Privacy Policy

1. Introduction

Digiphile ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our website, services, and platform (collectively, the "Service").

By using our Service, you consent to the data practices described in this Privacy Policy. If you do not agree with the terms of this Privacy Policy, please do not access the Service.

We reserve the right to make changes to this Privacy Policy at any time. We will notify you of any changes by updating the "Last updated" date and, for material changes, we will send you an email notification or display a prominent notice on our Service.

2. Information We Collect

2.1 Information You Provide Directly

We collect information you provide when you:

• Create an Account: Username, email address, password, date of birth, country of residence
• Complete Your Profile: Avatar, bio, gaming preferences, favorite genres, platform accounts (Steam ID, etc.)
• Make Purchases: Billing name, billing address, payment method details (processed by secure third parties)
• Contact Support: Name, email, description of issue, any attachments you provide
• Participate in Community: Forum posts, reviews, ratings, comments, direct messages
• Enter Promotions: Contact information, survey responses, competition entries
• Subscribe to Newsletter: Email address, content preferences

2.2 Information Collected Automatically

When you use our Service, we automatically collect:

• Device Information: IP address, browser type, operating system, device identifiers, mobile network information
• Usage Data: Pages visited, time spent, click patterns, search queries, purchase history, wishlist items
• Cookies and Tracking: Session cookies, persistent cookies, web beacons, pixel tags
• Log Data: Access times, referring website addresses, browser language, crash reports
• Location Information: Approximate location based on IP address for regional pricing and content
• Game Activity: Games owned, playtime, achievements (when linked accounts permit)

2.3 Information from Third Parties

We may receive information from:

• Social Media Platforms: When you log in using Facebook, Google, Twitter, Discord
• Gaming Platforms: Steam, Epic Games, GOG (with your permission)
• Payment Processors: Transaction confirmations, fraud prevention data
• Analytics Providers: Demographic data, interest categories
• Marketing Partners: Campaign effectiveness, referral sources
• Public Databases: For age verification and fraud prevention

3. How We Use Your Information

We use collected information for the following purposes:

3.1 Service Provision and Improvement

• Process transactions and deliver purchased products
• Maintain and improve our Service functionality
• Personalize your experience and recommendations
• Provide customer support and respond to inquiries
• Send service-related notifications and updates
• Manage your account and preferences

3.2 Safety and Security

• Detect and prevent fraud, abuse, and illegal activities
• Verify identity and age requirements
• Enforce our Terms of Service and policies
• Protect the rights and safety of users and third parties
• Maintain the security and integrity of our systems

3.3 Communication and Marketing

• Send promotional emails about new products, sales, and events (with consent)
• Deliver targeted advertisements based on your interests
• Conduct surveys and collect feedback
• Notify you about changes to our Service or policies
• Send push notifications (with your permission)

3.4 Legal and Compliance

• Comply with legal obligations and regulations
• Respond to legal requests and court orders
• Establish, exercise, or defend legal claims
• Comply with tax and financial reporting requirements

3.5 Analytics and Research

• Analyze usage patterns and trends
• Measure marketing campaign effectiveness
• Conduct market research and user studies
• Develop new features and services
• Create aggregated and anonymized statistics

4. How We Share Your Information

We do not sell, trade, or rent your personal information. We may share your information in the following situations:

4.1 Service Providers

We share information with trusted third-party service providers who assist us in:

• Payment processing (Stripe, PayPal, cryptocurrency processors)
• Email delivery (SendGrid, Mailchimp)
• Cloud storage and hosting (AWS, Google Cloud)
• Customer support (Zendesk, Intercom)
• Analytics (Google Analytics, Mixpanel)
• Content delivery networks (Cloudflare)
• Fraud prevention and security services

4.2 Business Partners

• Game developers and publishers (for key activation and support)
• Charitable organizations (for charity bundles)
• Co-marketing partners (with your consent)
• Platform providers (Steam, Epic Games) for integration

4.3 Legal Requirements

We may disclose information when required to:

• Comply with applicable laws and regulations
• Respond to subpoenas, court orders, or legal process
• Cooperate with law enforcement agencies
• Protect our rights, property, or safety
• Prevent fraud or cybersecurity threats

4.4 Business Transfers

In the event of a merger, acquisition, bankruptcy, or sale of assets, your information may be transferred to the successor entity. We will notify you via email and/or prominent notice on our Service of any change in ownership.

