Privacy Policy & Data Use

Last updated: 2026-06-07

Overview

Although we may collect information to improve the website, download delivery, public APIs, comments, and service quality, we take your privacy seriously. This policy is provided to help you understand what information may be collected when you use our services, why it is collected, and how it is collected, processed, stored, and used.

The site does not provide account registration, payments, subscriptions, ads, or marketing profiles. The site itself does not use Google Analytics, advertising pixels, or marketing trackers for cross-site profiling, does not sell personal information, and does not use visit data for ad targeting.

How to Read This Privacy Policy

Privacy policies are usually long and difficult to read. We mark some content to make it easier for you to scan.

Content marked in green is favorable to you.

Content marked in yellow may require extra attention.

Content marked in red requires extra attention because it may be unfavorable to you.

Changes

We reserve the right to modify, revise, or update this policy at any time. The current effective version will always be published on this page and identified by the last-updated date above.

You should visit this page periodically and use your browser's refresh button to check for changes. If the last-updated date remains the same after refreshing, you may assume that there has been no change.

A change to the last-updated date means this policy has been updated or edited. The updated or edited version replaces any earlier version immediately after publication.

Browsers, network providers, CDNs, and other organizations or individuals may cache our pages to save bandwidth or for other reasons. If cached content differs from the current content, the version published by this site controls.

Interpretation and Definitions

Interpretation

Words shown in bold in the list below have meanings defined under the following conditions. The definitions have the same meaning whether they appear in singular or plural form.

Definitions

Account means a unique account created for you to access our service or parts of our service. The site itself currently does not provide account registration.
We, us, our, or site means the operator providing this website, downloads, public APIs, site search, local preferences, and page content.
Cookies, also called browser metadata in this policy, are small pieces of data sent by a server to a user's browser and stored locally. They may contain anonymous unique identifiers and may be sent back to the same server on later requests. They are commonly used to tell whether two requests came from the same browser or user, such as for security challenge state, comment login state, or site preferences.
Customer, you, or your means an individual, company, or organization using our services. Under the GDPR, you may be called a data subject or user because you are an individual using the service.
Data controller, for GDPR purposes, means a person or entity that determines the purposes and means of processing personal information alone or jointly with others. For information directly processed by this site, we usually determine the purposes and means. For information directly processed by Disqus, Cloudflare, email providers, and similar third-party services, those providers may act as independent controllers or processors.
End user means a person, company, or organization that visits the site, downloads files, calls public APIs, loads comments, uses site search, or contacts the site directly.
Integrator means a person, company, or organization that integrates our public pages, download links, APIs, feeds, or search indexes into a website, launcher, bot, mirror, or other service.
Personal information, also called Personal Data, means electronically recorded or otherwise recorded data that can identify or contact a specific person. If one item of information alone, or with simple assistance, can determine that several actions belong to the same person, that item is personal information; otherwise it is not.
Personally identifying information means a type of personal information that directly identifies, contacts, or precisely locates one specific natural person without additional assistance. Examples include legal name, date of birth, government ID or Social Security number, biometric information such as photographs, fingerprints, palm prints, iris patterns, subcutaneous capillary patterns, residential address, phone number, license plate number, and precise GPS coordinates.

Your IP address, User-Agent, request headers, download requests, comment requests, or Cloudflare security challenge tokens may be personal information before they are classified and aggregated. We try to minimize direct retention and, where feasible, de-identify, anonymize, redact, and aggregate such information.

Non-personal information means information recorded in any form that cannot by itself be directly connected to a specific natural person. Usually this data is classified and aggregated, making it practically impossible to reconstruct information about a specific person.

When non-personal information is combined with personal information, we treat the combined information as personal information.

Service or our services includes the website, static assets, game downloads, public APIs, search indexes, feeds, online comments, local preferences, email, and security protection.
Unique identifier or UUID means a string of characters that can uniquely identify a device, browser, comment thread, request, or cache entity. It is commonly embedded by a device manufacturer or sent by a server to a browser to distinguish a device, browser, request, or user.
Usage data, also called analytics information, means data collected automatically from use of the service or the service infrastructure itself, such as page access time, request path, download path, HTTP status code, cache status, error status, referrer, and page performance metrics. In general, usage data that has not been aggregated or de-identified is treated as personal information.
Local storage means site data stored by your browser on your device, such as theme preference, home hero frame state, recent site-search visits, error-recovery session markers, or other interface preferences.
Third-party service means an independent provider used for hosting, caching, network security, download delivery, comments, email transmission, aggregate performance statistics, or similar purposes.

