Privacy Policy

1) Independent Service — No Roblox Affiliation

UniClover is an independent third-party service and is not affiliated with, endorsed by, or sponsored by Roblox Corporation. Authentication through Roblox, where used, is performed only through official systems.

2) Children and Parent / Guardian Consent

The Service may be accessed by children or minors. We apply additional safeguards where features are likely to be used by children. Features that may require heightened consent or additional checks include face-photo verification, video or audio interviews, prize claims and gift card fulfilment, private messaging features, reduced-filter private messaging where available, and any feature that requires additional personal data beyond ordinary account operation. Where required by law, we may request proof or confirmation of parent or guardian consent and may suspend or refuse the relevant feature if adequate consent is not demonstrated.

3) Personal Data We Collect

3.1 Authentication and Account Data

• Roblox User ID, username, display name, public profile identifiers, profile URL, picture, and related account metadata.
• OAuth authorization data, PKCE state / verifier data, consented scopes, access tokens, refresh tokens where applicable, authentication timestamps, session data, and linked-account information.

We do not ask for or store your Roblox password when official OAuth authentication is used.

When you sign in with Roblox OAuth, we use the authorization result and linked-account data only to verify identity, create or maintain the account link, and protect against replay, impersonation, and unauthorized access. On the website, the access token is used only to complete the sign-in transaction and is not stored after the flow finishes; in client apps, authentication tokens may be retained locally on the device to maintain a session or refresh it.

For the technical OAuth flow, see our API & OAuth Usage Policy.

3.2 Technical and Device Data

• IP address and approximate technical location information where applicable.
• Device type, browser or app version, operating system, language, and time zone.
• Crash logs, error logs, diagnostics, security logs, and fraud-prevention data.

3.3 Service Activity and Competition Data

• Rankings, statistics, score records, placement history, eligibility checks, anti-fraud indicators, and enforcement status.
• Support tickets, account flags, moderation status, and report history.

3.4 Public Chat and Community Communications

• Message content, timestamps, sender information, channel identifiers, moderation labels, filters, flags, and enforcement outcomes.
• User reports and evidence related to suspected abuse, bullying, harassment, fraud, grooming, sexual content, threats, or other prohibited conduct.

3.5 Private Messages and Direct Communications

• Private message content, timestamps, routing metadata, conversation identifiers, and related safety signals.
• User-configured filtering settings where such controls are offered by the Service.

If the Service offers reduced-filter or disabled-filter settings for a particular private conversation, that does not remove those messages from the scope of this Privacy Policy. We may still process such messages for delivery, abuse prevention, fraud prevention, child safety, report handling, investigations, moderation, and legal compliance.

3.6 Face Photographs and Verification Data

If you use optional face-photo verification or a gender-related profile verification feature, we may collect and process:

• Front-facing face photos.
• Side or profile face photos.
• Replacement or resubmitted images where the original submission is insufficient.
• Review status, reviewer notes, confidence or decision indicators, and verification outcomes.

3.7 Interview and Media Data

• Video recordings, audio or voice recordings, visual appearance, and spoken answers.
• Interview scheduling data, identity or eligibility review notes, prize-verification notes, moderation notes, and fraud-prevention records.

3.8 Prize Fulfilment Data

• Data needed to verify eligibility and issue prizes, including contact details where required.
• Age or consent confirmation, region or country for prize availability, and records of prize issuance, refusal, substitution, cancellation, or forfeiture.

3.9 Support and Contact Data

• Name or username, email address or other contact data you provide, and the content of support or legal communications.
• Attachments, screenshots, reports, and evidence you submit.

4) How We Use Personal Data

• Provide, operate, maintain, and secure the Service.
• Authenticate users and manage sessions.
• Authenticate users through official Roblox OAuth and maintain linked accounts.
• Detect replay, token misuse, and unauthorized account linking.
• Administer rankings, competitions, battles, interviews, and prize flows.
• Moderate public chats and private messages.
• Detect, prevent, investigate, and respond to cheating, exploitation, fraud, grooming, harassment, bullying, abusive behaviour, spam, and other violations.
• Review face-photo verification submissions and determine verification eligibility.
• Conduct interview, prize-verification, child-safety, and fraud-prevention workflows.
• Verify parent or guardian consent where required.
• Issue, withhold, cancel, substitute, or document prizes.
• Respond to support requests, appeals, and legal requests.
• Improve moderation quality, reliability, performance, and security.
• Comply with legal obligations and defend legal claims.

5) AI Systems and Human Review

We may use AI-based systems, automated tools, and human moderators or administrators together. This may include screening public messages before publication, classifying or blocking communications that may violate our rules, flagging private messages for safety or abuse review, reviewing face-photo submissions, supporting interview review and prize-verification workflows, and helping detect impersonation, manipulation, fraud, spam, or repeated abuse. Automated systems may assist in decision-making, but we may also use human review, especially for escalations, disputes, safety-sensitive situations, minors, suspected abuse, or prize-related verification.

