Vanish — Privacy Policy

1) Who we are

Vanish ("we", "us", "our") is a chat application and sandbox society game. Users participate in groups with roles (admin, elder, member), elections, in-app currency ("Veils"), a marketplace, and visibility mechanics. The separate Rules & How it Works page describes the game systems in more detail. This policy focuses on how any personal data involved is processed.

We design the service to run with minimal personal data: you can participate under a pseudonym and we avoid collecting real-world contact details or precise location for normal use.

Data Controller for in-app data: Vanish (Ireland). Some services we use (for example, Google AdMob) act as independent controllers for their own processing.

2) Quick summary

Account types. You can join with a disposable temporary account that automatically expires after one hour (unless you extend it) or with a more persistent account. Temporary accounts do not require any personal details and cannot create groups. Persistent accounts store a username, a password hash, and your chosen country and city.
Minimal registration data. We do not ask for your legal name, email address, phone number, or precise GPS location. For normal users we do not rely on persistent device identifiers or precise location for account operation.
Gameplay and economy. The app combines chat with a governance and economy layer: group roles (admin, elder, member), elections, group taxes, an in-app currency called Veils, a marketplace, visibility boosts, sabotage items, and public ledgers. Actions such as Veil transfers, trades, promotions, demotions, shaming actions, votes, and group-pot movements are logged so that participants can assess reputation and behaviour.
We do not process payment card data. Veils and items are obtained through in-app activity (for example, rewarded ads, trading, group economies, or builder points). You do not buy Veils or items from us for real-world money.
Ads are served by Google AdMob. AdMob may process device and ad identifiers and other signals to deliver and measure ads and detect fraud. In consent regions you can choose personalised or non-personalised ads.
Automated moderation. Moderation is automated and uses a combination of user reports, behavioural analysis, honeypot traps, system-level spam detection, and third-party moderation models to assess content and behaviour. Severe violations (for example, suspected child sexual abuse material or extreme violence) may lead to permanent bans. Only in those severe cases do we temporarily process device identifiers and coarse location/IP data to enforce a hard ban and reduce evasion.
Ledgers & visibility. In-app ledgers publicly record major in-game actions (for example, transfers, promotions, siphons) to enable transparency. Visibility and boost items influence how users and groups appear in lists and can be bought, sold, or constructed using builder points.

3) Data we collect

3.1 Data you provide

Username (required to participate and shown to other users).
Country & city selection (chosen from a list; not GPS-derived).
Password (only for persistent accounts). We store a salted/hashed value, not the plaintext password.
User-generated content (messages, group names and descriptions, votes, marketplace listings, shaming posts, transfers, group-tax changes, and other in-game actions that appear in ledgers).

3.2 Data collected automatically

Service logs (basic technical and security logs needed to operate and protect the service; for example, timestamps, coarse IP region, crash and diagnostic reports). We do not use precise GPS.
Ad data via AdMob (Google may process Advertising ID/AAID, IP address, device and app information, ad interactions, approximate location, and similar signals. See AdMob/Google privacy documentation for full details.)
Moderation and spam signals. Our automated moderation, honeypot, and spam systems generate internal risk scores and enforcement history (for example, how many suspensions an account has had, or whether a honeypot trap was triggered). These are linked to your account identifier.
Anti-abuse signals (exception-based). Only when enforcing hard bans for severe offences do we temporarily associate device identifiers and IP/coarse location with an account to reduce ban evasion. Outside these safety scenarios, we do not use persistent device identifiers or precise location for normal operation.

We deliberately do not collect real name, email address, phone number, payment card data, or precise GPS location. Device identifiers and IP/coarse location are used only in limited security and abuse-prevention scenarios, primarily for enforcing hard bans.

4) Why we use your data (purposes & legal bases)

Provide the service (Contract)

Enable accounts (temporary and persistent), messaging, groups, elections, economic features, ledgers, and the marketplace.
Operate disappearing messages and deliver content across devices and regions.
Run group governance logic, including roles (admin, elder, member), votes of no confidence, elections, shaming actions, and restrictions on leaving groups during active votes.

Security & integrity (Legitimate interests)

Prevent spam, fraud, and abuse; detect ban evasion; protect users and the integrity of the game economy.
Maintain availability and diagnose incidents, including protecting against automated attacks and bot farms.
Run honeypot traps and spam-detection systems that identify abnormal automated behaviour and apply escalating penalties.