Information We Collect

We collect information from people who interact with our website and services, including visitors, download users, public API, search index, or feed callers, people who email us directly, and people who read or post comments.

We collect the following types of information:

Scenario	Information that may be involved	Main purpose
Page visits and static assets	IP address, request path, request time, HTTP headers, User-Agent, referrer, language preference, cache status, error status code, rough region, page performance metrics	Deliver pages, cache responses, optimize load speed, protect the service, review abnormal traffic, troubleshoot failures, and produce aggregate visit statistics
Downloads	Download path, platform type, version, range-request data, cache data, request network data, rate-limit state	Transfer files, support resumable downloads, return verification data, limit abuse, troubleshoot download failures
Public APIs, search indexes, and feeds	Request path, query parameters, locale path, response status, referrer, User-Agent, IP address, cache status	Provide JSON, RSS, search indexes, and machine-readable documents; maintain cache, CORS, security, and rate limiting
Local preferences	Theme mode, home hero frame state, recent site-search visits, error-recovery session marker, browser site data	Remember interface preferences, improve same-device experience, reduce repeated loading or error loops
Comments	Comment content, username, account details, avatar, email or third-party account profile, IP address, device data, cookies, embedded-content requests, anti-abuse data	Provided by Disqus / DisqusJS for comments, login, sync, moderation, notifications, and anti-abuse
Direct contact	Email address, message body, attachments, email headers, communication time, communication metadata	Reply to requests, troubleshoot issues, keep necessary records, send security notices, or handle privacy requests
Security and abuse control	IP address, User-Agent, request path, HTTP status, Cloudflare security challenge token, rate-limit keys, short-lived ban-cache keys	Identify scanners, repeated attacks, abnormal downloads, cookie replay, or sensitive-path probing, and protect the site and other visitors

Personal Information

When you provide personal information directly to us, such as by emailing us or by entering a username, account details, and comment content in the third-party comments area, we process that information. The site itself does not provide registration profiles, payment profiles, subscription profiles, or real-name forms.

Analytics Information

Some information is collected automatically because visitors use the website, downloads, public APIs, comments, or the service infrastructure itself. Some analytics information is processed by infrastructure services on our behalf, and some is collected through network technologies, including browser metadata:

Referrer, access frequency, access date and time, request path, response status, time spent, browser used
Device type, browser version, screen size, operating system, network type, language settings
Network provider and rough geographic location limited to country, region, continent, or province/state level
Site startup and loading speed, key runtime timings, cache hits, and error status
Performance of different content-delivery providers in your network environment
Serious site errors, request failures, and related error information that does not include actively submitted content

Raw access logs, download logs, security logs, or comment service data may contain personal information. Statistics that have been de-identified, anonymized, redacted, classified, and aggregated are generally no longer used to identify a specific person.

If we need additional information to investigate a specific device, browser, download, or comment problem, we will try to contact you first. Additional diagnostic information will not be actively uploaded by this site before you authorize it.

Like most internet services, our servers, CDN, Worker, security protection, and third-party comment service automatically process certain information, such as your IP address and HTTP request headers. This information is usually stored in logs, caches, or third-party service records and is deleted or minimized within the applicable retention period.

Personally Identifying Information

We do not knowingly, actively, or proactively collect any personally identifying information through the site's own features. Ever.

How We Collect Your Information

Our services may use cookies and other technologies, such as local storage, session storage, pixel tags, web beacons, Cloudflare security challenge tokens, IP addresses, HTTP request headers, TLS handshake metadata, device signals, and third-party embedded requests.

These technologies help us deliver pages and files, remember same-device preferences, understand site health, distinguish humans from automated programs, limit abuse, and provide comments.