6) Lawful Bases for Processing (where UK / EU laws apply)

• Performance of a contract or taking steps at your request before entering a contract.
• Legitimate interests, including service security, moderation, competition integrity, fraud prevention, abuse prevention, and service improvement.
• Consent, where required, including certain optional features and certain child-related or sensitive-data contexts.
• Compliance with legal obligations.
• Establishment, exercise, or defence of legal claims where applicable.

7) Face Data, Sensitive Data, and Biometric Notes

Face photographs and related verification data can be sensitive under certain laws and may, depending on how they are processed and the purpose of processing, be treated as biometric or otherwise specially protected data. Where required by applicable law, we seek an appropriate lawful basis and apply additional safeguards proportionate to the sensitivity of the data. We do not sell face-photo data and do not make verification submissions generally accessible to the public.

8) Data Sharing

We do not sell personal data.

We may share personal data only where reasonably necessary and legally permitted, including:

• With hosting providers, technical vendors, analytics providers, fraud-prevention providers, moderators, contractors, or other service providers acting on our behalf under appropriate obligations.
• With platform providers or relevant counterparties where necessary for account security, enforcement, fraud prevention, or compliance.
• With parents or legal guardians where appropriate and lawful, especially in relation to child safety, consent, support, or prize matters.
• With professional advisers, insurers, auditors, and legal representatives.
• With courts, regulators, law enforcement, or authorities where required by law or reasonably necessary to protect rights, safety, or the integrity of the Service.
• In connection with a merger, acquisition, restructuring, financing, or sale of assets, subject to appropriate safeguards.

We do not share personal data with third parties for their own advertising or marketing purposes.

9) International Transfers

Your personal data may be processed in countries outside your place of residence. Where required by law, we use appropriate safeguards for international data transfers.

10) Data Retention

We retain personal data only for as long as reasonably necessary for the purposes described in this Privacy Policy, including service operation, moderation, fraud prevention, dispute resolution, legal compliance, and protection of users and the Company.

• Authentication, OAuth, and account-linkage records: while the linkage remains active and for a limited period thereafter.
• Technical, security, and fraud-prevention logs: for limited periods reasonably necessary for security and investigation.
• Public and private message records and moderation evidence: for as long as reasonably necessary for delivery, safety, abuse prevention, user reports, and legal compliance.
• Face-photo verification submissions: deleted when the verification purpose has been completed unless a longer limited retention period is reasonably necessary for appeals, anti-abuse review, child-safety review, dispute handling, or legal compliance.
• Interview recordings and prize-verification materials: retained for as long as reasonably necessary for prize administration, anti-fraud review, dispute handling, audit, or legal compliance.
• Support records and consent records: for as long as reasonably necessary to address the issue, maintain evidence of compliance, or defend legal claims.

11) Security

• HTTPS / TLS encryption in transit.
• Role-based access controls and least-privilege practices.
• Restricted access to verification, moderation, and prize-verification materials.
• Logging, monitoring, abuse detection, and fraud-prevention controls.
• Storage and operational controls designed to reduce unauthorized access, disclosure, alteration, or loss.

No system can guarantee absolute security.

12) Your Rights

Depending on your jurisdiction, you may have rights to:

• Access personal data.
• Correct inaccurate data.
• Request deletion.
• Object to certain processing.
• Request restriction of processing.
• Request data portability where applicable.
• Withdraw consent where processing is based on consent.
• Lodge a complaint with a relevant supervisory authority where applicable.

Where a request concerns a child or minor, we may need to verify the authority of a parent or legal guardian making the request.

You may request deletion of your account only through the UniClover application. Account deletion may be available only if you do not have an active clan and are not a member of any active clan at the time of the request. After deletion is requested, your account will be placed into a 30-day restoration period. During that period, you may restore the account. If the account is not restored within 30 days, the account and associated personal data will be permanently deleted, unless a longer retention period is reasonably necessary for legal compliance, fraud prevention, dispute handling, enforcement, or other legitimate and lawful purposes described in this Privacy Policy. For account deletion details, please see Account Deletion.

13) Cookies and Similar Technologies

We may use cookies, tokens, local storage, and similar technologies for authentication, security, preferences, analytics, fraud prevention, and service functionality. Where required by law, we seek consent for non-essential technologies.

14) Third-Party Services and Platforms

The Service may integrate with or rely on third-party services or platforms, including Roblox authentication or infrastructure providers. Their own terms and privacy notices may also apply to aspects of your use of those services.

15) Changes to This Privacy Policy

We may update this Privacy Policy from time to time. The revised version becomes effective when posted or otherwise communicated to you, unless a different effective date is stated.

16) Contact Us