Live feed drop
Live feed drop
Live feed drop
Live feed drop
Live feed drop
Live feed drop
Live feed drop
Live feed drop
Live feed drop
Live feed drop
Live feed drop

Privacy Policy

Date Last Modified: September 25, 2024

  1. WHAT DOES THIS PRIVACY POLICY COVER?

    This Privacy Policy applies to the personal data that We collect and process acknowledging and understanding that Your privacy is important to You and that You care about how Your personal data is collected and processed.

    We are dedicated to safeguarding and preserving Your personal data and privacy when visiting Our Website, utilizing Our services, products or communicating electronically with Us.

    For the purposes of the data protection laws that apply to us, including the GDPR which is the European General Data Protection Regulation and Cyprus Data Protection Law, We act as the Data Processor on behalf of the Data Controller for the personal data that We collect and process to enable You to make use of Our Services.

    The purpose of this Privacy Policy is to transparently provide You with an explanation as to the legal basis for Us collecting and processing Your personal data, the categories of personal data that We may collect about You, what happens to the personal data that We may collect, where We process Your personal data, how long We are required to retain Your personal data, who We may share Your personal data with and to also explain Your rights as a data subject.

    We do update this Privacy Policy from time to time and will post all updates to Our Website as and when issued. Please review this policy regularly on Our Website for any changes.

    By subscribing to our services or filling in a contact form on Our Website or other websites and applications owned by Us, You agree and accept that we may gather, process, store and/or use the submitted personal data under the rules set in this Policy and other public documents that are published on this website.

  2. DEFINITIONS AND INTERPRETATIONS

    In this Privacy Policy the following terms shall have the following meanings:

    Company
    means Moontain Limited, a legal entity registered under the laws of the Republic of Cyprus with registration number HE410299, located at 13 Kypranoros street, office 205, 1061, Nicosia, Cyprus, which owns and operates the Website.
    Cookie
    means a small text file placed on Your computer or device by Our Websites when You visit certain parts of Websites.
    GDPR
    means the General Data Protection Regulation (EU) 2016/679, of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of Personal Data and on the free movement of such data, and repealing Directive 95/46/EC, as amended, replaced or superseded and in force from time to time and as transposed into member-state legislation.
    Cyprus Data Protection Law
    means Law providing for the Protection of Natural Persons with regard to the Processing of Personal Data and for the Free Movement of such Data of 2018 (Law 125(I)/2018), adopted for the effective implementation of certain provisions of the GDPR.
    Privacy Policy
    means this Privacy Policy as updated from time to time and made public on Our Website.
    Personal Data
    means any information which relates to an identified or identifiable natural person. An identifiable person is one who can be identified directly or indirectly in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
    Website
    means the website https://skin.club.
    Services
    means all features, functionalities, content, downloads, tools, resources, information, and assistance offered through the Website or otherwise in connection with it.
    You, Your
    means You, as User, a natural person who is at least 18 years old and agrees to follow this Privacy Policy.
    We, us, our
    refers to the Company.
  3. YOUR DATA PROTECTION RIGHTS

    Under the GDPR You, as a data subject, have certain rights over the personal data that We hold and process.

    We are committed to make it easy for You to exercise these rights in the most transparent manner possible.

    You can exercise any of Your rights in relation to the data that the Company holds about you, by contacting us through the contact details provided in Section 15 (the “Subject Request”). We promise to promptly consider Your request and to respond to You in accordance with the requirements of the Cyprus Data Protection Act and GDPR.

    The only exception from the above is the right to erasure (e.g., point d of this Section 3) which shall be submitted exclusively through the support chat available within Your account on the Website, as specified in Section 15. This procedure is in place to ensure an additional layer of security and to verify Your identity, given the permanent nature of this action and the irrevocable deletion of Your data.

    Pursuant to GDPR We are required to respond without undue delay to all requests on exercise of Your rights, whereas in practice this means We have to respond within 1 (one) month of receipt of the Subject Request.

    Ordinarily Subject Requests are free of charge.

    We may extend the time period for responding to a Subject Request by a further 2 (two) months and may charge a reasonable fee if We deem the request to be manifestly unfounded or excessive, however, We are required to advise You of Our intention to do this within 1 month of Your subject access request.

