Privacy Policy - Player Benchmark

Player Benchmark ("we", "us", "our") operates the playerbenchmark.com website. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our platform. We are committed to protecting your privacy and complying with applicable data-protection laws, including the EU General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA).

1. Data Controller

Player Benchmark is the data controller responsible for your personal data. For any privacy-related inquiries, you can reach us at [email protected].

2. Information We Collect

We collect the minimum amount of data necessary to operate the platform:

Account Data: Username, email address, and password (stored exclusively as a bcrypt hash — we never store your password in plain text).
Profile Data: Optional information you choose to provide, such as your country and display preferences.
Gameplay Data: Scores, match results, ELO ratings, tournament placements, and other statistics generated through your use of the platform.
Technical Data: IP address, browser type, device type (desktop/mobile), and basic usage logs necessary for security and anti-cheat purposes.

We do not collect:

Real names, phone numbers, or physical addresses.
Payment or financial information (the platform is free to use).
Data from third-party social media accounts.

3. Legal Basis for Processing (GDPR)

Under the GDPR, we process your personal data on the following legal bases:

Contract Performance: Processing your account data is necessary to provide the services you signed up for (matchmaking, leaderboards, tournaments, social features).
Legitimate Interest: We process technical data and gameplay data for anti-cheat detection, platform security, and service improvement. We have conducted balancing tests to ensure these interests do not override your rights.
Consent: Where required, we obtain your consent before processing (e.g., optional profile data). You may withdraw consent at any time.

4. How We Use Your Information

To create and manage your account and authenticate your sessions.
To calculate and display rankings, leaderboards, and match results.
To enable multiplayer matchmaking, tournaments, and social features (friends, messaging).
To detect and prevent cheating, abuse, multi-accounting, and unauthorized access.
To maintain platform security, diagnose technical issues, and prevent attacks.
To communicate with you about your account, service updates, or responses to your inquiries.

5. Data Sharing & Third Parties

We do not sell, rent, or trade your personal information to any third party.

We use the following third-party services to operate and improve the Platform:

Google Analytics & Google Tag Manager: We use Google Analytics (via Google Tag Manager) to understand how visitors use the Platform and to improve the user experience. Google Analytics may collect information such as your IP address (anonymized where applicable), browser type, device type, pages visited, and session duration. This data is processed by Google LLC in accordance with Google's Privacy Policy. These scripts are loaded only after you grant consent via our cookie banner.
Cookie Consent Management: We use cookie-script.com to manage your cookie preferences and consent records in compliance with the GDPR and ePrivacy Directive.

Your gameplay data (username, scores, rankings, match history) is publicly visible on your profile and leaderboards as an essential part of the platform's competitive features. Your email address is never publicly displayed or shared with other users.

We may disclose your data only if required by law, such as in response to a valid legal process (court order, subpoena, or regulatory request).

6. Cookies & Tracking

We use the following categories of cookies and similar technologies:

Strictly Necessary Cookies: Used for authentication (session tokens via HTTP-only cookies) and to remember your cookie consent choices. These are essential for the Platform to function and do not require consent under GDPR/ePrivacy regulations.
Analytics Cookies: Set by Google Analytics (via Google Tag Manager) to help us understand how visitors interact with the Platform. These cookies are only loaded after you grant consent via our cookie banner and can be withdrawn at any time by updating your preferences.

We manage consent using cookie-script.com in accordance with the ePrivacy Directive. You can review or change your cookie preferences at any time by clicking the cookie settings link in the cookie banner.

We do not use:

Social media tracking pixels.
Fingerprinting or cross-site tracking technologies.

6b. Third-Party Advertising

We use Google AdSense to display advertisements on the Platform. Google AdSense uses cookies, including the DART cookie, to serve ads based on your visits to this site and other sites on the Internet. These cookies allow Google and its partners to show you relevant advertisements based on your browsing patterns.

Specifically, third-party vendors, including Google:

Use cookies to serve ads based on your prior visits to this website or other websites.
Use advertising cookies to enable Google and its partners to serve ads to you based on your visit to this site and/or other sites on the Internet.
May collect and use anonymized data (e.g., click and impression data) to help show more relevant ads.

You may opt out of personalized advertising by visiting Google Ads Settings. Alternatively, you can opt out of third-party vendor cookies for personalized advertising by visiting aboutads.info or the Network Advertising Initiative opt-out page.

For more information about how Google uses data when you use our site, please visit Google's Privacy & Terms page.

7. Data Retention

We retain your personal data for as long as your account is active. If you delete your account, we will:

Permanently delete your email address, password hash, and profile data within 30 days.
Anonymize your gameplay data (scores, match results) by removing the link to your identity. Anonymized data may be retained to preserve leaderboard and tournament integrity.
Delete anti-cheat logs and technical data associated with your account within 90 days.

8. Data Security

We implement appropriate technical and organizational measures to protect your personal data, including:

Passwords hashed with bcrypt (industry-standard one-way hashing).
HTTPS encryption for all data in transit.
HTTP-only, secure cookies to prevent session hijacking.
Rate limiting and input validation to prevent abuse.
Regular security reviews of our codebase and infrastructure.

While we take security seriously, no system is 100% secure. If we become aware of a data breach affecting your personal information, we will notify you and relevant authorities as required by law.

9. Your Rights Under GDPR

If you are in the European Economic Area (EEA), United Kingdom, or Switzerland, you have the following rights:

Right of Access: Request a copy of the personal data we hold about you.
Right to Rectification: Update or correct inaccurate personal data via the Settings page or by contacting us.
Right to Erasure ("Right to be Forgotten"): Request deletion of your account and personal data. You can do this directly from the Settings page.
Right to Restrict Processing: Request that we limit how we use your data in certain circumstances.
Right to Data Portability: Request your personal data in a structured, commonly used, machine-readable format.
Right to Object: Object to processing based on legitimate interest, including profiling for anti-cheat purposes.
Right to Withdraw Consent: Where processing is based on consent, you may withdraw it at any time without affecting prior processing.

To exercise any of these rights, email us at [email protected]. We will respond within 30 days.

You also have the right to lodge a complaint with your local data protection supervisory authority.

10. Your Rights Under CCPA

If you are a California resident, you have additional rights under the California Consumer Privacy Act:

Right to Know: You may request details about the categories and specific pieces of personal information we have collected about you in the past 12 months.
Right to Delete: You may request deletion of your personal information, subject to certain exceptions.
Right to Non-Discrimination: We will not discriminate against you for exercising your CCPA rights. You will receive equal service and pricing.
Right to Opt-Out of Sale: We do not sell your personal information. No opt-out is necessary.

To submit a CCPA request, contact us at [email protected]. We will verify your identity before processing the request and respond within 45 days.

11. International Data Transfers

Your data may be stored and processed on servers located outside your country of residence. Where we transfer data outside the EEA, we ensure appropriate safeguards are in place in accordance with GDPR requirements.

12. Children's Privacy

Player Benchmark is not intended for children under the age of 16 (or under 13 in jurisdictions where that is the applicable age of consent for data processing). We do not knowingly collect personal information from children below the applicable age. If we become aware that we have collected data from a child without appropriate consent, we will take immediate steps to delete that information. If you believe a child has provided us with their data, please contact us at [email protected].

13. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or applicable law. When we make material changes, we will update the "Effective date" at the top of this page and, where appropriate, notify registered users via email or a prominent notice on the platform. Your continued use of Player Benchmark after such changes constitutes acceptance of the updated policy.

14. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us at:

[email protected]