PRIVACY POLICY & DATA PROTECTION PROTOCOL
BLOCKCHAIN IMMUTABILITY WARNING:
Please be aware that any data recorded on the Blockchain (Wallet addresses, Transaction hashes, Land Ownership) is public, immutable, and permanent. AWMA cannot erase, rectify, or hide data stored on the decentralized ledger, even upon request, as this is technically impossible.
Please be aware that any data recorded on the Blockchain (Wallet addresses, Transaction hashes, Land Ownership) is public, immutable, and permanent. AWMA cannot erase, rectify, or hide data stored on the decentralized ledger, even upon request, as this is technically impossible.
ARTICLE 1: IDENTITY OF THE DATA CONTROLLER
1.1The Data Controller is AUTHENTIC WEB MEDIA AGENCY (AWMA) SARL.
1.2Headquarters: 131 Bvd D'anfa Res Azur Bureau N° 11 B, 20170 Casablanca, Morocco.
1.3This Policy is established in accordance with Moroccan Law No. 09-08 relating to the protection of individuals with regard to the processing of personal data.
1.4By using ColorIsLive, you consent to the collection and use of your information as described in this policy.
ARTICLE 2: DATA COLLECTED
2.1Identity Data: Username, Email address, Encrypted Password hash.
2.2Financial Data: Public Wallet Addresses (Ethereum/Polygon/BSC), Token Balances ($CLR), Transaction History.
2.3Technical Data: IP Address, Browser Type, Timezone, Device Hardware Signature (GPU/CPU for rendering optimization).
2.4Behavioral Data: Coordinates (X,Y,Z) within the simulation, interactions with NPCs, chat logs (stored for moderation).
2.5KYC Data: Government ID, Proof of Address (Only for Tiers 1, 2, 3, 5 and 7 verifying withdrawal limits).
ARTICLE 3: PURPOSES OF PROCESSING
3.1Service Provision: Managing user accounts, permitting login, saving game state (Inventory, Position).
3.2Transaction Security: Verifying ownership of assets via Smart Contracts before authorization.
3.3Fraud Prevention: Detecting multi-accounting, bots, and money laundering attempts (AML).
3.4Communication: Sending system alerts, governance updates, and security notifications.
3.5Legal Compliance: Responding to requests from Moroccan authorities (DGST, DGSN, Courts).
ARTICLE 4: DATA RECIPIENTS
4.1Internal Staff: AWMA developers and "Monolith" moderators (Tier 2) strictly on a need-to-know basis.
4.2Public Ledger: Wallet addresses and transactions are broadcast to the public Blockchain network.
4.3Service Providers: Cloud hosting providers (e.g., AWS/Google), Email delivery services.
4.4Legal Authorities: Moroccan judicial or administrative authorities upon valid requisition.
4.5We DO NOT sell your personal email or identity to third-party marketing agencies.
ARTICLE 5: INTERNATIONAL DATA TRANSFER
5.1Given the decentralized nature of the project, data may be replicated on servers outside Morocco.
5.2By accepting these terms, you expressly consent to the transfer of your technical data to international nodes.
ARTICLE 6: USER RIGHTS (CNDP)
6.1Right of Access: You may request a copy of all data held about you by AWMA.
6.2Right of Rectification: You may correct inaccurate personal data (Email, Name) via your Dashboard.
6.3Right of Opposition: You may oppose the processing of your data for legitimate reasons, except where data is required for the performance of the contract (the Game).
6.4The "Right to be Forgotten" cannot apply to immutable Blockchain records.
ARTICLE 7: DATA RETENTION
7.1Active Accounts: Data is kept as long as the account exists.
7.2Inactive Accounts: Data is archived after 3 years of inactivity.
7.3Financial Records: Kept for 10 years in compliance with Moroccan commercial law.
ARTICLE 8: COOKIES AND TRACKING
8.1We use "Session Cookies" essential for authentication (keeping you logged in).
