Privacy Policy

LAST UPDATED: 24 October 2022


1. Introduction

For users located outside the United States of America, the publisher of the Website and data controller pursuant to the General Data Protection Directive (" GDPR") in respect of any Personal Data (as defined below) that you submit to us via the Website (or otherwise) is Cloud Imperium Games Limited, a company registered in England and Wales (company number: 8703814) and located at Manchester Goods Yard, 6 Goods Yard Street, Manchester M3 3BG, United Kingdom (" CIG", " we", " us", " our"). The Personal Data you submit to us via the Website (or otherwise) will be processed by us or by data processors appointed by us to undertake processing on our behalf.

For users located in the USA, the publisher of the Website is Cloud Imperium Games, LLC, a company registered in California and located at 12322 Exposition Blvd., Los Angeles, California 90064 (" CIG", " we", " us", " our"). The Personal Data you submit to us via the Website (or otherwise) will be processed by us or by data processors appointed by us to undertake processing on our behalf.

CIG respects your privacy rights and recognizes the importance of protecting the information collected about you. We have adopted this Privacy Policy to explain how we collect, use and store your Personal and Non-Personal data as defined in Sec. 2 below and other regulations applicable outside of the EU (see Sec. 10 below).

If you want to know what Personal Data or Non-Personal Data we hold about you or if you have any other queries in relation to this Privacy Policy, please contact us by emailing us at We will require you to verify your identity before releasing any information to you.

2. What Is Personal and Non-Personal Data?

"Personal Data" is information that we may collect from you that identifies you, or which, in conjunction with other information that is in our possession, or is likely to come into our possession, may be used by us to identify you. This term shall also include Personal Information pursuant to CCPA (see Sec. 10 below).

"Non-Personal Data", is information that we have collected from you which cannot be used by us to identify you.

3. Which Data Does CIG Collect and Use and at Which Stage?

3.1 Use Of Our Website

If you access or use our Website we may collect the following Personal Data:

  • IP address
  • name of requested file
  • operating system
  • browser type and settings
  • time of access

CIG also may maintain log files which contain IP addresses. An IP address is a numeric address that may be assigned to your computer by your Internet Service Provider and can, in certain circumstances, amount to Personal Data. In general, we use log files to monitor traffic on our Website and to troubleshoot technical problems. In the event of user abuse of our Website, however, we may block certain IP addresses on the legal basis of art. 6 (1) lit. f GDPR.

We may further use the IP address to distinguish whether you are a US or non-US-customer and show the Terms-of-Services and the Data Privacy Policy appropriately also on the legal basis of art. 6 (1) lit. b GDPR.

We use the information set out in this Section 3.1 to optimize your experience of the Website. The collection of the information set out in this Section 3.1 is mandatory. CIG is not able to properly provide you with the Website without this basic information acc. to Art. 6 (1) lit. f GDPR.

3.2 Cookies and Tracking Technologies

We may use various tracking technologies to automatically collect the types of information set out in Section 3.1 above, including:

  • Cookies, which are small data files stored on your device that act as a unique tag to identify your browser. We use several types of cookies, including session cookies and persistent cookies. Session cookies make it easier for you to navigate our website and expire when you close your browser. Persistent cookies help with personalizing your experience, remembering your preferences, and supporting security features. Persistent cookies may remain on your device for extended periods of time, and generally may be controlled through your browser settings.
  • Pixels (also known as web beacons), which are code embedded in a website or email that sends information about your use to a server. There are various types of pixels, including image pixels (which are small graphic images) and JavaScript pixels (which contains JavaScript code). When you access a website or email that contains a pixel, the pixel may permit us to drop or read cookies on your browser. Pixels are used in combination with cookies to track activity by a particular browser on a particular device.

