Art. 6 Para.
1 lit. f GDPR (legitimate interest in complying with the
contractual 18+ requirement imposed by the OGAds terms of service).
Storing only the derived yes/no entries satisfies the principle of
data minimisation (Art. 5 Para. 1 lit. c GDPR).
**(6) Retention period.** The age-related entries are deleted
together with your account; no separate retention takes place.
Please note: since we never store your actual date of birth, a
data-subject request under Art. 15 GDPR can only return the two
yes/no entries (16+, 18+), your rewards-program opt-in choice and
the timestamp of the last age verification — not the original date
you entered.
**(7) Duty of truthful statement.** Entering your date of birth is a
legally binding declaration on your part. We do not perform biometric
or document-based age verification; responsibility for giving a
truthful answer lies with you. We reserve the right to suspend or
delete accounts where it later turns out that the declared age was
manifestly untrue.
#### III.C.h Detailed registration flow (new in v4)
When you register a new account (on the website or in the mod), the
processing of your sign-up data proceeds in detail as follows:
**(1) Input fields:** you enter e-mail, password, date of birth
(day/month/year), and optionally the checkboxes "Stay logged in",
"Join VRRW Community" and "Rewards opt-in". **The "I accept the
legal texts" checkbox is mandatory** and is enforced server-side
as a precondition for registration.
**(2) Age check:** the backend computes your age from the date of
birth and stores only the derived Boolean flags **`is16plus` and
`is18plus`** plus a timestamp (`verifiedAt`) — the **raw date of
birth is not retained**. If the age is **Privacy consequence:** since you do not receive a verification
> e-mail, the standard process contains no external proof that
> the e-mail address actually belongs to you. For security-
> relevant events (e.g. account recovery on a forgotten password)
> we therefore require additional identity indicators. If you
> wish to receive an explicit e-mail confirmation, you can submit
> a separate verification request via the contact channel
> (see IV).
**(5) PlayerFlags slot is created:** subsequently we create an
entry in our slot-bucketed PlayerFlags collection containing the
fields from step 2 (`is16plus`, `is18plus`, `verifiedAt`), plus
the opt-ins you have chosen (`wantsCommunity`, `wantsRewards`)
and the chosen language (`lang`).
**(6) Auto-OAuth exchange:** so that you can post / comment
immediately (with real-name attribution), we exchange your Wix
session token server-side for an OAuth access token + refresh
token (Wix Headless OAuth — see III.L). This happens
automatically without you seeing a separate OAuth-consent screen
— your consent is bundled into the registration consent. The
refresh token is stored encrypted on your computer (if "Stay
logged in" is active) and can be removed at any time via
"Logout" or by disabling the option (see III.C.e).
**(7) Immediate legal-acceptance recording:** directly after
successful registration, your acceptance of the four legal
documents (Privacy Policy, Terms of Use, Cookie Policy, Imprint)
in the version valid at the time of registration is logged in
our backend (collection `LegalHistoryBuckets` plus PlayerFlags
slot, see II.b and VI). This record serves as proof of consent
pursuant to Art. 7 Para. 1 GDPR.
**(8) Optional community activation:** if you ticked "Join VRRW
Community", we trigger `joinCommunity` server-side: your Wix
Members `privacyStatus` is set to PUBLIC + you are added to the
global community area. You can disable this community membership
at any time in the profile settings — one click on "Leave
community" sets PrivacyStatus back to PRIVATE, removes the
`wantsCommunity` flag and hides your profile.
**(9) Security measures:**
- **Anti-e-mail-enumeration:** in case of failed registration
(e.g. e-mail already exists) we return only a generic error
("registration_failed"), never details such as "e-mail already
registered". This prevents attackers from using probe
registrations to identify your e-mail address as "present at
VRRW".
- **Rate limiting:** at most 5 registrations / hour / IP, 3 per
e-mail / hour, plus persistent lockout on suspicion of
automated multi-registration (see III.Q).
- **Timing padding:** we equalise the response latency between
"e-mail exists" and "e-mail does not exist" via an artificial
additional CMS query, so e-mail enumeration via timing
measurements is also prevented.
**Legal basis for the entire registration process:**
- Art. 6 Para. 1 lit. b) GDPR — contract initiation + performance,
- Art. 6 Para. 1 lit. a) GDPR — consent for the optional features
(community joining, rewards opt-in, "stay logged in"),
- Art. 6 Para. 1 lit. c) GDPR + Art. 8 GDPR + 8 BDSG — legal
obligation to comply with digital consent age (minimum age 16).
### III.D Online shop, subscriptions and payments
On our website we offer paid content and subscriptions, in particular
the three membership tiers **Gold**, **Silver** and **Copper** as well
as individual items via our online shop.
> **Note:** The contractual and commercial provisions governing the
> purchase process, the right of withdrawal, warranty, subscription
> tiers and termination are set out in our Terms of Use, in particular
> in ** 3** (Purchase of products and subscriptions), ** 4** (Right
> of withdrawal including Annexes 1-4) and ** 5** (Warranty for
> products) at [https://www.vrrw.online/agb](https://www.vrrw.online/agb). The present section
> describes exclusively the **processing of personal data** associated
> with those commercial activities.
#### a) Cart and orders
When you add items to your cart ("Cart" page), we process anonymised
cart data via a cart cookie (Art. 6 Para. 1 lit. b) GDPR). When you
place an order, we additionally collect:
- billing and, if applicable, delivery address,
- name and contact data (mandatory),
- order and invoice data (items, quantity, price, tax, order time),
- payment processing information (see III.D.c),
- history available under "My Orders" and "My rewards".
Legal basis: Art. 6 Para. 1 lit. b) GDPR (contract performance).
Retention period: order and invoice data is subject to commercial and
tax law retention obligations (generally six or ten years pursuant to
257 HGB, 147 AO) and will be deleted after the end of these periods.
#### b) Gold / Silver / Copper subscriptions
The Gold, Silver and Copper membership tiers are managed in our
backend. For active subscribers, we store the booked tier, the
billing period, the status (active / cancelled / expired) and the
data required for payment. When you log in on the website or in the
mod, we check your current subscription status in order to unlock the
corresponding content (e.g. texture packs, exclusive sections) for you.
The tier hierarchy is: **Gold** unlocks all tiers, **Silver** unlocks
Silver and Copper, **Copper** unlocks only Copper.
You can cancel your subscription at any time under "My Subscriptions"
on the website.
Legal basis: Art. 6 Para. 1 lit. b) GDPR.
#### c) Payment via PayPal
If you choose the online payment service provider PayPal during your
order, your contact data will be transmitted to PayPal as part of the
order thus triggered. PayPal is an offer of PayPal (Europe) S.à.r.l. &
Cie. S.C.A., 22-24 Boulevard Royal, L-2449 Luxembourg. PayPal assumes
the function of an online payment service provider and trustee and
offers buyer protection services.
The personal data transmitted to PayPal is usually first name, last
name, address, telephone number, IP address, e-mail address, or other
data required for order processing, as well as data related to the
order, such as the number of items, item number, invoice amount and tax
percentage, billing information, etc.
This transmission is necessary to process your order with the payment
method you have selected, in particular to confirm your identity, to
administer your payment and the customer relationship. Transmission is
based on Art. 6 Para. 1 lit. b) GDPR.
Please note: PayPal may transfer the personal data to service providers,
subcontractors or other affiliated companies, to the extent necessary to
fulfil the contractual obligations arising from your order or to process
the data in order on your behalf.
Depending on the payment method selected via PayPal (e.g. invoice or
direct debit), the personal data transmitted to PayPal may be forwarded
by PayPal to credit agencies. This transmission is used to check your
identity and creditworthiness in relation to the order you have placed.
For details on the credit agencies involved and what data is collected,
processed, stored and forwarded by PayPal, please refer to PayPal's
privacy statement at
[https://www.paypal.com/de/webapps/mpp/ua/privacy-full](https://www.paypal.com/de/webapps/mpp/ua/privacy-full).
#### d) Stored payment methods ("My Wallet")
In the member area, under "Account Settings → My Wallet", you can
store a preferred payment method for future orders. The payment data
is stored directly with the respective payment service provider in
accordance with applicable industry standards (e.g. PCI DSS). We
ourselves do not receive access to full card numbers or bank data;
the website only displays a shortened indicator (e.g. the last four
digits of your card). You can remove a stored payment method at any
time under "My Wallet".
Legal basis: Art. 6 Para. 1 lit. a) GDPR (your explicit consent given
by actively storing the payment method) in conjunction with Art. 6
Para. 1 lit. b) GDPR (contract performance for future orders).
#### e) Stored addresses ("My Addresses")
Under "Account Settings → My Addresses" you can store delivery and
billing addresses so that you do not have to re-enter them for future
orders. The addresses are used exclusively for processing orders and
can be deleted or modified by you at any time.
Legal basis: Art. 6 Para. 1 lit. b) GDPR.
### III.E Community (groups, profiles, events)
Our website and the mod provide access to the **VRRW Community
Groups** (our backend's built-in groups feature). In groups, members
can publish posts with text and optionally attached **photos, videos
or GIFs**, comment on and react to posts by
others, and view member profiles.
#### a) Joining a group
When you join a group, your member ID is added to the membership list
of the group. Private groups require approval by the group
administration.
#### b) Posts, comments, reactions
When you publish a post in a group, we process:
- your member identifier (author),
- the identifier of the target group,
- the post text,
- optionally media attached by you (photos, videos, GIFs); such media
is stored in our backend and served via a public content delivery
network,
- timestamp,
- reactions (likes), comments by other members and a view counter.
These posts are visible to **all other members** of the respective
group. In public groups they are additionally visible to every visitor
of the website and to every mod user.
