GDPR Compliance Notice

From RebirthRO Wiki
Jump to: navigation, search

We believe we are not subject to the GDPR as Europe is not in any way our target market, however, we are in compliance with it now and have been mostly compliant long before it was a thing. We are strong believers in individual privacy and anonymity. Our data collection and data processing is and always has been minimal. We are always happy to answer any questions you may have regarding your privacy when using our services. We are not lawyers so we won't be able to answer every question but we will do our best.

  • We do not store your name, address, or any personal details.
  • We collect emails for the purpose of sending you information about your account (password recovery, invalid login attempts, 2-factor authentication, etc).
  • Our newsletter/marketing emails are strictly opt-in. They are not personalized with anything more than including your username which is just so you can verify the email was from us.
  • We log IP addresses for the purpose of account administration and handling fraud and scamming. Only senior staff have access to these logs. Note that we do not ban the use of a VPN. In fact, we are a customer, a vocal supporter, and an affiliate of Private Internet Access (PIA). Due to latency issues, it's generally not advisable to use a VPN for the game, but that's fully up to you.
  • We collect a unique ID connected to your computer when you log in through the game only (not the website). This ID is solely for administrative purposes (bans, tracking scammers, etc), much like Steam does. We do not use it for any other purpose and most staff do not have access to it.
  • We do not sell data or share identifying data that we have collected with third parties. We occasionally share statistics with our merchant partners (active user count, etc) as required by them, but this does not include emails, IP addresses, or any other personally identifiable information.
  • We generally anonymize data (remove email address and username) at user request. The only exception to this is accounts banned for severe reasons (threats of violence, fraud, etc) which we keep for the safety of our community.
  • We do not process any personal data for the sake of marketing. The only "marketing" process we do is overall item popularity to give us a better idea of what people like. Personal information is not used in this (we don't even look at the country of origin).
  • We will cooperate with law enforcement only when required by law (warrant). We do not volunteer any information.

Third Party Services

In addition to the obvious third party payment processors, we also use the following third-party services. Please review their terms and privacy policies for more details if you wish. As stated previously, you are always welcome to use a VPN if you wish.

  • Automated emails sent from our website, including emails sent by our staff from our support portal, are sent via Amazon Web Services (AWS) Simple Email Service (SES).
  • Manual emails (ones not sent via the site, such as if you email a staff member directly) are handled by Google.
  • Newsletter emails are handled by MailChimp. You must opt-in to receive these emails.
  • All incoming emails (emails that are sent to us) are handled by Google. This includes replies to automated emails.
  • We use Cloudflare and BunnyCDN as web content providers.