Privacy Policy

These Privacy Policy terms govern the use of the Website and Services provided by hellcase.com (referred to as “Hellcase”, “We”, “Us”, or “Our”).

Hellcase respects the privacy of all visitors to its Website and users of its Services. We comply with applicable data protection laws, including the General Data Protection Regulation (GDPR) of the European Union, to ensure protection of your privacy rights.

We are dedicated to protecting and responsibly handling your Personal Data. This Privacy Policy explains how we collect, use, disclose, share, and otherwise process your Personal Data when you interact with our Website and Services. By accessing or using the Website or Services, you agree to the processing of your Personal Data as described herein.

By registering or authorizing on the Website, you accept this Privacy Policy and provide your Consent (as defined below) for the processing of your Personal Data in accordance with it. If you do not agree with this Privacy Policy, you should stop using the Website and Services.

Scope of Privacy Policy

This Privacy Policy applies to all Services provided by Hellcase and covers every page of the Website.

Any additional Services developed by Hellcase that reference this Privacy Policy are also subject to the rules described herein.

Definitions and Terms

• Personal data – any information relating to an identified or identifiable natural person (a “Data subject”).
• Data subject – the individual whose Personal Data is processed (also referred to as “you” or “User”).
• Processing – any operation or set of operations performed on Personal Data.
• Profiling – automated processing of Personal Data used to evaluate certain personal characteristics of an individual, such as performance, financial situation, health, preferences, interests, reliability, behavior, location, or movements.
• Controller – a person or legal entity that determines the purposes and means of Personal Data processing.
• Processor – a person or legal entity that processes Personal Data on behalf of the Controller.
• Recipient – any person, authority, agency, or organization to whom Personal Data is disclosed, whether they are a third party or not.
• Third party – any person other than the Data subject, Controller, Processor, or Data Protection Authority, who receives Personal Data from the Controller or Processor.
• Consent of the Data Subject (“Consent”) – a freely given, specific, informed, and unambiguous indication of agreement by the Data subject, expressed through a statement or clear affirmative action (including registration or authorization on the Website), allowing the use of Personal Data under this Privacy Policy.
• Personal data breach – a security incident resulting in accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to Personal Data that is transmitted, stored, or otherwise processed.
• Co-controller – a person or entity that jointly with another Controller determines the purposes and means of Personal Data processing.
• Data Protection Authority – a governmental or public body responsible for protecting Data subjects from unlawful processing of their Personal Data.
• Legal basis for processing – a lawful justification under applicable law that permits the processing of Personal Data.
• Cookies – small text files stored on a Data subject’s device that contain data used to enable website functionality, recognize the user’s device, and store preferences or past actions.
• Website – the interconnected web pages available at https://hellcase.com/ operated by the Controller.
• Service – any current or future paid or free services offered by Hellcase through the Website, including additions, updates, or modifications.
• Platform – collectively refers to the Website and Services.
• Social features – Hellcase-managed social media channels, including Facebook, X, YouTube, Instagram, Discord, TikTok, and Faceit.

Principles Relating to the Processing of Personal Data

We process your Personal Data with due care and in compliance with applicable data protection laws, making all reasonable efforts to ensure such compliance. The following principles govern how we process your Personal Data.

Principle of Lawfulness, Fairness, and Transparency

Hellcase confirms that your Personal Data is processed in a lawful, fair, and transparent manner, in accordance with the principle of lawfulness, fairness, and transparency.

Principle of Purpose Limitation

Hellcase ensures that Personal Data is collected for clearly defined, explicit, and legitimate purposes and is not further processed in a way that is incompatible with those purposes.

Principle of Data Minimization

Hellcase takes steps to ensure that Personal Data is adequate, relevant, and limited to what is necessary for the purposes for which it is processed, and that it remains up to date where required.

Principle of Accuracy

Hellcase undertakes to keep Personal Data accurate and, where necessary, updated on a regular basis.

Principle of Integrity and Confidentiality

Hellcase applies appropriate technical and organizational measures to ensure that Personal Data is processed securely, including protection against unauthorized or unlawful processing, as well as accidental loss, destruction, or damage.

What Personal Data Does Hellcase Process?

Hellcase processes various categories of Personal Data in connection with providing its Services via the Website. Such data may include, but is not limited to, the following:

Types of Personal Data Collected

Name and surname; date of birth; country of residence; registered or actual address; personal images; email address; information regarding social connections (including friends, followers, and subscriptions); payment card details; bank account information; payment amounts and methods; purchase data and transaction history; device type and unique identifiers; network-related data (including IP address, connection characteristics, and browser data); operating system version; Steam64ID and trade link; Website profile information; login frequency; achievements; match statistics; gaming activity history on the Platform; preferences and interests related to gaming content; preferred types of items when opening cases; gameplay duration; participation data in events, contests, tournaments, quizzes, and similar activities; and any other Personal Data necessary to fulfill stated purposes and not prohibited by applicable law.