4.5 With Your Consent

We may share your information for other purposes with your explicit consent.

4.6 Aggregated and Anonymized Data

We may share aggregated or anonymized information that cannot identify you with third parties for marketing, research, or other purposes.

5. Cookies and Tracking Technologies

5.1 Types of Cookies We Use

• Essential Cookies: Required for basic site functionality, authentication, and security
• Performance Cookies: Help us understand how visitors interact with our Service
• Functionality Cookies: Remember your preferences and personalization settings
• Marketing Cookies: Track your activity to deliver relevant advertisements
• Analytics Cookies: Collect anonymous data about site usage and performance
• Social Media Cookies: Enable social media features and sharing

5.2 Third-Party Cookies

Third parties may place cookies on your device for advertising, analytics, and other purposes. These include:

• Google Analytics and Google Ads
• Facebook Pixel
• Twitter Analytics
• YouTube embeds
• Payment processor cookies

5.3 Managing Cookies

You can control cookies through:

• Our cookie consent banner and preference center
• Your browser settings (may impact Service functionality)
• Third-party opt-out tools (e.g., Google Ad Settings, Facebook Ad Preferences)
• Industry opt-out platforms (e.g., NAI, DAA, EDAA)

5.4 Do Not Track

We currently do not respond to Do Not Track (DNT) browser signals. However, you can use our cookie preferences to control tracking.

6. Data Security

We implement appropriate technical and organizational measures to protect your personal information:

6.1 Security Measures

• Encryption of data in transit (TLS/SSL) and at rest
• Secure password requirements and hashing (bcrypt)
• Two-factor authentication options
• Regular security audits and penetration testing
• Access controls and employee training
• PCI DSS compliance for payment processing
• Incident response and breach notification procedures
• Regular backups and disaster recovery plans

6.2 Your Security Responsibilities

You can help protect your account by:

• Using a strong, unique password
• Enabling two-factor authentication
• Keeping your login credentials confidential
• Logging out from shared devices
• Promptly reporting suspicious activity

6.3 Data Breach Notification

In the event of a data breach affecting your personal information, we will notify you within 72 hours via email and provide information about the incident and steps to protect yourself.

7. Data Retention

We retain your information for as long as necessary to provide our Service and comply with legal obligations:

7.1 Retention Periods

• Account Information: Duration of account plus 30 days after deletion
• Transaction Records: 7 years for tax and legal compliance
• Customer Support: 3 years from last interaction
• Marketing Communications: Until you unsubscribe plus 30 days
• Cookie Data: Up to 13 months or until deleted
• Server Logs: 90 days for security analysis
• User Content: Until deleted by user or account termination

7.2 Deletion Requests

You can request deletion of your personal information at any time. We will delete or anonymize your data within 30 days, except where we are required to retain it for legal purposes.

8. Your Privacy Rights

Depending on your location, you may have the following rights regarding your personal information:

8.1 Universal Rights

• Access: Request a copy of your personal information
• Correction: Update or correct inaccurate information
• Deletion: Request deletion of your personal information
• Portability: Receive your data in a machine-readable format
• Opt-out: Unsubscribe from marketing communications
• Withdraw Consent: Revoke previously given consent

8.2 GDPR Rights (EU/EEA/UK Residents)

• Right to object to processing
• Right to restrict processing
• Right not to be subject to automated decision-making
• Right to lodge a complaint with supervisory authorities

8.3 CCPA Rights (California Residents)

• Right to know what personal information is collected
• Right to know if information is sold or disclosed
• Right to opt-out of the sale of personal information
• Right to non-discrimination for exercising privacy rights
• Right to authorized agent representation

8.4 Additional State Rights

Residents of Virginia, Colorado, Connecticut, and Utah have similar rights under their respective privacy laws.

8.5 How to Exercise Your Rights

To exercise any of these rights, please:

• Email us at privacy@digiphile.co
• Use the privacy settings in your account dashboard
• Call us at 1-800-XXX-XXXX (toll-free)
• Submit a request through our privacy portal

We will respond to your request within 30 days (or 45 days for complex requests).

9. International Data Transfers

Your information may be transferred to and processed in countries other than your country of residence, including the United States.

