Privacy Policy

1. Introduction

Welcome to the Privacy Policy of Edge Suite. We respect your privacy and are committed to protecting your personal data. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our Services.

2. Data Controller

For the purposes of the GDPR, the data controller is:

• Service Name: Edge Suite
• Contact Email: privacy@yourdomain.com

3. Data We Collect

3.1 Information You Provide

We collect information that you voluntarily provide to us when you:

• Create an account via Steam authentication
• Make purchases in our store
• Participate in forums and community features
• Contact our support team
• Subscribe to newsletters or notifications

3.2 Data from Steam

When you authenticate via Steam, we collect:

• Steam ID: Your unique Steam identifier
• Profile Name: Your Steam display name
• Avatar: Your Steam profile picture
• Profile URL: Link to your Steam profile
• Country: Your country of residence (if public on Steam)

3.3 Automatically Collected Data

We automatically collect certain information when you use our Services:

• Usage Data: Pages visited, features used, time spent on the platform
• Device Information: IP address, browser type, operating system, device type
• Game Server Data: Connection logs, in-game statistics, playtime
• Cookies and Tracking: Data collected through cookies (see our Cookie Policy)

3.4 Payment Information

When you make purchases, we collect:

• Transaction details and purchase history
• Payment information is processed securely by third-party payment processors (PayPal, Stripe)
• We do not store your complete credit card information on our servers

4. How We Use Your Data

We process your personal data for the following purposes, based on the following legal bases:

4.1 Performance of Contract

We use your data to:

• Provide and maintain our Services
• Process transactions and deliver purchased items
• Manage your account and user profile
• Provide customer support

4.2 Legitimate Interests

We use your data to:

• Improve and optimize our Services
• Detect and prevent fraud, abuse, and security incidents
• Enforce our Terms of Service
• Analyze usage patterns and trends
• Maintain the safety and integrity of our community

4.3 Consent

With your explicit consent, we may use your data to:

• Send marketing communications and newsletters
• Personalize your experience
• Display targeted advertisements (where applicable)

You may withdraw your consent at any time by contacting us or updating your preferences.

4.4 Legal Obligations

We may process your data to comply with legal obligations, such as:

• Tax and accounting requirements
• Responding to lawful requests from authorities
• Enforcing legal claims

5. Data Sharing and Disclosure

5.1 Service Providers

We share data with trusted third-party service providers who assist us in operating our Services:

• Payment Processors: PayPal, Stripe (for processing transactions)
• Hosting Providers: For server and database hosting
• Analytics Tools: For understanding usage patterns
• Communication Services: For sending emails and notifications

All service providers are bound by data protection agreements and are prohibited from using your data for their own purposes.

5.2 Legal Requirements

We may disclose your data if required to do so by law or in response to:

• Court orders or legal processes
• Requests from law enforcement or regulatory authorities
• Protection of our rights, property, or safety
• Prevention of fraud or illegal activities

5.3 Business Transfers

In the event of a merger, acquisition, or sale of assets, your data may be transferred to the acquiring entity. We will notify you of any such change in ownership.

5.4 Public Information

Certain information may be publicly visible, including:

• Your username and profile information
• Forum posts and comments
• In-game statistics and leaderboards

6. Data Retention

We retain your personal data only for as long as necessary to fulfill the purposes outlined in this Privacy Policy:

• Active Accounts: Data is retained while your account is active
• Inactive Accounts: Data may be deleted after 2 years of inactivity (with prior notice)
• Transaction Records: Retained for 7 years to comply with accounting and tax obligations
• Server Logs: Retained for 90 days for security and troubleshooting purposes

You may request deletion of your account at any time (see Your Rights section).

7. Your Rights Under GDPR

7.1 Right to Access

You have the right to obtain confirmation of whether we process your data and to access your personal data. You may request a copy of your data by contacting us at privacy@yourdomain.com.

7.2 Right to Rectification

You have the right to request correction of inaccurate or incomplete personal data. You can update most information directly in your account settings.

7.3 Right to Erasure ("Right to be Forgotten")

You have the right to request deletion of your personal data under certain circumstances:

• The data is no longer necessary for the purposes for which it was collected
• You withdraw your consent (where processing is based on consent)
• You object to processing and there are no overriding legitimate grounds
• The data has been unlawfully processed

Note: We may retain certain data where we have a legal obligation or legitimate interest to do so (e.g., transaction records for accounting purposes).

7.4 Right to Restriction of Processing

You have the right to request restriction of processing of your data in certain circumstances, such as when you contest the accuracy of the data.

7.5 Right to Data Portability

You have the right to receive your personal data in a structured, commonly used, and machine-readable format and to transmit it to another controller.

7.6 Right to Object

You have the right to object to processing of your data based on legitimate interests or for direct marketing purposes.

7.7 Right to Withdraw Consent

Where processing is based on your consent, you have the right to withdraw that consent at any time without affecting the lawfulness of processing based on consent before its withdrawal.

7.8 Right to Lodge a Complaint

You have the right to lodge a complaint with a supervisory authority, particularly in the EU member state of your habitual residence, place of work, or place of the alleged infringement.

7.9 Exercising Your Rights

To exercise any of these rights, please contact us at:

• Email: privacy@yourdomain.com
• Subject Line: "GDPR Rights Request"

We will respond to your request within 30 days. In complex cases, we may extend this period by an additional 60 days with notification.

8. Data Security

We implement appropriate technical and organizational measures to protect your personal data against unauthorized access, alteration, disclosure, or destruction:

8.1 Technical Measures

• Encryption of data in transit (SSL/TLS)
• Encryption of sensitive data at rest
• Regular security audits and vulnerability assessments
• Firewalls and intrusion detection systems
• Secure authentication mechanisms

8.2 Organizational Measures

• Access controls and user permissions
• Staff training on data protection
• Data breach response procedures
• Regular backups and disaster recovery plans

8.3 Data Breach Notification

In the event of a data breach that poses a risk to your rights and freedoms, we will:

• Notify the relevant supervisory authority within 72 hours
• Notify affected users without undue delay
• Provide information about the nature of the breach and measures taken

9. Children's Privacy

Our Services are not intended for children under the age of 13. We do not knowingly collect personal data from children under 13. If you are a parent or guardian and believe your child has provided us with personal data, please contact us immediately.

For users aged 13-18, we recommend parental guidance when using our Services.

10. International Data Transfers

Your data may be transferred to and processed in countries outside your country of residence, including countries outside the European Economic Area.

When we transfer data from the EEA to third countries, we ensure adequate safeguards are in place:

• Standard Contractual Clauses approved by the European Commission
• Adequacy decisions by the European Commission
• Other legally recognized transfer mechanisms

11. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements. We will notify you of any material changes by:

• Posting the updated policy on our website
• Updating the "Last Updated" date
• Sending an email notification (for significant changes)

Your continued use of our Services after such modifications constitutes your acknowledgment and acceptance of the updated Privacy Policy.

12. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

• Email: privacy@yourdomain.com
• Subject: "Privacy Inquiry" or "GDPR Request"