Privacy Policy

Effective as of October 29th, 2025.

The Main Points

This is a quick overview of my privacy policy.
Further down you can read the policy in its entirety.

I. Website

My sites do not track you with cookies or any other technology. The few cookies I do use are strictly necessary and not used for tracking. If this changes in the future, you will be prompted with an appropriate cookie consent banner on your following visit.

II. Mailing list

When signing up to my mailing list, I use a third-party service called Brevo to securely store your email, name, and game interests. You can read Brevo’s privacy policy here.

I track if and when you click on the links in my emails. I do this to tailor the email flow to your behavior. For example, I don’t want to send you a survey about a game if you have not yet downloaded it—or I may wish to remove you from the mailing list, if you never open any of the emails.

If at any point you want to stop receiving emails from me, you can unsubscribe using the link at the bottom of any of the emails. There is also a link to change your email preferences, so you only get the emails you actually want.

III. Games

When playing any of my games, I use the Unity Analytics feature provided by Unity to collect data about your gameplay. It’s further explained in Unity’s Privacy Policy.

If that game contains in-app purchases, your data may be shared with Steam, Google Play Store, or Apple App Store.

IV. Support

If you contact me for support reasons, via support.goehlerstudios.com, your contact info is sent encrypted to my email inbox.

A copy of the issue — and any information shared via the contact form in that regard — is also stored on my webserver. Any subsequent email correspondence is only stored on my email account with Google.

Privacy Policy – All The Details

For the purposes of the GDPR, Goehler Studios ApS (CVR 45876047), represented by Kevin Gøhler, acts as the data controller for all processing activities described in this policy.

Your privacy and the security of your data are very important to me — and this privacy policy will explain how I use the data I collect from you, when you use my websites, my games, or sign up for my mailing list.

Table of Content

1. What data do I collect?
2. How do I collect the data?
3. How will I use the data?
4. How do I store the data?
5. Marketing
6. What are your data protection rights?
7. Cookies
8. Privacy options within my games
9. Changes to my privacy policy
10. How to contact me
11. How to contact the appropriate authorities

1. What data do I collect?

I collect the following data:

• Personal identification information (Name and email address)
• Opinions and feedback about my games.
• Information needed to provide support for my games and Unity assets.

Via Unity Analytics, my games may collect the following data:
(please refer to Unity’s privacy policy for the full list)

• Device identifiers generated from data events, including, in some cases, session or installation information or the device MAC/IMEI/MEID, which we alter to limit the ability to identify the relevant device in the future.
• An advertising ID, such as the Apple IDFA or the Android Ad ID.
• IP address.
• Device manufacturer and model.
• The operating system and version running on your system or device.
• Browser type.
• Language
• The make of the CPU and the number of CPUs present.
• The graphics card information, such as type, vendor, and driver name, version, and graphics API.
• Amount of system and video RAM present.
• Current screen resolution.
• Operating system identifier (e.g., Mac, Windows, Android, etc.).
• A checksum of all the data that gets sent to verify that it was transmitted correctly.
• App ID of the game installed.
• Session Information (like the number of sessions and time spent in-game, etc.).
• Monetization Events (in-app purchases made, etc.).

2. How do I collect the data?

You directly provide me with some of the data I collect. I collect and process data when you:

• Sign up for my mailing list.
• Contact me via my support page.
• Voluntarily complete a survey, most likely at the end of beta testing.

I may also receive your data indirectly from the following sources:

• Anonymised user behavior like “pages visited” and “time spent on page” and server requests while browsing any of my websites.
• Your email client, through my CRM service: Brevo, when you receive and/or open any of my marketing emails.
• Unity Analytics, if you play any of my games.

3. How will I use the data?

3.1 I collect the data so that I can:

• Get in touch with you and send you updates about my games.
• Understand how you use my website, so I can optimize the user experience.
• Learn how you play my games and optimize the play experience, as well as the way I can potentially monetize the game.
• Help you solve any issues you might be experiencing.

3.2 Legal basis for processing

I process personal data only when there is a valid legal basis under the GDPR:

• Mailing list and marketing emails: Based on your consent (GDPR Art. 6 (1)(a)). You can withdraw consent at any time using the unsubscribe link in my emails.
• Support requests: Based on legitimate interest in providing support and resolving issues (GDPR Art. 6 (1)(f)), or when applicable, performance of a contract (Art. 6 (1)(b)).
• Unity Analytics and gameplay data: Based on legitimate interest (Art. 6 (1)(f)) to understand player behavior and improve gameplay.
• Website security cookies and anti-bot protection: Based on legitimate interest (Art. 6 (1)(f)) in maintaining site security.
• Surveys and feedback: Based on consent (Art. 6 (1)(a)).

4. How do I store the data?

4.1 Data storage

Statistical website usage data is anonymized and stored locally on the webserver.
Your personal data is stored with the trusted third parties (“processors”) that process data on my behalf. These include:

• Brevo (email marketing): The personal identification information—like name, email address, and game interests—is securely stored on my account with Brevo, where I manage my mailing lists.
• Unity Technologies (analytics): The Unity Analytics data is stored on Unity’s secure servers and may be accessed only by me.
• Proton AG (email hosting): Support form content and subsequent email correspondence.

