By Personal Data or Data, we mean any information that can either identify you as an individual or that can be connected to you indirectly, that we may collect, retain, process, share, and transfer when you visit our Website and/or Application and use CS.MONEY Service.
Data Controller Details
Joint data controllers with respect to CS.MONEY Service are
CS VIRTUAL TRADE LTD, a company duly registered under the laws of Cyprus;
Registration number: HE 389299;
Registered address and the principal place of business: Spyrou Araouzou & Koumantarias, 705, Fayza
House, 1st floor, 3036, Limassol, Cyprus.
G2G Marketplace Limited, a company duly registered under the laws of Hong Kong;
Registration number: 3064044;
Registered address and the principal place of business: 8F, 30 Hollywood Road, Central, Hong Kong
(“CS.MONEY” or “we”).
Data Protection Officer
Contact our Data Protection Officer for any inquiries regarding your Personal Data and exercise your rights via [email protected].
Personal Data We Collect From You
Basic Account Data
This is the Personal Data that is provided by you or collected by us to enable you to sign up for and use the Service.
a. Personal Data collected from third parties
When you sign in CS.MONEY through your Steam account we receive User data from a third party, namely, Valve Corporation. The Personal Data we receive is Steam ID, avatar, username. We will be able to identify your Steam community profile and access public information related to your Steam account, including the list of your virtual items.
b. Personal Data collected directly from you
Additionally, we will ask you to provide your e-mail in order to create your account and communicate with you the latest news about our Service.
Once you signed in, your CS.MONEY Account will be automatically created and assigned with a seller ID (the "CS.MONEY ID") that is later used to reference your CS.MONEY Account without directly exposing your personal information. You also have the option to provide us with additional Personal Data in order to make your account more personalized.
The Personal Data collected directly and/or indirectly when you are accessing and/or using the Service via Application and/or Website are the following:
1. Information about your type of CS.MONEY Service plan;
2. IP address and location info (country, city, etc);
3. Device information (screen size, OS, browser information);
4. OS information (name, version, language);
5. Information sent by you in the form of messages in the online chat with technical support. Information transmitted in support chat is confidential and protected;
6. Information you may provide when you pay for a virtual item purchase a product or service from us, including information necessary to process your orders with the relevant payment merchant, which may include the amount of any transaction, but will not include your financial information, which will only be submitted directly to the payment merchant under secure protocols;
8. Log data related to your activity on CS.MONEY Website or Application.
9. Anonymous data. CS.MONEY also processes anonymous data, aggregated or not, to analyze and produce statistics related to the habits, usage patterns, and demographics of customers as a group and/or as individuals. Such anonymous data does not allow the identification of the Users to which it relates. CS.MONEY may share anonymous data, aggregated or not, with third parties.
Payment and Purchase Data
Purchase Data is the Personal Data that you provide for the proposes of signing up for our paid plans to access additional features/functionality, or to make any purchases through CS.MONEY Service.
The Personal Data such as your name, financial information, or cardholder data, and any other billing information, will be submitted directly to, processed, and stored by the respective Payment Service provider upon your consent to their privacy policies.
We may receive Personal Data from our payment partners such as the sum of payment to enable us to send you invoices, process your payment, and provide you with what you’ve purchased.
In the event you want to perform certain transactions on the Website or Application, you might be required to go through the KYC (Know-Your-Client) procedure, which is carried by third-party identification service provider during which it will collect from you the following information and documents:
- First and last name;
- Date of birth;
- ID document (i.e. passport) number
- Copy of your ID document
- Picture of you holding ID document
- Utility bill
- Mobile phone number
This information is processed and stored by a third-party identification service provider upon your consent to their privacy policies. We may receive certain data from the third-party identification service provider upon request in order to detect fraud, comply with legal requirements or resolve disputes.
Purposes and Legal Basis of Use of Personal Data
|Description of why CS.MONEY processes your personal data (‘processing purpose’)||Legal Basis for the processing purpose||Categories of personal data used by CS.MONEY for the processing purpose|
|To provide and personalize the Service.||Performance of a contract||
User Data Usage
Data Payment and Purchase Data
|To understand, diagnose, troubleshoot, and fix issues with the Service||Performance of a contract||
|To evaluate and develop new features, technologies, and improvements to the Service||Legitimate Interest||
|For marketing, promotion, and advertising purposes||Consent||
|To comply with legal requirements and law enforcement requests||Compliance with legal obligations||
KYC, Payment and Purchase
|To establish, exercise, or defend legal claims||Legitimate interest||
KYC, Payment and Purchase
|To conduct business planning, reporting, and forecasting||Legitimate interest||
|To process your payment||Performance of a contract||
KYC, Payment and Purchase
|To detect fraud, including fraudulent payments and fraudulent use of the Service||Legitimate interest||
KYC, Payment and Purchase
If the processing of Personal Data is carried out on the basis of your consent, you have the right to withdraw it at any time.
