Data Architecture & Transparency.
At StructurePath, we treat privacy as a technical constraint, not a legal afterthought. Our commitment to GDPR and German data protection standards is engineered into every line of code.
What we capture (and why).
We distinguish between essential operational logs and optional behavioral telemetry. For players in Germany and the EU, we apply the principle of data minimization—if it doesn't improve the engine logic, we don't store it.
Core Identity Attributes
- Device ID Hardware UUID (Hashed)
- Contact Point Email (Via Opt-in Only)
- Localization ISO-3166 Region Code
Performance Metrics
To optimize memory overhead for mid-range German devices, we monitor frame latency, crash dumps, and thermal throttling triggers. These are strictly technical and never cross-referenced with your personal identity.
LOG_STREAM: { event: "MEMORY_SPIKE", threshold: "4GB", status: "ANONYMIZED" }
Fig 2.1 — Signal Anonymization Protocol
Critical Privacy Queries.
Is my gaming data sold to third-party advertisers?
No. StructurePath monetizes through direct participation and engine licensing, not data brokerage. Your behavioral profile stays within our ecosystem.
Where is the data physically stored?
We utilize Frankfurt-based servers for all EU traffic to ensure strict adherence to German jurisdiction and hardware-level encryption.
How long is "temporary" performance data kept?
Operational logs are purged every 90 days. Aggregated performance trends (non-identifiable) may be kept longer for engine optimization.
Can I request a full data wipe?
Absolutely. Under GDPR "Right to be Forgotten," you can trigger a total purge of your associated records by contacting our Data Protection Officer.
Do you track location in real-time?
We only resolve IP addresses to a city level at launch to select the nearest server. We do not track fine-grained GPS movements.
User protection in practice.
System Vulnerability Detected
If a security breach is detected within our Unity-based architecture, our protocol isolates the affected database node within 120 seconds and issues a PGP-signed notification to all impacted users in the DACH region.
Response: Immediate Mitigation
Third-Party API Integration
When porting an iOS title to Android for the German market, we audit every external SDK. If an SDK attempts to scrape clipboard data or contacts, the engine blocks the call and flags the dependency for removal.
Constraint: Sandbox Enforcement
Data Protection Officer.
For questions regarding the storage of your data, or to exercise your rights under the Bundesdatenschutzgesetz (BDSG), our legal team is available during standard European business hours.
Your Rights (GDPR)
- / Right of Access and Portability
- / Right to Rectification of Errors
- / Right to Erasure (De-indexing)
- / Right to Object to Processing
Authorized Technical Partners.
| Partner Name | Purpose / Engine Link | Location | Privacy Protocol |
|---|---|---|---|
| AWS Deutschland | Server Infrastructure | Frankfurt, DE | Cloud-Compliance |
| Unity Technologies | Runtime Telemetry | San Francisco, USA | Standard Clause 4.2 |
| Stripe Payments | Transaction Handling | Dublin, IE | PCI-DSS Level 1 |
| Cloudflare | CDN & WAF Security | Global / DE Nodes | Edge-Encryption |
Our privacy framework is dynamic. As engine architectures evolve and EU regulatory shifts occur, we update this document to reflect new technical realities. We recommend a monthly audit for institutional partners.