Privacy Policy — Wildcatter (DRAFT)
DRAFT for legal review (#1003). Generated from the game's actual data practices; not yet published, not legal advice.
Summary: the game is local-first. No account, no sign-in, no ads, no sale of personal data, and no contact information is required to play. Your saves and settings live on your device. The only data that can leave your device is listed below, and the only analytics layer we plan is opt-in and off by default.
1. Who we are
Q.P. Enterprises LLC ("we"), developer of Wildcatter. Contact: hello@oddrift.com.
2. What the game stores on your device
- Saves and settings. Web builds use browser storage (single
autosave slot, view state, settings). The desktop build writes save files and `settings.json` under its user-data folder. This data never leaves your device unless you enable Steam Cloud (below).
- Local storage. The game uses browser storage and local files for
saves, settings, queued crash records, queued feedback, and telemetry consent. We do not use cookies for advertising or cross-site tracking.
- Crash records. When an error occurs, a technical report (error
message, stack trace, route or page URL, browser user agent, build version, and limited diagnostic details — no name, no account, no required contact information) is kept locally, capped at the most recent 20. The in-game "Clear saved data" action deletes all of the above.
3. What can leave your device
- Crash reports. The game attempts to POST crash records to a
reporting endpoint. In the public web demo no such endpoint exists — the request fails and the report stays local. If we stand up a crash sink, it may receive the technical contents above.
- Feedback. If you submit in-game feedback, we receive your note,
category, optional reply contact, build tag, and run context such as seed, year, company, page URL, and browser user agent. Feedback is queued locally if the request cannot be sent.
- Standard web requests. The game optionally fetches map tiles
(AWS-hosted public terrain tiles) and game art from our asset host. Like any web request, those servers and our hosting or CDN providers may process routine request information such as IP address, browser user agent, requested URL, and timestamps.
- Telemetry — opt-in, off by default (planned, not yet shipped). If
you opt in, we would collect pseudonymous funnel events (session start, tutorial progress, first well, campaign end/quit points) keyed by a random install ID. Telemetry does not require a name, email, contact information, or device fingerprint, but the install ID lets us group events from the same installation. A separate, second consent would cover the full action log (a replayable record of in-game decisions) for balance analysis. Either can be turned off at any time in settings; opting out stops collection immediately.
4. Steam
On Steam, purchases, accounts, achievements, and (if you enable it) Steam Cloud save sync are handled by Valve under the Steam Privacy Policy. Steam Cloud is off by default in our settings.
5. What we never do
No selling or renting of personal data. No ads or ad trackers. We do not require an account, name, email address, contact information, or precise location to play the game. If you submit feedback or contact us, we receive the contact information and message content you provide. No data collection from children: the game is not directed at children under 13, and we do not knowingly collect their data.
6. Data we receive and privacy requests
| Data | Purpose | Retention |
|---|---|---|
| Feedback note, category, optional reply contact, build tag, and run context | Read and respond to feedback; improve the game | Kept while useful for support and development, then deleted or de-identified |
| Crash report fields listed above | Diagnose and fix crashes | Kept while useful for debugging, then deleted or de-identified |
| Opt-in telemetry, if shipped | Understand onboarding, balance, and quit points | Kept while useful for product analysis, then deleted or de-identified |
You can delete local data in the game or by deleting the desktop user-data folder. For data we receive, such as feedback, crash reports, or opt-in telemetry if shipped, you may contact hello@oddrift.com to request access, correction, deletion, or objection/opt-out. We will respond as required by applicable law.
We do not sell personal data or share it for cross-context behavioral advertising. We do not use sensitive personal information to infer characteristics about you.
7. Changes
We will update this policy as practices change (e.g. when telemetry or a crash sink ships) and note the date here. Effective: June 18, 2026.