Privacy Policy
Your privacy is important to us. Learn how we handle your data.
Introduction
PenguinStudios ("we", "us", or "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website penguinstudios.eu and use our services.
We comply with the General Data Protection Regulation (GDPR) and other applicable data protection laws. By using our services, you consent to the data practices described in this policy.
Data We Collect
Information You Provide
- Discord Account Data: When you log in via Discord OAuth, we receive your Discord ID, username, avatar, and email (if authorized)
- Contact Information: Email address and Discord username when you contact support
- Payment Information: Transaction details processed through PayPal or other payment providers (we do not store credit card numbers)
- Server Information: IP addresses associated with your plugin licenses
Information Automatically Collected
- Usage Data: Pages visited, time spent, clicks, and navigation patterns
- Device Information: Browser type, operating system, screen resolution
- IP Address: For security, fraud prevention, and analytics
- Cookies: Session cookies for authentication and preferences
How We Use Your Data
| Purpose | Legal Basis |
|---|---|
| Provide and manage your licenses | Contract performance |
| Process payments and transactions | Contract performance |
| Respond to support inquiries | Contract performance / Legitimate interest |
| Send important updates about your purchases | Contract performance |
| Prevent fraud and abuse | Legitimate interest |
| Improve our services and website | Legitimate interest |
| Comply with legal obligations | Legal obligation |
Data Sharing
We do not sell your personal data. We may share data with:
- Payment Processors: PayPal for transaction processing
- Discord: For OAuth authentication
- Marketplace Platforms: BuiltByBit, Polymart, Spigot for license verification
- Legal Authorities: When required by law or to protect our rights
Cookies
We use the following types of cookies:
- Essential Cookies: Required for authentication and basic functionality
- Functional Cookies: Remember your preferences and settings
- Analytics Cookies: Help us understand how visitors use our website
You can control cookies through your browser settings. Note that disabling essential cookies may affect the functionality of our services.
Data Retention
We retain your data for as long as necessary to:
- Provide our services and support your licenses
- Comply with legal obligations (e.g., tax records for 10 years)
- Resolve disputes and enforce our agreements
License data is retained indefinitely for verification purposes. You may request deletion of non-essential data at any time.
Your Rights (GDPR)
Under GDPR, you have the following rights:
- Right of Access: Request a copy of your personal data
- Right to Rectification: Request correction of inaccurate data
- Right to Erasure: Request deletion of your data ("right to be forgotten")
- Right to Restriction: Request limitation of processing
- Right to Data Portability: Receive your data in a structured format
- Right to Object: Object to processing based on legitimate interests
- Right to Withdraw Consent: Withdraw consent at any time
To exercise these rights, contact us via our Discord server.
Data Security
We implement appropriate security measures including:
- HTTPS encryption for all data transmission
- Secure password hashing and authentication tokens
- Regular security audits and updates
- Access controls and monitoring
- Encrypted database backups
While we strive to protect your data, no method of transmission over the Internet is 100% secure. We cannot guarantee absolute security.
International Data Transfers
Your data may be transferred to and processed in countries outside the European Economic Area (EEA). When this occurs, we ensure appropriate safeguards are in place, such as:
- Standard Contractual Clauses approved by the European Commission
- Adequacy decisions for specific countries
- Binding Corporate Rules where applicable
Children's Privacy
Our services are not directed to individuals under 16 years of age. We do not knowingly collect personal data from children. If you believe we have collected data from a child, please contact us immediately.
Changes to This Policy
We may update this Privacy Policy from time to time. We will notify you of significant changes by posting the new policy on this page and updating the "Last Updated" date. We encourage you to review this policy periodically.
Contact Us
For privacy-related inquiries or to exercise your rights, contact us:
- Discord: discord.penguinstudios.eu
We will respond to your request within 30 days as required by GDPR.