The Perfect Murder

Privacy Policy

Last updated: March 2026

Introduction

The Perfect Murder is a multiplayer social deduction game. We aim to collect as little personal data as possible and to explain clearly how guest play, accounts, browser storage, and completed-game history work.

Data We Collect

Guest (anonymous) play

  • Player display name (chosen by you, not verified)
  • In-game actions and completed-game results needed to run matches, reconnect players, and generate history and statistics
  • A guest profile identifier stored in your browser's local storage so we can show guest stats and optionally link past games to an account later
  • A temporary active-game snapshot in session storage to help the web client resume after a reload or reconnect

Authenticated play (ASP.NET Core Identity)

  • Account identifiers used for sign-in and account-linked history, such as your user ID, username, and optional display name
  • Authentication cookies for your signed-in web session; the web app also creates short-lived JWTs to call the API and SignalR hub on your behalf

Cookies and Browser Storage

We use essential or functional storage only:

  • .AspNetCore.Culture — stores your language preference (1 year, functional)
  • Identity and security cookies — used for sign-in, sign-out, and request protection when you use an account (essential)
  • CookieConsent, guest-profile-id in local storage, and active-game-session in session storage — used for consent state, guest continuity, and reconnect support

Data Retention

  • Active game state is kept in Redis when configured, or in memory otherwise, and may remain available for roughly 2 hours to support reconnect and recovery.
  • Completed game history and player records are stored in SQL Server for history, statistics, guest-to-account linking, and privacy requests. Linked account records can be anonymised on request.

Your Rights (GDPR)

If you use an authenticated account, the current app supports these privacy controls:

  • Export account-linked game history via GET /api/user/data
  • Anonymise account-linked player records via DELETE /api/user/data
  • Link prior guest history to your account via POST /api/user/link-guest using the guest profile ID stored in your browser

Guest stats can be retrieved with GET /api/guest/stats/{guestProfileId}, and authenticated personal stats are available at GET /api/user/stats.

Third-Party Services

The application does not embed third-party advertising or analytics scripts. If it is hosted on third-party infrastructure, the hosting, database, cache, or email providers used by the operator may process routine service data on the operator's behalf.

Contact

For any privacy-related questions or requests, please open an issue on the project repository or contact the project maintainers.

Back
Signal status

Signal lost

Trying to raise the server again. If it answers, your session should continue where it left off.

No answer. Reload to open a fresh line to the game.

This page cannot recover the session anymore. Reload to return on the latest state.

Attempt /
Reload