    The following are the specific rights You have over Your personal data We hold and process, namely:

    1. The right to be informed about Our collection and processing of Your personal data including without limitation the legal basis for the collection and processing, the categories of data, the methods of data use, the envisaged period for which the personal data will be retained. This Privacy Policy should tell You everything You need to know, but You can always contact Us to find out more or to ask any questions.
    2. The right to access Your personal data We collect about you, which provides You, as the data subject, the right to obtain a copy of Your personal data that We are processing for You.
    3. The right to have Your personal data rectified if any of Your personal data that We collect and process is in any way inaccurate or incomplete.
    4. The right of erasure (otherwise known as “the right to be forgotten”), i.e. the right to ask Us to delete or otherwise dispose of any of Your personal data that We process. Please note that this is not an absolute right and We may not be able to comply with Your request as We may be legally obliged to continue to retain Your personal data for a specific period.
    5. The right to restrict (i.e. prevent) the processing of Your personal data by us.
    6. The right to object to Us processing Your personal data for a particular purpose or purposes. Please note that the right to object only applies in certain circumstances and will depend on the purposes or legal basis for the processing.
    7. The right to data portability. This only applies where You have provided personal data to Us directly, the legal basis for Us processing Your personal data is i) consent or ii) for the performance of a contract and We are processing Your data using automated means. In such instances You have the right to receive Your personal data (or request that We transfer it to another Controller) in a structured, commonly used and machine readable format.
    8. Rights relating to automated decision-making and profiling. We do not use Your personal data in this way.
    9. The right to lodge a complaint with any relevant Data Protection Authority, in particular in the member State of Your residence, place of work or the place of processing Your personal data.
  4. PERSONAL DATA WE COLLECT ABOUT YOU

    During collecting and processing the personal data, the Company adheres the principles as follows:

    • Lawfulness, fairness and transparency

      Lawfulness – the controller identifies a lawful basis before processing the personal data (for example consent).

      Fairness – in order to process fairly, the controller has to make certain information available to the data subjects as practicable. This applies whether the personal data was obtained directly from the data subjects or from other sources.

      Transparency – any information and communication relating to the processing of the personal data be easily accessible and easy to understand, and that clear and plain language be used.

    • Purpose limitation

      The personal data must be collected for specified, explicit and legitimate purposes and not further processed in a manner that is incompatible with those purposes; further processing for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes shall not be considered to be incompatible with the initial purposes.

    • Data minimization

      The personal data must be adequate, relevant and limited to what is necessary in relation to the purposes for which they are processed.

    • Accuracy

      The personal data must be accurate and, where necessary, kept up to date; every reasonable step must be taken to ensure that personal data that are inaccurate, having regard to the purposes for which they are processed, are erased or rectified without delay.

    • Storage limitation

      The personal data must be kept in a form which permits identification of data subjects for no longer than is necessary for the purposes for which the personal data are processed. Personal data may be stored for longer periods insofar as the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes, if only are implemented appropriate technical and organizational measures required by governing law in order to safeguard the rights and freedoms of the data subject.

    • Integrity and confidentiality

      The personal data must be processed in a manner that ensures appropriate security of the personal data, including protection against unauthorized or unlawful processing and against accidental loss, destruction or damage, using appropriate technical or organizational measures.

  5. LEGAL BASIS FOR COLLECTING AND PROCESSING PERSONAL DATA

    The Company will process Your personal data based on legal bases such as:

    • the performance of Our contract with You (i.e. the provision of Our Services to You);

    • Our legitimate business interests (i.e. for fraud prevention, maintaining the security of Our network and services, seeking to improve the Services that We provide and Your interaction with us). Whenever We rely upon this lawful basis We assess Our business interests to make sure that they do not override Your rights. Furthermore, in some cases You have the right to object to this processing;

    • with Your consent for direct marketing purposes so that We may keep You fully up to date with other products and services that We supply and think may be of interest to You. Where We rely upon consent, We will need Your explicit consent, which may be removed at any time;

    • Our legal obligation.

  6. CATEGORIES OF THE PERSONAL DATA WE COLLECT

    A summary of the Personal Data that We collect and process, when We collect it, how We use it and why We use it (i.e. the legal basis for processing) is listed below:

    Personal DataWhen We collectHow We useWhy We use
    Steam ID, Steam level and other publicly available Steam Profile dataDuring registration and authentication procedure We use Your Steam account information to register You as a User and identify You in Our Services and to restore Your account Necessary for the Services provision to You
    Information about Your payment transactions (as well as email used for payments)When You make payments We collect data necessary to process Your payment. All payment data is stored by Our payment processors and You should review its privacy policies and contact the payment processors directly if You have a question relating to processing of payment data Necessary to comply with a legal obligation
    History of IPs used to access the WebsiteWhen you access the Website We use Your IP to determine the list of payment methods and services available for Your location and to run security checks when detecting suspicious actions with Your account Necessary for the Services provision to You and fraud prevention monitoring
    Website usage dataWhen You use Our Services We collect the Website usage data (such as the most frequently visited pages, number of sessions, general types of activity) to improve the Website functionality Necessary for the Services provision to You
    Your emailWhen You subscribe to Our marketing emailsWe send You via provided email new product offers and marketing promotionsNecessary for reaching You for marketing communications
    Personal informationDuring verification procedures We collect Your personal information (described below in more details) to verify Your identity to comply with regulations Necessary for fraud prevention, AML and other regulations

