Privacy Policy

1) Where data is stored

• Your information is stored in our MySQL database on a private Ubuntu server protected by firewall and restricted access.
• Backup files are generated automatically and kept with limited rotation to avoid excessive retention.
• Web panel sessions use httpOnly cookies and sameSite policy to reduce session hijacking risk.

2) Steam credentials and encryption

• Steam credentials are encrypted before storage. The system uses a server encryption key (environment variable), not hardcoded in public views.
• Web account passwords are stored with bcrypt hash (not plain text).
• When Steam provides session tokens (refresh/login key), they are stored to minimize repeated Steam Guard prompts.

3) Who can access your data

• Only authorized administration and technical maintenance staff can access data required for support and diagnostics.
• Important administrative actions are recorded in an audit log (admin_audit_log) for accountability and traceability.
• We do not sell your personal data or credentials to third parties.

4) Deletion and retention policy

• You may request account/data deletion. We delete or anonymize operational information that is not required for legal or security reasons.
• Technical and security logs may be retained for a limited time to investigate abuse, fraud, or failures.
• Backups are automatically purged by rotation.

5) Legal basis and contact

We process your data to provide boosting services, improve stability, and meet security obligations. If you have privacy questions or wish to exercise rights of access, correction, or deletion, contact us through the contact page.

Contact support