Privacy Policy

What this policy covers—and what sits outside it

This Privacy Policy describes how SwipeRealm ("SwipeRealm", "we", "us") collects, uses, stores, and shares personal information when you interact with our public website, marketing pages, newsletters, customer support, recruitment micro-sites, and mobile games published under our brand. It is designed to align with the UK General Data Protection Regulation (UK GDPR), the Data Protection Act 2018, and the Privacy and Electronic Communications Regulations (PECR) where they apply to our activities.

The policy does not govern third-party platforms that host our games—such as Apple App Store or Google Play—beyond explaining what we receive from them. Those stores maintain their own privacy notices. Likewise, links to social networks, payment processors, or partner tools are governed by their respective policies once you leave our controlled experience.

By continuing to use our services after this policy is published or updated, you acknowledge that you have read this notice. If you disagree with how we process data, you should stop using our games and unsubscribe from communications, subject to any legal obligations we must continue to meet.

Who sits in the pilot seat for your personal data

SwipeRealm, operating from the United Kingdom, acts as the controller for personal data described here, meaning we decide why and how that data is processed. For certain in-game analytics or advertising measurement, processors may operate strictly on our instructions, but accountability for explaining those flows remains with us.

You can reach our privacy contact desk using the details below. We recommend email for a written record, but you may also call during UK business hours if your question is urgent.

Email: hello@swiperealm.co.uk. Phone: +44 20 3456 4987. Studio address: 14 Shoreditch High Street, London, E1 6JE, UK — open in Google Maps.

The categories of information we might collect from you

Depending on how you engage with us, we may process identifiers (name, username, player ID), contact data (email address, phone number if you provide it), technical data (IP address, device model, operating system version, locale, carrier, advertising identifiers where permitted), usage data (levels completed, session length, crash logs, feature toggles), marketing preferences, support ticket content, and payment references (we generally do not store full card numbers because storefronts tokenise charges).

If you participate in betas, surveys, or live events, we may collect additional voluntary responses such as age band, region, or gameplay feedback. Recruitment candidates submit CV data, portfolio links, and interview notes subject to a separate fair processing statement where required.

We avoid collecting special category data unless law or explicit consent demands it. Please do not send health or similarly sensitive information through casual support channels unless we expressly request it for a defined purpose.

Where the data originates: you, your device, and partners

Much of the information we hold comes directly from you when you create an account, sign up for a newsletter, file a bug report, or chat with player support. Your device and our servers automatically generate telemetry when you launch a build, download an update, or trigger an analytics event.

We also receive limited data from distribution platforms (receipt validation, refund signals), fraud-prevention vendors, cloud hosting providers, and, where enabled, advertising networks that help us attribute installs or cap frequency of promotional creatives.

If you connect a social login, the partner shares profile elements according to the permissions you approve. You can revoke those connections through the partner's settings as well as inside our games where supported.

Why we process data and the legal bases we rely on

We process personal data to perform contracts with players (for example, providing online features tied to an account), to comply with legal obligations (tax, accounting, responding to lawful requests), and to pursue legitimate interests that are not overridden by your rights—such as securing our infrastructure, improving stability, analysing aggregated performance, and preventing cheating or harassment.

Where law requires consent—particularly for certain cookies, electronic direct marketing, or optional profiling—we will ask clearly and allow withdrawal without penalty beyond losing access to consent-gated experiences.

When we rely on legitimate interests, we balance our needs against potential impact on you and offer opt-outs where appropriate, especially for non-essential analytics or promotional emails that are not strictly necessary to deliver the core game.

Cookies, SDKs, local storage, and similar technologies

Our website may use cookies or local storage to remember preferences, maintain security tokens, and measure campaign performance. Mobile titles embed software development kits (SDKs) for crash reporting, attribution, and optional ads. Each SDK exposes configuration flags so we can disable non-essential collection where store policies or your choices require it.

Strictly necessary technologies that keep sessions secure or enable purchases you initiate are generally exempt from consent banners under PECR, but analytics or ad cookies typically require permission when UK users first visit.

You can control many identifiers through your handset settings (reset advertising ID, limit ad tracking) and browser controls (block third-party cookies). Disabling some tools may limit cloud saves, leaderboards, or personalised offers.

How we share information—and with which categories of recipients

We share personal data with subprocessors who provide hosting, database management, customer-support tooling, email delivery, analytics, translation, and anti-fraud services. Contracts require these parties to use data only for documented purposes, implement appropriate security, and assist us with data-subject requests.

