Privacy

No ads. No trackers. No surveillance.

This page explains, in plain language, exactly what data erapolis.com collects, what it does not collect, and why. There is no legalese here by design. If anything is unclear, email privacy@erapolis.com.

What we do not collect

erapolis.com collects no personal data of any kind. Specifically:

  • No ad networks. There are no advertising SDKs, no ad-exchange pixels, and no banner or interstitial ad slots anywhere on this site or in the Erapolis app.
  • No third-party analytics. No Google Analytics, no Amplitude, no Mixpanel, no Plausible, no Fathom — nothing. We do not use any external service to count visitors or track how you use this site.
  • No cross-site trackers. There are no tracking pixels, no social-media widgets, and no third-party cookies. The site never writes a tracking cookie.
  • No external CDNs or fonts. Every asset (stylesheet, script, image, typeface) is served from erapolis.com itself. Nothing is loaded from any external host that could log your IP address or build a profile. Typography uses your device’s system font stack.
  • No fingerprinting. The site does not query browser features, canvas, WebGL, or any other signal used to fingerprint devices.

How this is enforced technically

The site’s CSP header (Content-Security-Policy: default-src ‘self’) is set on every page response and instructs your browser to refuse any load from a host other than erapolis.com. This is not a promise — it is a hard technical constraint. If a future change accidentally introduced an external request, the browser would block it and the CI pipeline would flag it.

You can verify this yourself: open your browser’s Network tab, visit any page on erapolis.com, and confirm that every request resolves to erapolis.com. You will not find a single third-party host.

What data is retained, and why

Hosting a website necessarily involves standard server-side log entries (IP address, timestamp, HTTP method, path, response code, referrer, user-agent). These are the minimum the web server requires to function.

These logs:

  • are retained for a maximum of 30 days for security and abuse-prevention purposes only;
  • are never shared with third parties;
  • are never processed to build profiles, track individuals, or derive behavioural signals; and
  • are not connected to any analytics, advertising, or marketing system.

Beyond server logs, erapolis.com collects and stores nothing. There are no accounts, no newsletter sign-ups, no contact forms that persist data. If you email us, your message is read by a person and not fed into any automated system or CRM.

The Erapolis iOS app

The Erapolis game is designed on the same principle: your city, your Chronicle, and your save data stay on your device. The app does not phone home, does not contain any analytics SDK, and does not transmit gameplay data to any server. No data leaves your device unless iOS’s own iCloud backup feature (which you control) copies it as part of a standard device backup.

If anything ever changes

If any first-party, privacy-preserving metric is ever considered (for example, a simple server-side page counter with no user identification), it will be described here in the same plain language before it is deployed. We will never introduce third-party trackers or ad networks — that is a product commitment, not just a policy statement.

The date of the last update to this page is noted at the bottom.

Questions

If you have any questions about this policy or about how erapolis.com handles data, please email privacy@erapolis.com. Emails are read by a human, not routed through a helpdesk.

Last updated: June 3, 2026.