Privacy Policy

1. Who We Are

This Privacy Policy describes how the operator of Rize.gg ("Rize," "we," "us," "our") collects, uses, stores, and shares your personal data when you use the Rize.gg website, mobile application, and services (collectively, the "Platform").

This policy applies to all users of the Platform, including players, club owners, tournament organizers, and federation partners.

For questions about this policy, contact us at [email protected].

2. What Data We Collect

2.1 Data You Provide

When you create an account or use our features, you may provide:

• Account Information: Username, email address, password, date of birth, country/region, preferred language.
• Profile Information: Display name, avatar, bio, social media links, Player Card customizations.
• Identity Verification: Government-issued ID, date of birth, and supporting documents (only when required for cash prize withdrawals or federation features).
• Communication Data: Messages sent through direct messaging, team chats, club channels, and support requests.
• Tournament & Competition Data: Team registrations, tournament entries, match submissions, and dispute filings.
• Club & Organization Data: Club name, description, branding assets, roster information, and member management actions.
• Payment Information: Billing details provided when purchasing Stars or subscriptions. Payment card details are processed and stored by our third-party payment processors - Rize does not store your full card number.

2.2 Data We Collect Automatically

When you access the Platform, we automatically collect:

• Device & Browser Data: Device type, operating system, browser type and version, screen resolution, and device identifiers.
• Usage Data: Pages visited, features used, buttons clicked, time spent on each page, search queries, and navigation patterns.
• Connection Data: IP address, approximate location (city/region level, not precise GPS), internet service provider, and connection type.
• Performance Data: Load times, errors, crashes, and diagnostic information.
• Cookie & Tracking Data: Information collected through cookies, pixels, and similar technologies (see Section 8).

2.3 Data from Third Parties

When you link external accounts, we may receive:

• Linked Gaming Accounts: Game-specific stats, ranks, match history, achievements, and account identifiers from platforms you choose to connect (e.g., game publisher accounts, console accounts).
• Social Login Data: Basic profile information (name, email, avatar) from social authentication providers you use to sign in.
• Payment Verification: Transaction confirmation and fraud screening results from payment processors.

2.4 Data We Do Not Collect

We do not collect:

• Biometric data (fingerprints, facial recognition, voice prints).
• Precise geolocation (GPS coordinates).
• Data from your device's contacts, camera, or microphone.
• Health or medical information.
• Information about your racial or ethnic origin, political opinions, or religious beliefs, unless you voluntarily include such information in your profile or communications.

3. How We Use Your Data

We use your data for the following purposes:

3.1 Providing the Platform

• Creating and managing your Account.
• Displaying your profile, Player Card, and competitive stats.
• Matching you with other players, teams, and sessions.
• Running tournaments, leagues, and competitions.
• Processing match results, leaderboard rankings, and badge awards.
• Managing Stars (earning, spending, gifting, and wallet transactions).
• Facilitating communication between users (messaging, team chat, club channels).
• Processing payments and subscriptions.

3.2 Improving the Platform

• Analyzing how users interact with features to improve design and functionality.
• Identifying and fixing bugs, errors, and performance issues.
• Conducting internal research and development.
• Testing new features (via A/B testing or feature flags).

3.3 Safety & Security

• Detecting and preventing cheating, fraud, and abuse.
• Enforcing our Terms of Service and Community Guidelines.
• Moderating user-generated content.
• Verifying identities for cash prize withdrawals and federation accounts.
• Protecting the security and integrity of the Platform.

3.4 Communications

• Sending transactional notifications (match updates, tournament alerts, payment receipts).
• Sending service announcements (maintenance, policy changes, new features).
• Sending promotional messages about Rize events, competitions, and features - only with your consent, and you can opt out at any time.

3.5 Legal Compliance

• Complying with applicable laws, regulations, and legal processes.
• Responding to lawful requests from government authorities.
• Establishing, exercising, or defending legal claims.