9.1 Transfer Mechanisms

We ensure appropriate safeguards through:

• Standard Contractual Clauses approved by the European Commission
• Data Processing Agreements with service providers
• Adequacy decisions where applicable
• Your explicit consent for specific transfers

9.2 Data Localization

Where required by law, we store and process data locally in your jurisdiction.

10. Children's Privacy

Our Service is not intended for children under 13 years of age. We do not knowingly collect personal information from children under 13.

10.1 Age Verification

We use age verification mechanisms to prevent underage users from accessing age-inappropriate content or making purchases.

10.2 Parental Rights

Parents or guardians who believe we have collected information from a child under 13 should contact us immediately at privacy@digiphile.co. We will promptly delete such information.

10.3 Teen Privacy (13-17)

For users aged 13-17, we:

• Limit data collection to necessary information
• Restrict certain community features
• Do not sell or share personal information
• Provide enhanced privacy controls
• Require parental consent for certain activities

11. Third-Party Links and Services

Our Service may contain links to third-party websites, games, and services. We are not responsible for the privacy practices of these third parties.

11.1 External Links

When you click on external links, you leave our Service and are subject to the third party's privacy policy. We encourage you to review their policies before providing personal information.

11.2 Integrated Services

Some third-party services are integrated into our platform (e.g., Steam login, payment processors). These integrations are governed by both our Privacy Policy and the third party's policies.

11.3 User-Generated Links

Users may post links in forums or reviews. We are not responsible for the content or privacy practices of linked sites.

12. Marketing and Communications

12.1 Marketing Preferences

You can manage your communication preferences through:

• Account settings dashboard
• Unsubscribe links in emails
• Reply STOP to SMS messages
• Browser push notification settings
• Mobile app notification settings

12.2 Types of Communications

• Transactional: Purchase confirmations, account updates (cannot opt-out)
• Promotional: Sales, new products, events (opt-in/opt-out)
• Newsletter: Weekly/monthly updates (opt-in/opt-out)
• Recommendations: Personalized game suggestions (opt-in/opt-out)
• Community: Forum replies, friend requests (customizable)

12.3 Advertising

We may display targeted advertisements based on your interests. You can opt-out of personalized advertising through:

• Your account privacy settings
• Google Ad Settings
• Facebook Ad Preferences
• Industry opt-out tools (NAI, DAA)

13. Legal Basis for Processing (GDPR)

For users in the EU/EEA/UK, we process personal data based on the following legal grounds:

13.1 Contract Performance

• Account creation and management
• Processing purchases and deliveries
• Providing customer support
• Sending transactional communications

13.2 Legitimate Interests

• Improving our Service and user experience
• Fraud prevention and security
• Direct marketing (with opt-out rights)
• Analytics and research

13.3 Consent

• Marketing communications
• Cookies and tracking technologies
• Processing sensitive data
• Third-party data sharing

13.4 Legal Obligations

• Tax and financial reporting
• Law enforcement requests
• Court orders and legal proceedings
• Regulatory compliance

14. Automated Decision-Making

We use automated systems for certain decisions that may affect you:

14.1 Types of Automated Decisions

• Fraud detection and prevention
• Content recommendations
• Pricing and promotional offers
• Account security measures

14.2 Your Rights

You have the right to:

• Request human review of automated decisions
• Express your point of view
• Contest the decision
• Opt-out of profiling for marketing

15. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors.

15.1 Notification of Changes

We will notify you of material changes through:

• Email notification to registered users
• Prominent notice on our website
• In-app notifications
• Update to the "Last updated" date

15.2 Review Period

For material changes, we will provide at least 30 days' notice before the changes take effect, unless required sooner by law.

16. Contact Information

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

17. Supervisory Authorities

If you are not satisfied with our response to your privacy concerns, you have the right to lodge a complaint with your local data protection authority:

17.1 European Union

You can find your local Data Protection Authority at: https://edpb.europa.eu

17.2 United Kingdom

Information Commissioner's Office (ICO): https://ico.org.uk

17.3 California

California Privacy Protection Agency (CPPA): https://cppa.ca.gov

18. Acknowledgment and Consent

By using our Service, you acknowledge that you have read and understood this Privacy Policy and consent to the collection, use, and disclosure of your information as described herein.

If you do not agree with this Privacy Policy, please do not use our Service.