Privacy Policy

Last Updated: October 26, 2024

Introduction

At Roxron, your privacy and data security are of utmost importance. This Privacy Policy explains how we collect, use, share, and protect your personal information in compliance with key data protection laws, including, but not limited to:

• General Data Protection Regulation (GDPR) – European Union;
• California Consumer Privacy Act (CCPA) – California, USA;
• Lei Geral de Proteção de Dados Pessoais (LGPD) – Brazil;
• Personal Information Protection and Electronic Documents Act (PIPEDA) – Canada;
• UK Data Protection Act (DPA) – United Kingdom.

By using our services, you agree to the collection and use of your information as described in this policy. If you do not agree with any part of this Privacy Policy, we recommend discontinuing the use of our services.

1. Information We Collect

1.1 Information You Provide Directly:

We collect personal information that you provide directly to us, such as:

• Full name;
• Email address;
• Contact details;
• Payment information (e.g., credit card number, bank account details);
• Identity verification documents (if applicable).

1.2 Information Collected Automatically:

We automatically collect certain information about your device and how you interact with our services, such as:

• IP address;
• Geolocation data (when applicable);
• Browser type and operating system;
• Pages visited and interactions on our website;
• Cookies and similar tracking technologies.

1.3 Information from Third Parties:

We may receive information from third parties, such as authentication providers (e.g., Facebook login) and payment partners.

2. How We Use Your Information

We use the collected information for the following purposes:

• Contract Fulfillment: To provide our services, process transactions, and fulfill our contractual obligations to you.
• Compliance with Legal Obligations: To comply with applicable laws, including tax and regulatory requirements.
• Legitimate Interests: To improve our services, understand user behavior, prevent fraud, and enhance security.
• Marketing: To send promotional communications (with your consent where required) and personalize your experience based on your interactions with our services.
• Service Improvement: To analyze usage data to optimize our products and services.

3. Legal Basis for Processing

Under GDPR, LGPD, and other data protection regulations, we process your personal information based on the following legal grounds:

• Consent: Where you have explicitly given your consent, such as for marketing communications.
• Contractual Necessity: Where processing is necessary to fulfill a contract with you (e.g., purchase and sale of RuneScape gold).
• Legal Obligation: Where processing is required by law (e.g., tax compliance).
• Legitimate Interests: Where processing is necessary for our legitimate business interests, provided that your rights and interests are not overridden.

4. Your Data Protection Rights

Depending on your jurisdiction, you may have the following rights regarding your personal information:

GDPR (European Union)

• Right to Access: You have the right to request access to your personal information.
• Right to Rectification: You can request the correction of inaccurate or incomplete data.
• Right to Erasure (Right to be Forgotten): You can request the deletion of your personal information.
• Right to Restriction: You can request a restriction on the processing of your data in certain circumstances.
• Right to Object: You can object to the processing of your data for marketing purposes or based on legitimate interests.
• Right to Data Portability: You can request a copy of your data in a structured, commonly used, and machine-readable format.
• Automated Decision-Making: You have the right not to be subject to decisions based solely on automated processing, including profiling, where such decisions affect your legal rights.

CCPA (California, USA)

• Right to Know: You have the right to know what categories of personal information we collect about you and how it is used.
• Right to Delete: You can request that we delete your personal information.
• Right to Opt-Out: You can opt out of the “sale” of your personal information (broadly defined under the CCPA).
• Non-Discrimination: You have the right not to be discriminated against for exercising your privacy rights under CCPA.

LGPD (Brazil)

• Right to Access: You have the right to request access to your personal information.
• Correction of Incomplete or Incorrect Data: You can request the correction of inaccurate or outdated data.
• Anonymization or Deletion: You can request anonymization, blocking, or deletion of unnecessary or excessive data.
• Data Portability: You can request the transfer of your data to another service provider, subject to regulation.
• Objection to Processing: You can object to the processing of your data where it violates the applicable law.

5. Data Retention

We will retain your personal information only for as long as necessary to fulfill the purposes outlined in this policy, including:

• Active Service Usage: Until your account is closed or you request deletion of your data.
• Legal Compliance: In accordance with legal and regulatory retention requirements (e.g., keeping tax records for up to 5 years).
• Immediate Deletion: In cases where you request deletion and we are not legally obligated to retain the data.

6. Sharing of Data

Roxron may share your personal information with the following entities:

• Third-Party Service Providers: To process payments, host our website, and analyze service usage (e.g., Google Analytics, PayPal).
• Legal Authorities: When required to comply with legal obligations, such as responding to law enforcement or regulatory requests.
• Business Transfers: In the event of a merger, acquisition, or asset sale, your information may be transferred as part of the transaction.

7. International Data Transfers

Your data may be transferred to and processed in countries outside the European Economic Area (EEA), Brazil, or California, where data protection laws may differ from those in your country of residence. When this occurs, we will take appropriate steps to ensure your data is protected in accordance with applicable data protection laws, including the use of Standard Contractual Clauses approved by the European Commission or other legally valid mechanisms.

8. Data Security

We implement appropriate technical and organizational measures to protect your personal information from loss, misuse, unauthorized access, disclosure, alteration, or destruction. These measures include encryption, firewalls, and strict access controls. However, no method of transmission over the internet or electronic storage is completely secure. While we strive to protect your data, we cannot guarantee its absolute security.

9. Cookies and Tracking Technologies

We use cookies and similar technologies to collect information about your interactions with our website. These include:

• Essential Cookies: Necessary for the functioning of our website.
• Performance Cookies: Used to understand user behavior and optimize our platform.
• Advertising Cookies: Used to deliver personalized ads.

You can manage your cookie preferences through your browser settings, but this may impact your experience on our site.

10. Children’s Privacy

Our services are not intended for children under the age of 13, and we do not knowingly collect personal information from children. If we learn that we have collected information from a child without verified parental consent, we will take steps to delete that information.

11. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or in applicable laws. When we make significant changes, we will notify you via email (if applicable) or by posting a notice on our website.

12. How to Contact Us

If you have any questions about this Privacy Policy or how we handle your personal information, please contact our Data Protection Officer (DPO) at:

Email: sac@roxron.com.br