Legal basis: Art. 6 Para. 1 lit. a) GDPR (consent given by actively
publishing) and Art. 6 Para. 1 lit. f) GDPR (legitimate interest in
operating a community platform).
Retention period: until deletion by you, by the group administration,
or until the account is deleted.
**Deleting your own posts:** on the website under "My Groups" or
directly in the respective post; in the mod currently on request to the
e-mail address in Section I.
#### c) Member profiles
Your public member profile (display name, avatar, join date, optional
description) is visible to other logged-in members unless you have
restricted this in your profile privacy settings.
#### d) Events
> **Note (clarification as of v4)**: the Events feature is provided through the Wix-native Events component. There is **no separate mod or Velo-backend implementation** for event RSVPs; data processing for registrations happens entirely on the Wix platform per III.L. The mod itself displays events read-only via the public server directory.
Under "Events" we offer public or internal events. When you register
for an event we process your name, e-mail address and optional
additional information as per the respective event form. Legal basis
is Art. 6 Para. 1 lit. b) GDPR (performance of event participation)
or Art. 6 Para. 1 lit. a) GDPR (consent).
### III.F Loyalty, challenges and points
In our backend we operate a loyalty and points system ("VRRW Points")
as well as programs and challenges (e.g. currently "VRRW Overhaul:
Nations & Villagers").
#### a) Points balance
As a logged-in member you can earn points through various activities,
including completing advertising offers via OGAds (see III.J),
participating in and completing programs and challenges, registering
for events, and signing up on the website. The exact, currently valid
points table is published on our Loyalty page at
[https://www.vrrw.online/loyalty](https://www.vrrw.online/loyalty).
Your points balance is stored in our backend and linked to your
member identifier. On the website you can see your balance
under "My rewards"; in the mod it is displayed in the reward shop and
on the profile. Points can be redeemed for rewards (e.g. discounts on
memberships, texture packs, exclusive content) — the currently
available redemption options and point prices are also listed on the
Loyalty page.
#### b) Challenges / programs
When you participate in a program or challenge (e.g. "VRRW Overhaul:
Nations & Villagers"), we process your participation data according to
the respective program (progress, completed tasks, completion time,
linked to your member ID). Some challenges reward with points, badges
or exclusive content.
#### c) My Orders, My Programs, My Rewards
Under "My Orders", "My Programs" and "My rewards" on the website you
can view your order history, ongoing challenge participation and your
points balance.
Legal basis: Art. 6 Para. 1 lit. b) GDPR (performance of the membership
relationship) and Art. 6 Para. 1 lit. a) GDPR (your consent given by
active participation in the program).
Retention period: until you end participation, until the account is
deleted, or until points are redeemed/expire.
### III.G User-generated content (server directory, Playercreations etc.)
Several features let logged-in members publish content that is
subsequently visible on the website and/or in the mod. The text
entries as well as any uploaded files are stored in our Wix-hosted
backend (see III.L for the data-processing relationship); uploaded
images and other media are delivered via a public content delivery
network so that they can be displayed on the website and in the mod.
> **Note:** The **contractual** requirements for user-generated content
> (license grant, content standards, user representations, removal for
> violations), in particular for server directory entries, are set out
> in our Terms of Use in ** 10** (User content and license) and
> ** 11** (User-published server entries). The present section
> describes exclusively the **privacy-relevant processing** of the
> personal data involved.
#### a) Server directory, server info, server events
Via the website sections "Serverlisting", "Server entry Informations"
and "Server Event management", as well as via the mod under
"Multiplayer → Manage my Servers", you can create and manage your own
Minecraft server entries. These entries are then visible both on the
website and in the mod's multiplayer menu to **all other users
worldwide**.
A server entry in particular contains the following fields, all of
which are entered by you yourself:
- **server name** and **server address** (IP or hostname — these are
published deliberately so that other players can reach your
server),
- an **info description** (rules, welcome text),
- an **entry popup** with title and description that can be shown to
players as they join,
- up to **five join buttons**, each of which you can label with your
own text and optionally configure so that the player is
disconnected before the connection is actually made,
- **events** (event name, date and description),
- an internal **link to your member identifier** so that only you as
the creator can edit or delete the entry.
Up to **four images** can be uploaded per server entry via the Wix
Media Manager:
1. **Server icon**,
2. **Info hero image**,
3. **Entry popup image**,
4. **Event banner**.
**These images are publicly visible.** Please do not upload images you
do not own the rights to or that show personal content of third parties
without their consent. Image material that violates applicable law
(e.g. copyright, personality rights, prohibitions under 86 et seq.
StGB — the German Criminal Code) will be removed upon notice.
Legal basis: Art. 6 Para. 1 lit. a) GDPR (consent given by actively
creating or editing an entry) in conjunction with Art. 6 Para. 1 lit. f)
GDPR (legitimate interest in operating the server directory).
Retention period: until deleted by you or until the account is deleted.
You can delete your entries yourself at any time:
- **Website:** "Serverlisting" / "Server entry Informations" / "Server
Event management" → select entry → delete.
- **Mod:** "Multiplayer → Manage my Servers" → select entry → "Delete".
Deletion irrevocably removes both the text fields and the linked images
from our backend.
#### b) VRRW Files, Playercreations, Portfolio, Features, Roadmap
In the sections "VRRW Files", "Playercreations", "Portfolio", "Features"
and "Roadmap" we present content from our backend. Where users
can submit their own content (e.g. their own creations in the
Playercreations section), the same principles as in III.G.a apply:
publicly visible content, consent given by actively submitting, deletion
by the creator or on request.
#### c) Workarea of VRRW Team, VR profiles, News
Under "Workarea of VRRW Team" and "News" we publish our own content. No
independent user data processing takes place there, apart from the
possibility to comment on posts — in which case the rules from III.E.b
apply.
### III.H Newsletter, follow-up comments, competitions and general user posts
#### a) Newsletter
> **Note (clarification as of v4)**: the Newsletter feature is provided through the Wix-native newsletter tool (Wix Get Subscribers). There is **no separate mod or Velo-backend implementation** for newsletter sending; data processing happens entirely on the Wix platform per III.L. If you are not currently subscribed to a newsletter, this section is not relevant to your data.
If you register for our free newsletter, the data requested from you
(i.e. your e-mail address and, optionally, your name) will be sent to
us. We also store the IP address of your internet connection and the
date and time of your registration.
During the registration process we will obtain your consent to receive
this newsletter, explain its contents, and refer to this privacy policy.
The data collected will be used exclusively to send the newsletter and
will not be forwarded to third parties.
Legal basis: Art. 6 Para. 1 lit. a) GDPR.
You may revoke your prior consent to receive this newsletter under
Art. 7 Para. 3 GDPR with future effect at any time. All you have to do
is inform us that you are revoking your consent or click on the
unsubscribe link contained in each newsletter.
#### b) Follow-up comments
If you make posts, comments or reviews on our website, we also offer you
the opportunity to subscribe to any subsequent follow-up comments made
by third parties. In order to be able to inform you about these
follow-up comments, we need to process your e-mail address.
Legal basis: Art. 6 Para. 1 lit. a) GDPR. You may revoke your prior
consent to this subscription under Art. 7 Para. 3 GDPR with future
effect at any time. All you have to do is inform us that you are
revoking your consent or click on the unsubscribe link contained in each
notification e-mail.
#### c) Competitions and giveaways
We offer you the opportunity to take part in competitions on our website
(e.g. on event pages or as part of special promotions). If you take part
in one of our competitions, the data you enter at the time of
participation will be processed without your further consent, but only
for the purpose of carrying out and processing the respective
competition.
As part of the processing of the competition, we will pass on your data
to the transport company commissioned to deliver the goods or to a
financial service provider if the transfer is necessary for the delivery
or payment of your prize. If your data is published in the event of a
win, you will be informed about this as part of the declaration of
consent.
Legal basis for the processing and any necessary disclosure: Art. 6
Para. 1 lit. b) GDPR. If processing is based on consent, you can revoke
your consent at any time with future effect under Art. 7 Para. 3 GDPR.
#### d) User posts, comments and ratings (general)
We offer you the opportunity to post questions, answers, opinions, and
ratings on our website, hereinafter referred to jointly as "posts". If
you make use of this opportunity, we will process and publish your post,
the date and time you submitted it, and any pseudonym you may have used.
Legal basis: Art. 6 Para. 1 lit. a) GDPR. You may revoke your prior
consent under Art. 7 Para. 3 GDPR with future effect at any time.
In addition, we will also process your IP and e-mail address. The IP
address is processed because we might have a legitimate interest in
taking or supporting further action if your post infringes the rights
of third parties and/or is otherwise unlawful. In this case the legal
basis is Art. 6 Para. 1 lit. f) GDPR. Our legitimate interest lies in
any legal defence we may have to mount.
This general provision applies **in addition to** and **complementing**
the processing of posts in the VRRW Community Groups (III.E.b) and the
processing of user-published server entries (III.G.a).
### III.I Intelligent Villagers / VR Realistic Worlds Minecraft mod
We provide a Minecraft mod that adds a community platform, a server
directory, a rewards system and advertising offers to Minecraft. The mod
runs on your own computer and only communicates with our servers, with
Wix and — when you actively open content — with the servers of the
advertising and content partners embedded there, in the situations
described below.
> **Note:** The **usage-related** rules for the mod (requirements,
> reverse engineering, misuse, fraud protection, free-of-charge use)
> are set out in our Terms of Use in ** 9** (Use of the Minecraft mod)
> and ** 12** (VRRW Points, rewards and the OGAds offer wall). The
> present section describes exclusively the **processing of personal
> data** by the mod.