4. Legal Basis for Processing

If you are in a jurisdiction that requires a legal basis for processing personal data (such as the EU under GDPR or Saudi Arabia under PDPL), we rely on the following:

Where we rely on legitimate interest, we have assessed that our interests do not override your fundamental rights and freedoms. You may object to processing based on legitimate interest at any time (see Section 6).

5. How We Share Your Data

We do not sell your personal data. We share it only in the following circumstances:

5.1 Service Providers

We share data with third-party service providers who help us operate the Platform, including:

• Cloud infrastructure providers (hosting, storage, content delivery).
• Payment processors (transaction processing, fraud detection).
• Analytics providers (usage analysis, performance monitoring).
• Authentication providers (social login, identity verification).
• Communication tools (email delivery, push notifications).
• Moderation services (content filtering, anti-cheat systems).

These providers process data only on our behalf and under contractual obligations to protect your data.

5.2 Other Users

Certain data is visible to other users as part of the Platform's functionality:

• Your public profile, Player Card, stats, badges, and leaderboard position.
• Your username, avatar, and team affiliations.
• Messages you send in public channels, club chats, and team communications.
• Tournament results and match history.

You control some of this visibility through your privacy settings.

5.3 Tournament Organizers & Federation Partners

If you participate in a tournament or are a member of a federation, the organizer or federation administrator may access:

• Your username, profile, and registration details submitted for that event.
• Match results and performance data from that competition.
• Identity verification status (verified/not verified), without access to your actual ID documents.

5.4 Game Publishers

When you link a game account, we may share limited data with that game's publisher for:

• Account verification and stat synchronization.
• Anti-cheat enforcement and fair play compliance.

We only share data necessary for these purposes.

5.5 Law Enforcement & Legal Requirements

We may disclose your data if required by law, court order, or government request, or if we believe in good faith that disclosure is necessary to protect the rights, safety, or property of Rize, our users, or the public.

5.6 Business Transfers

If Rize is involved in a merger, acquisition, or asset sale, your data may be transferred as part of that transaction. We will notify you via email or prominent notice on the Platform before your data is transferred and subject to a different privacy policy.

6. Your Rights

Depending on your jurisdiction, you may have some or all of the following rights:

6.1 Access

You have the right to request a copy of the personal data we hold about you.

6.2 Correction

You have the right to request correction of inaccurate or incomplete personal data.

6.3 Deletion

You have the right to request deletion of your personal data. We will comply unless we are required to retain it for legal, security, or contractual reasons.

6.4 Restriction

You have the right to request that we restrict processing of your data in certain circumstances (e.g., while we verify its accuracy).

6.5 Portability

Where technically feasible, you have the right to receive your personal data in a structured, commonly used, machine-readable format.

6.6 Objection

You have the right to object to processing based on legitimate interest. We will stop processing unless we demonstrate compelling legitimate grounds.

6.7 Withdraw Consent

Where processing is based on consent (e.g., promotional emails), you may withdraw consent at any time. Withdrawal does not affect the lawfulness of processing before withdrawal.

6.8 How to Exercise Your Rights

Contact us at [email protected] with your request. We will verify your identity and respond within 30 days (or sooner if required by law). If we cannot fulfill your request, we will explain why.

7. Data Retention

We retain your data only as long as necessary for the purposes described in this policy:

After the retention period, data is either permanently deleted or irreversibly anonymized.

When you delete your Account, we begin the deletion process within 30 days. Some data may be retained longer where required by law or necessary to resolve disputes.

8. Cookies & Tracking Technologies

8.1 What We Use

We use the following technologies:

• Strictly Necessary Cookies: Required for the Platform to function (authentication, security, load balancing). Cannot be disabled.
• Analytics Cookies: Help us understand how users interact with the Platform (page views, feature usage, session duration). Can be disabled.
• Preference Cookies: Remember your settings (language, theme, privacy preferences). Can be disabled.
• Marketing Cookies: Used to deliver relevant promotional content and measure campaign effectiveness. Only placed with your consent.

