This is the start of something new

This is the start of something new

Managing a small business today is already tough. Avoid further complications by ditching outdated, tedious trade methods. Our goal is to streamline SMB trade, making it easier and faster than ever.

Efficiantur corrumpit potiendi semel difficilius exhorrescere negent pulcherrimum viris Triarium vituperata probant simulent voluptatis easque.

Satori terms and privacy

Privacy Policy

Last updated: May 23, 2026

This Privacy Policy explains what data Satori (the “Service”, the “Application”) collects, how we use it, who we share it with, and the rights you have over your data. By using Satori you agree to the practices described below.

1. Who We Are

Satori is operated by CORS Services, Rua do Pocinho, Chaos, Portugal (“we”, “us”, “our”). We are the data controller for the purposes of EU/UK data protection law.

Questions or requests: hugo@cors.digital

2. Data We Collect

We deliberately collect as little as possible. Satori does not require an account, email address, or phone number to play.

Collected when you play

• Device identifier — a unique ID generated by your device, or, on platforms that don’t expose one, a random UUID generated and stored locally. Used to authenticate your device to our leaderboard server without requiring you to sign in.
• Platform — the operating system family (iOS, Android, macOS, Windows, Linux, Web) of the device you’re playing on.

Collected when you submit a run to the leaderboard

• Display name — a name you choose, shown publicly on the leaderboard. Names are automatically screened and replaced if they contain profanity, hate speech, impersonate staff (e.g. “Admin”), or otherwise violate community standards.
• Game session data — for each run you finish: score, number of rounds completed, duration in seconds, game mode, and outcome (win/lose).
• Idempotency identifier — a client-generated UUID per run to prevent duplicate submissions on retry.

Collected incidentally by our servers

• IP address — recorded in server access logs for security, rate-limiting, and abuse prevention. Logs are retained for up to 30 days.

What we do NOT collect

We do not collect: email address, phone number, real name, postal address, precise or coarse location, contacts, calendar, photos, microphone or camera access, the IDFA (iOS) or Advertising ID (Android), cross-app or cross-website tracking data, biometric data, or payment information.

3. How We Use Your Data

We do not use your data for advertising, profiling, automated decision-making with legal effect, or to send you marketing communications. There is no email list because we do not collect email addresses.

4. Who We Share Your Data With

• Display name + score + rank are public — visible to other players via the in-app leaderboard and the optional public web leaderboard.
• Hosting provider — our backend runs on third-party infrastructure within the European Union. The provider stores data on our behalf under a Data Processing Agreement and does not use it for any other purpose.
• Law enforcement / legal requests — we may disclose data if required by a valid legal process (court order, subpoena) or to protect the rights, safety, or property of CORS Services, our users, or the public.
• Business transfers — if CORS Services is acquired or merged, your data may transfer to the successor entity. We will notify you and update this policy before any such transfer takes effect.

We do not sell your personal data. We do not share your data with advertising networks, analytics SDKs, or data brokers.

5. Where Your Data Is Stored

Game servers are hosted within the European Union and operated by CORS Services from Portugal. Your data is processed and stored on EU infrastructure. If you access the Service from outside the EU, your data may be transferred to and processed in the EU, which is recognized as providing an adequate level of data protection.

6. How Long We Keep Your Data

We retain data only as long as needed for the purposes above. Where possible we shorten retention or anonymize.

We may retain data longer where required by law or to defend legal claims.

7. Local Data Stored on Your Device

The Satori app stores the following on your device:

• Your authentication token
• Locally-queued leaderboard submissions waiting to sync
• Your game progression (unlocks, statistics, best runs)
• App settings (audio, language, etc.)
• A copy of your display name

None of this leaves your device except when you sync with the leaderboard. Deleting the app removes all locally-stored data.

8. Deleting Your Account

You can delete your account and all associated server-side data at any time:

1. Open the game → Settings → Delete account, or
2. Email us at hugo@cors.digital from the address associated with your account.

What gets deleted within 24 hours of your request:

• Your device record
• Your profile and display name
• All your game sessions
• All your leaderboard entries (across weekly, monthly, and all-time boards)

Residual copies in encrypted backups are purged within 30 days. Anonymized statistical aggregates that cannot be linked back to you may be retained indefinitely.

9. User-Generated Content

The display name you choose appears publicly on the leaderboard and is visible to other players. We do not tolerate objectionable content. We automatically screen and replace names that:

• Contain profanity, slurs, or sexually explicit language
• Impersonate staff or system accounts (e.g. “Admin”, “Moderator”)
• Use leetspeak or character substitution to bypass the filter

We may also remove or rename a display name at our sole discretion. To report an objectionable name or other abuse, email hugo@cors.digital — we aim to respond within 24 hours.

If a name we assigned you (after sanitization) does not suit you, you may change it from the in-game Settings.

10. Your Rights

Depending on where you live, you have some or all of the following rights:

• Access — request a copy of the personal data we hold about you
• Rectification — correct inaccurate data
• Erasure — delete your account and data (see Section 8)
• Portability — receive a machine-readable copy of your data
• Objection — object to processing based on legitimate interest
• Restriction — ask us to pause processing in certain cases
• Withdraw consent — where processing relies on consent

To exercise any of these rights, email hugo@cors.digital. We will respond within 30 days.

EU / UK users: you have the right to lodge a complaint with your local data protection authority. In Portugal, that is the Comissão Nacional de Protecção de Dados (CNPD).

California users (CCPA): we do not sell or share your personal data for cross-context behavioral advertising. You have the right to know, delete, correct, and to non-discrimination for exercising these rights.

11. Children’s Privacy

Satori is not intended for children under the age of 16. We do not knowingly collect personal data from anyone under 16. If you are a parent or guardian and believe your child has provided us with personal data, please contact us at hugo@cors.digital and we will delete it.

12. Security

We use industry-standard measures to protect your data, including TLS encryption in transit and access controls on our servers. No method of transmission or storage is 100% secure, so we cannot guarantee absolute security; we do commit to using commercially reasonable means to protect what we hold.

13. Third-Party Links

The Service may contain links to third-party websites (for example, our support address, app store pages, or our company site). We are not responsible for the privacy practices of those third parties. Review their policies before submitting any information.

14. Changes to This Policy

We may update this Privacy Policy from time to time. When we do, we will update the “Last updated” date at the top, and — for material changes — display a prominent in-app banner on next launch. Continued use of the Service after a change indicates acceptance.

15. Contact