8.2We use "Functional Cookies" to save your UI preferences (Language, Volume).
8.3We do not use third-party advertising pixels (Facebook Pixel, etc.) inside the simulation.
ARTICLE 9: SECURITY MEASURES
9.1Data is encrypted in transit (TLS 1.3) and at rest (AES-256).
9.2Passwords are hashed using BCRYPT with individual salts. We never see your plain password.
9.3Access to the database is restricted to authorized personnel via VPN and 2FA.
ARTICLE 10: CHANGES TO POLICY
10.1AWMA reserves the right to modify this policy to comply with CNDP guidelines.
10.2Significant changes will be notified by email or system announcement.
ARTICLE 11 to 20: SPECIFIC DATA PROTOCOLS
SECTION 11.0 - ADVANCED DATA PROCESSING SCENARIOS
11.1
Facial tracking data for Avatar expressions is processed in RAM and never saved to disk.
11.2
3D Asset caching data is stored locally on the user's device (Local Storage).
11.3
Voice chat data (WebRTC) is peer-to-peer and not stored on AWMA servers.
11.4
Payment gateway metadata (Credit Card tokens) is handled by the processor, not AWMA.
11.5
3D Asset caching data is stored locally on the user's device (Local Storage).
11.6
Tier 7 Landowners cannot access the private data of visitors to their planets.
11.7
IP addresses are logged during 'Warp Jumps' to prevent speed-hacking.
11.8
API requests from Tier 6 scripts are logged for rate-limiting purposes.
11.9
Facial tracking data for Avatar expressions is processed in RAM and never saved to disk.
11.10
Chat logs in public plazas are archived for 90 days for moderation analysis.
SECTION 12.0 - ADVANCED DATA PROCESSING SCENARIOS
12.1
Payment gateway metadata (Credit Card tokens) is handled by the processor, not AWMA.
12.2
Payment gateway metadata (Credit Card tokens) is handled by the processor, not AWMA.
12.3
Payment gateway metadata (Credit Card tokens) is handled by the processor, not AWMA.
12.4
Facial tracking data for Avatar expressions is processed in RAM and never saved to disk.
12.5
API requests from Tier 6 scripts are logged for rate-limiting purposes.
12.6
Payment gateway metadata (Credit Card tokens) is handled by the processor, not AWMA.
12.7
IP addresses are logged during 'Warp Jumps' to prevent speed-hacking.
12.8
Voice chat data (WebRTC) is peer-to-peer and not stored on AWMA servers.
12.9
Crash reports may include system specs but are anonymized before transmission.
12.10
Facial tracking data for Avatar expressions is processed in RAM and never saved to disk.
SECTION 13.0 - ADVANCED DATA PROCESSING SCENARIOS
13.1
IP addresses are logged during 'Warp Jumps' to prevent speed-hacking.
13.2
Facial tracking data for Avatar expressions is processed in RAM and never saved to disk.
13.3
3D Asset caching data is stored locally on the user's device (Local Storage).
13.4
API requests from Tier 6 scripts are logged for rate-limiting purposes.
13.5
API requests from Tier 6 scripts are logged for rate-limiting purposes.
13.6
3D Asset caching data is stored locally on the user's device (Local Storage).
13.7
Facial tracking data for Avatar expressions is processed in RAM and never saved to disk.
13.8
IP addresses are logged during 'Warp Jumps' to prevent speed-hacking.
13.9
Tier 7 Landowners cannot access the private data of visitors to their planets.
13.10
Facial tracking data for Avatar expressions is processed in RAM and never saved to disk.
SECTION 14.0 - ADVANCED DATA PROCESSING SCENARIOS
14.1
Governance votes (DAO) are public records permanently stored on-chain.
14.2
Crash reports may include system specs but are anonymized before transmission.
14.3
Payment gateway metadata (Credit Card tokens) is handled by the processor, not AWMA.
