Privacy Policy

Last updated: July 2, 2025

1. Information We Collect

1.1 Discord Server Data

We collect and maintain information about Discord users' participation in servers that have been identified as cheating-related, including:

• Discord User IDs
• Server membership history
• Join timestamps
• Message activity patterns (where accessible)
• User roles and permissions within monitored servers

1.2 Gaming Platform Identifiers

Through our API users, we may receive and store gaming platform identifiers such as:

• Steam IDs
• License identifiers
• Other gaming platform unique identifiers
• FiveM and other game server identifiers

1.3 API Usage Data

When you use our API, we collect:

• API key usage and request patterns
• IP addresses and request metadata
• Query parameters and search terms
• Response times and error logs

2. How We Use Your Information

2.1 Primary Purposes

We use collected information to:

• Identify and track potential cheaters across gaming platforms
• Provide accurate API responses to our customers
• Maintain and improve our detection algorithms
• Generate statistical reports and analytics

2.2 Service Operations

We also use data for:

• API authentication and rate limiting
• Fraud prevention and security monitoring
• Customer support and troubleshooting
• Service optimization and performance improvement

3. Legal Basis for Processing (German Law)

As a German-based service, we process personal data under both GDPR and the German Federal Data Protection Act (BDSG). Our legal bases include:

• Legitimate Interest (Art. 6(1)(f) GDPR): Protecting gaming communities from cheating and fraud - our legitimate interests override individual privacy interests due to the scale of community protection provided
• Prevention of Criminal Acts (§ 24(1) Nr. 2 BDSG):Under German law, we may process data to prevent criminal activities including fraud and computer crime in gaming environments
• Security Research (§ 27 BDSG): Our processing supports research into gaming security threats and fraud prevention methodologies
• Contractual Necessity: Providing API services to our customers requires maintaining comprehensive security databases
• Legal Obligation: Complying with German and EU laws regarding data processing and security

4. Data Sharing and Disclosure

4.1 API Customers

We share processed data with authorized API customers for legitimate gaming security purposes. This includes:

• Cheater identification status
• Risk assessment scores
• Historical activity summaries
• Server membership indicators

4.2 Legal Requirements

We may disclose information when required by law or in response to:

• Valid legal process or court orders
• Government investigations
• Law enforcement requests
• Protection of our rights and safety

4.3 We Do NOT Share

We do not sell, rent, or trade personal information to third parties for commercial purposes.

5. Data Retention

We retain data for as long as necessary to maintain the integrity and effectiveness of our cheater detection service:

• Core Security Records: Maintained indefinitely while our service operates to ensure comprehensive cheater detection coverage
• Discord Server Data: Retained permanently unless manually removed by authorized high-ranking staff members after thorough verification that the monitored Discord server has been completely deleted and is no longer accessible. Such removals require administrative approval and security clearance.
• Gaming Platform Identifiers: Retained permanently to maintain cross-platform tracking capabilities
• API Usage Logs: Stored indefinitely for security, debugging, and service improvement
• Historical Activity Records: Maintained indefinitely to provide comprehensive historical analysis and prevent re-entry through different identifiers

6. Your Rights and Choices

6.1 Limited Data Subject Rights

Due to the security-critical nature of our service, your rights under EU data protection law are restricted where our legitimate interests in protecting gaming communities override individual rights:

• Access: You may request information about data we hold about you (subject to verification of identity and security clearance)
• Rectification: You may request correction of factually inaccurate information, though server membership records are typically automatically verified
• Erasure (Right to be Forgotten):Generally NOT available - deletion requests are typically denied as removal would compromise gaming security and our legitimate interests in fraud prevention
• Portability: Limited to basic account information only; security-related data is not portable
• Objection: You may object to processing, but objections will likely be overruled by our legitimate interests in maintaining gaming security

6.2 Exercising Your Rights

To exercise these rights, contact us through our Discord server or official channels. We will respond within 30 days and may require identity verification. However, most requests for data deletion will be denied to maintain service integrity.

6.3 Why Rights Are Limited

Under GDPR Article 6(1)(f) and Recital 47, we restrict certain rights because:

• Legitimate Interest Override: Our interest in preventing gaming fraud and protecting communities overrides individual privacy interests
• Security Necessity: Deleting cheater records would directly undermine the protection we provide to thousands of gaming servers
• Prevention of Harm: Removal of data could enable bad actors to re-enter communities they were previously banned from
• Technical Integrity: Our algorithms require complete historical data to function effectively
• Contractual Obligations: We have obligations to our API customers to maintain comprehensive security databases

6.4 False Positive Appeals

If you believe you have been incorrectly identified as a cheater, you may submit an appeal through our official channels. We will review cases where there is evidence of mistaken identity or technical errors. Successful appeals may result in record correction or annotation, but not deletion.

7. Data Security

We implement appropriate security measures including:

• Encryption of data in transit and at rest
• Access controls and authentication systems
• Regular security audits and monitoring
• Secure data centers and infrastructure
• Employee training on data protection

8. International Data Transfers

Data may be processed and stored in various jurisdictions. We ensure appropriate safeguards are in place for international transfers, including standard contractual clauses and adequacy decisions where applicable.

9. Children's Privacy

Our services are not intended for children under 13. We do not knowingly collect personal information from children. If we become aware of such collection, we will take steps to delete the information promptly.

10. Third-Party Services

Our website may contain links to third-party services. This privacy policy does not apply to external websites or services. We encourage you to review their privacy policies.

11. Data Breach Notification

In the event of a data breach that poses risks to your rights and freedoms, we will notify relevant authorities and affected individuals as required by applicable law, typically within 72 hours of discovery.

12. Updates to This Policy

We may update this Privacy Policy periodically. Material changes will be communicated through our website and official channels. Continued use of our services constitutes acceptance of the updated policy.

13. Contact Information

For privacy-related questions, concerns, or requests, please contact us through:

• Our official Discord server
• Documented support channels

14. German Data Protection Authority

As a German-based service, our primary supervisory authority is the Federal Commissioner for Data Protection and Freedom of Information (Bundesbeauftragte für den Datenschutz und die Informationsfreiheit - BfDI). If you believe we have not addressed your privacy concerns adequately, you may lodge a complaint with the BfDI or your local data protection authority.

Contact information for data protection authorities can be found on their respective official websites. Depending on your location, you may also contact your local data protection authority within the EU.

15. Governing Law

This Privacy Policy and our data processing practices are governed by German law, including the BDSG and GDPR as implemented in Germany. Any disputes will be subject to the jurisdiction of German courts.