1 Secure Data Collection
We collect only essential information, using encrypted channels to protect your personal details.
🎮 Account Data
Username, email, hashed password, and gameplay preferences to personalise and protect your account.
💳 Payment Details
Billing address and anonymised payment tokens processed via PCI-compliant partners.
📱 Device & Network Data
Device fingerprinting, IP address, and session logs to detect anomalies and prevent fraud.
📊 Usage Analytics
Aggregated metrics on site interactions, collected anonymously to improve performance without tracking individuals.
2 Privacy-First Data Use
Your data is used solely to provide, maintain, and secure our services:
• Process orders and authenticate access
• Prevent and investigate fraudulent activities
• Deliver critical account and security alerts
• Enhance platform stability and uptime
• Respect legal obligations and enforce policies
3 Strict Sharing Controls
We never sell personal data. We share information only with:
• Service Providers: GDPR-compliant partners for payments, hosting, and security
• Legal Requirements: Authorities when mandated by law
• Corporate Transactions: In cases of merger or sale under confidentiality safeguards
• User Consent: When you explicitly authorise sharing
4 Robust Security Measures
We implement multiple layers of protection:
• AES-256 and TLS encryption for data in transit and at rest
• Multi-factor authentication options
• Regular security audits and penetration testing
• Role-based access controls and strict internal policies
• Continuous monitoring for suspicious activity
5 Your Rights (GDPR & UK GDPR)
You have full control over your data:
📋 Access
Request a copy of your personal data at any time.
✏️ Correction
Update or correct inaccurate information.
🗑️ Deletion
Ask us to erase your data, subject to legal requirements.
⏸️ Restriction
Limit how we process your data in specific scenarios.
📤 Portability
Receive your data in a machine-readable format.
🚫 Objection
Object to certain processing activities, including marketing.
6 Data Retention & Deletion
We retain data only as long as necessary:
• Account data: Active account duration + 3 years
• Purchase history: 7 years for compliance
• Support logs: 2 years post-resolution
• Analytics: Aggregated indefinitely without personal identifiers
7 Protection for Minors
Our services are not directed at children under 16. If we discover we process data for minors, we will promptly delete it.
8 Cross-Border Data Transfers
International processing under:
• Standard Contractual Clauses (SCCs)
• Adequacy decisions by relevant regulators
• Strict vendor assessments to ensure equivalent protections
9 Policy Updates & Notifications
We review this policy regularly. Material changes will be highlighted by updating the “Last Updated” date and posting a site-wide notice.