Purpose of Collection

Personal Data is processed for the following purposes: identifying Users, providing customized Services, and maintaining account security; analyzing User behavior to improve Website functionality and deliver personalized content; processing payments and maintaining financial records; ensuring Platform security and preventing fraud or misuse; enabling social interaction, recommendations, and tailored content; audience analysis and marketing personalization; adapting Services to devices and ensuring compatibility; enabling case-opening and item exchange functionality; improving gaming experience through personalized offers; analyzing gameplay behavior and preferences; supporting item trading and transaction recording; organizing and managing events and competitions; improving Services and developing new features; evaluating marketing effectiveness; resolving technical issues; maintaining transaction histories; and handling User inquiries, feedback, and support requests.

Sources of Collection

Personal Data may be obtained through: information provided directly by you during registration or profile use; server logs and cookies; payment data entered during transactions; interactions with our social media accounts; automatic transmission from your device; integration with the Steam platform; account-related transaction logs; your consent to use the Website and Services; communications with customer support; payment processing providers; and third-party sources.

Processing of Personal Data from Third Parties

We may obtain Personal Data about you from third parties, including business partners involved in joint services or marketing activities, as well as publicly accessible sources such as social media platforms and public databases. This data may be combined with information already held by us to improve our Services, update records, and better understand your preferences. Such processing enables us to deliver more relevant and personalized Services and to optimize advertising and business activities in line with your interests.

Legal Basis

Processing of Personal Data is carried out on one or more of the following legal grounds: your Consent (including through registration or use of the Website and Services), the necessity to perform contractual obligations, our legitimate interests, or compliance with applicable legal requirements. The applicable legal basis is determined prior to processing, and no processing takes place without a valid legal ground.

Retention Period

Personal Data is retained in accordance with applicable legal requirements relevant to each category of data. We ensure that Personal Data is not stored longer than necessary for the purposes for which it is processed, and always within the limits permitted by law and this Privacy Policy.

How Does Hellcase Share Personal Data?

Hellcase maintains a strong commitment to protecting your privacy and Personal Data. This section describes how Personal Data, whether provided directly by you or collected through your use of the Website and Services, may be processed and disclosed.

Partnerships

We may share your Personal Data with third-party partners with whom we cooperate to improve our Website and Services or to provide additional functionalities. Such partners may include payment providers, analytics services, and other service providers.

Legal Requirements

Where required by applicable law, we may disclose your Personal Data in response to requests or formal inquiries from governmental authorities, including judicial bodies, law enforcement agencies, regulatory authorities, and other competent institutions.

Marketing and Advertising

By using our Website and Services, you are considered to have provided Consent for the use of your Personal Data for marketing and advertising purposes. This may include collaboration with advertising partners to improve targeting and effectiveness of campaigns. The selection of such partners is determined at our discretion and may be disclosed upon request. Prior to any such use, we verify that partners comply with applicable legal and regulatory requirements.

Analytics and Research

Personal Data may be used for analytical purposes, including evaluating user behavior and enhancing the functionality and performance of our Website and Services.

Payment Processing and Transactions

Your Personal Data may be shared with third-party payment service providers and financial institutions for the purpose of processing payments and completing transactions.

Transfers in Specific Circumstances

We may transfer your Personal Data to countries that the European Commission has recognized as providing an adequate level of data protection, either generally or within specific sectors.

We implement appropriate safeguards to ensure the confidentiality and security of your Personal Data when transferring it to third parties. We recommend reviewing this Privacy Policy carefully before providing your Personal Data.

Due to the global nature of our Services and the use of servers located in multiple jurisdictions, your Personal Data may be processed outside your country of residence. Data protection laws may vary between jurisdictions. Nevertheless, regardless of where processing occurs, we apply appropriate safeguards and comply with all relevant legal requirements, including those established by the European Commission, as well as applicable regulations in Switzerland and the United Kingdom.

The European Commission has determined that certain countries outside the European Economic Area (EEA) ensure an adequate level of protection for Personal Data. This allows transfers from EU Member States, as well as Norway, Liechtenstein, and Iceland, to such countries. Similar adequacy mechanisms have been recognized by the United Kingdom and Switzerland. We comply with all applicable requirements governing such transfers without undue delay.

By accessing or using our Website and/or Services, you agree to the terms of this Privacy Policy. Continued use constitutes your ongoing Consent to the processing of your Personal Data as described herein.

How Does Hellcase Protect Personal Data?

Hellcase places significant importance on safeguarding your Personal Data and maintaining strict confidentiality standards. To achieve this, we implement a range of technical and organizational security measures, including:

Data Encryption

All data transmitted through the Website, including Personal Data, is protected using up-to-date encryption technologies to prevent unauthorized access.

