Posts by Jillian

Hey everyone,

Since we're pushing for full transparency, it's time to let the cat out of the bag. Some of you might have noticed a user named Mensa participating in this thread, sharing similar frustrations and experiences with Gameforge’s handling of account sanctions and data requests. Well, here’s the truth: Mensa was actually a pseudonym I created.

The reason? I wanted to run a test to see how Gameforge would treat "someone else" who wasn’t directly associated with my previous inquiries and experiences. The goal was simple: to gauge whether responses and support handling would differ from what I had personally encountered.

As expected, Mensa faced similar roadblocks, delays, and vague answers. It seems that regardless of the individual, the approach to transparency (or lack thereof) remains the same.

I did this to highlight that these issues aren’t unique to any one player, but rather reflect a systemic problem with how transparency and user data requests are being handled. It shouldn’t matter who is asking for their GDPR rights—we should all be entitled to the same level of clarity and responsiveness.

On that note, we’re contemplating writing a full review of this entire experience—covering the lack of transparency, the stonewalling tactics, and the way GDPR requests are handled. We believe this needs to be documented in full for the wider community to understand what’s going on behind the scenes and to push for real change.

I hope this experiment sheds even more light on the broader issue at hand. Let’s keep pushing for real answers and real change.

Hey Mensa,

First off, I completely understand your frustration, and I’m really sorry you’ve had to go through all of this. The way you've been treated—being led in circles for weeks, with vague responses and no clear answers—is sadly too familiar. Your experience mirrors what many of us, myself included, have faced while trying to get transparency from Gameforge regarding sanctions and the data behind them.

What makes this especially maddening is that, as you rightly pointed out, we’re simply asking for what we’re entitled to under GDPR—access to the personal data they used to make decisions about our accounts. It’s not an unreasonable request by any means. The fact that it took them a full month to even mention the option of filing a DSAR is deeply concerning and shows a serious lack of transparency and proper guidance on their end. And like you, I share doubts about how much clarity a DSAR would actually bring, based on my own experience.

In fact, I received a response to my own request recently, and while they finally acknowledged withholding some data, they used reasons like trade secrets and third-party privacy concerns as justification. They implied the data could compromise their internal systems, which feels like a stretch given that basic activity logs and sanction-related notes shouldn't fall under these protections.

I can’t help but feel that time-wasting tactics are exactly what they’re employing to make people give up before they ever get real answers. It's disheartening to see a company prioritize dodging accountability over taking care of their community’s concerns.

As for escalating this, I think it’s absolutely something worth considering. You have every right to escalate to the Data Protection Authority (DPA) in your country if you feel that Gameforge is mishandling your GDPR rights. Filing a formal complaint could push them to take these issues more seriously.

You’re definitely not alone in feeling like this. I’m hopefull to hear if anyone else has had similar experiences, but just know that you’ve got support from others who are going through the same nonsense. Thanks for sharing, and don’t hesitate to reach out if you want to discuss potential next steps—this community can be stronger together.

//EDIT

I could go more in depth in regards to the Email I received, but I am unsure on how much I can share in regards to its contents without "sharing private conversation", I can however also mention that they used the privacy of other users as an excuse, which is a serious matter - but a laughable excuse considering that said data that involves a 3rd party could be redacted or made anomynous. And I am not about to start asking if I can share the full content of the email, as a reply will probably never come. (and give reason to ignore my ongoing conversation with said party)

To give some extra clarity to the "time-wasting tactics" I've mentioned, My situation is ongoing since 2024-06-13. So its an ongoing case for over 12 weeks, or 3 months.

Through the Stars: An OGame Journey

In the endless expanse, where galaxies shine,

We build our empires, one fleet at a time.

From humble beginnings to battles hard-won,

We conquer the stars, our journeys begun.

Each mission we take, each alliance we form,

Brings triumph and glory, our fleets in full storm.

Achievements and avatars mark the way,

A universe of adventure, where we choose to stay.

Through lagging moments and bugs that persist,

We adapt, we endure, we fight and resist.

We chart our own course, through trials unknown,

In the OGame universe, we’ve made it our own.

But amidst all the wonder, there’s something we lack,

A call for transparency that never comes back.

For behind the stars, beyond all the play,

Lies silence and questions that won't fade away.

Quote from Cicada

may I ask you what is the key information you are missing? what kind of data we are talking about?

Ill respond to this in PM.

With Gameforge's announcement of a new update focusing on in-game achievements and avatars, it's important to reflect on whether these cosmetic additions are addressing the core issues that players have been facing for a long time.