**The mod uses the same account and rewards system as the website.**
When you log in or register inside the mod, you use the same Wix member
account as on [https://www.vrrw.online](https://www.vrrw.online). Points that you earn in the mod
via OGAds offers also appear on the website under "My rewards" — and
vice versa.
#### III.I.0 Core rule: no data traffic during active gameplay
**Whenever you are actively playing in a world (that is: world loaded,
no menu open, no pause menu visible), the mod performs no data transfers
to our servers or to any third party for privacy reasons.** This
restriction is technically enforced inside the mod by a central
"Gameplay Network Gate".
Data transfers by the mod only take place in the following moments:
- on Minecraft startup (title screen, before a world is loaded),
- when opening a menu (multiplayer menu, Server Manager, profile,
reward shop, embedded browser) while no world is loaded,
- when leaving a world (after "Disconnect" or "Save and quit to title",
the mod invalidates all caches and fetches fresh data the next time
you open a menu),
- in response to explicit user actions inside a mod screen (e.g.
logging in, creating a post, saving a server entry),
- inside the embedded browser during active user interaction.
Opening the inventory or a chest while playing does **not** trigger any
communication either — only the explicit pause menu enables menu-style
actions.
#### III.I.1 Automatic login
See III.C.e. The "Stay logged in" option stores your credentials
encrypted locally on your computer and transmits them neither to us nor
to any third party. Your plain-text password never leaves your computer.
#### III.I.2 Access to groups, posts and profiles
In the mod you can browse VRRW groups, read posts and create your own
posts (with text and optionally images). Such posts — as described in
III.E.b — are stored in the Wix backend and appear both on the website
and to other mod users.
#### III.I.3 Server directory directly from inside the game
The mod provides a complete Server Manager under "Manage my Servers"
that lets you create, edit and delete the entries described in III.G.a
(including up to four images per server) directly from Minecraft. The
same data then also appears on the website and is linked to your
account.
#### III.I.4 Points and texture pack downloads
Your VRRW Points balance is shown in the mod's reward shop and
profile screens and is retrieved from our backend. When you redeem
points for a texture pack — or if you are the holder of a
corresponding membership tier (III.D.b) — the mod receives a
time-limited download reference for the package stored in our
backend. The file is then downloaded directly from our content
delivery network to your computer and installed into your Minecraft
resource packs folder.
#### III.I.5 Premium tier detection (Gold / Silver / Copper)
At login and when opening the reward shop, the mod asks our backend
whether you hold an active subscription (see III.D.b). The retrieved
data (active tier, status, expiry) is not persistently stored inside
the mod and serves only to unlock the corresponding content for the
current session.
#### III.I.6 Embedded Chromium browser (MCEF)
The mod includes an embedded browser component based on "Minecraft
Chromium Embedded Framework" (MCEF), which in turn is based on
Chromium. This browser is used to display certain web content directly
in-game, in particular:
- the external login flow (OAuth) of our backend provider,
- the VRRW community hub at [https://www.vrrw.online](https://www.vrrw.online),
- this privacy policy (when you click "Privacy Policy" inside the mod),
- the Kinetic Hosting affiliate link (see III.K),
- OGAds partner offer pages (see III.J).
When a page is loaded in the embedded browser, the same data is
transferred that an external browser would send — in particular IP
address, user agent, referrer URL, and the cookies for the respective
site. These cookies are stored locally in a subfolder of your Minecraft
instance folder that is dedicated to the embedded browser and persist
across sessions until you delete them (see Section II, "Concrete
deletion paths").
Legal basis: Art. 6 Para. 1 lit. a) GDPR (your active interaction by
opening the respective page inside the mod) in conjunction with
Art. 6 Para. 1 lit. f) GDPR (legitimate interest in displaying content
directly in-game without having to switch between applications).
**Important:** We have no influence over the content, scripts or data
processing of the third-party sites loaded in the embedded browser. The
respective providers are independently responsible for their own
handling of personal data. We recommend reading the privacy policies of
the respective providers before filling in forms or entering sensitive
data. The mod automatically suppresses certain security-relevant
interactions (e.g. URLs identified as sensitive are redirected to your
external system browser instead).
#### III.I.7 Voice calls (WebRTC, friend-to-friend) (new in v4)
The mod includes a voice-call system for 1-to-1 voice calls between
befriended members. We use WebRTC — the **audio data flows directly
between the two players (peer-to-peer)** and is neither recorded by
us nor routed through our servers.
We process exclusively:
- **Signalling data** (SDP offer/answer, ICE candidates):
temporarily held in an in-memory buffer for at most 30 minutes,
used solely to establish the connection. After connection
establishment this data is purged. Not persistent.
- **Anti-spam counters** per member to prevent mass-call spam
(short-lived internal counters, no personal information beyond
the memberId).
- **Visibility setting** (`callVisibility`: nobody / friends /
anyone) as a profile privacy preference.
- **HMAC-signed participant tokens** with a 5-minute TTL — held
in memory only, never persisted.
**Audio content is at no point stored or analysed by us.** We have
no technical access to the audio signal itself.
**Third-party STUN servers (NAT traversal):** when establishing a
connection your mod client performs a STUN round-trip (Session
Traversal Utilities for NAT, RFC 5389) against the following
public STUN servers in order to determine its own public IP
address + port:
- **Google LLC** — `stun.l.google.com:19302` (and
`stun1-stun4.l.google.com`)
- **Cloudflare, Inc.** — `stun.cloudflare.com:3478`
STUN packets contain **no audio data, no identification tokens,
no memberId** — only your public IP address, the UDP port used and
a random transaction ID. According to their own statements, the
providers do not log STUN requests, or only briefly for security
purposes.
Both providers are based in the USA. Transmission is based on the
**EU-US Data Privacy Framework** (adequacy decision Art. 45 GDPR;
both Google and Cloudflare are DPF-certified) and additionally on
Standard Contractual Clauses. You can disable the voice-call
feature in the profile settings at any time — no STUN lookup will
then take place.
Legal basis: Art. 6 Para. 1 lit. f) GDPR (legitimate interest in a
functional voice system) for signalling; Art. 6 Para. 1 lit. a)
GDPR (your consent) for activating the "accept incoming calls"
option in the profile settings. You may withdraw this consent at
any time.
Retention period for signalling data: max. 30 minutes in memory
per call.
#### III.I.8 Friend system (new in v4)
You can add other members as friends. We store three lists
containing the memberIds of the respective members:
- **`friends`** — confirmed friends (you and the other person
have both accepted)
- **`pendingFriendRequestsIn`** — incoming, not-yet-confirmed
requests
- **`pendingFriendRequestsOut`** — outgoing, not-yet-confirmed
requests sent by you
- **`blockedMembers`** — members you have blocked
Anti-spam: you may send at most a context-dependent number of
requests per day (internal rate-limit counters).
On account deletion your memberId is surgically removed from the
aforementioned lists of **all other members**; the remaining
friend relationships of those other members are not affected
(see Section II deletion paths + II.b).
Legal basis: Art. 6 Para. 1 lit. b) GDPR (performance of the
community service contract).
Retention: as long as the account exists. On account deletion,
immediate removal.
#### III.I.9 Direct messages (DM) (new in v4)
Logged-in members may send each other 1-to-1 messages ("DM"). We
store the text and optionally a Wix image link per message in a
slot-based format on our backend servers. **The backend can read
the cleartext** — this is technically required for anti-spam,
moderation interventions, and the anti-pseudonym filter (see
III.E.b). **However, no editorial analysis of your private
messages takes place** — the messages are only accessible to you
and your respective conversation partner.
Anti-spam limits:
- minimum interval between DMs (seconds)
- maximum DMs per hour
- the recipient may disable "receive DMs" (privacy preference
`allowPrivateMessages`) — you are then blocked.
On your account deletion, all DMs you have sent or received are
removed from the corresponding slot buffers; no memberId trace
remains.
Legal basis: Art. 6 Para. 1 lit. b) GDPR (performance of the
messaging service contract); Art. 6 Para. 1 lit. f) GDPR
(legitimate interest in anti-spam / anti-abuse measures).
Retention: as long as the account exists or until the respective
DM is self-deleted. On account deletion, immediate.
#### III.I.10 PIN protection / session lock (new in v4)
In the mod you can set up a **local PIN (4–12 digits)** that locks
the saved "Stay logged in" token when you "lock yourself out"
(profile → "Lock"). **This PIN is at no point transmitted to our
servers** — PIN verification is performed exclusively offline on
your computer:
- PIN + device fingerprint → PBKDF2-HMAC-SHA512 with 600 000
iterations → 32-byte hash
- The hash + a 32-byte salt are stored locally in the mod
configuration
- After 5 wrong PIN entries: **automatic self-protection** —
all saved "Stay logged in" data is wiped and you must log in
fresh.
For this purpose we process **no** PIN-related data on our
servers whatsoever.
Legal basis: Art. 6 Para. 1 lit. f) GDPR (legitimate interest in
an additional local security feature); the entire processing takes
place exclusively on your end device.
#### III.I.11 Bug reports, feature wishes, boost applications, creator program (new in v4)
As a logged-in member, in the mod you can:
- **submit bug reports** (with category, title, description,
optional screenshots / logs as Wix image uploads). Optionally
also **anonymously** via an `anonymousKeyHash` mechanism: only
you yourself — using the ticket-secret you keep on your end —
can find the report again; not even an admin sees a link to
your memberId.
- **suggest feature requests** and vote on others (up-vote).
Your vote is stored on your AllianceMemberMeta row; the
aggregate (`voteCountUp`) is anonymous statistics.
- **submit boost-rank applications** for server listings + take
part in voting rounds.