    During verification procedure We may collect and process following information and documents from You:

    • Copy of Your passport, ID card or driving license. We need this for Your verification in case of suspected fraudulent activities associated with Your account. Additionally, this serves as a preventive measure and is a key part of Our Risk Based Approach pursuant to AML (Anti-Money Laundering) regulations;

    • A live selfie (a real-time photograph of yourself) to cross-check Your face with the picture on Your ID;

    • Proof of address, which means a recent utility bill sent to Your registered address, issued within the last 3 (three) months - an electricity bill, water bill, bank statement or any governmental correspondence addressed to You will be acceptable. This is required as part of Our Risk-Based Approach pursuant to AML regulations;

    • Any other documents that We may need for Your verification, to prevent fraudulent actions, and as AML measures.

  7. PROTECTING YOUR PERSONAL DATA AND DATA RETENTION

    We use, store and process Your personal data on the AWS servers which are located in Frankfurt, Germany (eu-central-1 region). By accepting this Privacy Policy You agree to the conditions of collection, processing, transfer and storing Your personal data. When We process Your personal data for one of the legal bases specified in this Privacy Policy, We will take all steps reasonably necessary to ensure that Your Personal Data is treated securely and in accordance with this Policy.

    The Company protects Your Personal Data under internationally acknowledged standards, using physical, technical, and administrative security measures to reduce the risks of loss, misuse, unauthorized access, disclosure, and alteration. The Company also authorizes access to Personal Data only for those employees or contractors who require it to fulfill their job or service responsibilities. The Company’s staff is trained on procedures for the management of personal information, including limitations on the release of information. Access to personal information is limited to those members of Our staff and contractors whose work requires such access. The Company conducts periodic reviews to ensure that proper information management policies and procedures are understood and followed. All of Our physical, electronic, and procedural safeguards are designed to comply with applicable laws and regulations.

    1. HOW WE PROTECT YOUR DATA

      When You provide Your personal data through Our Website, KYC portals, Our applications, this information is transmitted across the internet securely using industry standard encryption. Your personal data will be held encrypted on secure servers.

      Where any third parties processes Your personal data on Our behalf, We require that they have appropriate technical and organizational measures in place to protect this personal data.

    2. HOW YOU CAN PROTECT YOUR PERSONAL DATA

      When You create Your account, choose a strong password that is unique to this account. Do not share Your password with other people. Using the same password across Your different accounts will increase the risk of Your data being compromised if Your password is accidentally or unlawfully accessed by unauthorized persons. If You suspect that someone else has got access to Your password, make sure that You change it immediately. Do not share the device containing Your passphrases and keys with friends, family members or even people You trust.

  8. DATA RETENTION

    Your personal data will be retained for as long as necessary to satisfy the purposes We received it for, this includes regulatory and business purposes.

    In determining the necessary personal data retention period, the following factors are considered:

    • The amount of personal data as We aim to minimize this amount to the extent possible for each specific purpose.

    • The nature of the personal data depending on the exact purpose which this specific personal data serves.

    • The sensitivity of the personal data by its nature and substance.

    • The potential risk of harm from unauthorized use or disclosure of Your personal data as We continue to run risk assessments and risk mitigation activities to minimize this potential risk including engagement of third party specialized data management and data protection providers.

    • The purposes for which We process Your personal data and whether We can achieve those purposes through other means, and the applicable legal requirements.

    We retain Your data for as long as Your account remains active. Upon account deletion, We only retain data that is required to comply with legal, regulatory, or AML obligations. This data will be stored for the maximum period allowed by applicable law, which is typically up to 3 (three) years, unless a longer retention period is mandated. After this period, data is archived and secured in accordance with Our data protection measures, ensuring that it remains inaccessible for further processing, unless required by law.

  9. THIRD PARTY LINKS

    You may find links to third party Websites on Our Website or chats of users contained on Our Website or mobile applications. These Websites should have their own privacy policies which You should check. We do not accept any responsibility or liability for their policies whatsoever as We have no control over them.

  10. WHO DO WE SHARE YOUR PERSONAL DATA WITH?

    We may disclose any information we collect about You, whether You are a current or former customer, including nonpublic personal information and any other information we collect, to the Company’s affiliated companies and to non-affiliated third parties, which include non-financial companies, such as service providers and fraud verification services.

    We may make such disclosures:

    1. to service providers and fraud verification services – KYC/AML services providers that perform services on Our behalf provided that there’s a non-disclosure agreement with such service providers; and

    2. to marketing services, agencies and other service providers – for everyday business purposes, such as to process transactions, maintain accounts, respond to court orders and legal investigations or report to credit bureaus;

    3. to legal / state authorities and authorized services – if we are under a duty to disclose or share Your information to comply with Our legal obligations.