For an exhaustive outline regarding CIG's use of cookies, types of cookies, which exact cookies CIG stores and for how long as well as how you can opt out of the use of cookies please see our cookie policy here

Your browser settings may allow you to automatically transmit a "Do Not Track" signal to online services you visit. Note, however, there is no industry consensus as to what site and app operators should do with regard to these signals. Accordingly, unless and until the law is interpreted to require us to do so, we do not monitor or take action with respect to "Do Not Track" signals. For more information on "Do Not Track," visit

3.3 Applying for Jobs

If you apply for a job on the Website or otherwise, in addition to the information we collect under Section 3.1 and 3.2 mentioned above we may also collect the following Personal Data (not all of these data being mandatory):

  • personal master data; e.g. name, birth date, postal address
  • contact details; e.g. telephone number, e-mail address
  • content of your application documents
  • provide link to your online portfolio/showreel if applicable
  • if you are eligible to work in the EU
  • if you are already part of the Star Citizen Community
  • your salary expectations
  • if you are engaged in any form of entertainment and/ or online gaming media
  • where you found the job advertisement
  • notice period of the current employment agreement
  • passport validity
  • name and agency of your recruitment agent if applicable

Please refer to Sec. 10.1 and 10.2 for more detailed information.

If you apply for a job on the Website the Personal Data that you transfer to us will be stored for consideration and reference purposes for a period of twenty four (24) months from the point of your last profile update. If your profile is not updated within a twelve (12) month period, your profile and any applications will be permanently deleted from our database unless we contact you via email and you update your profile.

If you are hired as an employee your Personal Data will be subject to the employment agreement and its related guidelines and policies and this policy will cease to apply.

We collect your personal data to perform pre-contractual measures or enter into a contract and our legitimate interests (including proving prior contracts towards recruitment agencies and the optimization of the application process). Please refer to Sec. 10.3 for more detailed information.

4. Will CIG Share My Information with Third Parties?

Other than as expressly set out in this Privacy Policy, CIG will never share your Personal Data with third parties without your consent.

CIG may share your Personal Data:

  • with any of our affiliated companies, including Roberts Space Industries International, LLC, Roberts Space Industries International, Ltd., Roberts Space Industries Germany GmbH, Cloud Imperium Games Limited (f.k.a. Foundry 42 Limited), Cloud Imperium Games, LLC and Cloud Imperium Games Texas, LLC (individually and collectively "CIG"). The legal basis under GDPR is Art. 6 (1) lit. f GDPR with having organizational and financial requirements within the group as legitimate interest.
  • third party service providers under our control ("Data Processors" under GDPR) and monitoring where such disclosure is necessary or helpful to enable us to provide you with the Website and such third parties are contractually bound to process your Personal Data and/or Non-Personal Data under at least as protective as those set forth in this Privacy Policy (provided that we may permit them to use information that does not identify you for any purpose except as prohibited by applicable law). The legal basis under GDPR is Art. 6 (1) lit. b GDPR.
  • any person to whom disclosure is necessary to enable us to enforce our rights under this Privacy Policy or under our Terms of Service (such as law enforcement authorities in case of fraud investigations). The legal basis under GDPR is Art. 6 (1) lit. f GDPR to with defending our rights as legitimate interest.
  • any authority to which we are obliged by law to disclose your Personal Data and Non-Personal Data (e.g. tax authorities for commercial transactions). The legal basis under GDPR is art. 6 (1) lit. c GDPR.
  • at your request or your direction.

5. How Does CIG Protect Your Personal Data?

The security of your Personal Data is important to us. We follow all relevant regulations, including the GDPR and CCPA, where applicable, to protect the Personal Data submitted to us, both during transmission and in storage.

For users in the European Union the Personal Data that you provide to us will be collected and processed by us or by our Data Processors pursuant to Art. 28 GDPR. We have implemented physical, electronic and managerial procedures in order to help safeguard and prevent unauthorized access, use, alteration, modification and/or disclosure of your Personal Data.

Your Personal Data will be stored on servers which may be owned by third parties and/or their respective affiliates all of which are for purposes of data protection under contractual control by us and/or CIG pursuant to all applicable rules, including Sec. 28 GDPR. Any Personal Data that you provide to us in accordance with this Privacy Policy will be adequately protected by this Privacy Policy and our contracts with our Data Processors.

Despite these measures, transmission via the internet is not completely secure and we cannot guarantee the security of your Personal Data provided through the internet.