- **submit creator/YouTuber applications** (channel URL, name,
subscriber count + verification screenshot). On approval, we
create a YouTuber profile with badge display.
On account deletion:
- **bug reports + unban requests + boost applications** are
pseudonymized (see II.b) to preserve Art. 17(3)(e).
- **feature wishes, YouTuber tutorials, group-links, referral
codes** are completely deleted.
- **boost votes** are pseudonymized (voting integrity).
Legal basis: Art. 6 Para. 1 lit. b) GDPR (performance of the
application functions); Art. 6 Para. 1 lit. a) GDPR for the
anonymous bug-report variant (your active anonymisation choice);
Art. 6 Para. 1 lit. f) GDPR for anti-fraud / anti-spam measures.
Retention: user-authored content (feature wishes, tutorials)
remains as long as the account exists and the content has not
been self-deleted. Bug reports + boost applications are kept
pseudonymized after deletion per Art. 17(3)(e) (see II.b).
#### III.I.12 Blocking other members (new in v4)
Inside the mod and on the website you can specifically block other
members (endpoints `post_blockMember` / `post_unblockMember` /
`get_listBlockedMembers`). A block has the following **effects** on
the relationship between you and the blocked person:
- **Direct messages (DM)**: the system rejects send attempts from
the blocked person to you. Already-delivered DMs are hidden on
your side.
- **Voice calls**: an incoming or outgoing WebRTC call between you
and the blocked person is server-side impossible (signalling
endpoints refuse).
- **Group posts**: posts by the blocked person appear hidden in
your feed view (filter in the `get_groupFeed` endpoint).
- **Friend requests**: outgoing as well as incoming requests are
rejected between you and the blocked person.
- **Visibility to the blocked person**: blocking does NOT make you
invisible to the blocked person — the bilateral effect is limited
to the interaction classes above. A block is **not a notification**
to the blocked person; the other party is not explicitly told you
blocked them (only by the absence of replies to DM/call attempts).
**Processed data**: the list of blocked `memberId` entries is
stored in the `blockedMembers` field of your own profile row (in
`AllianceMemberMeta` resp. its slot-bucketed equivalent). No data
structures are created on the blocked person's side.
**Retention**: as long as you keep the block active, or until full
account deletion (FULL_DELETE removes the entire profile slot
including the `blockedMembers` list).
**Legal basis**: Art. 6 Para. 1 lit. b) GDPR (performance of the
community-features contract) plus Art. 6 Para. 1 lit. f) GDPR
(legitimate interest in providing effective self-protection
mechanisms for members).
#### III.I.13 Group creator permissions (new in v4)
**Group owners** can grant authorised **VRRW creators** (see III.S)
permission to post group links and tutorials in their group, on
application. Function and data flow:
1. The creator submits the request via
`post_requestGroupCreatorPermission` (fields: `groupId`,
automatically added: `memberId` of the requester, timestamp).
2. The group owner sees pending requests via
`get_groupCreatorPermissionRequests` and decides via
`post_approveGroupCreatorPermission` or
`post_revokeGroupCreatorPermission` (or lets the request expire).
3. The creator can review their granted permissions at any time via
`get_myCreatorPermissions`.
**Processed data** in the `GroupCreatorPermissions` collection:
- `groupId`, `memberId` of the creator
- `status` (PENDING / APPROVED / REVOKED)
- `decidedBy` (memberId of the deciding group owner), `decidedAt`
(timestamp)
- `requestedAt` (timestamp of the request)
- optional `revokedReason`
**Retention**: as long as the permission is active; for `REVOKED`
12 months as an audit trail (to protect against repeated request
spam), then automatic deletion. On creator account deletion all
related `GroupCreatorPermissions` rows are removed; on group-owner
account deletion requests are pseudonymised.
**Legal basis**: Art. 6 Para. 1 lit. b) GDPR (performance of the
creator program — see Creator Terms 1, 2.1) plus Art. 6 Para. 1
lit. f) GDPR (legitimate interest of the group owner in controlling
content posting in their group).
#### III.I.14 Creator content: tutorials and group links (new in v4)
Verified creators (`YoutuberProfiles.tutorialsEnabled = true` resp.
`groupLinksEnabled = true`) can publish public content stored in
separate CMS collections:
**`YoutuberTutorials`** — fields in detail:
- `ownerMemberId` (creator)
- `title`, `description`, `category` (e.g. tutorial_basics,
tutorial_redstone, lets_play, showcase, …)
- `videoUrl` (YouTube link), `coverImageUrl` (Wix Media CDN)
- `status` (`pending` / `approved` / `removed`)
- `approvedBy` (admin memberId), `approvedAt`
- `viewCount`, `clickCount` (public aggregate statistic)
- Creation / update timestamps
**`YoutuberGroupLinks`** — fields in detail:
- `ownerMemberId`, `groupId`
- `displayName`, `linkUrl`, `thumbnailUrl`
- `clickCount` (public aggregate statistic)
- Active flag, creation / update timestamps
**Click tracking** (`post_trackCreatorClick`): we count aggregate
clicks per tutorial and per group link. We do not store any
personal data per click — only the incremented counter.
**Visibility**: tutorials and group links are **public**, worldwide,
search-engine-indexable (see III.T).
**Retention**:
- Active tutorials / group links: as long as creator status is
active and the content has not been set to `removed`.
- After creator revoke (auto- or manual): content kept 30 days as
`removed` (audit trail), then `ownerMemberId` is pseudonymised
(see II.b and Creator Privacy V).
- On account deletion: full pseudonymisation of the author field;
the content itself can be deleted on request.
**Legal basis**: Art. 6 Para. 1 lit. b) GDPR (creator program
contract) plus Art. 6 Para. 1 lit. a) GDPR (your active click-
consent at publication time).
#### III.I.15 Boost-rank system for server listings (new in v4)
Server owners can apply for "boost" visibility slots in the server
directory. Processed in the collections `BoostRankApplications` and
`BoostRankVotes`:
- **Application data**: application description, server reference,
status fields (NEW / VOTING / APPROVED / REVOKED), voting-phase
timestamps (`votingOpensAt`, `votingClosesAt`, `boostExpiresAt`),
admin decisions including reasoning.
- **Voting data** (public member vote): voter memberId, application
ID, vote direction. Aggregate counters (`voteCountUp`,
`voteCountDown`) live in the application row.
**Visibility of applications**: public to all logged-in members
during the voting phase; archived after closing (admin-readable
only). Approval status appears in the server directory as a boost
mark.
**Retention**: application records kept 24 months after closing
(for defence of legal claims + voting-integrity audit). Voter
records are decoupled from memberId (pseudonymised) after 12
months, leaving only aggregate statistics.
**Legal basis**: Art. 6 Para. 1 lit. b) GDPR (performance of the
visibility feature); Art. 6 Para. 1 lit. a) GDPR for voting
participation; Art. 17 Para. 3 lit. e) GDPR for voting audit
retention.
#### III.I.16 AI voice models (TTS / Piper / Ollama) (new in v4)
The mod can load and run models for **Text-to-Speech (Piper)** and
**local language / text models (Ollama)**.
**Local processing**: as with AI image generation (III.R), the
entire inference runs **exclusively on your computer**. Models are
downloaded once on first install — automatically or manually — from
public repositories (Piper voice models, Ollama models) into the
mod cache directory. We transmit neither input texts nor generated
audio data to our servers.
**Model download** (one-off): when selecting a model, the mod
connects directly to the respective model repository (e.g.
`huggingface.co`, `github.com/rhasspy/piper`, `ollama.com`). Those
third parties receive your IP address + user-agent (standard CDN
behaviour). VRRW is not involved in this transmission.
**Input data**: texts that you pass to Piper (TTS) or Ollama (LLM)
remain briefly in mod process memory and are discarded after
inference. There is no cloud component and no persistence beyond
the session.
**Legal basis**: for local processing no data-protection legal
basis is required (no third-party transmission during inference).
For the initial model download: Art. 6 Para. 1 lit. b) GDPR + the
privacy policies of the respective model hosters (Hugging Face,
GitHub, Ollama).
### III.J Task lockers / embedded advertising offers (OGAds)
In the "Rewards" view inside the mod we offer access to rewards
(in particular VRRW Points) via task-based unlock mechanisms ("task
locker" / "offer wall"). These are provided by the third-party
service **OGAds** and its advertising partners.
**Important — two-step consent before each load:** The offer wall
and the partner pages embedded within it are **never loaded by our
mod client until you have given two independent consents**:
1. A **rewards opt-in** ("I wish to participate in the voluntary
rewards programme") that you set in the profile section and
can withdraw at any time.
2. A separate, specific **tracking consent** for the third-party
cookies, web beacons and tracking pixels that OGAds and its
advertising partners set when the offer wall is opened. This
consent is collected immediately before the first offer wall
load via a dedicated consent dialog, is recorded server-side
in our VRRW backend together with a timestamp, user-agent and
policy version (Art. 7 para. 1 GDPR, proof of consent), and
can be withdrawn at any time from the profile section.
Without both consents there is **no** network access to the
OGAds servers or partner pages. Even the loading of the offer
wall URL is gated in the mod client by a prior query to our own
backend; only if that backend confirms that your member
identifier has a valid and non-withdrawn tracking consent on
file does the embedded browser open at all. Withdrawing the
tracking consent immediately blocks access to the offer wall
and deletes the corresponding consent record from the backend.
Details of our consent audit log are set out in III.C.g.
> **Note:** The **usage-related** rules for the offer wall
> (voluntary participation, credit mechanism, fraud protection,
> minimum age of 18, VRRW Points have no cash value) are set out in
> our Terms of Use in ** 12** (VRRW Points, rewards and the OGAds
> offer wall).
