Privacy Policy
1. Introduction
At Gaming Surge Lab (“we,” “us,” or “our”), accessible via https://www.gamingsurgelab.com, protecting your privacy and safeguarding your personal data is a top priority. We are firmly committed to handling your personal information in a lawful, fair, and transparent manner. This Privacy Policy outlines how we collect, use, share, and protect your information, in accordance with the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA), as well as other applicable data protection laws.
2. Scope and Data Controller
This Privacy Policy applies to all users who access or use our website, services, and infrastructure (“Services”). Gaming Surge Lab is the data controller in relation to the processing of your personal data. Questions or requests related to this policy or your data rights may be directed to [email protected].
3. Categories of Data We Process
We may collect and process the following categories of personal data:
a. Usage Data
This includes data about your interactions with our website, such as your IP address, browser type and version, time zone, browser plug-in types, device identifiers, pages visited, time spent on pages, and other diagnostic data.
b. Account Data
When you register for an account or make a purchase, we may collect your full name, shipping and billing address, email address, and phone number.
c. Profile Data
This includes preferences, interests, gaming behavior, purchase history, and saved settings to personalize your user experience.
d. Communication Data
We retain records of your communications with us, such as support tickets, emails, and chat messages, including any attachments you may provide.
e. Technical Data
This includes device attributes (e.g., model, OS, hardware specifications), system configuration data, and diagnostic logs.
f. Transaction Data
For users engaging in purchases, we collect transaction-related data, including payment method (processed via secure third-party gateways), order history, delivery information, and invoice records.
g. Preference Data
We maintain records of your marketing permissions, communication preferences, product interest categories, and newsletter subscription status.
4. Legal Bases for Processing
We process your personal data under the following legal bases, as applicable under the GDPR:
– Consent: Where you have affirmatively provided your consent for specific processing activities (e.g., newsletter subscriptions, analytical cookies).
– Contract: Processing is necessary to fulfill a contractual obligation, such as completing a purchase or providing customer service.
– Legal Obligation: We are required to process your personal data to comply with applicable legal and regulatory requirements.
– Legitimate Interests: Where processing is necessary for our legitimate business interests, provided such interests are not overridden by your interests or fundamental rights and freedoms, such as fraud prevention, service improvement, and security monitoring.
For California residents, we do not sell personal data as defined under CCPA and process your data only for the purposes described herein.
5. Your Rights
Under applicable privacy laws, you have the following rights with respect to your personal data:
– Right of Access: Request access to the personal data we hold about you.
– Right to Rectification: Request correction of inaccurate or incomplete data.
– Right to Erasure: Request deletion of your data, subject to lawful limitations.
– Right to Restriction: Request that we limit the way we process your data.
– Right to Data Portability: Receive your personal data in a commonly used, machine-readable format and transmit that data to another controller.
– Right to Object: Object to processing based on legitimate interests or for direct marketing purposes.
– Right to Withdraw Consent: If processing is based on your consent, you may withdraw it at any time without affecting the lawfulness of prior processing.
To exercise any of these rights, please contact us at [email protected]. We may require verification of your identity before fulfilling requests.
6. Security Measures
We implement appropriate technical and organizational safeguards to protect your personal data. These measures include:
– End-to-end encryption of data in transit and at rest where applicable
– Role-based access controls and logging of data access
– Regular backups to prevent data loss from system failures
– Secure software development practices and vulnerability testing
– Privacy training for staff with access to personal data
7. International Data Transfers
Where personal data is transferred to entities outside of your jurisdiction (such as the European Economic Area), we ensure appropriate safeguards are in place, such as:
– Standard Contractual Clauses (SCCs) approved by the European Commission
– Binding corporate rules or approved certification mechanisms
– Assurance of adequacy decisions by relevant authorities
In all such instances, data transfers comply with regional requirements for lawful and secure handling.
8. Data Retention
We retain personal data only for as long as necessary for the purposes outlined in this policy or to satisfy legal obligations. Retention periods include:
– Usage Data: up to 12 months post-collection
– Account and Profile Data: retained for the duration of the user’s account plus 6 months
– Communication Data: stored for up to 24 months to support audit and customer care functions
– Transaction Data: retained for at least 7 years for accounting and compliance purposes
– Technical Data: retained for up to 12 months for system performance analytics
– Preference Data: stored until you change your preferences or withdraw your consent
9. Cookie Policy
We use cookies and similar tracking technologies to enhance user experience and provide essential website functionalities. These include:
– Essential Cookies – Necessary for providing core site features, such as login and cart functionality
– Functional Cookies – Enable personalization and saved preferences
– Analytics Cookies – Collect data to measure website usage and improve content
– Performance Cookies – Monitor overall system performance and errors
10. Cookie Management and Legal Compliance
In compliance with GDPR and CCPA requirements:
– Consent is sought before deploying non-essential cookies unless otherwise exempt
– Users can manage cookie preferences through a dedicated cookie banner at first interaction and via browser settings
– California users can opt-out of data “sharing” through in-site controls
– We respect Do Not Track (DNT) browser signals to the extent technically feasible
11. Children’s Privacy
We do not knowingly collect or solicit personal data from children under the age of 13. If we learn that a child under 13 has submitted personal data, we will delete it promptly. If you believe a child has submitted personal information to us, please notify us at [email protected].
12. Policy Updates
We may revise this Privacy Policy as needed to reflect changes in our practices, technologies, or legal obligations. Material updates will be communicated via our website or, when appropriate, via email notice to registered users.
13. Contact Us
If you have any questions, concerns, or requests regarding this Privacy Policy or your personal data, you may contact us at:
Email: [email protected]
Website: https://www.gamingsurgelab.com
We are committed to full compliance with applicable data protection regulations and welcome your inquiries and feedback.