Privacy Policy
1. Operator
Cubaster is provided by Капуста ("we", "us"). For privacy questions, contact cubaster@proton.me.
2. Summary
The App does not use advertising SDKs, cross-app tracking, or third-party analytics SDKs that profile users for marketing.
The App connects to game servers selected by the user. Those third-party servers may process the player's IP address, username, chat, and gameplay traffic under their own policies. When you open the Recommended tab, the App also sends a standard status ping to each recommended server to show live online count and latency. This happens before you choose to connect, and the recommended server receives your IP address as part of that ping.
The App also fetches a recommended-server catalog from Cubaster servers and may send optional aggregated recommended-server telemetry. This telemetry does not include account identifiers, advertising identifiers, Android ID, device ID, chat content, gameplay content, contact lists, or device files.
If crash diagnostics upload is enabled, the App may send minimal crash reports and technical diagnostics to Cubaster servers so we can diagnose crashes, ANRs, native failures, compatibility problems, and performance regressions. Upload is optional, and these reports are designed to be compact, redacted, and privacy-minimized.
If you open the report form for a recommended server, we may process the server ID, report reason, optional details, and submission time. Please do not include unnecessary personal data in the free-text field.
If the App is distributed through Google Play, Google may process technical data required to deliver the app and asset packs under Google's own policies.
3. What We Do Not Do
We do not use Firebase Analytics, AdMob, AppsFlyer, Adjust, Mixpanel, Amplitude, Sentry, Crashlytics, or similar advertising or marketing SDKs to profile users.
We do not sell user data and do not share user data with data brokers.
We do not provide our own developer-run account system inside the App. We do not collect contacts, address books, photos, precise location, or payment card data through the App.
We do not collect full system logcat, screenshots, world saves, chat content, account credentials, access tokens, Advertising ID, Android ID, IMEI, MAC address, or contact lists in automatic crash reports.
However, the App does perform limited network operations described below. For the current version of the App, a blanket statement such as "we do not process any data at all" would be inaccurate.
4. What Data We Process and Why
4.1. Connections to third-party game servers. When you connect to a game server, the App creates a direct connection to that server. That server may process the player's IP address, username, chat, gameplay traffic, and other session data under that server operator's own policies. We do not control and are not responsible for the privacy practices of third-party game servers.
4.1a. Status pings to recommended servers. When you open the Recommended tab in Multiplayer, the App sends a standard Minecraft status ping to each recommended server. This happens before you choose to connect. The purpose is to show live online player count and connection latency. This ping is a direct network contact with the recommended server operator. The recommended server receives your IP address as part of the standard network connection. We do not receive or store data from these pings. The recommended server operator's own privacy policy governs how they handle connection data.
4.2. Recommended server catalog and icon assets. The App fetches a recommended-server catalog from https://servers.cubaster.com/catalog/v1/recommended-servers.json and, as a fallback, https://cubaster.com/catalog/v1/recommended-servers.json. If a recommended server has an approved icon, the App also fetches the icon image from https://servers.cubaster.com/catalog/v1/icons/ or the same fallback host. These requests are used to display recommended servers in Multiplayer. To deliver the response and apply rate limiting, network infrastructure technically processes the connection IP address. At the OS, VPS, and transport level, the IP address may briefly exist in network handling, but it is not forwarded into the application backend and is not stored in the application database for these endpoints.
4.3. Optional aggregated recommended-server telemetry. The App includes a recommendedTelemetry setting in Online Options. It is disabled by default. Telemetry is sent only if the user explicitly enables this setting. When enabled, the App may send aggregated recommended-server events such as impression, join, add_to_favorites, hide, and report.
This telemetry does not include user id, account name, Advertising ID, Android ID, device ID, chat content, gameplay content, contact lists, or device files. The current payload contains technical batch fields such as batchId, clientVersion, and sentAtEpochMs, plus aggregated counters by action and serverId.
4.4. Reports about recommended servers. If you open the report form, we may process server_id, the report reason, optional details, and submission time. Do not include unnecessary personal data in the free-text field. The App backend does not store IP addresses in the report record.
4.5. Optional crash reports and diagnostics. If crash diagnostics upload is enabled in the App, the App may send encrypted crash reports and technical diagnostics to Cubaster crash collector servers. Reports may include crash logs, stack traces, normalized crash fingerprints, app-private Mojang crash text files, Java uncaught exception information, Android ApplicationExitInfo for this app, ANR text traces, native tombstone bytes when Android exposes them for this app, short app-private diagnostic ring logs, app version, runtime version, build metadata, Android SDK version, device manufacturer/model, ABI, memory bucket, graphics backend, GPU/vendor/renderer information when available, native runtime library identity, report IDs, and a resettable pseudonymous Diagnostic ID derived from an app installation identifier. We use these reports only to group crashes, investigate technical failures, improve compatibility and performance, prevent regressions, and respond to support requests.
