Privacy Policy

Name: Gametrax
Address: Via Roma 123, 00100 Roma, Italy
Telephone: +39 06 1234 5678

Власник та оператор / Owner & Operator
Цей вебсайт та бренд Gametrax Studio належать та повністю управляються українською юридичною особою — Товариство з обмеженою відповідальністю "Глобенто", зареєстрованою відповідно до законодавства України (код ЄДРПОУ 44419289).
ТОВ «Глобенто» є єдиним власником, оператором та відповідальною стороною за всю комерційну, фінансову, технічну та юридичну діяльність, пов’язану з роботою цього вебсайту, обробкою персональних даних користувачів та наданням послуг.
Gametrax Studio не є окремою юридичною особою та використовується виключно як комерційний бренд і контактне представництво в Італії.
Юридична адреса: Шевченківський район, вулиця Зоологічна, будинок 12/15, м. Київ, 04119, Україна
Директор: Мартошенко Олександр
Телефон: +380 98 788 9035
This website and the Gametrax Studio brand are owned and fully operated by the Ukrainian legal entity Limited Liability Company "Globento", duly incorporated under the laws of Ukraine (EDRPOU code 44419289).
LLC “Globento” is the sole owner, operator, and responsible party for all commercial, financial, technical, and legal activities related to this website, including the processing of users’ personal data and the provision of services.
Gametrax Studio is not a separate legal entity and is used solely as a commercial brand and contact representation in Italy.
Registered address: Zoologichna Street 12/15, Shevchenkivskyi District, Kyiv, 04119, Ukraine
Director: Oleksandr Martoshenko
Phone: +380 98 788 9035
Контактна інформація / Contact Information
UA / EN
Контактне представництво в Італії / Italian contact office:
Gametrax Studio
Via Roma 123, 00100 Rome, Italy
Email: info@gametrax.pro
Phone: +39 06 1234 5678
Business hours: Mon–Fri, 9:00–18:00 CET

Return to Home Contact Support

Data Flow: From Input to Insight

We follow a principle of data minimization. We only collect what is necessary to deliver analytics. The flow is direct:

→ Direct Input: Your game handle, preferred regions, and profile settings.
→ Secure Processing: Match history and stats are pulled via the game's public API on demand. No local storage of raw match logs.
→ Aggregated Output: You see trends, win rates, and decision logs. Your personal data is never resold or used to build targeting profiles for third parties.

Abstract diagram showing user data moving securely to analytics dashboard.

Fig. 1: Secure Data Path

> Information We Collect

We categorize data into two tiers. Tier 1 (Essential): Account credentials (hashed), game handles, and your selected configuration. This is the minimum required to save your dashboard. Tier 2 (Usage): Anonymous metadata such as pages viewed, feature usage frequency, and device type (e.g., mobile vs. desktop). This data is stripped of personal identifiers and used solely to improve the tool's performance and stability.

> Purpose & Use

Every data point has a job. Game handles are used to query public API endpoints. Configuration data (e.g., your preferred metrics) is stored to personalize your view. Usage data helps us prioritize development—knowing which Decision Log features are most used tells us where to invest our engineering effort. We do not use your data to send unsolicited marketing emails or to analyze your personal behavior outside of our service.

> Data Sharing & Third Parties

We share data only when strictly necessary. Example: To fetch your match history, we query the official game API. This is a direct, server-to-server handshake. We do not sell data. We do not share data with advertisers. The only third-party processors we use are strictly for infrastructure (e.g., cloud hosting providers), all bound by comprehensive data processing agreements that mirror our privacy standards.

Your Rights

• Access & Portability
• Correction of Inaccurate Data
• Deletion ("Right to be Forgotten")
• Restriction of Processing
• Objection to Legitimate Interest

To exercise these rights, contact our Data Protection Officer at privacy@gametrax.pro.

Data Retention

Active accounts retain their data indefinitely for dashboard functionality. Upon account deletion, all personal data is purged from production systems within 30 days, except where required for legal or audit purposes (e.g., transaction records).

> Common Privacy Pitfalls

1. Data Bloat

Collecting "just in case" data that has no defined purpose. It increases breach risk and storage cost.

Our Mitigation: Every data field must justify its existence in our data inventory review.

2. Confusing Logs

Mixing analytical metadata with PII in system logs, making audits difficult and violations hard to trace.

Our Mitigation: Strict separation of application logs (error codes) from access logs (user ID, IP).

3. Third-Party Scope Creep

Analytics or tooling partners using data for their own undisclosed purposes.

Our Mitigation: Contractual clauses explicitly forbidding secondary use and requiring regular compliance attestations.

4. Opaque Deletion

Users requesting deletion but having no visibility into the process or timeline.

Our Mitigation: Upon request, we send a confirmation with a status tracker and a final summary upon completion.

> Security Posture & Assumptions

Core Assumptions

• The primary threat vector is credential stuffing or phishing, not sophisticated state-level actors.
• User devices are inherently insecure; the platform must enforce strong session management.
• The game's public API is a reliable source of truth; our layer must not become a data integrity bottleneck.

Operational Constraints

• We do not process payments, so PCI-DSS scope is limited to third-party processors.
• Our infrastructure must handle erratic, high-volume bursts of API requests during game updates.
• Data sovereignty is managed by our cloud provider's regional availability zones.

What Would Change Our View?

A verified breach in a partner gaming platform that shares our API ecosystem, a formal regulatory inquiry in our operating jurisdictions, or the discovery of a vulnerability in our core infrastructure would trigger an immediate review and disclosure of these policies.

Necessary Trade-offs

Data Richness vs. Privacy

More context (e.g., full chat logs) could improve analysis but massively increases exposure. We stop at match outcome and resource data.

Performance vs. Anonymity

Caching user data locally speeds up the dashboard but increases device-specific risk. We use encrypted, ephemeral sessions instead.

Feature Velocity vs. Security Audits

Rushing new features can introduce flaws. We mandate a privacy impact assessment for any new data field or external API call.

Openness vs. Control

Detailed logs aid debugging but can expose patterns. We implement strict log retention policies and role-based access controls.

Have a Specific Question?

Our Data Protection Officer is available to address specific concerns not fully covered by this policy.

Contact DPO