Trust & Safety
We build financial literacy through gameplay, not exploitation. Here's how we protect you.
We collect only what's needed to run the game. Your gameplay decisions, run outcomes, and proof cards are stored to provide the verification system.
We do not sell, share, or monetize your personal data. We do not track your browsing activity outside Point Zero One. We do not use your data for advertising.
Account deletion removes all personal data within 30 days. Proof cards are anonymized but preserved for competitive integrity.
Encryption at rest and in transit. All data is encrypted using AES-256 at rest and TLS 1.3 in transit. Database connections use SSL with certificate verification.
Authentication. Passwords are hashed with scrypt (64-byte key, 32-byte salt). Access tokens expire after 15 minutes. Refresh tokens rotate on each use and expire after 7 days.
Infrastructure. PostgreSQL 16 with streaming replication, PgBouncer connection pooling, and automated backups to geographically separate cold storage with SHA-256 verification.
Point Zero One is provably fair. Every run uses a deterministic seed, every decision is HMAC-signed, and every outcome can be independently verified.
Statistical anomaly detection flags suspicious patterns automatically. Flagged runs enter quarantine and are reviewed before proof cards are issued. See our Integrity page for the full verification process.
No real money is at risk in gameplay. Point Zero One is a simulation. All in-game currencies, net worth figures, and market movements are fictional.
All purchases are optional. The free tier provides a complete gameplay experience. Paid tiers add convenience and content, not competitive advantage.
No auto-renewal. All purchases are one-time payments. You will never be charged without explicitly buying something. Refund requests are handled within 48 hours.
Report issues: support@pointzeroonegame.com
Security vulnerabilities: security@pointzeroonegame.com
We take security reports seriously. Responsible disclosure is welcomed. We commit to acknowledging reports within 24 hours and providing a resolution timeline within 72 hours.