Privacy Policy

PRIVACY POLICY – dotaswapper.com

Effective Date: April 17, 2026

1. DATA CONTROLLER AND OVERVIEW

1.1. Identity of Controller. ZORVET LTD (Company No. 17134711), registered in England and Wales, is the Data Controller responsible for processing your personal data.

1.2. Scope. This policy explains how we collect, use, and safeguard your information when you visit dotaswapper.com and use our services, including purchasing gaming skins.

1.3. Agreement. By using our website, you agree to the terms outlined in this Privacy Policy.

2. INFORMATION WE COLLECT

2.1. Identity Data. We collect your name, email address, and billing address.

2.2. Transactional Data. This includes order history, receipts, and payment confirmations.

2.3. Financial Details. Payments are processed by third-party providers; we do not store full card numbers.

2.4. Steam & Technical Data. We collect your Steam username, trade URL, IP address, device type, and operating system.

2.5. Verification Data. This includes identity documentation and proof of address required for AML/KYC purposes.

3. DATA COLLECTION AND USAGE

3.1. Collection Methods. Data is collected directly from you, automatically via cookies, and from third-party payment processors.

3.2. Purpose of Use. We use data to fulfill orders, communicate regarding transactions, improve site security, and meet legal obligations (tax, AML/CTF).

3.3. Legal Basis. Processing is limited to what is necessary for contract performance, legal compliance, and fraud prevention.

4. DISCLOSURE AND RETENTION

4.1. Data Sharing. We share data with acquiring banks, payment processors, Steam/Valve, and legal regulators when required.

4.2. Retention Periods. KYC/AML records are kept for at least 5 years. Transaction data is retained for up to 6 years for accounting purposes.

4.3. Support Correspondence. Stored as long as necessary to resolve queries and maintain records.

5. YOUR RIGHTS AND SECURITY

5.1. UK GDPR Rights. You have the right to access, correct, or erase your data, restrict processing, and lodge a complaint with the ICO.

5.2. Security Measures. We apply technical safeguards like encryption, but you are responsible for keeping your login credentials confidential.

5.3. Automated Decisions. Certain transactions are subject to automated fraud checks; you have the right to request a human review of these decisions.