Skip to content

Privacy Policy

Last updated: March 2026

1. Who We Are

Team AGI Games ("we," "us," or "our") is a division of Innovation Forge LLC. We are the data controller for personal data collected through our websites, games, and services (collectively, "the Platform").

Data Protection Contact: privacy@team-agi-games.com

2. Information We Collect

2a. Account Registration

  • Username, email address, and password (hashed)
  • Age verification status (verified/blocked — we do not store your raw date of birth or identity documents)
  • Region classification (EU/EEA, California, or Other)
  • Consent records with timestamps

2b. Gameplay Data

  • In-game interactions and progress
  • NPC dialogue interaction logs (for AI safety monitoring)
  • Session metadata (duration, platform, device type)

2c. Contact Information

When you contact us via email (invest@team-agi-games.com, press@team-agi-games.com, or games@team-agi-games.com), we collect only the information you choose to provide.

3. Age Verification

Informed by COPPA, GDPR Art 8, California AB 2273, DSA Art 28

The Platform contains mature content (ESRB Mature 17+). As a platform safety policy, access is restricted to users 18 years of age or older. We enforce a hard age gate before any personal data is collected:

  • All users provide their date of birth at registration. If you are under 18, registration is blocked entirely and no data is retained.
  • Users in the EU/EEA, United Kingdom, or California are additionally required to complete identity verification through a certified third-party provider (e.g., Yoti, Onfido). The provider acts as a data processor on our behalf. We retain only your verification result (verified/not verified, timestamp, jurisdiction, and re-verification date). Raw identity documents are not stored by us and are deleted by the verification provider after processing in accordance with their retention obligations.
  • Verification is valid for 365 days, after which re-verification may be required.
  • If a minor is detected post-registration (via behavioral signals including payment method analysis, session timing patterns, and linguistic analysis), all data processing ceases immediately and all collected data is deleted within 72 hours.

4. AI Systems & Data Processing

EU AI Act Article 50 — Transparency Disclosure

Team AGI Games uses AI systems extensively. This section discloses how AI processes your data, in compliance with EU AI Act Article 50.

4a. AI-Generated NPC Content

Non-Player Characters (NPCs) in our games are operated by AI language models. All NPC dialogue is generated in real-time based on game context and your in-game actions. AI-generated dialogue is always accompanied by a visible in-game indicator that cannot be disabled.

4b. AI Model Inventory

Our games use multiple fine-tuned AI models derived from foundation models. All inference is performed on our own infrastructure — your gameplay data is not transmitted to third-party AI providers during gameplay.

4c. AI Inference Logging

We maintain AI interaction and safety logs as part of our internal governance and audit controls. All AI model inference calls are logged with: model identifier, timestamp, input hash, output hash, and safety filter result. Standard inference logs are retained for 365 days. Anonymized audit extracts from uncensored model outputs are retained for 7 years for security, fraud defense, and legal compliance purposes. Where EU AI Act obligations apply, we implement transparency and recordkeeping measures accordingly.

4d. Content Safety

All AI-generated content passes through LlamaGuard safety filters before display. Verified accounts (18+) receive the standard content filter level. Unverified or flagged accounts receive maximum filtering with all abliterated model access blocked.

5. Automated Decision-Making & Profiling

GDPR Articles 21 & 22 — Profiling & Automated Decisions

We use automated systems in various capacities. Standard gameplay operations (NPC dialogue, difficulty adjustment, matchmaking, content sequencing) do not produce legal or similarly significant effects and fall outside GDPR Article 22 scope. Significant automated decisions (pricing, content restriction, retention interventions) require your explicit consent. High-impact decisions (account suspension >24h, pricing impacts >$5, permanent restriction, account termination) always include mandatory human review. For full decision categories, see Section 4 of our Terms of Service.

Your Rights

  • Right to explanation: Every significant automated decision generates a human-readable explanation, assembled from deterministic logs and rule-based records — never generated by AI. Available through the support portal or Data Subject Access Request (DSAR).
  • Right to human review (GDPR Art 22(3)): You may request human review of any significant automated decision. You also have the right to express your point of view and to contest the decision. Reviews are completed within 48 hours.
  • Right to object to profiling (GDPR Art 21): You may object to profiling based on legitimate interests at any time through in-game privacy settings. On objection, profiling ceases immediately and profiling data is retained for a maximum of 90 days before deletion.

6. Social Media Monitoring

We monitor public social media mentions of our games for the following purposes:

  • Aggregate sentiment monitoring (no individual profiling)
  • Trend detection for product improvement
  • Crisis detection for player protection
  • Competitive intelligence (public data only)

This monitoring is conducted under GDPR Article 6(1)(f) (legitimate interests), validated by a formal Legitimate Interests Assessment (LIA) which is reviewed annually. We obtain this data from publicly accessible posts on social media platforms including X/Twitter, Reddit, Discord, YouTube, TikTok, and Instagram. We do not monitor private messages, private groups, or restricted-content areas. Since this data is not collected directly from you, we rely on the GDPR Article 14(5)(b) disproportionate-effort exemption for individual notification, given the aggregate and pseudonymized nature of processing.