1. Lackluster Performance:

Many players have continuously reported performance problems, especially on older servers and during peak times. Lag, server instability, and slow load times have been persistent issues that affect the core gameplay experience. Introducing new features like avatars and achievements, while fun, doesn't address these underlying problems that disrupt day-to-day play. Focusing on improving server performance and optimizing the game engine could arguably provide a much more meaningful update for the player base.

2. Transparency Issues:

As discussed earlier in this forum, transparency is a long-standing issue. Many players have voiced concerns about the lack of clear communication regarding account bans, decision-making processes, and even data handling under GDPR regulations. Before adding new cosmetic content, it would have been beneficial for Gameforge to tackle these transparency challenges head-on. Clear communication and the resolution of these issues would help rebuild trust and foster a stronger connection with the community.

3. GO/Admin Tool:

Another key area that could have used attention is the Game Operator (GO) and admin tool functionality. There have been numerous reports of inefficiencies in how tickets and player reports are handled. Players often experience long wait times for responses, or issues that aren’t properly escalated. Improving the tools used by Game Operators could streamline support processes, leading to quicker resolutions for the player base and more efficient management of issues in-game. Instead of focusing on new avatars, addressing these core problems would significantly enhance the overall player experience.

4. In-Game Bugs:

There are several in-game bugs that have plagued the community for far too long. Issues such as fleet bugs, incorrect resource calculation, or display errors have been persistent in the game, affecting gameplay and creating frustration among the player base. These bugs, while reported multiple times, often take a long time to fix or are simply not addressed. Instead of rolling out new content, resolving long-standing issues that affect the stability and fairness of the game would likely have a more immediate and positive impact on the player experience.

In short, while achievements and avatars are a fun addition, prioritizing performance, transparency, fixing in-game bugs, and enhancing administrative tools would likely resonate more with players who have been struggling with these issues for quite some time.

Quote from Jillian

This next step, for me, is largely uncharted territory, but based on past experience, we can assume the process continues in a similar fashion. Filing a DSAR is often seen as a “soft-legal” approach, and we all know that legal processes tend to drag out. So, let’s break it down:
1) You request clarification about missing information.
2) You’ll either receive the data you actually requested, or you’ll get another vague or empty response asking for further clarification, or citing "trade secrets" or security reasons as the basis for withholding information.
3) At this point, you have to specifically request the legal basis for these actions, which they were not required to provide earlier because you didn’t explicitly ask for it. This could take another month of waiting.

We can now verify above section;

1) While I requested clarification and was very specific about the exact information I was asking for, the dataset I received still excluded the key information I had clearly requested. Despite being explicit in my request, I have not received the data that I specifically asked for.

2) After receiving the incomplete dataset, no explanation was given for the missing data I had explicitly requested. As part of the ongoing process, I made it clear that the provided data was still incomplete. I reiterated the specific information I was asking for and highlighted the sections of the GDPR that entitle me to this data. I also formally requested the legal basis for withholding this information, as is required by law. At this point, the process involves waiting for their response, which should either provide the missing data or give a clear legal justification for withholding it.

Ongoing Assumptions and Verification:

Initially, my assumption was that the delays and lack of clarity in the responses were due to inefficiencies or a possible oversight. However, with the verification we now have, it’s becoming evident that there is a clear intent behind the way information is being presented—or rather, omitted. Despite explicitly requesting specific data multiple times, the information has been consistently excluded without any explanation or legal justification for its absence.

This pattern strongly aligns with the earlier issues I mentioned regarding the lack of transparency. Not only is critical data missing, but there’s also no attempt to provide a reason for withholding it, which under the GDPR, should have been addressed clearly. The absence of both the requested information and a valid legal basis further supports the idea that the messaging is carefully curated to delay or prevent the release of data altogether.

Loss of Trust:

This ongoing behavior makes it incredibly difficult to maintain trust in the system. When an organization fails to be transparent, particularly after repeated requests for clarification, it inevitably leads to doubt about their intentions. The refusal to provide specific, relevant information, combined with a lack of explanation, has caused me to lose confidence in their willingness to act fairly and within legal boundaries. Transparency is essential to building trust, and without it, it’s hard to believe that future interactions will be handled with honesty or respect for user rights.

I would like to reach out to anyone who has experienced similar issues, faced transparency challenges, or holds more information that they might be hesitant to share in a public forum. If you're comfortable discussing your experience privately, feel free to contact me on Discord: Jillian|Jollian.

