Back to Governance

Privacy Policies

Last Edited: 21/4/2026

1. Introduction and Scope

This Privacy Policy forms the foundation of our commitment to data protection and user privacy. It applies to all platforms, services, and operations managed by the organization. We believe privacy is a fundamental right, and we strictly adhere to the principles of transparency, data minimization, and explicit consent.

2. Telemetry and Data Collection

The collection of all telemetry, analytics, and usage data complies with the principles outlined by the Linux Foundation’s Telemetry Data Policy and all applicable international privacy laws, such as the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA).

We operate under three primary tenets of data collection:

  • Transparency: Users must be explicitly informed about what data is collected, why it is collected, who has access to it, and how they can opt-out (where applicable). Silence does not equal consent.
  • Minimization: Only the minimum necessary data required for function, performance routing, or essential security auditing shall be collected. We do not aggregate data.
  • Anonymization: Any personal data that must be collected is anonymized, aggregated, or pseudonymized where technically feasible and relevant to the purpose of collection.

3. How We Use Information

We only process data when it is legally justified. The legal bases upon which we collect data include:

  • Contractual Necessity: Data required to deliver the core service you requested (e.g., account creation, multiplayer matchmaking).
  • Legitimate Interests: Data required for strict security auditing, fraud prevention, and ensuring system stability.
  • Explicit Consent: Data used for non-essential telemetry or marketing purposes. Consent for these categories is strictly opt-in.

4. Your Data Rights

As an end-user, you maintain absolute control over your personal data. At any time, you hold the right to:

  1. Access: Request a comprehensive copy of all personal data we hold associated with your account.
  2. Rectification: Correct any inaccurate or incomplete data.
  3. Erasure (“Right to be Forgotten”): Request the absolute deletion of your personal data when it is no longer legally necessary.
  4. Restriction of Processing: Request a temporary halt to data processing under specific legal disputes.
  5. Data Portability: Receive your data in a structured, commonly used, and machine-readable format.

To exercise any of these rights, please submit a formal request via email to ceo@yutila.com. Our Data Protection Officer (DPO) will respond within 30 days.

5. Data Retention

We do not hold data indefinitely. All logged telemetry or analytics data is subject to automated pruning based on our 90-day retention schedule, unless a longer retention period is mandated by law or for active security investigations.

6. Third-Party Sharing

We do not sell user data to advertising brokers or external third parties. Data is only shared with heavily vetted infrastructure partners (e.g., cloud hosting providers) executing under strict Data Processing Agreements (DPAs) that bind them to our internal security and privacy principles.