If you have any questions about security on our Website, please contact us at

6. Review, Correction and Deletion Of Your Information

You can correct, update or delete your Personal Data at any time by contacting us at We will be happy to review, update or remove information as appropriate. We will require you to verify your identity before releasing any information to you.

7. Data Transfer

Please be aware that information collected through the Website may be transferred to, processed, stored, and used in the EU, the U.S. and other jurisdictions. Data protection laws in these jurisdictions may be different from those of your country of residence. Your use of the Website or provision of any Personal Data or Non-Personal Data therefore constitutes your consent to the transfer to and from, processing, usage, sharing, and storage of information in various jurisdictions as set out in this Privacy Policy. Where applicable, we will transfer your Personal Data to third countries subject to appropriate safeguards, such as standard contractual clauses.

8. Information on your Rights

In addition to the rights mentioned before you have the right

  • to request that we delete personal data relevant to you without delay if one of the reasons specified in Art. 17 of the GDPR applies. Unfortunately, we may not delete data that is subject to a legal retention period. If you would prefer that we never collect data from you or never contact you again in the future, we shall store such relevant contact details in a blacklist.
  • to revoke any consent given by you with future effect and without any negative consequences for you.
  • to request from us that processing be restricted if one of the prerequisites listed in Art. 18 of the GDPR is provided.
  • to object at any time to the processing of personal data relevant to you on grounds relating to your particular situation. We shall no longer process personal data in the event of an objection, unless we can demonstrate compelling legitimate grounds to do so, which override your interests, rights and freedoms, or such processing is required for the establishment, exercise or defense of legal claims (Art. 21 of the GDPR).
  • to request that the data relevant to you be issued in a commonly used electronic and machine-readable format. This also covers the issuance (if possible) to another responsible party specified by you directly. (Art. 20 of the GDPR)
  • without prejudice to another administrative or judicial remedy and if you believe that the processing of your personal data is in breach of the GDPR, to file a complaint with our data protection officer:
    • to assert claims vis-à-vis the supervisory authority in the member state of your place of stay, your place of work or the location where the alleged violation took place.

9. Contact Information

If you have questions or concerns regarding this statement, you may contact us using the following contact information:

For users in the United States:

Cloud Imperium Games, LLC

12322 Exposition Blvd.

Los Angeles, CA 90064


For users outside the United States:

Cloud Imperium Games Limited

Manchester Goods Yard

6 Goods Yard Street

Manchester M3 3BG

United Kingdom

Data Protection Officer:

10. Additional Disclosures for California Residents

These additional disclosures apply only to California residents. The California Consumer Privacy Act of 2018 ("CCPA") provides additional rights to know, delete and opt-out, and requires businesses collecting or disclosing Personal Data to provide notices and means to exercise rights. Herein, "personal information" has the meaning given in the CCPA but excludes information exempted from the CCPA's scope.

10.1 Notice of Collection

In the past 12 months, we have collected the following categories of Personal Data enumerated in the CCPA:

  • Contact information, such as home address, telephone number, and email address;
  • Information from job application materials or recruiters , such as your job application, resume or CV, cover letter, references, work history, education transcripts, whether you are subject to prior employer obligations, information that referrers provide about you,and any work samples or portfolio submitted or referenced by you for example, writing samples, reels, demos, and work posted at third party sites such as Artstation ;
  • Professional qualifications , such as licenses, permits, memberships, and certifications;
  • Information from the application process , such as any phone-screens, interviews, evaluations and outcomes of recruiting exercises;
  • Immigration status and other information that would allow us to verify your employment eligibility;
  • Biographical information , such as name, gender, date of birth, professional history, references, language proficiencies, education details, and information you make publicly available through job search or career networking sites;
  • Job preferences , such as desired position and compensation, location preferences and willingness to relocate;
  • Employment history ;
  • Information needed to understand and assess accommodation requests regarding potential disabilities or other health conditions ;
  • Medical information if you meet with us in-person, such as your body temperature, health symptoms and other screening information in connection with Cloud Imperium's health and safety plans and protocols, including screening required to access Cloud Imperium offices/facilities and other measures designed to prevent the transmission of COVID-19 or other infectious diseases;and
  • Other information you provide to us.