We apply the following safeguards:

  • No individual player profiling from social monitoring data
  • No cross-referencing of social media identities with in-game accounts without separate consent
  • Raw social media content is deleted after 30 days
  • Usernames are pseudonymized in all internal reports
  • You have the right to object to this processing under GDPR Article 21. Request exclusion from social monitoring via the support portal or email privacy@team-agi-games.com

7. Consent & Withdrawal

GDPR Article 7(3) — Right to Withdraw Consent

Where we rely on your consent as our legal basis for processing, you have the right to withdraw that consent at any time. Withdrawal is as easy as granting consent:

  • How to withdraw: In-game settings > Privacy > Withdraw Consent.
  • What happens on withdrawal: All automated profiling decisions cease within 24 hours. Your preference profile is purged. You are removed from social monitoring scope. Decisions affecting you revert to manual or default handling.
  • Prior processing: Withdrawing consent does not affect the lawfulness of processing based on consent given before its withdrawal.

8. Data Retention

  • Account data: Retained while your account is active. Upon account closure or deletion request, data is removed from active systems within 24 hours and from backup systems within 30 days. Fraud-prevention suppression records may be retained as required by law. Accounts inactive for 24 months may be subject to data minimization review.
  • Age verification status: 365 days from verification date, then requires re-verification.
  • AI inference logs: Standard inference logs retained for 365 days in full. Anonymized audit extracts from uncensored model outputs retained for 7 years for security, fraud defense, and legal compliance.
  • Profiling data: Profiling data is retained for a maximum of 90 days. Opt-out and objection requests are processed within 24 hours (processing ceases immediately); underlying data is deleted within the 90-day retention window.
  • Social monitoring data: Raw content deleted after 30 days.
  • Player decision log: 365 days; available via DSAR.
  • Backup systems: Following consent withdrawal or deletion request, your data will be removed from active systems within 24 hours and from backup systems within 30 days.

9. Your Data Protection Rights

Under applicable data protection law (including GDPR and CCPA), you have the following rights:

  • Access: Request a copy of the personal data we hold about you (DSAR).
  • Rectification: Request correction of inaccurate personal data.
  • Erasure: Request deletion of your personal data ("right to be forgotten").
  • Restriction: Request restriction of processing in certain circumstances.
  • Data portability: Receive your data in a structured, machine-readable format.
  • Object: Object to processing based on legitimate interests.
  • Withdraw consent: Withdraw consent at any time with equal ease to granting it.

To exercise any of these rights, contact privacy@team-agi-games.com or use the in-game privacy settings when available. We will verify your identity before processing requests. Include your account username or registered email address.

Response timelines: Under GDPR, we respond within 1 month (extendable by 2 months for complex requests per Article 12(3)). Under California law (CCPA), we respond within 45 days (extendable once by an additional 45 days per Cal. Civ. Code § 1798.130(a)(2)).

10. California Privacy Rights (CCPA/CPRA)

If you are a California resident, the California Consumer Privacy Act (CCPA) as amended by the California Privacy Rights Act (CPRA) provides you with specific rights regarding your personal information.

  • Categories collected: Identifiers (username, email), internet activity (gameplay data, session metadata), and sensitive personal information (age verification data, used only for verification and security purposes).
  • Sale or sharing: We do not sell or share personal information for cross-context behavioral advertising.
  • Your rights: Right to know/access, right to delete, right to correct, right to opt out of sale/sharing (not applicable as we do not sell/share), right to limit use of sensitive personal information, and right to non-discrimination for exercising your rights.
  • Authorized agents: You may designate an authorized agent to submit requests on your behalf. Agents must provide written authorization and we may verify your identity directly.

For more details, visit our Your Privacy Rights page.

11. Cookies & Similar Technologies

The team-agi-games.com website is a static site and does not use advertising cookies, tracking pixels, or third-party analytics services. We use browser local storage (a technology similar to cookies under ePrivacy Directive Article 5(3)) solely for the following strictly necessary purposes:

  • Age verification status: Stores whether you have completed age verification (not your date of birth). Expires after 365 days.
  • Age-rolling prevention: Stores a temporary block if verification was denied. Expires after 24 hours.

This data is stored only in your browser and is not transmitted to any server. As strictly necessary storage for service functionality, consent is not required under ePrivacy Directive Article 5(3).

12. Third-Party Links & Services

Our Platform contains links to third-party platforms (Discord, X/Twitter, YouTube, etc.) and may integrate third-party age verification providers. These services have their own privacy policies. We are not responsible for their practices.

13. International Data Transfers

Where personal data is transferred outside the EU/EEA, we use Standard Contractual Clauses (SCCs) and conduct Transfer Impact Assessments (TIAs) per EDPB Recommendations 01/2020. On-premise inference means your gameplay data is processed on our infrastructure and is not transmitted to third-party AI providers.

14. Data Security

We implement appropriate technical and organizational measures to protect your data, including encryption in transit (HTTPS via AWS CloudFront), encryption at rest, access controls, and regular security audits. If we experience a personal data breach, we will notify the competent supervisory authority where feasible within 72 hours of becoming aware (GDPR Article 33), unless the breach is unlikely to result in risk to individuals. Where the breach is likely to result in high risk to your rights and freedoms, we will notify you without undue delay (GDPR Article 34).

15. Changes to This Policy

We may update this Privacy Policy to reflect changes in our practices or legal requirements. Material changes will be communicated through in-game notification and email for registered users. Continued use of the Platform after changes constitutes acceptance.

16. Contact

For privacy-related questions or to exercise your data protection rights, contact:

Innovation Forge LLC • Team AGI Games