14.4
Chat logs in public plazas are archived for 90 days for moderation analysis.
14.5
Chat logs in public plazas are archived for 90 days for moderation analysis.
14.6
Payment gateway metadata (Credit Card tokens) is handled by the processor, not AWMA.
14.7
IP addresses are logged during 'Warp Jumps' to prevent speed-hacking.
14.8
Crash reports may include system specs but are anonymized before transmission.
14.9
Facial tracking data for Avatar expressions is processed in RAM and never saved to disk.
14.10
Governance votes (DAO) are public records permanently stored on-chain.
SECTION 15.0 - ADVANCED DATA PROCESSING SCENARIOS
15.1
Facial tracking data for Avatar expressions is processed in RAM and never saved to disk.
15.2
Tier 7 Landowners cannot access the private data of visitors to their planets.
15.3
Voice chat data (WebRTC) is peer-to-peer and not stored on AWMA servers.
15.4
Tier 7 Landowners cannot access the private data of visitors to their planets.
15.5
Governance votes (DAO) are public records permanently stored on-chain.
15.6
Tier 7 Landowners cannot access the private data of visitors to their planets.
15.7
Tier 7 Landowners cannot access the private data of visitors to their planets.
15.8
Governance votes (DAO) are public records permanently stored on-chain.
15.9
3D Asset caching data is stored locally on the user's device (Local Storage).
15.10
Facial tracking data for Avatar expressions is processed in RAM and never saved to disk.
SECTION 16.0 - ADVANCED DATA PROCESSING SCENARIOS
16.1
Governance votes (DAO) are public records permanently stored on-chain.
16.2
API requests from Tier 6 scripts are logged for rate-limiting purposes.
16.3
Voice chat data (WebRTC) is peer-to-peer and not stored on AWMA servers.
16.4
Voice chat data (WebRTC) is peer-to-peer and not stored on AWMA servers.
16.5
Tier 7 Landowners cannot access the private data of visitors to their planets.
16.6
Tier 7 Landowners cannot access the private data of visitors to their planets.
16.7
Tier 7 Landowners cannot access the private data of visitors to their planets.
16.8
Voice chat data (WebRTC) is peer-to-peer and not stored on AWMA servers.
16.9
API requests from Tier 6 scripts are logged for rate-limiting purposes.
16.10
Governance votes (DAO) are public records permanently stored on-chain.
SECTION 17.0 - ADVANCED DATA PROCESSING SCENARIOS
17.1
3D Asset caching data is stored locally on the user's device (Local Storage).
17.2
IP addresses are logged during 'Warp Jumps' to prevent speed-hacking.
17.3
Payment gateway metadata (Credit Card tokens) is handled by the processor, not AWMA.
17.4
3D Asset caching data is stored locally on the user's device (Local Storage).
17.5
Chat logs in public plazas are archived for 90 days for moderation analysis.
17.6
Payment gateway metadata (Credit Card tokens) is handled by the processor, not AWMA.
17.7
Voice chat data (WebRTC) is peer-to-peer and not stored on AWMA servers.
17.8
Crash reports may include system specs but are anonymized before transmission.
17.9
Chat logs in public plazas are archived for 90 days for moderation analysis.
17.10
Chat logs in public plazas are archived for 90 days for moderation analysis.
SECTION 18.0 - ADVANCED DATA PROCESSING SCENARIOS
18.1
Voice chat data (WebRTC) is peer-to-peer and not stored on AWMA servers.
18.2
Crash reports may include system specs but are anonymized before transmission.
18.3
Voice chat data (WebRTC) is peer-to-peer and not stored on AWMA servers.
18.4
Crash reports may include system specs but are anonymized before transmission.
18.5
Crash reports may include system specs but are anonymized before transmission.
18.6
3D Asset caching data is stored locally on the user's device (Local Storage).
18.7
3D Asset caching data is stored locally on the user's device (Local Storage).
