Ferocious Intel · Legal

Privacy Policy

Close

Effective: 2026-04-18 · Last updated: 2026-04-20

Ferocious Gaming LLC ("we", "us", "our") operates Ferocious Intel (the "Service"). This Privacy Policy describes what information we collect, how we use it, and the limited rights you have. By using the Service, you consent to this Policy. If you do not consent, do not use the Service.

1. Information We Collect

Account information you provide

• Username, email address, bcrypt-hashed password
• Optional display name
• Optional in-game account link (game UID, display name, server ID) used to personalize features and deliver in-game alerts
• Payment data is handled and stored by Stripe, Inc. We receive only non-sensitive references (customer ID, card brand, last 4 digits) for display in your billing history. We never see or store your full card number.

Information collected automatically

• Session token (for keeping you logged in)
• IP address, approximate geolocation (city/country), and user agent — used for security, rate limiting, fraud prevention, and investigating abuse
• Audit log entries: actions you take in the Service (scans, searches, settings changes), with timestamps
• Basic technical metadata (request paths, response codes, error logs)

Third-party game data

• Publicly observable in-game information about players (usernames, positions, alliances, stats, shield state). This data is the property of the game's publisher and is surfaced to authenticated subscribers for informational use only.

2. How We Use Information

• Operate and improve the Service
• Authenticate you and maintain sessions
• Process payments via Stripe
• Detect and prevent abuse, fraud, and violations of our Terms (including permanent bans of payment methods, emails, and IPs associated with chargebacks or policy violations)
• Respond to support requests
• Communicate important service notices
• Comply with legal obligations (tax, AML, lawful process)
• Aggregate anonymized usage data for analytics and product decisions

3. Sharing

We do not sell personal information to third parties. We share information only with the service providers we need to run the Service, or when legally compelled to do so:

• Stripe, Inc. — payment processing (privacy policy)
• DigitalOcean, LLC — virtual server hosting in the United States (privacy policy)
• Cloudflare, Inc. — DNS, DDoS protection, edge tunnel (privacy policy)
• Resend, Inc. — transactional email delivery (privacy policy)
• Backblaze, Inc. — encrypted off-site database backups (privacy policy)
• Law enforcement, courts, and regulators — when legally required or in response to valid legal process
• Successors in interest — in the event of a merger, acquisition, reorganization, or sale of assets, user information may transfer to the successor

4. Data Retention

We retain information for as long as needed to provide the Service and fulfill the purposes described in this Policy. Minimum retention:

• Active account data — while your account is active
• Audit logs — minimum 90 days; longer if relevant to an active investigation or legal matter
• Payment and subscription records — retained for at least seven (7) years to satisfy US federal and New York state tax and accounting recordkeeping requirements, or longer where otherwise required by law or necessary to prevent fraud. Account deletion anonymizes identifying fields on payment rows but the financial records themselves are preserved.
• Backups — may retain copies of any data for up to 30 days after it is deleted from the live system
• Banned or suspended accounts — identifying information may be retained as long as necessary to prevent re-registration circumvention and to defend any related claim

5. Your Rights (where applicable)

Depending on your jurisdiction, you may have rights under laws such as the GDPR (EU/UK) or CCPA/CPRA (California). These rights are not absolute — they are subject to exceptions, and we may decline requests that are unreasonable, repetitive, or that conflict with our legal obligations or legitimate interests.

• Access: request a copy of the personal data we hold about you
• Correction: update inaccurate information (most fields are editable via the Settings page)
• Deletion: delete your account via Settings. Payment records and abuse-prevention data are retained per Section 4 regardless of deletion requests.
• Portability: request a machine-readable export
• Objection: object to certain processing

To exercise these rights, email [email protected] from the address on your account. We will respond within the time period required by applicable law (generally 30–45 days). We may require verification of identity before processing a request.

6. Cookies

We use only first-party cookies, all HTTP-only and marked Secure:

• Session cookie — keeps you logged in between requests. Expires when you sign out or the session times out.
• Device cookie (fi_device) — a random identifier tied to your browser so we can enforce per-tier device limits, detect session hijacking, and show you which devices are signed in. Not shared externally. Resettable by signing out from the Settings page's device list.

We do not use third-party analytics, advertising, or tracking cookies.

7. Security

• Passwords are hashed with bcrypt
• All traffic is served over HTTPS
• Payment card data never touches our servers — Stripe handles it end to end
• Database is stored on encrypted storage and backed up regularly

No system is perfectly secure. We do not guarantee the security of your data and are not liable for unauthorized access beyond our reasonable control. You are responsible for using a strong unique password and keeping your credentials confidential. If we become aware of a data breach materially affecting you, we will notify you within the timeframe required by applicable law.

8. Children

The Service is not directed to children under 18. We do not knowingly collect information from children. If you believe a child has provided us with information, contact us and we will delete it.

9. International Users

Our servers are located in the United States. By using the Service from outside the US, you consent to the transfer, storage, and processing of your data in the United States, which may have different privacy standards than your home jurisdiction.

10. Do Not Track

We do not currently respond to "Do Not Track" browser signals.

11. Changes to This Policy

We may update this Policy at any time. Minor changes take effect immediately. Material changes will be communicated via email or an in-app banner at least 14 days before taking effect. Continued use after a change constitutes acceptance.

12. Contact

Email [email protected].

Ferocious Gaming LLC · New York, USA