We may disclose information to professional advisers, regulators, or law enforcement when required to comply with law, enforce our Terms, investigate abuse, or protect the rights and safety of players and staff.

In a merger, acquisition, or asset sale, personal data may transfer to a successor under safeguards described in updated notices. We do not sell personal data in the colloquial sense of trading lists for cash; any "sharing" for ads is limited to partners operating as controllers or joint controllers under their own policies.

International transfers and how we keep them lawful

Some partners process data outside the UK/EEA. When we transfer personal data internationally, we rely on adequacy regulations, the UK International Data Transfer Agreement / Addendum, Standard Contractual Clauses, or other mechanisms approved under UK GDPR, supplemented by technical and organisational measures such as encryption in transit and access logging.

You may request further information about specific transfer tools by emailing our privacy inbox. We periodically review vendor locations and subprocessors to ensure documentation stays current.

Retention: how long profiles, logs, and tickets survive

We keep data only as long as necessary for the purposes described. Account data typically persists for the life of the account plus a short wind-down period to handle disputes. Server logs and telemetry may roll off on shorter cycles unless needed for security investigations. Marketing suppression lists outlive unsubscribes to honour your preference permanently.

Financial records follow statutory retention periods. Support transcripts may be archived in redacted form for training and quality assurance unless you object where local law allows.

When retention expires, we delete or anonymise data so it can no longer be associated with you, except where aggregate statistical sets remain.

Your UK data rights and how to exercise them

Subject to applicable law, you may request access, rectification, erasure, restriction, portability, and objection to certain processing. You may withdraw consent at any time where processing was consent-based. You also have the right to lodge a complaint with the Information Commissioner's Office (ICO), though we appreciate the chance to resolve issues first.

To exercise rights, email hello@swiperealm.co.uk with enough detail for us to verify your request. We may ask for proof of identity before disclosing or changing account records. We respond within statutory timelines unless complexity requires an extension, in which case we will explain why.

Children, teens, and parental visibility

Our games may be suitable for broad audiences, but we do not knowingly direct non-age-appropriate marketing to children and we comply with storefront age ratings. Parents or guardians who believe a child provided personal data without appropriate consent should contact us so we can delete or anonymise the profile where feasible.

Some features—such as open chat—may be disabled by default for younger accounts or filtered through automated moderation plus human review. No moderation system is perfect; we encourage caregivers to use device-level parental controls alongside in-game settings.

Security practices that protect accounts and builds

We implement administrative, technical, and physical safeguards appropriate to the risk, including role-based access, encryption for data in transit, secrets management, vulnerability monitoring, and incident-response drills. Employees receive periodic training on phishing and data handling.

No online service is immune to attack. If we discover an incident that affects your personal data, we will notify regulators and affected users when the law requires, describing impact and remedial steps.

Marketing, newsletters, and preference centres

We send promotional emails or push notifications only when permitted by law and, where needed, your consent. Each message includes an unsubscribe or preference link. Transactional notices—such as purchase receipts, policy updates that materially affect you, or critical security alerts—may continue even if you opt out of marketing.

You may update contact details or delete your marketing profile by writing to hello@swiperealm.co.uk or using in-product toggles when available.

Automated decisions, profiling, and meaningful human review

We may use automated systems to detect cheating, credit-risk signals for high-value partnerships, or to personalise difficulty curves. These systems do not produce legal or similarly significant effects solely through automation without human oversight where UK GDPR mandates such review.

If you believe an automated decision was incorrect, contact us and we will explain the logic at a high level and consider a manual appeal where feasible.

Changes to this policy and how we notify you

We may update this Privacy Policy to reflect new features, regulatory guidance, or organisational changes. Material updates will be highlighted through in-game messages, website banners, or email before they take effect where appropriate.

The "Last updated" date at the top indicates the latest revision. Continued use after the effective date constitutes acceptance unless we seek fresh consent for a materially different practice.

Questions, complaints, and regulatory escalation

If anything in this notice is unclear, email hello@swiperealm.co.uk or call +44 20 3456 4987. Postal correspondence can be sent to SwipeRealm, 14 Shoreditch High Street, London, E1 6JE, UK. For directions, use this Google Maps link.

You may also contact the ICO at ico.org.uk if you remain dissatisfied after we have had a reasonable opportunity to respond. This document is provided for transparency and does not constitute legal advice for your personal situation.

For gameplay rules and liability topics, see our Terms & Conditions.