Privacy

How Tombstack handles the telemetry your game sends. This describes the data the platform processes; each studio is the controller of its own players' data.

Tombstack is operated by AnkleBreaker Consulting (SAS, RCS Versailles 912 705 860, 34 rue du Président Wilson, 78230 Le Pecq, France), which acts as data processor on each studio's behalf. The studio is the data controller for its players' data.

What we collect

• Crash metadata: timestamp, build version, OS/arch, a stack signature + stack trace, and a coarse stack hint.
• Optional identifiers you choose to send: a userId and/or Steam64 id, used for affected-user counts and per-player drill-down. No other personal data is required.
• Optional minidumps and bug-report screenshots, stored as opaque blobs.
• Breadcrumbs: the most recent log lines (the game's own Debug.Log/warning/error output) captured just before a crash or bug report, to show what led up to it. The SDK keeps only the last 50; their contents are whatever your game logs — avoid logging personal data.
• Session heartbeats (a random session id) to compute concurrency and crash rate.
• Server-triggered log retrieval: for support and incident investigation a studio may request a player's session log from a game server. Retrieval is consent-gated — a log is never pulled from a player who has not granted telemetry consent — retention-TTL'd like other telemetry (90 days), and removed by a data-erasure request.

Where & how long

• Data is hosted in the EU (AWS eu-west-3, Paris).
• Raw crash/telemetry rows and blobs expire automatically after 90 days.
• Minidumps can contain process memory — capture is consent-aware and can be disabled in the SDK.

Your rights (GDPR / RGPD)

• Under the GDPR you (or a player, via the controlling studio) may exercise rights of access, rectification, erasure, restriction, portability, and objection.
• A studio can erase all telemetry for a given userId (crashes, bug reports, breadcrumbs, heartbeats, and the associated S3 blobs — minidumps and screenshots) from its game dashboard at any time.
• Identifiers are never placed in URLs; secrets live in encrypted infrastructure config, never in the client or repo.
• To exercise a right or raise a complaint, contact us below; you may also lodge a complaint with the French supervisory authority (CNIL).

Questions: contact@anklebreaker-studio.com · See also Terms and Mentions légales.