All data is transmitted using HTTPS and stored in encrypted form wherever technically possible to ensure confidentiality and integrity.

4.2 International transfers

Some of my processors operate globally. Your data may be transferred and processed outside the European Economic Area (EEA):

• Proton (email): Hosted in Switzerland, which has an EU adequacy decision.
• Brevo (mailing list): Data is stored within the EU (Germany/France).
• Unity (game analytics): May transfer data to the United States and other countries under the European Commission’s Standard Contractual Clauses to ensure equivalent protection.

I only use service providers that offer adequate data-protection safeguards under the GDPR.

4.3 Data retention

I retain personal data only as long as necessary for the purposes described:

• Mailing list data: Kept until you unsubscribe or withdraw consent, after which it’s deleted within 30 days. Inactive subscribers may be deleted during periodic manual reviews.
• Support requests: Kept for up to 2 years after the last correspondence, to help follow up on recurring issues.
• Analytics data (Unity): Retained according to Unity’s policies, generally for up to 2 years.
• Backups and logs: Automatically purged within 90 days.

When data is no longer needed, it is securely deleted or anonymized.

5. Marketing

I would like to send you information about games and other relevant content I produce that I think you might like. I will only send you emails if you have agreed to receive marketing by joining my mailing list. You may always opt out using the unsubscribe button in any emails you have received. You can also manage your preferences regarding which games you are interested in.

You have the right, at any time, to stop receiving marketing emails from me.

If you no longer wish to be contacted for marketing purposes, please unsubscribe from my mailing list. A link can be found at the bottom of any of the emails I’ve sent you.

6. What are your data protection rights?

I would like to make sure that you are fully aware of your data protection rights. Every user is entitled to the following:

• The right to access: You have the right to request access to the personal data I hold about you. This is normally provided free of charge. I may charge a reasonable fee only if your request is manifestly unfounded, excessive, or repetitive, as permitted under GDPR Art. 12 (5).
• The right to rectification: You have the right to request that I complete information about you, that you believe is incomplete.
• The right to erasure: You have the right to request that I erase your personal data, as long as there are no overriding legitimate grounds for continuing the processing.
• The right to restrict processing: You have the right to request that I restrict the processing of your personal data under certain conditions.
• The right to object to processing: You have the right to object to me processing your personal data under certain conditions.
• The right to data portability: You have the right to request that I transfer the data I have collected to another organization or directly to you under certain conditions.

If you make a request, I have one month to respond to you. If you would like to exercise any of these rights, please contact me at: info@goehlerstudios.com

7. Cookies

I use a small number of strictly necessary cookies to protect the site from automated abuse and to provide core functionality. These cookies do not track you for advertising or analytics, and therefore do not require consent under the ePrivacy rules. They are still disclosed here for transparency.

What I set

• gs_turnstile_ok (first-party, HttpOnly, SameSite=Lax) — remembers that you passed a human verification so you don’t have to solve it again on every page.
  Lifetime: up to 2 hours. Purpose: security / abuse prevention.

What my security provider may set

• Cloudflare Turnstile may place short-lived, strictly-necessary identifiers to run the human-verification challenge and prevent bots. These identifiers are used only for security and typically expire within minutes to hours.

Legal basis

• ePrivacy “strictly necessary” exemption; GDPR Art. 6, 1. (f) (legitimate interests in securing the website and preventing fraud/abuse).

Your choices

• You can block or delete cookies in your browser at any time. Please note that blocking strictly necessary cookies may cause parts of the site (e.g., the “reveal contact info” feature) to stop working.

If I introduce cookies for analytics, personalization, or marketing in the future, you will be shown a consent banner on your next visit, and this policy will be updated with full details.

8. Privacy options within my games

I do not directly collect your personal data in my games, but I may use services like Unity Analytics, which collect personal information and share it with me.

My games are designed for a general audience and are not intended for children under 13. I do not knowingly collect personal data from children.

8.1 Privacy policy of Unity Analytics

I may use Unity Analytics in some of my games. In this case, your data will be processed in accordance with Unity’s Privacy Policy. They collect and store various types of data, including personal information like IP addresses and device details. Please read Unity’s Privacy Policy and their FAQ to get a full understanding of how they collect, process, and share the data with me.

8.2 Privacy policy of game stores

Game stores like Steam and Google Play Store handle your payment and transaction data securely, and their respective privacy policies govern this process:

Steam’s Privacy Policy

Google Play Store’s Privacy Policy

9. Changes to my privacy policy

I keep my privacy policy under regular review and place any edits or updates on this webpage. This privacy policy was last updated on October 29th, 2025.

10. How to contact me

If you have any questions about my privacy policy, the data I have on you, or you would like to exercise your right to be forgotten, do not hesitate to contact me.

You can contact me by email at: info@goehlerstudios.com

11. How to contact the appropriate authorities

Should you wish to register an official complaint, or if you feel that I have not addressed your concern in a satisfactory manner, you may contact the Danish Data Protection Agency.

Users outside Denmark should generally contact their local Data Protection Authority.

Danish Data Protection Agency
Carl Jacobsens Vej 35
2500 Valby
Tlf. 33 19 32 00
dt@datatilsynet.dk