Server Security

We maintain robust security measures for our servers to protect stored Personal Data against unauthorized access.

Monitoring and Detection Systems

Our Website utilizes monitoring and detection tools designed to continuously observe activity and identify suspicious or irregular behavior.

Employee Training

Employees receive training on data protection and cybersecurity practices during onboarding to ensure proper handling and safeguarding of Personal Data.

Compliance with Legislation

Hellcase adheres to all applicable laws and regulatory requirements concerning the protection of Personal Data, including the General Data Protection Regulation (GDPR) within the European Union, as well as other relevant regional legal frameworks.

Privacy Policy

Hellcase maintains a comprehensive Privacy Policy that clearly explains what Personal Data is collected, how it is processed, and how you may manage or control your Personal Data.

Allocation of Access to Personal Data

Access to Personal Data is granted to employees strictly on a need-to-know basis. This ensures that individuals only access the data necessary to perform their specific job responsibilities.

Distributed Data Storage

Personal Data may be stored across multiple databases to improve system resilience and reduce dependence on a single storage point. This approach helps minimize the risk of data loss or inaccessibility due to system failures or unforeseen incidents, thereby enhancing data availability and integrity.

Integration with Third-Party Software via Official APIs

Connections with third-party systems are performed through official application programming interfaces (APIs), ensuring secure and controlled data exchange. These standardized interfaces reduce risks associated with unauthorized integrations and support reliable data transfer. Employees and contractors are required to use only the official APIs provided by third-party services. The use of unofficial or non-standard integration methods is strictly prohibited.

How Does Hellcase Delete Personal Data?

Hellcase applies a structured and careful process for deleting Personal Data, ensuring compliance with data protection laws and respect for User rights. This process includes the following steps:

Identification

We determine the specific Personal Data subject to deletion, ensuring that the scope of deletion is accurate and complete.

Verification

We verify the legitimacy of the deletion request to confirm that it is authorized by the User or otherwise required by applicable law.

Data Removal

Following verification, the identified Personal Data is removed from our systems, databases, and any relevant backup storage.

Permanent Erasure

We ensure that the deleted Personal Data is irreversibly erased from storage systems to prevent recovery or unauthorized access.

Confirmation

After completion of the deletion process, confirmation is provided to the User or, where applicable, to the relevant Data Protection Authority.

Grounds for Termination of Processing and Exceptions

Consent

Where processing is based on the Data Subject’s Consent, and such Consent is withdrawn, Hellcase will delete the relevant Personal Data without undue delay in accordance with GDPR requirements governing procedures, timelines, obligations, and rights, as well as this Privacy Policy.

Contractual Obligation

Where processing is based on the performance or conclusion of a contract with the Data Subject, and such contract is terminated or not concluded, Hellcase will delete the related Personal Data without undue delay in accordance with GDPR requirements and this Privacy Policy.

Legal Obligation

Where processing is carried out to comply with a legal obligation, Hellcase will delete the Personal Data once such obligation no longer applies, in accordance with GDPR requirements and this Privacy Policy.

Vital Interests

Where processing is based on the vital interests of the Data Subject, Hellcase will delete the Personal Data once those interests no longer apply, in accordance with GDPR requirements and this Privacy Policy.

Legitimate Interests

Where processing is based on Hellcase’s legitimate interests and the Data Subject objects to such processing, Hellcase will delete the Personal Data after receiving and evaluating the objection, in accordance with GDPR requirements and this Privacy Policy.

Exceptions

The rules described above are subject to the following exceptions:

Business Needs

Retention periods may be extended, but not beyond six (6) months, where deletion of Personal Data would disrupt the continuous operation of Hellcase’s Services or Website.

Legal Requirements

Retention may also be prolonged where required by applicable laws, regulations, or official orders from governmental authorities, in which case the duration will be extended accordingly.

Technical Impossibility

In certain cases, deletion of specific information may be technically unfeasible or require disproportionate effort—for example, where removal could affect system stability or where data persists in backup storage. In such circumstances, the data may continue to be retained.

Anonymization

Following the expiration of the retention period, Personal Data may be further processed for Hellcase’s purposes (such as marketing), provided that it has been fully anonymized, ensuring that all identifiers and links to the Data Subject have been irreversibly removed.

Rights of Data Subjects

Hellcase is committed to ensuring that Data Subjects’ rights regarding their Personal Data are fully respected and enforceable. In accordance with applicable legislation, you are entitled to exercise the following rights:

Right to Be Informed

You have the right to obtain information about the Personal Data we hold about you at any time.

Right of Access

You may request and receive a copy of the Personal Data we process about you, provided that such request is reasonable and complies with applicable legal requirements.