**Provider:**
OGAds
222 W. Merchandise Mart Plaza, Suite 1212
Chicago, IL 60654
United States
E-mail: info@ogads.com
OGAds privacy policy:
[https://ogads.com/privacy-policy](https://ogads.com/privacy-policy)
OGAds terms of service:
[https://learn.ogads.com/terms-of-service](https://learn.ogads.com/terms-of-service)
**Role:** OGAds operates the offer wall and forwards users to its
advertising partners **under its own responsibility**. We and OGAds
are **not joint controllers within the meaning of Art. 26 GDPR**. We
have no influence over the concrete processing carried out by OGAds
or by individual advertising partners.
**Data processed (per the OGAds privacy policy):** IP address,
browser and device characteristics, operating system, approximate
geographic location (IP-based, not GPS), access timestamps, offer
pages visited, as well as cookies, web beacons and tracking pixels
set by the advertising partners within the respective embedded
third-party content. The data is used inter alia for geo-targeting,
measuring task completion, and fraud prevention.
**Data transferred to us ("postback"):** When you successfully
complete a task, OGAds sends us a conversion confirmation. On that
basis we credit the agreed number of VRRW Points to your member
identifier. The conversion confirmation only contains the fields
required to link the reward to your member account and for fraud
protection.
**Recipients:** OGAds and the advertising partners brokered by
OGAds for the individual offers. According to the OGAds privacy
policy, OGAds may additionally pass data to its own service
providers (in particular data-analytics and sales/marketing
services). The URL — and thus the identity — of the currently
loaded partner is shown to you in the embedded browser at all
times; we recommend consulting the respective partner's privacy
policy before entering any personal data there.
**Third country transfer:** Processing by OGAds takes place
primarily in the **United States**. Further processing by
advertising partners may additionally take place in other third
countries. Where personal data is transferred to a third country,
this is safeguarded in accordance with Art. 44 et seq. GDPR by
appropriate safeguards (in particular EU Standard Contractual
Clauses). No adequacy decision exists for OGAds itself.
**Retention period:** We store the conversion confirmation received
from OGAds only for as long as necessary for the points credit and
fraud protection. For OGAds' own retention: OGAds states
category-specific retention periods in its privacy policy (e.g.
6 months for certain log and usage data); the current version of
OGAds' privacy policy is authoritative.
**Legal basis:** 25 para. 1 TDDDG in conjunction with Art. 6
Para. 1 lit. a) GDPR — **your prior, active consent exclusively**,
granted via the two-step consent flow (rewards opt-in + tracking
consent). Legitimate interest is not available as a fallback
basis here because the processing involves cookies, web beacons
and tracking pixels of third-party providers that process data
for their own purposes (see the DSK guidance on telemedia, 2021
edition). You can withdraw either of the two consents at any
time and as easily as you gave them, pursuant to Art. 7 Para. 3
GDPR, either via the "Withdraw" button in the Rewards card of
the mod profile section or by dismissing the respective consent
dialog. Cookies that have already been set can additionally be
deleted via the browser settings or the cookie manager of the
embedded browser.
**Rights against OGAds:** Independently of your rights against us
(see Section II), you may assert the rights you are entitled to
under Art. 15-21 GDPR with respect to processing by OGAds directly
with OGAds at info@ogads.com. For California and certain other US
state residents, OGAds additionally acknowledges the CCPA / CDPA
rights (access, deletion, opt-out of sale/sharing).
**No access for persons under 18:** The offer wall content is
intended exclusively for persons who are at least 18 years old
(per the OGAds terms of service). Details are set out in our
Terms of Use ** 12**.
**Note:** The Gameplay Network Gate described in III.I.0 also
applies to the OGAds integration. No OGAds communication takes
place during active gameplay — neither offer retrieval nor
conversion checks.
### III.K Kinetic Hosting affiliate link
The mod's multiplayer menu contains a "Create server" button that,
when clicked, opens the website of the Minecraft hosting provider
**Kinetic Hosting** in the embedded browser with our affiliate
identifier `aff=1095`
(`https://billing.kinetichosting.com/aff.php?aff=1095`). The same
applies to corresponding promotional banners on the website.
> **Note:** The commercial framing of the affiliate link and our role
> as a mere advertising partner (no contractual relationship with
> Kinetic Hosting) are set out in our Terms of Use in ** 13**
> (Kinetic Hosting affiliate link).
This is a pure referral link — **we ourselves do not store any data on
the mere forwarding.** Kinetic Hosting may, however, collect your IP
address, user agent, referrer data and cookies when you visit their
page. For details please consult the Kinetic Hosting privacy policy at
[https://www.kinetichosting.net/privacy-policy](https://www.kinetichosting.net/privacy-policy).
If you sign up as a customer with Kinetic Hosting via this link, we
receive a commission notification from Kinetic Hosting that does not
contain any personal data about you (only our affiliate ID and a
contract conclusion indicator).
Legal basis for merely displaying the link and the promotional banner:
Art. 6 Para. 1 lit. f) GDPR (legitimate interest in identifying an
affiliate partner). For any subsequent visit to the Kinetic Hosting
website, Kinetic Hosting is the sole controller.
### III.L Hosting and data processing by Wix.com Ltd.
Our website backend, database, image/file delivery, login and
profile management, community features, loyalty program and
subscription management are operated via the **Wix** service of
**Wix.com Ltd., Namal 40, 6350671 Tel Aviv, Israel** ("Wix"). Wix is
our data processor pursuant to Art. 28 GDPR; a corresponding data
processing agreement is in place.
Legal basis: Art. 6 Para. 1 lit. b) GDPR (contract initiation and
performance) and Art. 6 Para. 1 lit. f) GDPR (legitimate interest in
operating a stable online service).
**Third country transfer:** Due to the international branches of Wix,
it cannot be ruled out that processing will also take place outside the
EU (including Israel and the USA). For Israel an EU Commission
adequacy decision pursuant to Art. 45 GDPR exists. For other third
countries, Wix ensures that processing only takes place where permitted
under the GDPR — in particular via EU adequacy decisions, the EU-US
Data Privacy Framework, or EU Standard Contractual Clauses.
Wix processes the following user data on our behalf in particular:
- name, e-mail address, delivery and billing address, payment data,
company name, telephone number if applicable,
- IP address, information about orders, posts, groups, events, device
and browser used,
- content you have published via our community features, the
server directory or any other input forms (including the
user-submitted server entries and associated images described in
III.G),
- VRRW points balances, challenge progress, subscription status,
- mod-specific session data (internal member identifier, OGAds
session identifiers, postback confirmations, and the auto-login
artefacts stored locally and encrypted on your own computer).
Further information on data protection at Wix is available at
[https://www.wix.com/about/privacy](https://www.wix.com/about/privacy).
### III.M Web analytics (Google Analytics and others)
#### a) Hosting-provider web analytics
Our backend provider (see III.L) sets cookies on the website for its
own web-analytics feature. Information such as time, location and
frequency of website visits is transmitted via these cookies to the
provider's server and analysed there. **The legal basis is your
consent exclusively**, pursuant to 25 para. 1 TDDDG and Art. 6
Para. 1 lit. a) GDPR, granted via our cookie manager. No analytics
cookies are set without your consent. You can withdraw your
consent at any time with effect for the future, pursuant to Art. 7
Para. 3 GDPR, by adjusting the cookie settings on our website or
by deleting the cookies in your browser.
#### b) Google Analytics
We use **Google Analytics** on our website, a web analytics service
provided by Google Ireland Limited, Gordon House, Barrow Street,
Dublin 4, Ireland (subsidiary of Google LLC, 1600 Amphitheatre Parkway,
Mountain View, CA 94043 USA — hereinafter "Google"). Google Analytics
helps us analyse website usage and measure the effectiveness of our
marketing campaigns.
Legal basis: Art. 6 Para. 1 lit. a) GDPR (your consent via our cookie
manager). You can revoke this consent at any time with effect for the
future via the "Cookie Settings" on our website under Art. 7 Para. 3
GDPR.
Information such as time, location and frequency of website visits, as
well as interactions with the website (e.g. click paths,
seen/clicked ads, link clicks) including the user's IP address is
transferred to a Google server in the USA and stored there for up
to 14 months (corresponding to the default retention period we
have selected in Google Analytics 4). Google LLC is certified
under the **EU-US Data Privacy Framework**, for which the EU Commission has issued an
adequacy decision pursuant to Art. 45 GDPR
([https://www.dataprivacyframework.gov/list](https://www.dataprivacyframework.gov/list)).
Google also records "demographic characteristics" and can create
statistics that allow statements to be made about the age, gender and
interests of site visitors. This is done through the automated analysis
of advertising and information from third parties. If the user has
activated personalised ads in their Google account and agrees to Google
Analytics, Google can analyse usage behaviour across devices. If the
user wishes to deactivate this cross-device analysis, they can do so
via [https://support.google.com/ads/answer/2662922?hl=en](https://support.google.com/ads/answer/2662922?hl=en).
We use Google Analytics with the IP anonymisation function. As a
result, Google will shorten the user's IP address within the EU member
states or in other contracting states of the EEA Agreement. Further
information and opt-out options are available at
[https://www.google.com/intl/en/policies/privacy/partners](https://www.google.com/intl/en/policies/privacy/partners) and via the Google Analytics opt-out browser add-on ([https://tools.google.com/dlpage/gaoptout?hl=en](https://tools.google.com/dlpage/gaoptout?hl=en)).
### III.N Linked external community channels (YouTube, Discord) and further profiles
We actively operate a **YouTube channel** and a **Discord server** as
community channels for our project. Both are linked from the footer of
our website and from inside the mod. In addition, we maintain simple
personal profiles on **Facebook, Instagram and X**, which we will also
link once we publish project updates there on a regular basis.
