Privacy Policy

Who we are

Our website address is: https://lcdruniverse.org.
We’re lcdr Universe, a fan project to create a community-driven server for the closed MMO LEGO Universe (LU). We’re not a company or anything, and we’re not for profit – we’re just a few LU fans who want to play the game again, and want to provide a way for other fans to play as well. Read more about us on our about page.

What personal data we collect and why we collect it

We only collect data where it’s necessary for the site features, and we don’t have any analytics or advertising on the site. We collect some data that you explicitly give us, like contact form content or forum posts. Furthermore, our content management system and site framework, WordPress, collects some data to provide site features like comments, logins, and the forum. Below are the precise explanations of what’s collected for what purpose.

Comments

When visitors leave comments on the site we collect the data shown in the comments form, and also the visitor’s IP address and browser user agent string to help spam detection.

An anonymized string created from your email address (also called a hash) may be provided to the Gravatar service to see if you are using it. The Gravatar service privacy policy is available here: https://automattic.com/privacy/. After approval of your comment, your profile picture is visible to the public in the context of your comment.

Media

If you upload images to the website, you should avoid uploading images with embedded location data (EXIF GPS) included. Visitors to the website can download and extract any location data from images on the website.

Contact forms

We use contact forms to allow you to send applications and contact us. When you use a contact form, we ask for data in the form fields so the form can serve its purpose. When you submit this data, the data is sent via mail to lcdr. No data is retained on this site, however the mails that are sent in this matter are stored on a secure mail server for as long as necessary for the contact form’s purpose. This is typically indefinitely, to allow us to consider you for future alpha or mod selections without you having to resubmit your data, or to be able to access your contact requests for future reference. We don’t use this data for anything other than to provide the form’s purpose.

Cookies

If you leave a comment on our site you may opt-in to saving your name, email address and website in cookies. These are for your convenience so that you do not have to fill in your details again when you leave another comment. These cookies will last for one year.

If you have an account and you log in to this site, we will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser.

When you log in, we will also set up several cookies to save your login information and your screen display choices. Login cookies last for two days, and screen options cookies last for a year. If you select “Remember Me”, your login will persist for two weeks. If you log out of your account, the login cookies will be removed.

If you edit or publish an article, an additional cookie will be saved in your browser. This cookie includes no personal data and simply indicates the post ID of the article you just edited. It expires after 1 day.

Embedded content from other websites

Articles on this site may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website.

These websites may collect data about you, use cookies, embed additional third-party tracking, and monitor your interaction with that embedded content, including tracking your interaction with the embedded content if you have an account and are logged in to that website.

We try to avoid embedding content from other websites when possible, and the only main embedded content that’s included on this site are YouTube videos from our YouTube account and Google’s reCaptcha for spam protection on some forms. We try to use the no-cookie version of YouTube when possible, but unfortunately some of the site’s features are not always compatible with this version, so in some instances the embeds may set cookies.

Forum

We have a forum for the community to chat about the project and the game. When you submit a post we collect the info associated with it, e.g. the poster’s username, the post’s subject, and the post’s content, to be able to provide the forum (can’t have a forum if you’re not able to save forum posts). This data is stored indefinitely so others can read the forum.

Analytics

We don’t use any analytics on this site. We’re not interested in tracking you, we’re not a company and don’t need to try to separate users into demographics or track people’s behavior. We’re already happy if you visit this site, and we don’t ask any further questions.

However, we use reCaptcha on some forms for spam protection. Unfortunately, reCaptcha’s documentation isn’t exactly clear on what methods it employs to check if you’re a bot, and it’s possible it also has some methods that could be called “analytics”. Unfortunately reCaptcha doesn’t provide a way to disable specific parts of its captcha system, so it’s hard for us to make sure it doesn’t use the “analytics” methods.

Who we share your data with

As mentioned above, we don’t use any analytics solutions, and all data you provide to us stays on this site. There’s one exception – contact form data is sent via mail, and thus this data is stored on the servers of our mail provider ProtonMail, which has a high reputation for privacy and security.

As mentioned above, reCaptcha’s bot detection could be using some methods that could be called “analytics”. In that case, there’s some info that could be sent to Google when you fill out a reCaptcha.

How long we retain your data

If you leave a comment, the comment and its metadata are retained indefinitely. This is so we can recognize and approve any follow-up comments automatically instead of holding them in a moderation queue.

If you post something on the forums, the associated data is retained indefinitely, so others can read the post.

For users that register on our website (if any), we also store the personal information they provide in their user profile. All users can see, edit, or delete their personal information at any time (except they cannot change their username). Website administrators can also see and edit that information.

What rights you have over your data

If you have an account on this site, or have left comments, you can request to receive an exported file of the personal data we hold about you, including any data you have provided to us. You can also request that we erase any personal data we hold about you. This does not include any data we are obliged to keep for administrative, legal, or security purposes.

Where we send your data

Website data is stored within the European Union, and mails are stored within the EU as well. We don’t share your data with others, and as such, these are the only locations where site data is stored.

Contact information

If you have questions, feel free to contact us.

Additional information

How we protect your data

We encrypt your connection to our website using HTTPS by default, to protect the connection from interception and reading by third parties. To ensure that access to your data is as minimal as possible, we host as much as possible on our site’s VPS, which only we and our hosting providers have access to. To ensure that the site’s data is not lost, we create backups from time to time.

What data breach procedures we have in place

In case of a data breach, we will immediately notify you of the details, including who is affected, what data is affected, and what steps you need to take. If the website is still operational, we will do this via blog post, if not, via twitter or discord. We will notify the affected as well as we can, which may be via mail, twitter, or discord, if available. We will also broadcast this info via our twitter and discord.

If you believe you have found a method that could allow a potential data breach, please contact us.

What third parties we receive data from

We do not receive data from third parties.

What automated decision making and/or profiling we do with user data

We do not engage in any automated decision making or profiling. We’re only here to make a game server.