What we collect, and what we don’t.

AcroZig is built and operated by Spergs, LLC, a Florida limited liability company. You can reach us at privacy@spergs.com for anything privacy-related: data deletion, questions about this page, or to point out anything here that isn't accurate.

We are the data controller for everything described below. We don't sell, rent, or trade your data, and we don't run ads.

AcroZig has no accounts. You don't give us an email, phone number, or real name. To play, you enter a display name (or take the random one we generate) and a 6-character join code.

The game runs in memory on our server while a lobby is active. When the lobby empties, that game's state is dropped. Nothing is written to a database, an analytics service, or any third-party SDK, because there isn't one in the page or on the server.

Your browser keeps one small piece of state in localStorage: the join code for your current lobby and the display name you used, so you can rejoin if you reload the tab. It never leaves your device.

In-game state (server, in memory)

• The display name you chose or the random one we picked.
• The 6-character join code of the lobby you're in.
• The acronym submissions you write during a round, until the round resolves and the next prompt starts.
• Your votes in the round (submissions are anonymous to other players during voting).
• Your running score for the duration of the lobby.
• A short-lived session token so the WebSocket can reattach you if you briefly disconnect.

All of the above is in memory only. Once the lobby ends, either because everyone leaves or because the game finishes, the state is dropped on the server. We do not write any of it to a database, an object store, or a log file beyond the standard nginx access log (which records connection-level metadata, not your submissions).

On your device (localStorage)

• Under the key acrozig_session: the join code of the lobby you're currently in and the display name you used, so the "you have an active game" banner can offer you a one-click rejoin if you reload the page.

This entry lives in your browser. Only the page reads it, on your device. Clear your browser storage (or click "Start Fresh" on the rejoin banner) and it's gone.

Connection-level data

• Standard nginx access logs on our reverse proxy: the IP address and User-Agent of each request, plus the URL it asked for. Rotated by the host's logrotate; not joined to any in-game state.

• No accounts, emails, phone numbers, or real names. There's nothing to sign up for.
• No analytics, telemetry, Sentry, or third-party advertising pixels. Nothing on the page is calling out to a third party.
• No cross-site tracking cookies. The site doesn't set any cookies; the only browser-side state is the localStorage entry described above.
• No contact-book or device-permission asks (no camera, microphone, location, etc.).
• No payment info, ever. The game is free and we have no checkout flow.

One category of third party is involved:

• Hosting. Our servers run on a virtual private server hosted by an infrastructure vendor. Standard hosting operations involve that vendor having physical access to the underlying hardware; they do not have credentialed access to the AcroZig application.

We don't share data with anyone else.

• In-game state lives in memory only and is dropped when the lobby ends.
• localStorage rejoin entry lives in your browser until you clear it, click "Start Fresh", or the lobby it points at has ended (after which the rejoin won't work anyway).
• nginx access logs are rotated and aged out by the host's standard logrotate policy.

Because there are no accounts, there is no "delete account" step. To remove your data, leave the lobby (the server-side state drops), clear your browser's storage for acrozig.com and play.acrozig.com (the localStorage entry goes), and you're done.

Email privacy@spergs.com for anything related to your data: questions about what we hold (the answer is "almost nothing", as listed above), to flag a concern, or to confirm deletion. We try to respond to email requests within 30 days.

EU and EEA users have the rights set out in GDPR: access, correction, deletion, portability, objection, and complaint to a supervisory authority. Because there's no account model, there's very little for these to apply to in practice, but the right to ask is still yours.

AcroZig is for players 13 and over. We don't knowingly collect data from children under 13. If you believe a child under 13 has used the game, email privacy@spergs.com and we'll address it. Given how little state we keep, "address it" amounts to ending the relevant lobby.

If the privacy posture changes (if we ever add persistent storage, an analytics provider, or any other third-party SDK) this page gets updated first and the "Last updated" date at the top changes. We won't introduce tracking, ad SDKs, or account requirements quietly.

Spergs, LLC
privacy@spergs.com