Cookies or Browser Metadata

You can instruct your browser to refuse all cookies or to indicate when a cookie is being sent. If you want to block cookies or other tracking technologies, most browsers and mobile devices can change your settings so you are notified when cookies or other tracking technologies are used and can choose whether to accept or allow them. Most browsers also allow you to disable or delete existing cookies or automatically reject future cookies. You may also use third-party tools, including browser extensions, to control cookie preferences. However, if you disable all cookies, some parts of the website may not function properly. Unless you have adjusted your browser settings to refuse cookies, our services or third-party services may use cookies.

Local Storage and Session Storage

The site stores a small amount of preference data in your browser, such as theme mode, home hero frame state, recent site-search visits, and error-recovery session markers. This data remains on your device and is not actively uploaded to the site's servers merely because the preference feature stores it.

You can delete these preferences by clearing browser site data. The site will return to its default theme and interface state.

Flash Cookies

The site itself does not use Flash and does not rely on Flash Cookies. Some browsers, legacy plugins, or third-party websites may still refer to local shared objects, or Flash Cookies, to collect and store preference or activity information.

Web Beacons

Some parts of our services, Cloudflare Web Analytics, third-party comments, or the email services used when you communicate with us may contain small electronic files called web beacons, such as pixel tags or browser beacons. These technologies allow a provider to count users who visited pages, opened emails, or triggered certain network requests, and to use that data for website statistics, security, and delivery purposes.

Third-Party Analytics and Tracking Technologies

As described above, we and our third-party vendors may use cookies, web beacons, and other technologies to collect necessary usage data, security data, and aggregate performance information. In some cases we work with third-party vendors to process this information for network delivery, security protection, comments, email transmission, or aggregate performance statistics.

We use Cloudflare to optimize network delivery, cache content, protect us from online attacks, distribute downloads, and possibly process aggregate visit and performance metrics. See the Cloudflare Privacy Policy.
We use Disqus / DisqusJS to provide comments. The comments component initializes only after the comments area enters the viewport and you interact with the page. See the Disqus Privacy Policy.
When you email us directly, email transmission and storage pass through the relevant email providers. Email providers may process email addresses, message content, headers, and security-scanning data under their own policies.

The site itself does not use Google Analytics, advertising pixels, marketing trackers, or third-party analytics tools for cross-site profiling.

How We Transfer, Process, Store, and Protect Collected Information

Our online services use encryption technologies, such as Transport Layer Security (TLS), to protect information collected in transit from interception by intermediaries.

Analytics information we collect is classified and aggregated where practical so it can be used for the purposes described in this policy.

Any non-analytics information and any other information not needed for audit, security, or research purposes, such as full IP addresses that have not been redacted or blurred, is deleted, de-identified, anonymized, or redacted where feasible.

Information used for analytics is stored in systems with limited, authorized access. When we use third-party hosting, caching, comment, email, or logging services, those services process information under their own security measures and privacy policies.

Unfortunately, no security measure is 100% foolproof, and no network or system, including ours, can guarantee 100% prevention of destruction, loss, alteration, unauthorized disclosure, or unauthorized access to collected or stored information. If you believe your information may be insecure for any reason, contact us using the address below.

We retain collected information for the period needed to achieve the purposes described in this privacy policy. Usually such information is deleted, aggregated, or minimized after the purpose for collecting it is complete, unless law, regulation, security, anti-abuse, or dispute handling requires a longer storage period.

How We Use Your Information

Generally we use this information for internal purposes such as auditing, analysis, and research; to protect our services from intrusion; to manage the website; to understand site health; to understand and analyze trends; to collect aggregate audience characteristics; and to create, develop, and improve our services. Specifically:

To provide the website, downloads, public APIs, search indexes, feeds, and comments. We use necessary information to respond to requests, return pages and files, sync comments, perform caching, and provide technical support.
To improve the website and services. We use analytics information to improve existing pages, download delivery, routing, caching, search, and public APIs, and to customize future features.
To obtain operational insight. We use analytics information to analyze load speed, error rates, regional network conditions, download failures, cache hits, and traffic trends, and for other research purposes.
To keep our services and systems secure. We use usage data, security logs, rate-limit results, and Cloudflare security challenge state to identify potential threats and vulnerabilities and otherwise protect our systems and the information we collect.
To reply when you contact us directly, handle privacy requests, troubleshoot problems, or keep necessary records.
For any lawful business, operational, security, anti-abuse, rights-protection, or compliance purpose.