18.8
API requests from Tier 6 scripts are logged for rate-limiting purposes.
18.9
IP addresses are logged during 'Warp Jumps' to prevent speed-hacking.
18.10
API requests from Tier 6 scripts are logged for rate-limiting purposes.
SECTION 19.0 - ADVANCED DATA PROCESSING SCENARIOS
19.1
IP addresses are logged during 'Warp Jumps' to prevent speed-hacking.
19.2
Chat logs in public plazas are archived for 90 days for moderation analysis.
19.3
Chat logs in public plazas are archived for 90 days for moderation analysis.
19.4
Payment gateway metadata (Credit Card tokens) is handled by the processor, not AWMA.
19.5
Chat logs in public plazas are archived for 90 days for moderation analysis.
19.6
Facial tracking data for Avatar expressions is processed in RAM and never saved to disk.
19.7
Chat logs in public plazas are archived for 90 days for moderation analysis.
19.8
Governance votes (DAO) are public records permanently stored on-chain.
19.9
Crash reports may include system specs but are anonymized before transmission.
19.10
Voice chat data (WebRTC) is peer-to-peer and not stored on AWMA servers.
SECTION 20.0 - ADVANCED DATA PROCESSING SCENARIOS
20.1
API requests from Tier 6 scripts are logged for rate-limiting purposes.
20.2
Tier 7 Landowners cannot access the private data of visitors to their planets.
20.3
Governance votes (DAO) are public records permanently stored on-chain.
20.4
Payment gateway metadata (Credit Card tokens) is handled by the processor, not AWMA.
20.5
Crash reports may include system specs but are anonymized before transmission.
20.6
3D Asset caching data is stored locally on the user's device (Local Storage).
20.7
Chat logs in public plazas are archived for 90 days for moderation analysis.
20.8
3D Asset caching data is stored locally on the user's device (Local Storage).
20.9
Tier 7 Landowners cannot access the private data of visitors to their planets.
20.10
Facial tracking data for Avatar expressions is processed in RAM and never saved to disk.
SECTION 21.0 - ADVANCED DATA PROCESSING SCENARIOS
21.1
Voice chat data (WebRTC) is peer-to-peer and not stored on AWMA servers.
21.2
Chat logs in public plazas are archived for 90 days for moderation analysis.
21.3
IP addresses are logged during 'Warp Jumps' to prevent speed-hacking.
21.4
Voice chat data (WebRTC) is peer-to-peer and not stored on AWMA servers.
21.5
Payment gateway metadata (Credit Card tokens) is handled by the processor, not AWMA.
21.6
Governance votes (DAO) are public records permanently stored on-chain.
21.7
Chat logs in public plazas are archived for 90 days for moderation analysis.
21.8
Governance votes (DAO) are public records permanently stored on-chain.
21.9
3D Asset caching data is stored locally on the user's device (Local Storage).
21.10
Governance votes (DAO) are public records permanently stored on-chain.
SECTION 22.0 - ADVANCED DATA PROCESSING SCENARIOS
22.1
Governance votes (DAO) are public records permanently stored on-chain.
22.2
API requests from Tier 6 scripts are logged for rate-limiting purposes.
22.3
Voice chat data (WebRTC) is peer-to-peer and not stored on AWMA servers.
22.4
Governance votes (DAO) are public records permanently stored on-chain.
22.5
Voice chat data (WebRTC) is peer-to-peer and not stored on AWMA servers.
22.6
Payment gateway metadata (Credit Card tokens) is handled by the processor, not AWMA.
22.7
API requests from Tier 6 scripts are logged for rate-limiting purposes.
22.8
3D Asset caching data is stored locally on the user's device (Local Storage).
22.9
API requests from Tier 6 scripts are logged for rate-limiting purposes.
22.10
API requests from Tier 6 scripts are logged for rate-limiting purposes.
CONFIDENTIALITY PROTOCOL - REF: AWMA-CNDP-2026-002