Moderation & compliance (Legitimate interests / Legal obligation)

Enforce community rules; remove illegal or unsafe content; cooperate with lawful requests from authorities where required.
Automatically evaluate reported content and behaviour using internal rules and third-party moderation models (for example, models that classify suspected child sexual abuse material, extreme violence, or other safety violations).
Apply automated enforcement actions, including message removal, progressive suspensions, and permanent bans for severe violations. For the most serious offences, we may process device/IP signals to apply and maintain hard bans.

Advertising (Consent / Legitimate interests where permitted)

Serve ads and rewarded ads via AdMob. In consent regions we ask for your choice between personalised and non-personalised ads and honour your preference.

Some enforcement actions (for example, automated message removal, suspensions, and bans) are the result of automated processing and profiling of reports and behavioural signals. See the "Your rights" section for information about rights related to automated decision-making where applicable law provides them.

5) Third-party services

We minimise vendors. When we use third parties, we ensure appropriate contracts are in place. Key services:

Google AdMob (ads and rewarded ads). AdMob/Google may act as an independent controller. They may use device identifiers (AAID/IDFA), IP address, approximate location, and other signals to deliver and measure ads, detect fraud, and comply with law. In the EEA/UK, we present a consent prompt (Google UMP) so you can choose personalised or non-personalised ads.
Hosting & infrastructure (for example, Firebase/Google Cloud). Used to deliver messages, groups, ledgers, and other gameplay data. These providers generally act as processors under our instructions.
Automated content-moderation providers (for example, AI-based safety and moderation services). We may send user-generated text or images, together with pseudonymous identifiers, so that these providers can classify content for safety, spam, and suspected illegality. Their outputs feed into our automated moderation and enforcement systems. Depending on the provider and region, they may act as our processors or as independent controllers for some aspects of processing.

Third-party practices may change; see their privacy documentation for the latest details. Where a vendor is an independent controller, you may need to exercise certain rights directly with them.

6) Retention

Temporary accounts: auto-delete after 1 hour unless extended by the user.
Messages: designed to disappear automatically (group settings may shorten this; the system default is up to 10 days unless a shorter period is configured).
Ledgers: major actions that define gameplay (for example, transfers, siphons, promotions, visibility boosts, and shaming actions) may persist to preserve game integrity and history.
Moderation and enforcement records: internal moderation scores, spam and honeypot flags, and enforcement history (for example, suspensions and bans) are retained only as long as needed to operate progressive penalties, protect users, and comply with legal requirements. Where bans are permanent, we may retain minimal ban-related records and device/IP identifiers necessary to prevent evasion.
Security/abuse data: device/IP signals used for hard bans are retained only as long as necessary to enforce bans and protect users.
Service logs: retained for a limited period for security and diagnostics, then aggregated or deleted.

9) Your rights

GDPR / UK GDPR

Access, rectify, erase, or port your data.
Restrict or object to processing where applicable.
Withdraw consent (for example, switch ad personalisation off) at any time.
Lodge a complaint with your local supervisory authority; in Ireland, the Data Protection Commission.

CPRA (California)

Right to know, delete, correct, and limit use of sensitive data.
We do not sell your personal information for money. Ad-supported delivery may be considered “sharing” for cross-context behavioural advertising; you can opt for non-personalised ads via the in-app consent controls.
Right to opt out of sharing for cross-context behavioural advertising.

Moderation and enforcement are largely automated and may have significant effects (for example, account suspensions or permanent bans). There is currently no in-app appeal interface. However, you may contact us by email if you believe an enforcement action is clearly wrong or was applied to you in error. Where applicable law grants you the right to obtain human review of an automated decision, we will comply with those obligations.

11) Cookies & tracking

The app itself does not use browser cookies. Our website may use essential cookies for security and performance. AdMob and other vendors may use SDK-based identifiers (for example, AAID) and similar technologies for ad delivery and measurement.

User controls

Use the in-app consent prompt to choose personalised or non-personalised ads; change later in settings where available.
Reset your device’s advertising ID (Android: Settings → Google → Ads).
Limit ad tracking in your device settings.

13) Law-enforcement & compliance

We may preserve and disclose information if we reasonably believe it is necessary to: comply with applicable law, a valid legal process, or governmental request; enforce our Terms and Rules; protect the safety, rights, or property of users or the public; or detect and prevent fraud, security, or technical issues. We narrowly scope any disclosure and challenge overbroad requests where appropriate.

Privacy Policy

Contents