Before using information for statistics, research, performance analysis, or trend analysis, we try to delete, de-identify, anonymize, redact, classify, and aggregate it as described above so that it cannot reasonably be linked to an individual.

We do not use collected information for content advertising or ad promotion.

How We Share Information

We share or disclose personal information in the following circumstances:

With service providers we hire to provide website and service infrastructure, such as hosting proxying, caching, speed optimization, security protection, download delivery, comments, email transmission, logs, and aggregate performance statistics, and only for those purposes.
With Disqus / DisqusJS for information needed to run comments. This is involved only when the comments area is loaded or used.
With email providers when you send email directly or ask us to respond.
To comply with applicable law, including written requests from government or law-enforcement agencies, and other requests to public or private entities to protect your, our, or others' rights, privacy, safety, or property.

Before complying with such requests, we use reasonably available legal remedies and minimize the information we must share as much as possible.

We have never placed any backdoor or other access method into the services we provide. We do not knowingly, actively, or proactively disclose any information to any government. Ever.

For any lawful business, operational, research, security, or statistical purpose, provided the information has been deleted, de-identified, anonymized, redacted, classified, and aggregated so it cannot reasonably be linked to an individual.

We do not share any information with third parties for content, marketing, or advertising purposes.

Warranty Disclaimer

To the maximum extent permitted by law, this website and services, and any related services, information, data, features, and other content or materials, are provided on an "as is" and "as available" basis. To the maximum extent permitted by law, we disclaim all warranties, including implied warranties of merchantability, fitness for a particular purpose, and non-infringement.

Retention

The site itself does not provide registered accounts, so it does not keep long-term registration profiles, payment profiles, or real-name profiles. We retain your personal data only for as long as needed to complete the collection purpose, including to satisfy legal, accounting, reporting, security, anti-abuse, or dispute-resolution purposes. Criteria used to determine storage periods include applicable contract terms, limitation periods, regulatory requirements, industry standards, and service-provider retention policies.

Retention requirements vary by jurisdiction and provider, but typical retention for different aspects of your personal data is described below.

Local preferences remain on your device until you clear browser site data or overwrite them. Recent site-search visits, theme preference, home hero frame state, and error-recovery session markers are in this category.

Retention periods for access logs, download logs, Cloudflare security and performance records, comment data, email records, and API request records depend on the services processing them and the purposes for which they are needed. Contact or troubleshooting records directly retained by the site are deleted or minimized when no longer needed, unless law, security, or dispute handling requires continued retention.

Information collected through technical means, such as cookies, web counters, and other analytics tools, is discarded as soon as practical, but may be retained for a limited period after cookies expire, usually in de-identified, anonymized, redacted, classified, and aggregated form, unless we discover that our services may be abused.

If we discover that our services may be abused, we retain necessary information to help prevent future abuse. The site's abuse protection may use derived keys from IP addresses, User-Agents, or Cloudflare security challenge tokens for a limited time. These keys are not intended to identify your real-world identity, but to stop automated scanning, cookie replay, and abnormal requests.

Cookie Policy (Our Use of Cookies and Other Technologies)

Cookies We Use

Cookies can be persistent cookies or session cookies. Persistent cookies remain on your personal computer or mobile device when you go offline, while session cookies are deleted immediately after you close your web browser.

For the following purposes, we, browsers, and third-party services may use both session and persistent cookies, or similar local storage, session storage, cache, web beacon, and security-token technologies:

Necessary / Essential Cookies

Type: session cookies and persistent cookies
Managed by: us, Cloudflare, or necessary infrastructure service providers

These cookies are essential to provide the website's services to you and allow you to use some features. For example, Cloudflare may use security challenge tokens to confirm that your browser passed necessary security checks; the site's anti-abuse logic may read a limited prefix of such tokens to identify abnormal replay; download and API requests may rely on cache, rate limiting, and request metadata to operate reliably. Without these cookies or similar technologies, requested services may not be available. We use these cookies only to provide these services, maintain security, and prevent abuse.