8.2 Cookie Durations

• Session cookies: Expire when you close your browser.
• Persistent cookies: Expire after a set period (typically 30 days to 13 months depending on purpose).

8.3 Your Cookie Choices

You can manage cookie preferences through:

• The cookie consent banner displayed on your first visit.
• Your browser settings (blocking or deleting cookies).
• Your Account privacy settings.

Disabling certain cookies may affect Platform functionality.

8.4 Do Not Track

Some browsers send "Do Not Track" (DNT) signals. There is no universal standard for how platforms should respond to DNT. We currently do not alter our data collection in response to DNT signals, but you can control tracking through the cookie options described above.

9. International Data Transfers

Rize operates across multiple regions. Your data may be transferred to, stored, and processed in countries other than your country of residence.

When we transfer data outside the European Economic Area (EEA) or Saudi Arabia, we ensure appropriate safeguards are in place, including:

• Standard Contractual Clauses (SCCs) approved by the European Commission.
• Adequacy decisions where applicable.
• Contractual commitments with service providers that meet or exceed local data protection standards.

10. Children's Privacy

10.1 Age Requirement

The Platform is available to users aged 12 and older. Users under 18 require parental or guardian consent as described in our Terms of Service.

10.2 Parental Controls

Parents or guardians may:

• Request access to their child's data by contacting [email protected].
• Request deletion of their child's Account and data.
• Withdraw consent for their child's use of the Platform at any time.

10.3 Our Commitment

We do not knowingly collect personal data from children under 12. If we learn that we have collected data from a child under 12 without parental consent, we will delete it promptly. If you believe a child under 12 is using the Platform, contact us at [email protected].

11. Data Security

We implement technical and organizational measures to protect your data, including:

• Encryption of data in transit (TLS/SSL) and at rest.
• Access controls limiting employee and contractor access to personal data on a need-to-know basis.
• Regular security assessments and vulnerability testing.
• Incident response procedures for data breaches.
• Secure development practices for Platform code and infrastructure.

No system is completely secure. In the event of a data breach that poses a risk to your rights, we will notify you and the relevant authorities as required by law.

12. GDPR-Specific Provisions

If you are located in the European Economic Area (EEA), the following applies:

• Data Controller: The operator of Rize.gg is the data controller for your personal data.
• DPO: For data protection inquiries, contact our Data Protection team at [email protected].
• Supervisory Authority: You have the right to lodge a complaint with your local data protection authority if you believe we have violated your rights under GDPR.
• Automated Decision-Making: We use automated systems for anti-cheat detection and content moderation. You have the right to request human review of decisions made solely by automated means that significantly affect you.

13. Saudi PDPL-Specific Provisions

If you are located in Saudi Arabia, the following applies under the Personal Data Protection Law (PDPL):

• We process your data based on consent or legitimate purpose as defined under PDPL.
• You have the right to know what data we collect, request correction or deletion, and object to processing.
• We will not transfer your data outside Saudi Arabia without appropriate safeguards as required by PDPL and its implementing regulations.
• To exercise your rights, contact [email protected].

14. Third-Party Links & Services

The Platform may contain links to third-party websites, games, or services. This Privacy Policy does not apply to those third parties. We encourage you to review their privacy policies before providing any personal data. Rize is not responsible for the data practices of third parties.

15. Changes to This Policy

We may update this Privacy Policy from time to time. Material changes will be announced via:

• Email notification to your registered email address.
• In-app notification on the Platform.
• Updated "Last Updated" date at the top of this page.

We will provide at least 14 days' notice before material changes take effect. Your continued use of the Platform after changes take effect constitutes acceptance of the updated policy.

16. Contact Us

For any questions, requests, or complaints regarding this Privacy Policy or your personal data:

• Privacy & Data Protection: [email protected]
• Legal: [email protected]
• General Support: [email protected]

We aim to respond to all privacy-related inquiries within 30 days.