The App may temporarily create local crash diagnostics in app-private storage even when upload is disabled. These local files are not transmitted unless the user enables crash diagnostics upload. They can be deleted in the App's diagnostics settings.
Automatic crash reports do not include full system logcat, screenshots, world saves, chat content, account credentials, access tokens, Advertising ID, Android ID, IMEI, MAC address, contact lists, photos, videos, or arbitrary device files. Crash diagnostics upload can be enabled or disabled in the App's diagnostics settings, and the App remains usable without upload.
4.6. Google Play. If the App is distributed through Google Play, Google may process technical data needed for publishing, app download, asset pack delivery, and store infrastructure. That processing is governed by Google's own policies, not this page.
5. Legal Bases
We process data to the extent necessary to operate the App's network features, display the recommended-server catalog, prevent abuse, handle reports, and respond to support requests.
For optional recommendedTelemetry and optional crash diagnostics, the basis is the user's choice to enable those settings. For the other operations described above, the basis is operation of the service and our legitimate interests in support, security, abuse prevention, and moderation.
6. Retention
Recommended telemetry batches: up to 30 days.
Local on-device crash diagnostics: kept only in app-private storage until the user deletes them, app storage is cleared, or app cleanup removes old pending reports.
Raw encrypted crash reports and diagnostics: up to 90 days.
Decoded crash attachments: up to 30 days.
Crash triage metadata: up to 180 days. This metadata may include Diagnostic ID, report ID, app version, device model, Android SDK version, and build identifiers needed for private triage and symbolication.
Aggregate crash fingerprints: up to 365 days when they do not contain Diagnostic ID or report ID and meet a minimum aggregate count of 3. Longer retention is used only if the aggregate no longer contains user, device, or report identifiers.
Reports about recommended servers: up to 365 days.
Email and support requests: for as long as reasonably necessary to respond, follow up, and comply with legal obligations.
When retention is no longer necessary for the stated purposes, the data is deleted or no longer kept in the active application data path.
7. Your Rights
You may request access, correction, deletion, or restriction of data that we actually control. You may also object to processing based on legitimate interests and change the recommendedTelemetry and crash diagnostics settings in the App.
To make a request, email cubaster@proton.me and describe the data and action involved. For already-uploaded crash diagnostics, include the Diagnostic ID shown in the App's diagnostics settings, or a report ID if available. We aim to complete deletion requests within 30 days unless a longer period is required by law, security, abuse prevention, or request verification. We may request minimal information needed to verify the request and prevent abuse.
If GDPR, UK GDPR, or similar rules apply to you, you may also contact the relevant supervisory authority.
8. Children
The App is a general-audience game and is not intended specifically for children under 13. We do not knowingly collect personal data from children under 13 through a developer-run account system because the App does not provide one.
If you believe a child under 13 has sent us personal data through the report form or by email, contact cubaster@proton.me, and we will review and delete it where appropriate.
9. Security
We try to minimize the amount of data processed. For the recommended-server catalog, optional recommended-server telemetry, and recommended-server report endpoints, nginx access logs are disabled and IP headers are not forwarded into the application backend.
For crash diagnostics upload, the reverse proxy forwards the client IP address to the crash collector only for abuse prevention, rate limiting, and transport security operations. The crash collector does not store IP addresses in the crash report database or decoded triage metadata. IP addresses may appear transiently in operational logs, for example when a request is rate-limited or rejected.
Crash reports are sent over HTTPS and are also encrypted at the application level before upload. The public crash collector is designed to store encrypted report packages and minimal metadata, and it does not store the private decryption key. Decryption, triage, and symbolication are separated from the public upload endpoint.
We may use VPS, hosting, and infrastructure providers to operate Cubaster services. They process data only as service providers for hosting, transport, storage, and security operations. We do not sell crash diagnostics, recommended-server telemetry, or report data.
No technical measure can provide an absolute security guarantee. If you have a question about a specific privacy or security risk, email us at the address above.
10. Changes to This Policy
We may update this Privacy Policy when the App, backend, app store requirements, or legal requirements change. The updated version will be published on this page with a new revision date.
11. Contact
Email: cubaster@proton.me
This page is the Privacy Policy URL for app store use.