Functional Cookies and Local Preferences

Type: persistent local storage, session storage, or browser site data
Managed by: us and your browser

These technologies allow us to remember choices you make while using the site, such as theme preference, home hero frame state, recent site-search visits, or error-recovery session markers. Their purpose is to provide a more personal experience and avoid requiring you to re-enter preferences or repeatedly encounter the same error state.

Information collected through cookies and other technologies is treated depending on its state: raw requests, cookies, IP addresses, or device signals may be personal information; once deleted, de-identified, anonymized, redacted, classified, and aggregated, it is usually treated as non-personal information.

We do not use cookie technology to disclose your personal information to any advertising network or to help advertising networks collect it.

Tracking and Performance Analytics Cookies

Type: persistent cookies, session cookies, web beacons, third-party requests, or aggregate analytics events
Managed by: third-party vendors

These technologies are used to understand traffic, loading quality, error states, security events, and how users use the website. Information collected through these technologies may directly or indirectly identify you as a single visitor, especially when it is linked to IP address, User-Agent, comment account, or a pseudonymous identifier associated with the device you use to access the site. Cloudflare may process aggregate visit and performance metrics; Disqus may set cookies and make third-party requests after comments load to provide login, comments, sync, moderation, and anti-abuse.

We have taken all practical measures to avoid using cookies for advertising tracking and marketing profiles. We have also taken all practical measures to avoid third-party vendors setting cookies for advertising tracking and marketing profiles in your browser or device.

Your Choices About Cookies

If you wish to avoid cookies on the website, you must first disable cookies in your browser and then delete cookies saved in your browser that are associated with this website. You may use this option at any time to prevent cookie use.

If you do not accept our cookies, you may experience inconvenience while using the website, and some features may not work correctly, such as theme preferences, recent site-search visits, Cloudflare security challenges, comments, or download anti-abuse protection.

If you want to delete cookies or instruct your web browser to delete or refuse cookies, visit your browser's help pages.

For Chrome, visit the page provided by Google.
For Microsoft Edge and Internet Explorer, visit the page provided by Microsoft.
For Firefox, visit the page provided by Mozilla.
For Safari, visit the page provided by Apple.
For other browsers, visit the support pages provided by your browser.

Flash Cookies do not share browser cookie setting management. The site itself does not use Flash Cookies. For more information about how to delete Flash Cookies, visit Adobe's website and read "Where can I change the settings for disabling, or deleting local shared objects?"

Personal Information from Children

Our website and services are not directed to children under 13, and we do not knowingly collect personal information from children under 13, although some third-party providers we use or third-party websites we link to may do so.

These third-party websites have their own terms of use and privacy policies. We encourage parents and legal guardians to supervise their children's internet use and instruct their children not to provide information on other websites without permission.

If we learn that we have collected personal information from a child under 13, we will take reasonable measures to delete that information from our files as soon as possible, unless we have a legal obligation to retain it. If you believe we have any information from or about a child under 13, contact us at admin@pvzvoyage.com.

Even if we receive affirmative authorization, or "opt in," from a customer aged 13 to 16, or from the parent or guardian of a customer under 13, we still will not share personal information of customers under 16 when we have actual knowledge of their age. Customers may also opt out of future sharing at any time. To exercise the right to opt out, you or your authorized representative may submit a request by contacting us.

Cross-Border Data Transfers

Please note that your personal data may be transferred to the United States, Singapore, the European Union, or other regions outside your country of residence, and may be processed and stored there. Data protection laws in those regions may differ from the laws in your country. By visiting our website or using our services, you understand that your information, including personal information, may be transferred across borders as described in this privacy policy and processed by Cloudflare, Disqus, email providers, or other necessary service providers in the regions where their infrastructure operates.

Where practical, we rely on contractual, technical, and organizational measures provided by service providers to protect cross-border data processing, and we try to minimize raw personal information directly retained by the site.

Use of Your Personal Information for New Purposes

Where permitted by law, we may use your personal information for reasons not described in this privacy policy but compatible with the purpose for which we collected it. If we need to use your personal information for an unrelated purpose, we may notify you and explain the applicable legal basis for that use. If we need to rely on your consent to use specific personal information, we will explain any unrelated purpose when asking for consent and will stop the relevant processing if you object, unless law permits or requires us to continue.