Sharing Your Personal Data
CS.MONEY does not sell Personal Data. CS.MONEY may disclose Personal Data to the following parties:
- payment processors retained by CS.MONEY to process payments of the users of the Services (these companies may be located anywhere in the world but mainly they are located in the European Union);
- providers of hosting, maintenance, and security services retained by CS.MONEY to run the Website (these companies may be located anywhere in the world but mainly they are located in the European Union);
- advertising and marketing companies that aggregate Personal Data from different sources to evaluate certain personal aspects relating to the data subject, to perform marketing research and to provide advertising and marketing services to third parties (these companies may be located anywhere in the world but mainly they are located in the European Union);
- government authorities including tax authorities and police (it may be government authorities of any country but mainly it is government authorities of the European Union);
- the companies providing analytic services such as Google Analytics, Firebase, Amplitude, App Metrica, UXCam;
- Valve Corporation in order to perform your exchanges, sales and purchases;
- the companies of CS.MONEY when it is necessary to perform the contract to which the data subject is a party.
- If there is an unresolved issue relating to your account, such as an outstanding credit on your account and/or an unresolved claim and/or dispute we will retain the necessary Personal Data until the said issue is resolved;
- Where we need to retain the Personal Data for our legal, tax, audit, and accounting obligations and/or any other legal obligation, we will retain the necessary Personal Data for the period required by the applicable law;
- Where necessary for the purpose of our legitimate business interests such as fraud prevention and/or to maintain the security of our Users.
Right to access your Personal Data
You have the right to enquire to be provided with a copy of your Personal Data and/or the way that we store your Personal Data and/or erase your Personal Data by sending us a written request in any way possible.
Right to rectification
You have the right to ask us to change some of your Personal Data or contact us with a request to change and/or correct your Personal Data if this is inaccurate.
Request to erasure of Personal Data
You have the right to request us to delete all or some of your Personal Data, for example, if:
- they are no longer needed for any processing purposes;
- consent has been used as a legal basis for their processing;
- there is no legitimate interest for the further processing of Personal Data;
- they were used for marketing purposes.
Right to object
- The right, at any time, to object to us processing your personal data on grounds relating to your particular situation;
- The right to object to your personal data being processed for direct marketing purposes.
Right to object to automated processing
You have the right to object to a decision based on automated processing. Using this right, you may request us to review your Personal Data manually, because you believe that automated processing of your Personal Data may not consider the unique situation.
Right for data portability
You have the right to request us to provide you with a copy of your Personal Data in a structured, commonly used and machine-readable format (e.g. xml, csv). Furthermore, you have the right to request us to transmit the said Personal Data directly to another controller.
Right to lodge a complaint
You have the right to lodge a complaint with a supervisory authority, in particular to the member state of the European Union of your habitual residence, place of work or place of the alleged infringement.
To exercise any of the right please contact us via email: [email protected].
Personal Data Breach
A personal data breach may, if not addressed in an appropriate and timely manner, result in physical, material or non-material risk to your rights and freedoms. Therefore, as soon as we become aware that a personal data breach has occurred, we will notify the personal data breach to the Commissioner for Personal Data Protection without undue delay and, where feasible, not later than 72 hours after having become aware of it, unless we are able to demonstrate, in accordance with the accountability principle, that the personal data breach is unlikely to result in a risk to your rights and freedoms. Where such notification cannot be achieved within 72 hours, the reasons for the delay should accompany the notification without undue further delay.
Cross-Border Data Transfer
We have included in our agreements with data controllers and processors located outside the EU or EEA issued by the European Commission regulating the transfer and processing of Personal Data in order to ensure that the Personal Data is safeguarded stored and processed in a secured way.
In this respect, we use Standard contractual clauses (SCC) adopted by the European Commission as a mechanism to transfer data from the EU countries. Organizations engaged in the processing of personal data on behalf of CS.MONEY have adopted SCC, as appropriate, in order to ensure confidentiality, security, and legality of the processing of your personal data.