**Important — no joint controllership:** For YouTube, Discord and the
linked Facebook / Instagram / X profiles we are **not a joint
controller within the meaning of Art. 26 GDPR** together with the
respective platform operators (including Meta Platforms Ireland
Limited and Twitter International Unlimited Company). We do not use
Business Page Insights / audience statistics, no ad / pixel
integration and no social plugins on our website. The profiles are
embedded exclusively as simple hyperlinks (or static link graphics).
Only when you actively click a link are you forwarded to the
respective service, and only from that point onwards does the
platform operator process your data under its own responsibility.
Legal basis for merely displaying the links: Art. 6 Para. 1 lit. f)
GDPR (legitimate interest in giving interested visitors access to our
project channels).
#### a) YouTube channel
We publish videos and project updates on our own YouTube channel. We
**aspire** to join the YouTube Partner Programme (YPP) and monetise
the channel via ad revenue in the future, but at the current status
of this policy **participation is not yet active** — no ad revenue
is currently generated. Individual videos from this channel are also
embedded on our website; for the embedding see the separate Section
**III.O**.
YouTube is a service of **Google Ireland Limited, Gordon House,
Barrow Street, Dublin 4, Ireland** (subsidiary of Google LLC, 1600
Amphitheatre Parkway, Mountain View, CA 94043, USA). When you visit
our channel directly on YouTube, Google processes your data under
its own responsibility pursuant to the Google privacy policy
([https://policies.google.com/privacy](https://policies.google.com/privacy)). We ourselves only receive
aggregate, non-personal channel statistics from Google (e.g. total
views, approximate watch time). Processing of your data outside the
EU, in particular in the United States, is possible and cannot be
ruled out. Google LLC is certified under the EU-US Data Privacy
Framework.
#### b) Discord server
We operate a Discord server as a community channel for our project.
Discord is a service of **Discord Netherlands B.V., Schiphol Boulevard
195, 1118 BG Schiphol, Netherlands** (parent company Discord Inc.,
444 De Haro Street #200, San Francisco, CA 94107, USA). When you
visit our Discord server or join it, Discord processes your data
(including messages, user profile, connection data) under its own
responsibility pursuant to the Discord privacy policy
([https://discord.com/privacy](https://discord.com/privacy)). We receive the messages you post,
your Discord username and the roles assigned to you on the server.
Please do not post sensitive personal data on our server. Processing
of your data outside the EU, in particular in the United States, is
possible.
Legal basis for operating the Discord server: Art. 6 Para. 1 lit. f)
GDPR (legitimate interest in operating a community channel) and
Art. 6 Para. 1 lit. a) GDPR (your consent given by actively joining
the server).
#### c) Facebook, Instagram and X (linked personal profiles)
We maintain simple personal profiles on Facebook, Instagram and X,
where we occasionally share project updates. **We do not operate a
business "Page", and we do not use any advertising features, audience
targeting or Page Insights statistics there.** The profiles are
embedded on our website and inside the mod only as simple hyperlinks
(or static link graphics). **No data** is transferred to the platform
operators until you actively click the respective link.
If you do click such a link and visit the platform, the privacy
policy of the respective platform operator applies:
- **Facebook and Instagram** — Meta Platforms Ireland Limited, 4 Grand
Canal Square, Grand Canal Harbour, Dublin 2, Ireland. Privacy
policies: [https://www.facebook.com/privacy/policy](https://www.facebook.com/privacy/policy) and
[https://privacycenter.instagram.com/policy](https://privacycenter.instagram.com/policy). Additional processing
of your data by Meta Platforms, Inc. in the United States cannot be
ruled out.
- **X (formerly Twitter)** — Twitter International Unlimited Company,
One Cumberland Place, Fenian Street, Dublin 2, D02 AX07, Ireland.
Privacy policy: [https://x.com/en/privacy](https://x.com/en/privacy). Additional processing
of your data by X Corp. in the United States cannot be ruled out.
We are expressly **not a joint controller within the meaning of
Art. 26 GDPR** with these platform operators, because we do not
evaluate page insights, do not run advertisements, and do not use
any automated reach or audience-targeting features.
Legal basis for merely displaying the links is Art. 6 Para. 1 lit. f)
GDPR (legitimate interest in giving interested visitors access to our
external profiles).
### III.O Embedded YouTube videos
We use YouTube on our website, a video service of Google Ireland
Limited (see III.N.a), in **advanced privacy mode**. According to
YouTube, the advanced privacy mode means that data is only transmitted
to the YouTube server if you actually start a video. Without this mode,
a connection to the YouTube server in the USA would be established as
soon as you access any of our webpages that contain an embedded
YouTube video.
YouTube records and processes at a minimum your IP address, the date
and time the video was viewed, as well as the website you visited. In
addition, a connection to the DoubleClick advertising network of Google
is established. If you are logged in to YouTube when you visit our
site, YouTube will assign the connection information to your YouTube
account. To prevent this, you must either log out of YouTube before
visiting our site or make the appropriate settings in your YouTube
account.
**Legal basis: your consent exclusively**, pursuant to 25 para. 1
TDDDG and Art. 6 Para. 1 lit. a) GDPR, granted via our cookie
manager. Without your explicit consent the embedded YouTube video
is not loaded and no connection to YouTube/Google servers takes
place. Legitimate interest is **not** available as a fallback
basis when a third-party service processes data for its own
purposes (see the guidance of the German DSK on telemedia, 2021
edition). You can withdraw your consent at any time with effect
for the future, pursuant to Art. 7 Para. 3 GDPR, via the cookie
settings on our website. Further information on Google's
processing: [https://policies.google.com/privacy](https://policies.google.com/privacy).
---
### III.P Image uploads (Wix Media) (new in v4)
In several places on the website and in the mod, you can upload
images. Specifically:
- **Profile picture** on the website / in the mod (see III.C.b),
- **Server directory images** (server icon, info hero image, entry
popup image, event banner — see III.G.a / III.I.3),
- **Posts in the VRRW Community Groups** (see III.E.b),
- **Bug-report attachments** (screenshots, log files — see III.I.11),
- **Feature-request mockups** (see III.I.11),
- **YouTuber program verification screenshot** (see III.I.11),
- **Tutorial cover images** (see III.I.11).
These images are stored in **Wix Media** — a CDN system operated
by Wix.com Ltd. (see III.L). The generated URLs follow the format
`https://static.wixstatic.com/media/...` or `wix:image://v1/...`.
Images are linked to the respective database entries (member
profile, server entry, post, bug report, etc.) and retained for
their lifetime.
**On account deletion:** images linked to your memberId (e.g.
profile picture, server-directory images) are removed together
with the corresponding CMS entry. Images that we must retain for
legal reasons (e.g. as evidence in a content-violation complaint)
are kept in pseudonymized form (see II.b).
**Security measures:**
- **Size limit** per image (typically 5 MB).
- **Magic-byte validation** — only true image formats (PNG, JPG,
GIF, WebP) are accepted at upload. Hidden executable code (e.g.
PHP webshells inside a JPG) is rejected.
- **Antivirus scan** by Wix Media on upload.
- **Content standards** in 10(4) of the Terms of Use apply to
every image (in particular no pornographic, unlawful or
privacy-rights-violating content).
Legal basis: Art. 6 Para. 1 lit. b) GDPR (performance of the
respective feature's contract); Art. 6 Para. 1 lit. f) GDPR
(legitimate interest in a robust image infrastructure).
### III.Q Anti-fraud, suspensions and moderation history (new in v4)
To protect our services and other users, we operate several
anti-fraud and anti-spam mechanisms. They process the following
data:
**(1) Rate limits:** for each action (login, registration, DM
send, friend request, voice call, post, bug report etc.) we run
short-lived counters in our backend (CMS collection
`RateLimitBuckets`). Keys are partly anonymised (SHA-256 of e-mail
or IP), partly memberId-bound for authenticated actions. Entries
are auto-removed after 2 × the window duration (typically a few
minutes).
**(2) Login brute-force protection:** repeated failed login
attempts trigger a 30-minute lockout. The failed-attempt list is
kept only in memory (no persistent storage).
**(3) Moderation history:** if a member violates the content
standards, a warning entry can be created
(`UserWarnings` / `AllianceMemberMeta.warningsJson`). After 3
warnings the account is automatically suspended; the affected
user can challenge the suspension via an unban request
(`UserUnbanRequests`). Moderation history is retained pursuant
to Art. 17(3)(e) GDPR for the defence of legal claims; for
details see II.b.
**(4) Token revocation on logout:** when you log out, your
current "stay logged in" token is marked server-side in the
`TokenRevocations` list (we store only the SHA-256 hash of the
token — never the token itself). Any attempt by a third party to
use an expired or revoked token is rejected. Hashes are auto-
removed once the underlying token expires (30 days).
**(5) Account suspension on suspected fraud:** in case of
reasonable suspicion of VPN / multi-account manipulation,
automated offer participation, postback manipulation, or other
attacks, we reserve the right to suspend or delete the affected
account (contractual breach — see Terms of Use 9(7) and 12(8)).
**Legal basis:** Art. 6 Para. 1 lit. f) GDPR (legitimate interest
in anti-fraud / anti-abuse measures) and Art. 6 Para. 1 lit. c)
GDPR (obligation to ensure the integrity of processing per Art. 5
Para. 1 lit. f and Art. 32 GDPR).
**Retention period:** rate-limit data: minutes. Login brute-force
data: 30 minutes in memory. Token revocations: until the
underlying token expires (max. 30 days). Moderation history:
until account deletion, then pseudonymized (Art. 17(3)(e) GDPR,
see II.b).