Do Not Sell My Personal Information

You have the right to opt out of the sale of your personal information. However, we do not, and never will, sell your personal information. Therefore, you do not need to send us such a request.

Notice to California Residents

This section provides additional details about personal information we collect about California consumers and the rights given to them under the California Consumer Privacy Act, as amended by the California Privacy Rights Act, together called the CCPA.

For the categories of personal information we collected from you in the last 12 months, see above. We collect that information for the business and commercial purposes described above. In the last 12 months, we may have disclosed the following categories of information to third-party service providers for business purposes.

Category of Personal Information	Examples of Personal Information Disclosed	Categories of Third-Party Recipients
Identifiers	IP address, online identifier, User-Agent, comment username, email address, account name, or other similar identifiers	Service providers, such as Cloudflare, Disqus, and email providers
Commercial information	Game download, version selection, platform selection, mirror or download link usage; the site does not process payment records or purchase records	Service providers, such as Cloudflare, R2 storage, and cache infrastructure
Internet or other electronic network activity	Page visits, API calls, file downloads, search-index loading, comments interaction, referrer, response status, and error status	Service providers, such as Cloudflare, Disqus, and email providers
Approximate geolocation information	Country, region, continent, or province/state inferred from IP address	Service providers, such as Cloudflare and security, cache, or statistics infrastructure
Content you actively provide	Comment content, email body, attachments, issue descriptions, feedback, or privacy requests	Service providers, such as Disqus and email providers; relevant authorities when legally required

We do not "sell" or "share" personal information we collect, as those terms are defined under the CCPA, including sharing for cross-context behavioral advertising. See above for more information about third-party cookies we use, if any.

Under certain conditions, the CCPA gives California consumers the following rights: to request more details about the categories or specific pieces of personal information we collect, including how we use and disclose it; to delete their personal information; to correct inaccurate personal information; to limit use of sensitive personal information; to opt out of any sale or sharing that may occur; and to be free from discrimination for exercising these rights.

California consumers may submit requests under their CCPA rights by contacting us at admin@pvzvoyage.com. Before taking further action, you may need to verify your identity and request, such as by providing enough information to confirm that the request comes from the relevant email address, comment account, or visitor. Under California law, you may designate an authorized agent to submit a request on your behalf. To designate an authorized agent, you may need to provide valid authorization, valid identification for the requester, and valid identification for the authorized agent.

Notice to EU Data Subjects

We may process personal data, or personal information, under the following conditions.

Consent: you have given consent for processing personal data for one or more specific purposes, such as directly sending email, submitting comments, or allowing the third-party comment service to load.
Performance of a contract: personal data is necessary to perform an agreement with you and/or pre-contractual obligations, such as responding to support, privacy, or download questions you submit.
Legal obligation: processing personal data is necessary to comply with a legal obligation to which we are subject.
Vital interests: processing personal data is necessary to protect your vital interests or those of another natural person.
Public interest: processing personal data is related to a task carried out in the public interest or in the exercise of official authority vested in us.
Legitimate interests: processing personal data is necessary for legitimate interests pursued by us, such as delivering pages and files, maintaining security, limiting abuse, troubleshooting failures, producing aggregate performance statistics, and protecting site rights.

If you are in the European Economic Area, the United Kingdom, or Switzerland, you may have rights to access, correct, delete, restrict processing, object to processing, data portability, withdraw consent, and lodge a complaint with a supervisory authority. These rights may be limited by applicable law, identity verification, third-party service boundaries, public interest, security, dispute handling, or legal retention obligations.

To exercise rights related to information directly held by this site, contact us at admin@pvzvoyage.com. Requests related to Disqus comment accounts, Cloudflare security logs, or information directly processed by email providers may need to be directed to the relevant third-party service.

Your Choices and Rights

You can choose not to load or use the comments area.
You can clear cookies, local storage, session storage, and site data through your browser.
You can contact Disqus to exercise rights related to your comment account and comment content.
You can request access, correction, deletion, restriction, or export of information directly held by the site using the email address below.
You can stop visiting the site or downloading files; this does not affect game files already saved locally.

Contact

For privacy-related requests, email admin@pvzvoyage.com.