Privacy Policy
Last updated: 21 March 2026 | Jurisdiction: United Kingdom (UK GDPR & Data Protection Act 2018)
Important: This policy explains how ExudizMono (“we”, “us”) handles personal data when you use exudizmono.com, download or play MystOracle: Age of the Firstborn, or interact with official channels we operate or link to. It is drafted with UK law in mind. It is not legal advice. For tailored advice (especially if you process large-scale data or run ads), speak to a solicitor or the ICO.
1. Data controller
The data controller responsible for personal data described in this policy is ExudizMono (the project/brand operating this Site). If we list a registered company name, number, and UK address on the Site, that entity is the controller. Until then, contact us via the channels in section 14 below.
2. Scope — what this policy covers
This policy covers personal data we process through:
- the Site (exudizmono.com);
- optional features on the Site (for example an email “updates” form if connected to a mailing provider);
- official community spaces we moderate or administer where we act as a controller (for example a Discord server we own — note: Discord Inc. is also a separate controller for the platform itself);
- the Game client, if and when we collect personal data from it (for example crash reports or account systems). If a build does not phone home, we will say so on the download page; this policy still covers the Site and linked services.
Third-party sites (GitHub, X, YouTube, Instagram, payment processors) have their own policies when you use their services.
3. Personal data we may collect
Depending on what you use, we may process:
- Technical / usage (Site). IP address, browser type, device type, pages viewed, referrer, and timestamps — typically from web server logs or analytics if enabled.
- Communications. Messages you send us (for example via Discord or email), including your username and content.
- Email marketing (if enabled). Email address and subscription preferences if you sign up for update emails.
- Game-related (if applicable). In-game identifiers, telemetry, crash dumps, or anti-cheat signals — only where we describe such collection on the Site or in the Game; we aim to minimise data.
We do not require you to create an account on our Site to read it or to download public builds linked from the Site.
4. Lawful bases (UK GDPR)
We process personal data only where we have a lawful basis under the UK GDPR, such as:
- Legitimate interests — operating and securing the Site, understanding aggregate use, community safety, and improving the Game, where not overridden by your rights.
- Contract — where necessary to perform steps you request (for example sending you emails you subscribed to).
- Legal obligation — where we must comply with law.
- Consent — where we ask clearly (for example non-essential cookies or marketing), which you can withdraw.
5. How we use personal data
We use data to: run and protect the Site; distribute and improve the Game; respond to you; send marketing only if you opted in; comply with law; and enforce our Terms & Conditions. We do not sell your personal data.
6. Cookies and similar technologies
The Site may use strictly necessary cookies required for basic operation (if any). If we add analytics or marketing cookies, we will ask for consent where UK law requires it and explain choices. Embedded content (for example YouTube players) may set third-party cookies when you interact with them — see those providers’ policies.
7. Recipients and international transfers
We use infrastructure or tools that may process data outside the UK (for example US-hosted servers, Discord, GitHub). Where data is transferred from the UK to countries without an adequacy decision, we rely on appropriate safeguards where required (such as the UK International Data Transfer Agreement / Addendum or standard contractual clauses approved for UK use), unless an exception applies.
8. Retention
We keep personal data only as long as needed for the purposes above, including legal, accounting, or security needs. Server logs may be rotated or deleted on a short cycle. Marketing data is kept until you unsubscribe, then suppressed as required. Community messages may persist according to platform settings and our moderation needs.
9. Security
We take reasonable technical and organisational measures to protect personal data. No online service is completely secure; please use strong passwords on third-party accounts linked to us.
10. Your rights (UK)
If UK GDPR applies to you, you may have the right to:
- Access — request a copy of personal data we hold about you.
- Rectification — correct inaccurate data.
- Erasure — request deletion in certain circumstances.
- Restriction — limit processing in certain circumstances.
- Object — object to processing based on legitimate interests or direct marketing.
- Portability — receive certain data in a structured, machine-readable format where processing is based on consent or contract and automated.
- Withdraw consent — where we rely on consent, without affecting earlier lawful processing.
To exercise rights, contact us (section 14). You may also complain to the Information Commissioner’s Office (ICO), the UK regulator: ico.org.uk.
11. Children
The Game and Site are not aimed at young children. We do not knowingly collect personal data from children under 13 without appropriate parental consent. If you are a parent and believe we have collected a child’s data, contact us and we will take appropriate steps, including deletion where required.
Older minors should use the Game with parental guidance; see our Terms for age-related expectations.
12. Automated decision-making
We do not use automated decision-making or profiling that produces legal or similarly significant effects on you, unless we tell you otherwise in the future.
13. Changes
We may update this policy; the “Last updated” date will change. Check this page periodically. For material changes we may post a notice on the Site or Discord.
14. Contact
Privacy questions or requests: reach us via Discord or other contact methods published on the Site. If we add a dedicated privacy email, use it for formal data subject requests so we can verify identity where appropriate.