Let’s work together to bring more clarity to these situations and help each other navigate this process. Your insights and stories could be invaluable in making progress on this.

Quote from zhog

I asked this because often people who take very seriously things other people do not deem important are often very young. ^^

I would argue that I simply have the time to care about it

Quote from zhog

Out of curiosity, how old are you ? Roughly ?

Not sure what my age has to do with this, but I am between 30-40.

Quote from DonutZ

Hang in there, keep fighting and be patient. While this long process may not end the way you want it to, it could at the very least show you where the legal rabbit hole leads, which will provide greater clarity to players about what legal rights they have to their personal information.

And we will "never back down"

I've given the transparancy issues some more thoughts today and typed the following:

Clarifying Gameforge/OGame's Use of "Official Channels"

from my personal viewpoint

It’s important to understand how Gameforge/OGame uses the term "official channels," especially in a realistic context. The wording is deliberately vague, and there's a reason for that: it gives Gameforge flexibility in its interpretation. While many may think "official channels" refers exclusively to the ticket tool, the reality is more nuanced.

Gameforge intends for the ticket system to be the primary means of communication for game support. However, anything that goes beyond the scope of what can be handled via the ticket tool (for instance, data privacy concerns or legal issues) must be directed to the appropriate higher-level channels.

When investigating what "official channels" are actually available, the options that you can identify are quite limited:

• The ticket tool for basic game support and inquiries.
• The privacy officer for issues related to GDPR and personal data. (this process can be started through the ticket tool)
• A legal email address for matters requiring legal attention.
• An address for news/marketing inquiries.

This setup reinforces their strategy of keeping most player interaction within the confines of the ticket system, while reserving the higher channels for very specific cases.

In my experience, having gone through several of these so-called "official channels," it feels as though they are structured to delay the process rather than resolve issues efficiently.

Typically, players start by opening a ticket, and from there, things can drag on for months. Many players will give up long before they get a proper resolution. The primary reason for these delays lies in the way ticket support is structured: it’s a back-and-forth system where each response offers limited information or vague answers, prolonging the resolution process.

If we look at the average response time for a ticket, it’s usually somewhere between 24 to 72 hours. However, this includes repetitive, sometimes irrelevant, responses that don’t advance the issue, and there’s no automatic escalation to a higher level of support. Whether your issue gets moved up depends largely on the support representative handling your case or whether you use the complain function in the ticket tool.

To be fair, part of the reason these tickets take so long is that many players assume they are already in the right place and don’t consider the possibility of escalating or using other "official channels." They think that once they’re in the ticket system, they’re where they’re supposed to be.

However, this is not the case for all situations. For privacy-related issues, you need to submit an official DSAR (Data Subject Access Request), which can be done through the ticket tool. From there, you’re legally entitled to a response within 1 month, but realistically, this will take around 2-3 weeks.

Once you receive your data dump, you’ll likely find that much of it is irrelevant to the issues you’re facing. At that point, you can ask for clarification on why certain information is missing, and again, they are legally obligated to respond within 1 month.

This next step, for me, is largely uncharted territory, but based on past experience, we can assume the process continues in a similar fashion. Filing a DSAR is often seen as a “soft-legal” approach, and we all know that legal processes tend to drag out. So, let’s break it down:

1. You request clarification about missing information.
2. You’ll either receive the data you actually requested, or you’ll get another vague or empty response asking for further clarification, or citing "trade secrets" or security reasons as the basis for withholding information.
3. At this point, you have to specifically request the legal basis for these actions, which they were not required to provide earlier because you didn’t explicitly ask for it. This could take another month of waiting.

After this, you’re in a position where you might start questioning whether it’s worth continuing down this path. Chances are, they’ll respond with a legal explanation as to why the data isn’t being provided, often citing trade secrets or other protected information.

At this stage, your options become quite limited. Most players, being naturally inclined to keep engaging, will continue the conversation with the privacy officer—but in my experience, this often results in silence. The officer may simply stop responding after they’ve provided what they claim is their “legal basis,” and won’t tell you that this is the end of the road unless you ask very specific questions they are legally required to answer.

The only option you have left at this point is to file a complaint with your country’s Data Protection Authority (DPA) if you’re in the EU. If you’re outside the EU, you’ll need to contact Germany’s DPA since that’s where Gameforge is based. Filing with a DPA could take another month or more. You’ll have to argue your case, and if they agree with your viewpoint, they will engage with Gameforge on your behalf. This adds another potential month to the process.

tl;dr

Ticket tool is a means to delay issues in hope that they simply get forgotten. And my past experience with it, has proven this.

