Privacy Policy

Last Updated: 20 March 2025

 

This Privacy Policy is designed to help you understand how we collect, use, disclose, and safeguard your personal information. By using our website and services, you agree to the terms outlined in this policy.

 

  1. Data Controller

REALM AI LIMITED, registered in the United Kingdom (UK), is the data controller responsible for the processing of your personal information. As the data controller, we determine the purposes and means of processing your data in compliance with the General Data Protection Regulation (GDPR) and applicable UK data protection laws.

 

Contact Information for the Data Controller:

 

  • Name: REALM AI LIMITED
  • Email: info@exaltedgaming.eu

 

If you have any questions or concerns regarding the processing of your personal information or if you wish to exercise your rights as outlined in Section 6, you can contact the data controller using the provided email address. We are committed to ensuring the lawful and transparent processing of your data while safeguarding your privacy.

 

  1. Information We Collect

 

We collect various types of information to provide and improve our services. This may include:

  • User Account Data: login information, username, account preferences, session data, activity logs, clickstream data, usage-related data, profile picture or avatar, steam ID, etc.
  • Contact Information: phone number, email, billing and residence address.
  • Identity Related Data: full name, government-issued identification (ID) number, national ID number, date of birth, details of ID documents, etc.
  • User Identification and Authentication Data: biometrics (e.g., facial recognition or fingerprint data), Multi-Factor Authentication (MFA) data, ID verification documents, etc.
  • Payments Related Data: credit card details, bank account details, payment transaction details, payment method preferences, payment history, etc.
  • Orders and Transactions Data: billing information, order details, payment details, transaction history, current balance, refund information, cancellation data, etc.
  • Financial Data: information about transactions, income and expenses data, current balance, bank account information.
  • Legal and Regulatory Compliance Information: information related to compliance with Anti-Money Laundering (AML), Know Your Customer (KYC) and other similar legal and regulatory requirements, compliance documentation, risk assessment information, sanctions and watchlist screening data, etc.
  • User Support and Communication Information: user support events, email communication, phone communication (records of incoming and outgoing calls with us), communication (e.g., language, channel) preferences, etc.
  • Usage, Technical and Device Data: technical logs and events, information about device type, identifiers and settings, information about operation system, browser-related information, network, and connection information (including IP address), cookies and similar technologies information, etc.
  • Video Surveillance Data: records from video surveillance conducted in our office premises and other related data (e.g., metadata).
  • Marketing Information: communication preferences, your interests, your subscriptions, etc.

 

 

 

  1. Sources of Personal Data

 

We collect personal data from various sources with the primary sources being the following:

  • Direct Sources: This includes cases when you voluntary provide information to us, when you interact with our website or services, and other similar cases when the information is received from you directly.
  • Third-Party (Indirect) Sources: This includes cases when we receive information from other parties, for example, our partners, state authorities, analytics providers, or publicly available sources.

 

 

  1. Purposes and Legal Bases of Personal Data Processing

 

We process collected personal data for various purposes, relying on specific legal bases outlined below:

  • Provision of Requested Services:

Legal Basis: Contractual Necessity

  • Creating and Managing Your User Account:

Legal Basis: Contractual Necessity

  • Verifying User Identity and Authenticating Users:

Legal Bases: Legal Obligation, Legitimate Interests

  • Fulfilling and Managing Orders:

Legal Basis: Contractual Necessity

  • Executing and Managing Transactions:

Legal Bases: Contractual Necessity, Legitimate Interests

  • Communicating with Users, Providing User Support, Providing Services-Related Information:

Legal Bases: Contractual Necessity, Legitimate Interests

  • Providing You with Marketing Information and Customized Content:

Legal Bases: Consent, Legitimate Interests

  • Managing Risks (including business risks) and Making Business-Related Decisions:

Legal Bases: Contractual Necessity, Legal Obligations, Legitimate Interests

  • Preventing Fraud and Misuse of Our Services:

Legal Bases: Legal Obligation, Legitimate Interests

  • Complying with Applicable Legal and Regulatory Requirements:

Legal Bases: Legal Obligation, Public Task

  • Ensuring Security (Physical and Cyber Security) of Our Information and Other Assets:

Legal Bases: Contractual Necessity, Legal Obligation, Legitimate Interests

  • Addressing Technical Issues with Our Website and Services, Troubleshooting:

Legal Basis: Contractual Necessity

  • Improving and Developing Our Services:

Legal Basis: Legitimate Interests

  • Addressing Claims and Resolving Disputes:

Legal Bases: Contractual Necessity, Legal Obligation, Legitimate Interests

 

  1. Third-Party Disclosures

 

We may share your information with trusted third parties for the following reasons:

  • Service Providers: Companies that help us provide services, such as payment processors.
  • Legal Compliance: If required by law or to protect our rights and safety.
  • Other recipients: If requested or allowed by you or applicable laws.

 

  1. Your Rights as a Data Subject

 

As a user of our services, you have the following rights under the data protection laws:

  • Right of Access: You have the right to obtain confirmation of whether we process your personal data, and if so, to access that data and certain related information.
  • Right to Rectification: If the information we hold about you is inaccurate or incomplete, you have the right to have it corrected or updated.
  • Right to Erasure: You can request the deletion of your personal data under certain circumstances, such as when it is no longer necessary for the purposes for which it was collected.
  • Right to Restriction of Processing: You have the right to limit the processing of your personal data under certain circumstances, such as when you contest the accuracy of the data.
  • Right to Data Portability: You have the right to receive the personal data you provided to us in a structured, commonly used, and machine-readable format.
  • Right to Object: You can object to the processing of your personal data for certain purposes, such as direct marketing.
  • Right to Consent Withdrawal: If we rely on your consent for the processing of your personal data, you have the right to withdraw that consent at any time. The withdrawal of consent does not affect the lawfulness of processing based on consent before its withdrawal.

