Privacy Policy

Last updated: 02/02-2026

1. Data Controller

Phoenix Gaming / PhoenixGaming.net is the data controller responsible for the processing of your personal data on this website and related services.

2. What data we process

We typically process the following categories of data (depending on what you use):

• Account and login: SteamID (unique identifier), display name, profile URL/avatar metadata, and public profile information depending on your Steam privacy settings.
• Community integration: Discord user ID and link status (if you connect Discord).
• Purchases and subscriptions: purchase history, transaction references, status (active/cancelled), and technical receipt/order data.
• Technical data: IP address
• Moderation and security: information about sanctions (warnings/bans/blacklisting), reason codes, and relevant logs where necessary to enforce rules and protect the community.

3. Purposes and legal basis

We process your data for the following purposes and under the following legal bases:

4. Recipients and processors

We only share data when necessary, for example with:

• Payment providers (e.g., PayPal, card acquirers, MobilePay, payment platforms) to process payments and handle chargebacks/refunds.
• Platforms you choose to connect (e.g., Discord) in connection with account linking.

Where relevant, we use processors under data processing agreements.

5. Transfers outside the EU/EEA

Some providers (e.g., payment or hosting services) may process data outside the EU/EEA. In such cases, transfers are typically safeguarded through the EU Commission’s Standard Contractual Clauses (SCC) and/or other appropriate safeguards.

6. Retention periods

We store personal data as long as necessary for the purpose:

• Account and profile data: We store your data while your account is active. If you want your account and associated data deleted, you must contact us. After account closure, certain data may be retained for a short period (typically 6 months) for troubleshooting and abuse prevention.
• Purchase/receipt data: Stored for 5 years plus the current year in accordance with bookkeeping rules on retention of accounting records.
• Technical logs and security data: Typically stored for 90 days, unless they are part of a specific abuse or security incident case.
• Moderation data (ban/blacklist): Because we have a legitimate interest in protecting our community, information about exclusions (bans) is retained as long as necessary for security and operational reasons.

7. Your rights

You have rights under the GDPR, including the right of access, rectification, erasure, restriction, objection, data portability and – where processing is based on consent – the right to withdraw consent.

8. Complaints

You may file a complaint with the Danish Data Protection Agency (Datatilsynet) if you believe our processing of your personal data does not comply with the rules.

9. Security

We apply appropriate technical and organizational security measures to protect your data against unauthorized access, loss, and misuse.

10. Changes

We may update this policy from time to time. The latest version will always be available on the website.