Providing personal information to us is voluntary. However, if you do not provide sufficient information, we may be unable to consider your application or, if you are hired, your subsequent promotion, transfer or relocation.

In certain cases we may ask you for additional information for purposes of complying with applicable laws. We may also inquire about criminal records. We will do so only where permitted by applicable law.

10.2 Source of Information

We collect personal information from you when you apply for a job and throughout the job application or recruitment process. We may also collect your personal information from other sources and combine it with the personal information you provide us. For example, we may collect your personal information from:

  • Job board websites you may use to apply for a job with us;
  • Prior employers that provide us with employment references;
  • Professional references that you authorize us to contact;
  • Employment agencies and recruiters ;
  • Your public social media profile or other publicly-available sources;
  • Online activity information that we and our service providers collect using server logs, "cookies" and similar technologies on the Careers Site. Please see our Privacy Policy at for more information.
  • Other Cloud Imperium personnel.
  • How we use personal information about candidates

10.3.1 Purposes for which we use personal information

We may use the categories of personal information above for the following purposes:

Recruitment management. Managing recruitment generally, such as:

  • operating the Website;
  • recruiting, interviewing and evaluating job candidates;
  • analyzing and improving our application and recruitment processes;
  • accommodating disabilities or health conditions;
  • communicating with you regarding your candidacy, opportunities with CIG or about the Website and any changes to applicable terms or policies; and other business operations.

Compliance, safety and fraud prevention , such as:

  • complying with or monitoring compliance with legal and other requirements, such as reporting and equal opportunities monitoring requirements, where applicable;
  • complying with internal policies and procedures;
  • complying with lawful requests and legal process, such as responding to subpoenas or requests from government authorities;
  • protecting our, your or others'; rights, safety and property, including by complying with applicable public health guidelines and requirements, including, without limitation, guidance from the Centers for Disease Control or other public health authorities relating to the prevention and control of COVID-19 or other infectious diseases;
  • investigating and deterring against fraudulent, harmful, unauthorized, unethical or illegal activity, or conduct in violation of our policies or procedures;
  • controlling access to and monitoring our physical premises (e.g., by requiring health screenings to access offices/facilities; and sharing information with government authorities, law enforcement, courts or private parties where we have a good-faith belief it is necessary for the foregoing purposes.

Analytics , such as:

  • creating anonymous, aggregated or de-identified data that we use and share to analyze our application and recruitment activities, business and for other lawful business purposes.

We do not generally sell information as the term "sell" is traditionally understood.

10.3.2 Sharing personal information

We may share your personal information with other parties as necessary for the purposes described above, including the parties listed in Sec. 4 above

10.4 Right to Know and Delete

You have the right to delete the Personal Data we have collected from you and the right to know certain details about our data practices in the past 12 months. In particular, you may request the following from us:

  • The categories of Personal Data we have collected about you
  • The categories of sources from which the Personal Data was collected
  • The categories of Personal Data about you we disclosed for a business purpose or sold
  • The categories of third parties to whom the Personal Data was disclosed for a business purpose or sold
  • The business or commercial purpose for collecting or selling the Personal Data
  • The specific pieces of Personal Data we have collected about you

To exercise any of these rights, please submit a request to or through your Account settings here. In the request, please specify which right you are seeking to exercise and the scope of the request. We will confirm receipt of your request within 10 days. We may require specific information from you to help us verify your identity and process your request. If we are unable to verify your identity, we may deny your requests to know or delete.

10.5 Authorized Agent

You can designate an authorized agent to submit requests on your behalf. However, we will require written proof of the agent's permission to do so and verify your identity directly.

10.6 Right to Non-Discrimination

You have the right not to receive discriminatory treatment by us for the exercise of any your rights.

10.7 Shine the Light

Customers who are residents of California may request (i) a list of the categories of Personal Data disclosed by us to third parties during the immediately preceding calendar year for those third parties' own direct marketing purposes; and (ii) a list of the categories of third parties to whom we disclosed such information. To exercise a request, please write us at the email or postal address set out in Section 12 above and specify that you are making a "California Shine the Light Request." We may require additional information from you to allow us to verify your identity and are only required to respond to requests once during any calendar year.