### III.R AI image generation in the mod (new in v4)
The mod includes a feature for **local AI image generation**
(e.g. for textures, server banners, group backgrounds).
**Processing location:** the AI models run **exclusively on your
computer**. We transmit neither the prompt text you enter nor
the resulting image to our servers, unless you actively transfer
the result via the upload function to Wix Media (see III.P).
When you upload an AI-generated image, the same storage and
security rules apply as for normal image uploads.
**Input data:** your prompt input is briefly held in mod
process memory, passed to the local AI model and discarded
after generation. There is no cloud-service provider acting as
a processor — the entire inference happens on your end device
(e.g. via Hyper3D, Hunyuan3D or comparable local model
frameworks).
**Storage of generated images:** the AI models store result
images in a subfolder of your Minecraft instance directory
(e.g. `mod-cache/ai-generated/`). You can delete this folder
yourself at any time.
**Usage rules:** the legal requirements for AI-generated
content (labelling obligation, liability, no depictions of
real persons without consent, etc.) are documented in the
Terms of Use 9.19.
**Legal basis:** for local processing: no data-protection legal
basis required (no third-party transmission involved). For an
uploaded AI image: Art. 6 Para. 1 lit. b) GDPR (performance of
the upload feature's contract) plus the licence grant under
10(2) of the Terms of Use.
### III.S Creator charter — consent trail (new in v4)
Verified VRRW creators (see Terms of Use 9.18) bindingly
accept the **VRRW Creator Charter** at application time. We
store — analogous to the general legal-acceptance history (see
II.b and VI) — the following fields in the backend (collection
`YoutuberProfiles` or dedicated `CreatorCharter` collection):
- `creatorCharterVersion` — version of the accepted charter
- `creatorCharterAcceptedAt` — timestamp of acceptance
- `creatorCharterUserAgent` — user-agent at the time of
acceptance
- `creatorCharterHistory` — JSON array of past acceptances
(for re-acceptance on updates)
**Re-acceptance on updates:** when the charter is updated, on
the creator's next login the tutorial / group-link / post
functions are blocked until the new charter version has been
accepted. The mechanism is technically equivalent to the legal
re-acceptance flow (see VI).
**Legal basis:** Art. 7 Para. 1 GDPR (burden of proof for
consent) in conjunction with Art. 6 Para. 1 lit. b) GDPR
(performance of the creator program contract).
**Retention period:** as long as the creator profile exists. On
account deletion the charter fields are removed together with
the YoutuberProfiles entry; the profile is included in
FULL_DELETE_NONSTD (see II.b).
### III.T Public visibility, permanence, search engines (new in v4)
Certain content you publish on our platform is not only visible to
other VRRW members but **publicly available worldwide** — also to
search engines (Google, Bing, Yandex, DuckDuckGo, Brave Search),
web archives (Internet Archive / Wayback Machine), and any
non-logged-in visitor.
#### III.T.1 Which content is public?
The following content is **publicly published by default**:
- **Server directory entries** (all fields: server name, IP /
hostname, texturepack mode, info, event data + all uploaded
images) — directly accessible at
[https://www.vrrw.online/serverlisting](https://www.vrrw.online/serverlisting).
- **Events** (event name, date, description, banner image, RSVP
statistics in aggregate form) — on the events page.
- **Posts in PUBLIC community groups** (also with the "post
anonymously" toggle enabled — see II.c: the pseudonym becomes
public, but the content remains public).
- **VRRW Creator profile** (if you have applied as a creator;
channel name, bio, custom links, tutorials, group links — see
Terms 9.18).
- **Ratings** on public items (if you submit any).
**Non-public content:**
- DMs (direct messages) — only visible to sender + recipient
- Posts in PRIVATE groups — only to group members
- Bug reports + feature requests — only to you + admin
- Profile data with `privacyStatus = PRIVATE` — not in the
community search (see III.C.h(3))
- Voice calls — peer-to-peer, no backend storage (see III.I.7)
- Purchases / points balance / rewards status — private
#### III.T.2 Search-engine indexing
**Content under `vrrw.online`** is in principle reachable by
search-engine crawlers and may be indexed there. We do **not** set
a general `noindex` meta tag nor a `robots.txt` disallow rule on
public areas, since that would significantly limit the discovery
value for server listings + events + creator tutorials.
**Consequence:**
- What you publish publicly may appear on Google and other search
engines, with preview + cache.
- **If you delete a public post**, it can take a few days to weeks
before search-engine caches reflect this state. On Google you
can request faster removal via the **Search Console Removal
Tool**:
[https://search.google.com/search-console/remove-outdated-content](https://search.google.com/search-console/remove-outdated-content).
- Web archives (e.g. Internet Archive Wayback Machine) may create
snapshots of your public posts, **which we cannot control**.
Removal must be requested directly with the archive:
[https://help.archive.org/help/how-do-i-request-to-remove-something-from-archive-org](https://help.archive.org/help/how-do-i-request-to-remove-something-from-archive-org).
#### III.T.3 Permanence and self-protection
**Before you publish anything publicly, consider:**
- Other users / third parties may take **screenshots or copies**
of your posts — once distributed these are **not retractable**.
- Content may be **searchable in conjunction with your name** via
search engines, if your profile is PUBLIC + the content
standards allow appearance in Google.
- **Publication of real names, addresses, phone numbers, credit-
card / banking data or other sensitive data** in public areas
is NOT permitted (see Terms 10(4)) — also not by you yourself
via your own account.
**Data-minimisation self-protection:** if for personal reasons
you wish a smaller visibility footprint:
- Set your profile `privacyStatus` to PRIVATE (see III.C.h(3)).
- Use the anonymity option (`isAnonymous`) for individual posts
(see II.c) — pseudonymization per Art. 4 No. 5 GDPR.
- Post sensitive topics only in PRIVATE groups or via DM.
- Apply for creator status only if you explicitly want public
visibility under your real name (identity lock — see Terms
9.18(2)).
#### III.T.4 Self-deletion of public content
You can remove public content yourself at any time:
- **Server entries:** mod "Multiplayer → Manage my Servers →
Delete" or website "Serverlisting / Server entry Informations".
On deletion all texts + images are irrevocably removed from our
database — the linked wixstatic.com images are also deleted.
- **Posts in community groups:** "⋯ → Delete" on the respective
post.
- **Events:** website "Server Event management".
- **Creator profile:** mod profile → "Return creator status" or a
written request to the controller (see IV).
**On full account deletion** all public content is automatically
removed (see II for the complete deletion pipeline; individual
records may persist longer in pseudonymized form per II.b for
legal-retention obligations).
**Legal basis** for the public publication: Art. 6 Para. 1 lit. b)
GDPR (performance of the contract for the respective feature you
actively used — server-entry creation, group-post sending, etc.)
plus Art. 6 Para. 1 lit. a) GDPR (your active click consent at
publication time).
### III.U Referral system (referral codes) (new in v4)
The mod includes a **voluntary referral system**: you can
generate a one-time referral code based on your Minecraft
username (`post_createReferralCode`) and pass it to other
players. Whoever redeems your code on first login
(`post_redeemReferralCode`) is recorded in the CMS collection
`AllianceMemberMeta` as your "referee"; you, as the referrer,
receive a percentage bonus on all points the referee earns in
the OGAds offerwall system.
#### III.U.1 Data processed
Per user row in `AllianceMemberMeta`, the following are stored
for the referral system:
- `referralCode` — the referral code you generated
(alphanumeric, 8 characters, cryptographically random)
- `mcUsername` / `mcUsernameLower` — your Minecraft name (for
code uniqueness + anti-squatting)
- `mcUuid` — Mojang UUID, verified once by the backend via the
Mojang public API (`https://api.mojang.com/users/profiles/...`)
and cached for 24 h. Protects against username squatting on
well-known player names.
- `referralUsedCode` / `referralReferrerMemberId` /
`referralReferrerMcName` — when you, as **referee**, redeemed
another's code (one-time per account)
- `referralPointsGenerated` — points you, as referee, have so far
generated via OGAds (technical accounting)
- `referralBonusAwarded` — bonus points your referrer has so far
received from your activity
- `referralTotalEarned` — aggregate bonus from all referees as
referrer
- `referralTotalReferrals` — total number of referees (sybil cap
100 lifetime — see III.U.3)
- `referralCodeCreatedAt` / `referralRedeemedAt` — timestamps
#### III.U.2 Purposes and legal bases
- **Function**: performance of the voluntary referral program
contract (Art. 6(1)(b) GDPR).
- **Mojang UUID verification**: legitimate interest in anti-
squatting (Art. 6(1)(f) GDPR) — prevents one person from
claiming the username of a well-known streamer to capture
referrals from third-party fans. **Third-party transmission**:
during verification our backend transmits the Minecraft
username you supplied to the public Mojang API
(`https://api.mojang.com/users/profiles/minecraft/`,
operated by **Mojang AB / Microsoft Corporation, Redmond, USA**).
Mojang receives only the username (no VRRW memberId, no email)
and returns the UUID. Transmission is based on Microsoft DPF
(EU-US Data Privacy Framework — Art. 45 GDPR adequacy decision)
and Standard Contractual Clauses. The response is cached
server-side for 24 h and is not shared further.
- **Sybil cap (100 referrals/code lifetime)**: legitimate
interest in anti-fraud (Art. 6(1)(f) GDPR).
- **Aggregate statistics (`referralTotalEarned`)**: contract
performance (Art. 6(1)(b) GDPR) for crediting in the OGAds
point system.
#### III.U.3 Anti-fraud — Sybil protection
A **lifetime cap of 100 referees** applies per referral code.
The backend checks on redeem (`post_redeemReferralCode`) under
optimistic locking whether the cap has not yet been reached.