    • WITH YOUR CONSENT

      We will share information with companies, organizations or individuals outside of the Company and/or to other parties which are not stated in this Privacy Policy when We have Your explicit consent.

    • TO COMPLY WITH THE LAW

      We may share information in response to a request for information if We believe disclosure is in accordance with, or required by, any applicable law, regulation, legal process or governmental request, including, but not limited to, meeting national security or law enforcement requirements. To the extent the law allows it, We will attempt to provide You with prior notice before disclosing Your information in response to such a request.

    • IN AN EMERGENCY

      We may share information if We believe that it's necessary to protect the vital interests of the data subject (i.e. to prevent imminent serious physical harm or death to a person.)

    • TO ENFORCE OUR POLICIES AND RIGHTS

      We may share information if We believe Your actions are inconsistent with Our user agreements, rules, or other Company policies, or to protect the rights, property, and safety of ourselves and others.

    • WITH OUR AFFILIATES

      We may share information between and among the Company and any of Our parents, affiliates, subsidiaries, and other companies under common control and ownership.

    • WITH OUR PARTNERS

      We may share information with vendors, consultants, and other service providers (but not with advertisers and ad partners) who need access to such information to carry out processing activities for us. The partner’s use of personal data will be subject to appropriate confidentiality and security measures.

      We may share Your private personal data with such service providers subject to obligations consistent with this Privacy Policy and any other appropriate confidentiality and security measures, and on the condition that the third parties use Your private personal data only on Our behalf and pursuant to Our instructions.

      We may share Your private personal data with Our partners to make a transaction.

      Where any third parties process Your personal data on Our behalf, We require that they have appropriate technical and organizational measures in place to protect this personal data and We will also ensure that they are GDPR compliant. Data Processing Agreement is in place between the Company and the third party so that both parties understand their responsibilities and liabilities pursuant to GDPR.

  11. INTERNATIONAL TRANSFERS OF PERSONAL DATA

    GDPR applies to controllers and processors located in the European Economic Area (the “EEA”) and countries that the EU has deemed to provide adequate protection to data subjects from a data protection perspective. Republic of Cyprus is a country in the EU and it complies with GDPR under its Cyprus Data Protection Law.

    Data Subjects risk losing the protection of GDPR if personal data is transferred outside of i) the EEA or ii) countries holding adequacy status and accordingly GDPR restricts such transfers, unless the rights of data subjects in respect of their personal data is protected by appropriate safeguards or one of a limited number of exceptions applies (such exceptions include Your explicit and informed consent).

    The Company will not make any international transfers of Your personal data to countries outside the EEA (or a country holding adequacy status) unless it has i) Your explicit and informed consent or ii) it has put in place the appropriate safeguards or iii) the international transfer is covered by an exception.

  12. ADVERTISING, ANALYTICS AND BUSINESS PARTNERS (LIMITED TO NON-PERSONALLY IDENTIFIABLE INFORMATION)

    We may share aggregated or pseudonymous information (including demographic information) with partners, such as publishers, advertisers, measurement analytics, apps, or other companies. For example, We may tell an advertiser how its ads performed or report how many people installed an app after seeing a promotion. We do not share information that personally identifies You (personally identifiable information is information like name or email address) with these partners, such as publishers, advertisers, measurement analytics, apps, or other companies.

  13. OTHER INFORMATION

    Other information that does not personally identify You as an individual is collected by the Company (such as, by way of example, patterns of use) and is exclusively owned by the Company. We can use this information in such a manner that the Company, in its sole discretion, deems appropriate.

    We may share specific aggregated, non-personal information with third parties, such as the number of users who have registered with us, the volume and pattern of traffic to and within the site, etc. That information will not identify You, the individual, in any way.

    We shall not use Your email or other contact information for sending of commercial proposals or other marketing needs, without Your prior consent.

    In the light of the above, when You send Us messages, We can keep them for administering Your inquiries and for improving Our services. We shall not transfer information from such messages to third parties.

  14. USE OF COOKIES

    To enhance the quality of Our services, provide You with relevant content as well as understanding how You use Our Website and applications, We use technologies, such as Cookies. Cookies do not typically contain any information that personally identifies You, but personal information that We store about You may be linked to the information stored in and obtained from Cookies.

    We use Strictly Necessary Cookies which are required for the operation of Our Website. They include User session key, browser language. This is a temporary key issued to the User after the successful logging in. These cookies are used to enable You to log into secure areas of Our Website.

    More information about use of cookies: Cookie Policy

  15. CONTACTING US

    In compliance with GDPR, We commit to resolve complaints about Our collection or use of Your personal information.

    We welcome any queries, comments or requests You may have regarding this Privacy Policy. If You wish to make any GDPR Subject Request or to receive any other relevant information,, please do not hesitate to contact Us via help@skin.club or privacy@skin.club

    You can also address Your GDPR inquiries through support chat available on the Website via Your account.