PRIVACY POLICY

Introduction

This Privacy Policy describes how SIEGEVAULT ("we," "us," or "our") collects, uses, and discloses your information when you use our website and services. By accessing or using SIEGEVAULT, you agree to the terms of this Privacy Policy. If you do not agree with the terms, please do not access or use our services.

Effective Date: April 11, 2026

Important Disclaimer: This Privacy Policy is provided for general informational purposes only and does not constitute legal advice. It is intended to provide transparency regarding our data practices and should be reviewed alongside applicable legal requirements. We recommend consulting with a qualified legal professional to ensure compliance with all applicable laws and regulations.

Data Controller

For the purposes of applicable data protection law, including the General Data Protection Regulation (GDPR), the data controller responsible for your personal data is:

SIEGEVAULT
Operating Location: Ireland (European Economic Area)
Email: privacy@siegevault.org

SIEGEVAULT is currently operating as an independent service and is not yet registered as a formal legal entity. Upon registration, this section will be updated to reflect the official entity details.

We operate in accordance with applicable European Union data protection laws. If you are located in the European Economic Area (EEA), you have specific rights under the GDPR.

Information We Collect

We collect information that you provide directly to us when you use our services, such as when you register interest in an account, submit a request, or contact us. This may include:

  • Contact Information: Your name, email address.
  • Account Preferences: Details about the type of accounts you are interested in (e.g., desired rank, skins, platform, budget).
  • Communication Content: Any messages or inquiries you send to us.

We do not knowingly collect sensitive personal information (e.g., health information, racial or ethnic origin, religious beliefs) unless voluntarily provided by you for a specific purpose, and with your explicit consent.

The specific legal basis applied depends on the nature of the data and the purpose of processing, as outlined in the section below.

How We Use Your Information & Legal Basis

We process your personal data only where we have a valid legal basis under applicable law. The primary legal bases we rely on are:

  • Contractual Necessity: To respond to your requests, match you with requested digital products or services, and facilitate transactions or communications you initiate.
  • Legitimate Interests: To operate, maintain, and improve our services, including fraud prevention, abuse detection, and system security, provided such interests do not override your fundamental rights and freedoms.
  • Consent: Where required, we rely on your explicit consent, particularly for any optional data sharing or specific processing activities. You may withdraw your consent at any time.
  • Legal Obligation: To comply with applicable legal or regulatory requirements.

Where applicable, SiegeVault may process limited usage or diagnostic data related to purchased software tools for the purposes of support, maintenance, and service improvement. No invasive monitoring or unauthorized system access is performed.

We do not engage in automated decision-making or profiling that produces legal or similarly significant effects.

How We Share Your Information

We do not sell, rent, or trade your personal data.

We may share limited information only where necessary:

  • Service Providers: We may share relevant data with trusted contractors or service providers strictly for the purpose of delivering our services (e.g., account sourcing or customer support). Wherever possible, this data is limited to non-identifying account preferences.
  • Controlled Data Sharing: In rare cases where additional information is required to fulfill a request, we will clearly notify you in advance and obtain your explicit consent before any such data is shared. Our contractors in such cases are bound by strict Non-Disclosure Agreements (NDAs) to protect your information.
  • Legal Requirements: We may disclose your information if required to do so by law or in response to valid legal requests.
  • Business Transfers: In the event of a merger, acquisition, or asset sale, your data may be transferred subject to confidentiality obligations.

All third parties are required to handle your data securely and only for specified purposes. However, independent third-party actions remain outside our direct control.

International Data Transfers

Where your personal data is transferred outside of the European Economic Area (EEA), we ensure appropriate safeguards are in place, such as standard contractual clauses or equivalent legal mechanisms, to protect your data in accordance with GDPR requirements.

Data Retention

We retain your personal information only for as long as necessary to fulfill the purposes for which it was collected, including for the purposes of satisfying any legal, accounting, or reporting requirements. To determine the appropriate retention period, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorized use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements.

In general:

  • Inquiry data is retained for up to 12 months after last contact
  • Transaction-related data may be retained longer where required for legal or record-keeping purposes

Cookies and Tracking Technologies

We may use essential cookies or similar technologies necessary for the operation and security of our website.

We do not use tracking cookies, advertising cookies, or intrusive analytics systems without your explicit consent.

You can control or disable cookies through your browser settings.

Where required under applicable law, we will request your consent before placing any non-essential cookies or similar technologies on your device.

Data Security

We implement reasonable technical and organizational measures to protect your information from unauthorized access, disclosure, alteration, or destruction. These measures may include access controls, data minimization practices, and secure handling procedures designed to reduce the risk of unauthorized exposure. Access to personal data is restricted to authorized individuals on a need-to-know basis. However, no method of transmission over the internet or electronic storage is 100% secure. Therefore, while we strive to use commercially acceptable means to protect your personal information, we cannot guarantee its absolute security.

You are responsible for maintaining the confidentiality of any credentials used to access our services.

Your Rights

If you are located in the European Economic Area (EEA), you have the following rights under the GDPR:

  • Right of access to your personal data.
  • Right to rectification of inaccurate or incomplete data.
  • Right to erasure ("right to be forgotten"), subject to legal limitations.
  • Right to restrict processing.
  • Right to object to processing based on legitimate interests.
  • Right to data portability.
  • Right to withdraw consent at any time where processing is based on consent.

You also have the right to lodge a complaint with a supervisory authority. In Ireland, this is the Data Protection Commission (DPC) (https://www.dataprotection.ie).

To exercise your rights, contact us at: privacy@siegevault.org

We will respond to all requests within one month of receipt, in accordance with applicable data protection laws.

Third-Party Links

Our website may contain links to third-party websites or services that are not operated by us. We have no control over, and assume no responsibility for, the content, privacy policies, or practices of any third-party sites or services. We encourage you to review the privacy policies of any third-party sites you visit.

Children's Privacy

Our services are not directed to individuals under the age of 18. We do not knowingly collect personal information from children. If you are a parent or guardian and believe that your child has provided us with personal information, please contact us, and we will take steps to remove that information from our systems.

Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or for other operational, legal, or regulatory reasons. We will notify you of any material changes by posting the new Privacy Policy on this page and updating the "Last Updated" date. We encourage you to review this Privacy Policy periodically for any changes.

Contact Us

If you have any questions or concerns about this Privacy Policy or our data practices, please contact us at:

Email: privacy@siegevault.org

Last Updated: April 11, 2026

This Privacy Policy is designed to align with the principles of transparency, data minimization, and accountability under applicable data protection laws, including the GDPR.