 

Limitation of Rights: It is important to note that these rights are not absolute and may be subject to limitations or conditions under applicable laws. For instance, if fulfilling your request would disclose information about another person, or if you ask us to delete information that we are required to keep by law, we may need to refuse your request.

 

Identity Verification: To ensure the security of your personal data and prevent unauthorized access, we may request additional information to verify your identity before responding to your data subject rights requests. This is to safeguard your information and ensure that we only provide access or make changes to your personal data upon your legitimate request.

 

For any inquiries or to exercise your data subject rights, please contact us using contact information provided in Section 1.

 

  1. Data Security

 

Ensuring security of your personal data is one of our top priorities. Therefore, we have implemented appropriate technical and organizational measures to ensure confidentiality, integrity, and availability of personal data. While we take significant steps to secure your data, it is essential for you to practice good cyber hygiene as well. This includes choosing strong and unique passwords, ensuring that your devices are protected with up-to-date security software, avoiding connecting to public Wi-Fi networks, keeping your operating systems, browsers, and applications updated, as well as being cautious of phishing attempts and avoiding clicking on suspicious links.

 

  1. International Transfers

 

We are committed to protecting your personal data, and we strive to process it in compliance with the GDPR and UK data protection laws. While our primary aim is to process and store your data within the UK, European Union (EU) and the European Economic Area (EEA), there are instances where international data transfers may occur. When such transfers occur, we take appropriate measures to ensure that your data is adequately protected. These measures may include the use of standard contractual clauses approved by the European Commission or relying on the recipient's certification under relevant frameworks.

 

  1. Storage and Retention of Personal Data

 

Your personal data is securely stored on servers that adhere to industry standards for data protection. We implement technical and organizational measures to safeguard your information against unauthorized access, disclosure, alteration, and destruction.

 

We retain your personal data for only as long as necessary to fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required or permitted by law. The specific retention periods for different types of data are determined based on the nature of the information, legal requirements and principles stipulated by the personal data processing principles (including the GDPR). Upon reaching the end of the applicable retention period, or if your personal data is no longer necessary for the purposes for which it was collected, we will take steps to securely delete or anonymize the information.

 

  1. Children’s Privacy

 

Our services are not intended for individuals under the age of 18. We do not knowingly collect information from children.

 

  1. Mandatory and Optional Provision of Personal Data

 

As mentioned above, we collect and process personal data for the purposes outlined in this document. In certain cases, the provision of requested information is mandatory, while in others, it is optional. Below, we explain the distinction between the two.

  • Mandatory Data: Certain personal data is essential for the provision of our services and the fulfillment of contractual obligations. This may include information necessary for order processing, account creation, and identity verification. Failure to provide mandatory data may prevent us from delivering specific services or completing transactions.
  • Optional Data: We may also request optional personal data that enhances your experience and allows us to offer personalized services. Providing optional data is entirely voluntary, and you have the choice to share or withhold such information. Opting not to provide optional data will not affect your access to our basic services, but it may limit the extent of personalization and targeted recommendations.

 

  1. Automated Decision Making and Profiling

 

We may utilize automated decision-making processes and profiling to enhance our services, prevent fraud, and provide you with personalized experiences. Below is an overview of our practices:

  • Automated Decision Making:

(a)    Fraud Prevention: To protect you and our platform from fraudulent activities, we employ automated systems that analyze patterns, behaviors, and transactions. These systems help detect and prevent unauthorized access, fraudulent purchases, and other activities that may compromise the security of our services.

(b)   Recommendations and Personalization: Automated processes may be used to provide you with personalized recommendations based on your preferences, purchase history, and interactions with our website. These recommendations aim to enhance your overall experience and offer products that align with your interests.

  • Profiling: Profiling includes the automated processing of personal data to evaluate, predict, or make decisions based on your preferences, behavior, and characteristics.Profiling helps us better understand the preferences, behaviors, and interests of our users.

 

  1. Lodging a Complaint and Dispute Resolution

 

We are dedicated to addressing any concerns or issues you may have regarding the processing of your personal data. If you believe that your privacy rights have been violated or if you have a dispute related to our privacy practices, we encourage you to follow the steps outlined below:

  • Contact Us First: We recommend reaching to us to discuss your concerns or disputes. To do so, please use the contact information provided in Section 1. Our goal is to understand your issues and work towards a satisfactory resolution. We encourage you to provide detailed information to facilitate a thorough investigation.
  • Lodging a Complaint with Supervisory Authorities: If you believe that we have not adequately addressed your concerns or contacting us first is not feasible, you have the right to lodge a complaint with the Information Commissioner's Office (ICO) in the UK or the relevant data protection supervisory authority in your jurisdiction.

 

  1. Changes to this Privacy Policy

 

We may update this Privacy Policy as necessary to reflect changes in our practices and legal requirements. We encourage you to review this Privacy Policy periodically to stay informed about how we are protecting your data. In the event of significant changes to this Privacy Policy, we will make reasonable efforts to notify you via email or by prominently displaying a notice on our website. We may also communicate such changes through our services or other means.

 

  1. Contacting Us with Additional Questions

 

If you have additional questions about this Privacy Policy, your personal data, or any related topics, we encourage you to reach out to us using the contact information indicated in Section 1 of this policy. We are committed to addressing your inquiries promptly and ensuring that you have a clear understanding of how your data is managed.