Right to Rectification

We take reasonable steps to maintain the accuracy and relevance of Personal Data. If you believe that your data is inaccurate or incomplete, you have the right to request its correction.

Right to Erasure (“Right to Be Forgotten”)

You may request the deletion of your Personal Data or restriction of its processing where applicable. We will assess such requests and make a decision in accordance with applicable law.

Right to Restriction of Processing

You have the right to limit how your Personal Data is processed, including by third parties or recipients handling such data.

Right to Data Portability

You have the right to receive the Personal Data you have provided to us in a structured, commonly used, and machine-readable format, and to transfer that data to another controller without interference.

Right to Withdraw Consent

Where processing is based on your Consent, you may withdraw such Consent at any time. Withdrawal will not affect the lawfulness of processing carried out prior to the withdrawal.

Right to Object

Where processing is based on a legal ground other than Consent, you have the right to object to such processing where justified.

Automated Decision-Making, Including Profiling

You have the right not to be subject to decisions based solely on automated processing, including profiling, where such decisions produce legal effects or similarly significant consequences for you.

Right to Lodge a Complaint

You have the right to file a complaint with the relevant supervisory authority if you believe that your Personal Data is being processed unlawfully.

Cookies Policy

We recommend that you review this Cookie Policy carefully to understand what Cookies we use and what information is collected when you access or use our Website. This Cookie Policy applies exclusively to our Website; for other websites, you should review their respective cookie policies.

User Cookie Settings

Please note that declining Cookies will not affect the use of essential Cookies required for the proper functioning of the Website. You may also manage or disable Cookies through your browser settings.

Cookies Used on Our Website

We use Cookies on our Website to improve your browsing experience. These Cookies perform a variety of functions, including remembering your preferences, enabling smooth navigation, and supporting the proper operation of key features. Cookies used on the Website are grouped into the following categories:

Essential Cookies

These Cookies are necessary for the functioning of the Website. They allow access to secure sections and support authentication processes.

Performance and Analytics Cookies

These Cookies collect information about how the Website is used, such as frequently visited pages and any errors encountered. This data helps us evaluate performance and enhance the effectiveness of our content.

Functionality and Customization Cookies

These Cookies store your selected preferences, including language, currency, and other customization settings such as sound preferences.

Security Cookies

These Cookies help maintain Website security by detecting and preventing potentially harmful or unauthorized activities.

Third-Party Cookies

We may also use Cookies provided by trusted third-party service providers to enhance our Website and Services. These Cookies help analyze user behavior and enable the integration of external content. For example, such Cookies may include analytics services provided by Google Inc.

Google Analytics

We use Google Analytics, a web analytics service operated by Google Inc. This service uses Cookies to analyze how users interact with the Website.

For further details, please refer to the Google Analytics Privacy Policy.

If you wish to opt out of Google Analytics tracking, you may do so via the designated opt-out mechanism.

Personal Data Processed

This may include: IP address, referrer identifier, timestamps, browser type, and user agent.

Purpose of Processing

The processing of this data is intended to analyze Website usage, generate reports on user activity, and provide additional services related to Website and internet usage.

Legal Basis

Consent.

Retention Terms

Personal Data is processed for the duration of your use of the Website, until the relevant purposes are fulfilled, and, where applicable, within timeframes established by GDPR.

Withdrawal of Consent and Deletion

You may withdraw your Consent at any time in accordance with applicable data protection laws. Such withdrawal does not affect the lawfulness of processing carried out prior to the withdrawal.

You may disable Cookies through your browser settings. Instructions for managing or deleting Cookies are typically available in your browser’s help section.

Please be aware that disabling Cookies entirely may result in certain features or parts of the Website not functioning correctly.

We reserve the right to modify this Cookie information to reflect changes in our practices. Any updates will be published along with the date of revision. We recommend reviewing this section periodically.

By using the Website, you confirm that you have read and understood the information regarding the use of Cookies and agree to these terms. Continued use of the Website constitutes your acceptance.

Privacy Policy Updates

Hellcase reserves the right to update or modify this Privacy Policy at any time.

Any changes will be communicated by updating this Privacy Policy, publishing the revised version, and/or through other appropriate communication methods.

You are encouraged to review the updated Privacy Policy. Continued use of the Website and/or Services after publication of changes constitutes your acceptance of the revised terms.

If you do not agree with the updated Privacy Policy, you must discontinue use of the Website and Services.

Applicable Law

This Privacy Policy is intended to comply with all applicable laws, including the European Union General Data Protection Regulation (GDPR).

Confirmation of Acceptance

By using the Website and/or Services, you confirm that you have read and accepted this Privacy Policy. Continued use further confirms your ongoing agreement to the processing of your Personal Data as described herein.

Data Controller Details

The controller responsible for the processing of Personal Data is hellcase.com.

Additional information about the Data Controller is provided in the relevant section of the Terms of Use.