Privacy Policy

Last updated: 25 May 2026

1. Data controller

The controller of your personal data is CyfroweNiebo.pl (hereinafter: "Studio", "we", "the controller").

We have not appointed a Data Protection Officer — we are not required to do so under Article 37 GDPR. For all matters concerning your personal data, please use the address above.

2. Scope of this policy

This policy describes how we process personal data in connection with:

3. The whisperteller.com website

3.1. No cookies, no tracking tools

The website stores no cookies or other identifiers on our side. It also does not use Google Analytics, Facebook Pixel, Hotjar, or similar profiling tools. We do not load external fonts (Google Fonts, etc.).

3.2. Hosting and Cloudflare Workers

The website is hosted on Cloudflare Workers — serverless compute running on Cloudflare's edge network. Every HTTP request to whisperteller.com is first handled by our short routing code running in Cloudflare's infrastructure.

What our code does (open source, available in the project repository):

Our code does not log your IP address, user agent, or request payloads to any database or log on our side. We do not collect any custom telemetry beyond standard HTTP request handling. The PL/EN language switcher in the navigation uses plain HTML links to /index.html and /en.html — no cookie required, no extra data sent.

Cloudflare, as the infrastructure operator, records its own technical logs (IP, user agent, request time, URL path, response code) under its Privacy Policy and retention policy. Cloudflare's purposes: security, DDoS protection, network statistics, CDN operation. Legal basis: Article 6(1)(f) GDPR (legitimate interest — maintaining security and availability of the website).

We have entered into a Data Processing Addendum (DPA) with Cloudflare, Inc. under Article 28 GDPR. The agreement is the standard Cloudflare Customer DPA together with Standard Contractual Clauses approved by the European Commission for transfers to the USA.

4. Newsletter

Purpose: sending information about the WhisperTeller game — release dates, early access to new adventures, behind-the-scenes content.

Data scope: email address; the body of your signup message (if you include one).

Legal basis:

How to consent: fill in the form on the site (email field + tick the consent checkbox + click "Sign me up") or — as an alternative — send a message directly to newsletter@whisperteller.com. Form signup: we collect email address, consent timestamp, and the locale of the page used to subscribe (pl/en). We do not store IP address or browser identifier in the subscription record.

Withdrawing consent: at any time — reply to any newsletter email with the word "unsubscribe", or write to privacy@cyfroweniebo.pl. Withdrawal does not affect the lawfulness of processing performed before withdrawal.

Retention: we keep your address until you withdraw consent. After withdrawal, we remove the address from the list within 30 days.

Recipients:

5. The WhisperTeller game (Steam / Google Play / App Store)

5.1. Local game saves

Your game progress (save files, settings) is stored locally on your device. It does not contain personal data within the meaning of GDPR and is not sent to our servers.

5.2. Cloud sync (Steam Cloud / Google Play Games / iCloud)

If you use the optional cloud sync provided by your distribution platform, your saves are stored within that platform's infrastructure under its terms. The Studio has no access to the contents of those saves.

5.3. Crash reports and diagnostics

The game does not send telemetry or crash reports to our servers — the Studio runs no in-house diagnostics collection (we do not use Firebase Crashlytics, Sentry, or similar tools).

The only diagnostic data potentially collected is the standard usage and crash statistics gathered by the distribution platforms themselves (Steam, Google Play, Apple) under their respective policies. The Studio receives only aggregated information about game stability, with no ability to identify individual players. You can disable this collection in your Steam / Google / Apple account settings.

5.4. Platform-level data

Steam, Google Play and Apple App Store collect their own data (purchase, install, usage statistics, ratings, reviews) under their respective policies. The Studio receives only aggregated statistics from the platforms (number of copies sold, aggregate demographics, reviews). We have no access to your personal data in identifiable form — unless you voluntarily contact us using your own data.

Platform privacy policies:

6. International data transfers

Some of our service providers are located outside the European Economic Area:

7. Your rights

Regarding our processing of your data, you have the right to:

To exercise your rights, write to privacy@cyfroweniebo.pl. We will respond within 30 days of receiving your request (Article 12(3) GDPR).

8. Complaint to a supervisory authority

If you believe we are processing your data unlawfully, you have the right to lodge a complaint with the Polish Data Protection Authority:

If you reside in another EU/EEA country, you may also contact your local supervisory authority.

9. Data security

We apply technical and organizational security measures proportionate to the scale of processing: encrypted HTTPS connections, restricted access to the newsletter mailbox, separation of production environments, verification of form signups by the Cloudflare Turnstile bot-protection mechanism. We cannot, however, guarantee absolute security of internet transmission — please notify us if you notice any incident concerning your data.

10. Changes to this policy

We may update this policy, e.g. after shipping new game features or changing infrastructure providers. The last update date is shown at the top of this document. We will notify newsletter subscribers by email at least 14 days before any material change takes effect.

11. Contact

For all data protection matters:

← Back to home page