Verse Wiki — an interactive handbook for Verse developers
LEGAL

Privacy Policy

This policy explains how Verse Wiki (hereinafter "this site", "we", "us") collects, uses, stores, and shares your personal data when you use this site, and the rights you have under the EU General Data Protection Regulation (GDPR).

This service is operated from Germany and is governed by German and EU law. The following applies wherever in the world you access this site.

Effective date: 2026-07-12 · Last updated: 2026-07-12

1. Data Controller

With respect to the processing of personal data on this site, the controller is the site operator; The operator’s identity and contact details are set out in our Impressum.

Whether a Data Protection Officer (DPO) must be appointed depends on the nature and scale of the processing activities: No Data Protection Officer is appointed. The operator does not meet the thresholds under Art. 37 GDPR or § 38 BDSG (it is not a public authority, does not carry out large-scale regular monitoring or large-scale processing of special-category data, and does not have the statutory number of persons constantly engaged in automated processing).

2. What Data We Collect

We collect data only to the extent necessary to provide the services of this site. Specifically, this includes:

3. Why We Use This Data (Purposes of Processing)

4. Legal Bases for Processing

We process personal data on the basis of Article 6 GDPR. The correspondence is as follows:

5. Retention Periods

We retain personal data only for as long as necessary to fulfill the purposes described above, or for any longer period required by law. The applicable periods are as follows:

6. Deletion and Anonymization Rules

Once the retention period expires, the relevant personal data will be deleted or irreversibly anonymized so that it can no longer be linked to a specific individual. Data held in backups will be overwritten or purged within the normal backup rotation cycle. You may also actively request deletion under the rights described below; where the law requires continued retention (for example, transaction records still within a statutory retention period), we will restrict the processing of such data until it can be lawfully deleted.

7. Data Recipients

To operate this site, we entrust necessary data to, or interact with, the following service providers (data processors). We do not sell your personal data to third parties for marketing purposes. The recipients and their roles are as follows:

Recipient Purpose / Role
Cloudflare Site hosting, CDN, DNS, and security protection
Supabase Database, authentication, and data storage
Epic Games Third-party sign-in (Epic account OAuth)
Google Third-party sign-in (Google OAuth)
Stripe Payment processing
Resend Transactional email delivery (e.g., sign-in, notifications, receipts)

Data processing agreements (DPAs) compliant with Article 28 GDPR are concluded with each data processor: Data processing agreements pursuant to Art. 28 GDPR are in place with each processor on the basis of their respective standard data-processing terms.

8. Possible International Data Transfers

Some of the recipients above are located in countries or regions outside the European Union / European Economic Area (EEA), primarily the United States. When your personal data is transferred to these regions, the local level of data protection may differ from that of the EU. For such transfers, we will rely on one or more of the following safeguards:

Where personal data is transferred outside the EU/EEA — for example to Cloudflare and Resend (Plus Five Five, Inc.) in the United States, and to Stripe (which may involve US-based group companies and sub-processors) — we apply appropriate safeguards under Art. 44 et seq. GDPR, such as the European Commission’s Standard Contractual Clauses (SCC), an applicable adequacy decision, or another lawful transfer mechanism. Our database (Supabase) is hosted within the EU (Frankfurt, Germany) and therefore does not constitute a third-country transfer. You may use the contact details below to request a copy of the safeguards we rely on or to learn more about them.

9. Your Rights

To the extent provided by applicable law, you have the following rights with respect to your personal data:

To exercise any of the above rights, please contact us using the details below. We will respond within a reasonable period as required by law.

10. Contact

If you have any questions or requests regarding this privacy policy or your personal data, please contact us via the contact details in our Impressum.

11. Cookies and Local Storage

This section explains what Verse Wiki stores in your browser, why we store it, and how you can clear it. Our principle is simple: in this first phase we keep only what is strictly necessary for the site to function — no analytics, no advertising, no cross-site tracking.

We Use Only "Strictly Necessary" Storage

The storage items below keep login, progress and reading mode working. They are part of the site's core functionality — without them we cannot preserve your login state or learning progress.

Login Session Cookie

After you sign in, this session credential identifies you as the same signed-in user. It keeps you logged in across pages so you do not have to re-enter your details each time. It is set only after you actively sign in.

OAuth Session

When you choose to sign in with a third-party account (Google or Epic), the login flow requires short-lived session data to complete the security handshake and link the result to your account. It is used for authentication only, not for profiling.

localStorage (Progress / Mode)

Stores your lesson completion progress, stars, and your "Blueprint / C++" reading-mode preference locally in this browser. It works without an account; once you sign in, it syncs to your account. This data is never used for tracking.

Why Is There No "Accept All" Banner?

Because in this first phase there are no analytics, no advertising and no third-party tracking. Full-screen cookie consent banners exist to obtain consent for non-essential, tracking-type cookies — and we currently use none of them.

Under most EU/German legal interpretations, "strictly necessary" storage (maintaining your login, remembering your preferences, completing actions you actively initiate) may generally be used without prior consent; consent is required for analytics, advertising and tracking storage. Since we only use the former, there is no need for an "Accept All" button asking for permission we do not need to request.

If We Add Analytics in the Future

Should we later introduce analytics, performance measurement or any storage that is not strictly necessary, we will deploy a genuine consent management system before enabling it:

Until then, this page describes everything — strictly necessary storage and nothing else. The exact mechanism and wording will be those of the version deployed at that time (currently only strictly necessary storage is used and no consent-management platform is deployed).

How You Can Clear This Data

Please note: after clearing localStorage, any local progress that has not been synced to your account cannot be recovered.

About This Site

Verse Wiki is an independently produced educational project and is not affiliated with, sponsored by, endorsed by, or otherwise associated with Epic Games. Epic Games, Unreal Engine, UEFN, Fortnite, Verse, and related marks are trademarks or assets of their respective owners. This site offers Epic account sign-in solely as an optional third-party authentication method; this does not imply any endorsement of this site by Epic Games.