Privacy Policy

Effective date: March 22, 2025

Player Benchmark ("we", "us", "our") operates the playerbenchmark.com website. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our platform. We are committed to protecting your privacy and complying with applicable data-protection laws, including the EU General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA).

1. Data Controller

Player Benchmark is the data controller responsible for your personal data. For any privacy-related inquiries, you can reach us at [email protected].

2. Information We Collect

We collect the minimum amount of data necessary to operate the platform:

  • Account Data: Username, email address, and password (stored exclusively as a bcrypt hash — we never store your password in plain text).
  • Profile Data: Optional information you choose to provide, such as your country and display preferences.
  • Gameplay Data: Scores, match results, ELO ratings, tournament placements, and other statistics generated through your use of the platform.
  • Technical Data: IP address, browser type, device type (desktop/mobile), and basic usage logs necessary for security and anti-cheat purposes.

We do not collect:

  • Real names, phone numbers, or physical addresses.
  • Payment or financial information (the platform is free to use).
  • Data from third-party social media accounts.

3. Legal Basis for Processing (GDPR)

Under the GDPR, we process your personal data on the following legal bases:

  • Contract Performance: Processing your account data is necessary to provide the services you signed up for (matchmaking, leaderboards, tournaments, social features).
  • Legitimate Interest: We process technical data and gameplay data for anti-cheat detection, platform security, and service improvement. We have conducted balancing tests to ensure these interests do not override your rights.
  • Consent: Where required, we obtain your consent before processing (e.g., optional profile data). You may withdraw consent at any time.

4. How We Use Your Information

  • To create and manage your account and authenticate your sessions.
  • To calculate and display rankings, leaderboards, and match results.
  • To enable multiplayer matchmaking, tournaments, and social features (friends, messaging).
  • To detect and prevent cheating, abuse, multi-accounting, and unauthorized access.
  • To maintain platform security, diagnose technical issues, and prevent attacks.
  • To communicate with you about your account, service updates, or responses to your inquiries.

5. Data Sharing & Third Parties

We do not sell, rent, or trade your personal information to any third party. We do not use third-party advertising networks or analytics trackers.

Your gameplay data (username, scores, rankings, match history) is publicly visible on your profile and leaderboards as an essential part of the platform's competitive features. Your email address is never publicly displayed or shared with other users.

We may disclose your data only if required by law, such as in response to a valid legal process (court order, subpoena, or regulatory request).

6. Cookies & Tracking

We use only strictly necessary cookies for authentication (session tokens via HTTP-only cookies). These cookies are essential for the platform to function and do not require consent under GDPR/ePrivacy regulations.

We do not use:

  • Third-party tracking or advertising cookies.
  • Analytics cookies (e.g., Google Analytics).
  • Social media tracking pixels.
  • Fingerprinting or cross-site tracking technologies.

7. Data Retention

We retain your personal data for as long as your account is active. If you delete your account, we will:

  • Permanently delete your email address, password hash, and profile data within 30 days.
  • Anonymize your gameplay data (scores, match results) by removing the link to your identity. Anonymized data may be retained to preserve leaderboard and tournament integrity.
  • Delete anti-cheat logs and technical data associated with your account within 90 days.

8. Data Security

We implement appropriate technical and organizational measures to protect your personal data, including:

  • Passwords hashed with bcrypt (industry-standard one-way hashing).
  • HTTPS encryption for all data in transit.
  • HTTP-only, secure cookies to prevent session hijacking.
  • Rate limiting and input validation to prevent abuse.
  • Regular security reviews of our codebase and infrastructure.

While we take security seriously, no system is 100% secure. If we become aware of a data breach affecting your personal information, we will notify you and relevant authorities as required by law.

9. Your Rights Under GDPR

If you are in the European Economic Area (EEA), United Kingdom, or Switzerland, you have the following rights:

  • Right of Access: Request a copy of the personal data we hold about you.
  • Right to Rectification: Update or correct inaccurate personal data via the Settings page or by contacting us.
  • Right to Erasure ("Right to be Forgotten"): Request deletion of your account and personal data. You can do this directly from the Settings page.
  • Right to Restrict Processing: Request that we limit how we use your data in certain circumstances.
  • Right to Data Portability: Request your personal data in a structured, commonly used, machine-readable format.
  • Right to Object: Object to processing based on legitimate interest, including profiling for anti-cheat purposes.
  • Right to Withdraw Consent: Where processing is based on consent, you may withdraw it at any time without affecting prior processing.

To exercise any of these rights, email us at [email protected]. We will respond within 30 days.

You also have the right to lodge a complaint with your local data protection supervisory authority.

10. Your Rights Under CCPA

If you are a California resident, you have additional rights under the California Consumer Privacy Act:

  • Right to Know: You may request details about the categories and specific pieces of personal information we have collected about you in the past 12 months.
  • Right to Delete: You may request deletion of your personal information, subject to certain exceptions.
  • Right to Non-Discrimination: We will not discriminate against you for exercising your CCPA rights. You will receive equal service and pricing.
  • Right to Opt-Out of Sale: We do not sell your personal information. No opt-out is necessary.

To submit a CCPA request, contact us at [email protected]. We will verify your identity before processing the request and respond within 45 days.

11. International Data Transfers

Your data may be stored and processed on servers located outside your country of residence. Where we transfer data outside the EEA, we ensure appropriate safeguards are in place in accordance with GDPR requirements.

12. Children's Privacy

Player Benchmark is not intended for children under the age of 16 (or under 13 in jurisdictions where that is the applicable age of consent for data processing). We do not knowingly collect personal information from children below the applicable age. If we become aware that we have collected data from a child without appropriate consent, we will take immediate steps to delete that information. If you believe a child has provided us with their data, please contact us at [email protected].

13. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or applicable law. When we make material changes, we will update the "Effective date" at the top of this page and, where appropriate, notify registered users via email or a prominent notice on the platform. Your continued use of Player Benchmark after such changes constitutes acceptance of the updated policy.

14. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us at:

[email protected]