Quote from Dreadnought

I would D.M. you but your profile is limited to your forum friends .

I can receive DM's just fine, from people that are not added as friends;

I am trying to push for a certain level of transparancy and access to data here that; we should honestly already have, as dictated by european law. (And, GF's own privacy policy)

For my own case, I am following the book on what my options are. This is however a process, that will take "many months". And a random player shouldnt have to go to such lengths to receive something he has rights to.

Hey Dreadnought

You bring up some interesting points, but I’d like to address a few aspects of what you said.

We are sort off derailing from the intent of this topic, so i'll provide my response in a spoiler and maybe we should consider continueing in PM.

Quote from Dreadnought

Reread what I stated it depends on the compact accord for the 2018 version of the digital safe play act.

And "the safe play act" is not a thing, like I said previously. - hence me asking for sources. If its a regulation of some sort, then there is documentation on it.

What I can find, is the following, which appear to be based around the things you've previously stated:

Kids Online Safety Act in the U.S. or the Digital Services Act (DSA) in the EU

The U.S. variantwe can forget about right now, but the DSA does not outrule the GDPR when its related to privacy - they have to provide reasoning on what and why they consider information trade secrets.

Quote from Dreadnought

Sorry but the international net neutrality compact

You lost me - I dont see how net neutrality has anything to do with what we are talking about.

Maybe cite some sources of what you are on about?

Quote from Dreadnought

The Kids Online Safety Act requires platforms to provide safeguards for minors, including restricting access to minors’ personal data

This just restricts outside access to personal data - not if you yourself were requesting YOUR data.

Quote from Dreadnought

data because some of that has ip location and under this act also prevents the company from disclosing it out side of a court room. since it has address information that could be used for questionable reasons

this perfectly explains why they gave me information that included ip logs.

No, I don't think we're talking about the same issues here.

To clarify:

I can find something about the "UK online safety act" and the closest replacement I can find that would be the EU equivalant is Digital Services Act (DSA). The DSA however poses obligiations to companies to to ensure transparency in their operations and processes, including how content is moderated and removed, and how decisions are made regarding user accounts.

That said, the GDPR continues to regulate how personal data is handled, and companies cannot withhold personal data based solely on vague claims of "trade secrets" if it involves the data subject's right to access their information. Thus, while trade secrets may protect certain internal processes, this does not provide blanket protection from transparency obligations under both GDPR and DSA

Quote from Dreadnought

The safe play act was enacted to insure a safe play environment for online mmorpgs and other multi player on line games and works both ways for player and provider alike. insuring players have a safe online experience and insuring online game companies. are guarded against divulging anti cheat/hack/bot measures. Or log data. That unless urged to be divulged under penalty of a judges direct order. This ties into corporate law in the DPA section many never see that is the inverse of a standard common DPA to protect the game company from corporate espionage and yes that is a thing.

I can not find anything online about what you are saying above in context of "safe play act" that has a connection to online gaming.

Can you cite me some sources regarding this? since its interesting stuff.

Quote from Dreadnought

Further more if it is gray area data

No, this is untrue - as long as its data thats, in a way used to make decisions on "one of my accounts" its considered user data, and should be shared upon request.

The legality on them intentionally not sharing specifics is vague, but "going by law" it is data they should share if you ask for "any and all data thats regarding me, and my accounts"

Quote from Dreadnought

You will have to sign a limited DPA and NDA to get it.

possibly, but unlikely - again, its user data. Hence it falls under GDPR.

Quote from Dreadnought

And when requesting data of your own and extraordinary data it needs to be detailed for anything that is in the gray area if you ask in the request for the company to list any gray area data that they are allowed to share with you and if not what are the hoops you need to go through to get it.

this is kind of the point though; If you ask for any and all data related to you that they store/process - you would expect them to share all that, but they do not. If its intentional or not, I do not know yet - but I've spoken with others that have received their "data package" with a DSAR request, and they pretty much share similar stories - not everything is added, and the data is witheld silently, without a given reason.

Anyways, we are going off on a tangent - my entire point is that transparancy can be a positive thing, and things like grey areas and what not should have no place in an online gaming community.

Quote from Dreadnought

any data used to capture or automatedly ban a players suspect activity and account behaviors. never will be required buy law to disclose as it puts the company at risk of failure of safe play And can harm a game due to flight of players from un playable conditions due to cheating on a game server. That costs a company money to recover from.