Attempts to bypass the cap by creating multiple accounts fall
under our anti-fraud mechanisms (see III.Q) — on suspicion the
referral account is frozen.
**Rollback**: if the referrer hits the cap during a parallel
redeem attempt, we transparently roll back the referee entry;
you can then redeem a different code.
#### III.U.4 Admin configuration of the bonus percentage
The **bonus percentage** (`percentBonus`) is centrally managed in
the CMS collection `ReferralConfig` and read by the backend with
a short-lived cache. The Controller may
**adjust this percentage at any time, pause or fully disable**
the referral system (e.g. due to anti-fraud measures or changed
OGAds conditions). Existing referee links remain; future bonus
calculations use the then-current value.
**Note**: since the percentage is unilaterally adjustable by the
Controller, it is shown to you in the mod profile **live** (via
`get_referralStatus`). An already-credited bonus from the past
remains untouched.
#### III.U.5 Retention and deletion
- As long as you are an active account holder, the referral
fields remain part of your `AllianceMemberMeta` entry.
- On `post_deleteAccount` the entire `AllianceMemberMeta` row is
**fully deleted** (FULL_DELETE — see II.b). Your referral code
thereby vanishes definitively.
- The aggregate counters at your former referees
(`referralReferrerMemberId`) point to the pseudonym hash after
your deletion; their bonus history remains mathematically
correct.
- You **cannot** replace an already-redeemed code with another
(`referralUsedCode` is final). If you, as referee, want a
different code, you can only delete the account and register
anew — this is explicitly **not** a permitted sybil bypass
(see III.Q).
- Self-service regeneration of your own referral code is **not**
available (would defeat anti-squatting protection) — write to
the Controller with justified reason (e.g. compromised by data
leak).
**Legal bases for storage**:
- Art. 6(1)(b) GDPR — performance of contract
- Art. 6(1)(f) GDPR — anti-fraud (lifetime-cap trail)
- Art. 6(1)(c) GDPR + 147 AO — where OGAds payouts qualify as
tax-relevant business transactions, possibly 10-year retention
of the aggregated booking records.
### III.V References to creator-specific and CoC documents (new in v4)
In addition to this general privacy notice, **specialised
documents** apply to specific functional areas:
**Creator program:**
- Special Terms of Use for Creators (`CreatorLegalDocs/
docType=creator_agb`) — describes content rules, anti-
discrimination, VRRW topic relevance, advertising disclosure,
profile maintenance duty, sanctions.
- Special Privacy Notice for Creators (`CreatorLegalDocs/
docType=creator_privacy`) — details the additional fields in
`YoutuberApplications` / `YoutuberProfiles`, public profile
publication, subscriber verification, 5-year audit-trail
retention.
**General Code of Conduct:**
- `CodeOfConduct` — standard rules of conduct for ALL users.
Co-accepted at registration (mandatory checkbox in
`post_authRegister`). Re-acceptance on a version bump runs via
the same mechanism as Privacy/Terms (see VI).
**Acceptance in the creator application form**: applicants
confirm three separate mandatory checkboxes:
1. Creator Terms (`creator_agb`)
2. Creator Privacy (`creator_privacy`)
3. Code of Conduct (`code_of_conduct`)
Version + timestamp + user-agent of each acceptance are stored
in the application (`creatorAgbVersion` / `creatorAgbAcceptedAt` /
`creatorAgbUserAgent` analogously for the other two documents).
These fields form the proof trail per Art. 7(1) GDPR and
5a(4) UWG (competition-law disclosure compliance).
## IV. Final provisions
We reserve the right to adapt this privacy policy from time to time in
order for it to always meet current legal requirements or in order to
implement changes to our services in the privacy policy, e.g. when
introducing new services on the website or in the mod. For your next
visit, the new privacy policy will then apply. We will communicate any
changes affecting you in a timely and appropriate manner.
If individual provisions of this privacy policy should be or become
ineffective, this does not affect the effectiveness of the remaining
provisions.
The current version of this privacy policy is always available in the
footer of our website at [https://www.vrrw.online/privacypolicy](https://www.vrrw.online/privacypolicy) and in
the mod via the "Privacy Policy" link in the main menu.
## V. Right to lodge a complaint with the supervisory authority
You have the right to lodge a complaint with a supervisory
authority pursuant to Art. 77 GDPR if you believe that the
processing of your personal data violates the GDPR. The competent
authority for us is:
**Berliner Beauftragte für Datenschutz und Informationsfreiheit**
Friedrichstr. 219
10969 Berlin
Germany
Phone: +49 30 13889-0
E-mail: mailbox@datenschutz-berlin.de
Website: [https://www.datenschutz-berlin.de](https://www.datenschutz-berlin.de)
You may equally turn to any other supervisory authority in the
Member State of your habitual residence, place of work or place of
the alleged infringement.
## VI. Changes to this Privacy Policy and re-acceptance
### VI.1 Changes
We reserve the right to update this Privacy Policy from time to
time to reflect changes in the law, in our processing operations
or in the services we offer. The currently valid version is
always available at [https://www.vrrw.online/privacypolicy](https://www.vrrw.online/privacypolicy).
### VI.2 Re-acceptance mechanism for material changes (new in v4)
**For material changes** (e.g. new processing purposes, new third-
party recipients, new categories of personal data) we will request
your renewed consent at the next login — on the website via a
banner, in the mod via a dedicated re-acceptance dialog
(`LegalReAcceptanceScreen`). Without your renewed consent the
affected features remain disabled until you accept (Art. 7 GDPR).
**Technical flow:**
1. On login the mod calls the endpoint `get_pendingLegalAcceptances`.
This compares for each doc-type (privacy, terms, cookies,
impressum, code_of_conduct) the currently published version
(`AdminSettings/_id="legal__version"` resp.
`_id="codeOfConduct"`) with the latest version accepted by the
user (in `LegalHistoryBuckets` / `LegalAcceptances`).
2. If the endpoint returns a non-empty pending list, the mod blocks
all logged-in features and displays the re-acceptance dialog.
3. On acceptance the mod calls `post_acceptLegalsBatch` with the new
version numbers. The backend writes an atomic acceptance trail to
`LegalHistoryBuckets` (bucket slot per user) and only then
re-enables the features.
4. For the **Creator Charter** the parallel procedure runs via
`get_pendingCreatorCharter` + `post_acceptCreatorCharter`. The
version number comes from `AdminSettings/_id="creatorCharter"`.
5. On refusal the account remains active, but all features
affected by the changed processing are blocked — you can still
delete your account or export your data from inside the mod.
### VI.3 CMS collections for legal versions
The following collections hold the version and acceptance trail:
- `LegalTexts` — the currently published doc bodies (privacy /
terms / cookies / impressum) per language.
- `LegalTextVersions` — snapshot history of previous versions.
- `LegalAcceptances` — individual consent records (legacy +
transitional mix).
- `LegalHistoryBuckets` — slot-bucketed acceptance trail per user
(scales better for high user counts — see II.b).
- `AdminSettings` — keys `legal__version` (NUMBER) as
source of truth for the currently published version, plus
`creatorCharter` and `codeOfConduct` for the creator and CoC
versions. We also use `AdminSettings` for a **mod-binary hash
manifest** (SHA-256 hashes of distributed mod JARs) for anti-
tampering verification at mod startup (see III.Q.6).
### VI.4 Status and history insight
The currently valid version, effective date and the full change
history per doc-type are accessible from inside the mod under
"Profile → Privacy → Acceptance history" (endpoint
`get_legalHistoryForUser`). This satisfies Art. 7(1) GDPR (proof
of consent) — see also II.b for retention specifics.
## VII. Security incidents (Art. 33 / 34 GDPR) (new in v4)
If, despite our technical and organisational measures (Art. 32
GDPR), a breach of the protection of personal data occurs, we
proceed as follows:
**(1) Notification to the supervisory authority (Art. 33 GDPR):**
where the breach is **likely to result in a risk to the rights and
freedoms of natural persons**, we report the incident **without
undue delay and where feasible within 72 hours** of becoming aware
of it to the competent supervisory authority (see V).
**(2) Notification to data subjects (Art. 34 GDPR):**
where the breach is **likely to result in a high risk to the rights
and freedoms** (in particular if login data, payment information,
address data or comparable data categories are affected), we
notify you as the data subject **without undue delay, in clear and
plain language**, by e-mail to your registered login address. The
notification contains:
- description of the nature of the breach,
- name and contact details of the data protection officer or
point of contact,
- likely consequences of the breach,
- measures taken or proposed,
- recommended self-protection actions (e.g. password change).
**(3) Documentation (Art. 33 Para. 5 GDPR):**
all breaches — including those not subject to mandatory notice —
are documented in an internal breach register so that the
supervisory authority can verify our compliance with the notice
obligations. This documentation is retained for at least 3 years.
**(4) Technical security measures (Art. 32 GDPR):**
we use, among others, the following measures to prevent breaches:
- **TLS 1.2+** for all communications between mod, website and
backend.
- **AES-256-GCM** encryption of session tokens (backend-signed
with `VRRW_TOKEN_KEY`).
- **PBKDF2-HMAC-SHA512** with 600 000 iterations for local
device-binding of the mod configuration.
- **Cold-start fail-closed** for the token revocation cache.
- **Optimistic-lock retry** with race detection for CMS writes.
- **HMAC tamper detection** for the locally stored mod
configuration.
- **Rate limits** per action, layered (in-memory + persistent).
- **Privacy by default**: DMs / voice calls / community are
disabled at registration.
**(5) Processor:** our processor Wix (see III.L) is contractually
(DPA) obliged to inform us of any breaches affecting it **without
undue delay**, so that we can meet our notice obligations.
bottom of page