// legal

Privacy Policy

Last updated: March 4, 2026

Overview

Ac1d Development ("we", "us", "our") provides tools and services for the VRChat community. This policy explains what data we collect, how we use it, and your rights regarding that data.

Geographic Restrictions

Our services are not available to residents of the European Union or the United Kingdom. We have made a deliberate choice not to operate in these jurisdictions due to their mandatory age-verification frameworks, which we fundamentally oppose on grounds of personal privacy and digital freedom.

By using our services you confirm that you are not accessing them from within the EU or UK, and that you are not subject to those regulatory frameworks.

Information We Collect

  • Account & subscription data — name, email address, and payment information provided when signing up for a paid tier.
  • VRChat API data — group metrics and public API data collected on your behalf as part of the WatchDog and DataDog services. We only collect data you explicitly authorize us to access.
  • Contact form submissions — name, email, and message content sent through our contact form. Used solely to respond to your inquiry.
  • Technical logs — standard server logs (IP address, timestamps, request paths) retained for up to 30 days for security and debugging purposes.

How We Use Your Information

  • To provide, operate, and maintain the services you subscribe to.
  • To respond to contact form submissions and support requests.
  • To process payments and manage your subscription.
  • To investigate abuse, fraud, or security incidents.

We do not sell your data. We do not use your data for advertising.

Data Sharing

We do not share your personal data with third parties except:

  • Payment processors — to handle billing. Payment card data is processed directly by our payment provider and never stored on our servers.
  • Legal obligations — if required to comply with applicable law or a valid legal process.

Data Retention

We retain account data for as long as your account is active. Upon account deletion we remove personal data within 30 days, except where retention is required for legal or fraud-prevention purposes. Server logs are purged after 30 days.

Security

We use industry-standard measures including encrypted connections (TLS), hashed credentials, and access controls to protect your data. No system is perfectly secure; we encourage you to use a strong, unique password.

Children

Our services are not directed at individuals under 18. We do not knowingly collect data from minors. If you believe a minor has provided us with personal data, contact us and we will promptly delete it.

Changes to This Policy

We may update this policy from time to time. The "last updated" date at the top of this page will reflect any changes. Continued use of the services after an update constitutes acceptance of the revised policy.

Contact

Questions about this policy? Reach us through the contact form on our homepage.