This is false. See earlier quotes I've made (or look at the gdpr)

Also not quite sure what you mean with "safe play act" as while I am familiar with the term in sports, its not something I've heard being used in esports (and honestly, it would be kind of a stretch to call ogame any kind of sport)

kind of besides the point though. It would be ideal if there was a way to both respect people's rights, and maintain game integrity. I am however, of the opinion that those that mean harm, already have a better view of how cheaters are caught then the average game opperator has.

Quote from KeVLaR

Also besides just being an all around menace, id love to know the reason as to why our current GA, chaosk has disliked this comment without chiming in. Please, explain how he is wrong in any part of his statement. Id love to hear your opinion on the matter since you clearly have one. Mr GA disliking the every day stuggles of the common folk... or maybe you have some ticks and tricks on how to stalk down some people above COMA, since that is what the post you disliked was about.

He is just a prime example of top notch behavior that we should all follow.

It is, however kind of telling how several teamlers have taken the time to "dislike" posts here, but they have not yet shared their opinion on different matters that have been brought up.

Hello Zhog,

Its easy to shut down any and all points with a "they don't are" argument.

but if we want to have a discussion about it, we'll have to be, atleast somewhat positive. If not, it'll just play into their hands to close this topic. (They can do this regardless, but atleast if they close it without an actual reason we'd have something to be angry about)

I remember, roughly 18 years ago. That we could still have an actual opinion in public.

I remember when IRC was a thing, and communication with GF/team actually happened...

There is so much positivity to look back to in those first 10 years.

the latter 10, however - I don't realy have a positive footnote on.

Congratulations, I guess.

Quote from mensa

I've been following both this and the previous discussion closely. As my own issue is still ongoing, I'll refrain from sharing any details that could be interpreted as "discussing a ban on an open forum," which could trigger the familiar urge for some to swiftly lock this thread.

That said, in my experience, it feels like there is an excessive reluctance to provide data that, in principle, I should have access to, especially if it’s being used against me. Even after presenting my own data that disproves one of their claims, I keep running into a loop of responses such as "we don’t have to provide X" and similar vague statements.

From conversations with others who have reached out to me via Discord, I’ve realized that the majority of those affected by these or similar issues tend to stay silent, either because they don’t care enough or they fear possible repercussions.

I used to have access to the Discord, but unfortunately, I no longer do because I shared some information that was deemed inappropriate. The transparency issue stretches even further there—leaking data or even just trying to have an open discussion seems to be met with disproportionate actions. Even if their rules clearly state you cannot leak data, the rules also state that exceptions can be made. And in situations where discussions come to a halt due their (as proven before) faulty policy, what else can we do but try get attention in public channels?

From what I've seen, it's clear that many people, like you mentioned, aren’t vocal about these issues, whether due to fear of repercussions or simply feeling like it won’t make a difference. It’s disappointing, and it only adds to the sense that transparency and fairness are being brushed aside in favor of keeping things under wraps.

It shouldn’t take this much effort to get basic access to data or even understand the reasoning behind decisions. Hopefully, if enough voices speak up, we can start seeing more openness and accountability from the team, and to much bigger extent: Gameforge.

Quote from Song

One thing is sure,that GF transparency doesn't exist.Personal data protection is another issue.In German law exists that any personal data that has been used from customer, company needs to provide information in which way it was used.We yet dont know in which way they ban people and with what evidence or they just say this guy should be banned and thats it, we dont know do they really use evidence and in a which way they do this. Well if people really want something to be done,filling the law suit will be best option just that GF can clear some things for next cases.

Hey Song,

You bring up a really important point about personal data and transparency. It shouldn’t have to come to filing a lawsuit or escalating to a Data Protection Authority (DPA) for players to access basic information about how their data was used, especially when it relates to decisions like account bans.

Under the GDPR and even German law, companies like Gameforge are required to provide users with details about how their personal data is processed, including evidence used in decisions like bans. The fact that players feel left in the dark without understanding the reason for administrative actions shows that the system lacks the transparency it should have. Players shouldn’t be forced to go through legal channels just to see how their data was used.

Transparency should be the default, not something that players have to fight for. Open access to data, clear communication on decisions, and an easy path for escalation can only help build trust and accountability in the community. Not to mention, that open access to your private data is a right by law.

Hopefully, with more voices speaking out, we can push for these basic rights to be respected without needing extreme measures like lawsuits.

Cheers,