Privacy policy

This Policy applies to information we collect through the Service, including via our websites, applications, and any related communications (such as email and live chat). It does not apply to information collected by third-party services we link to or integrate with — those providers operate under their own privacy policies, which you should review separately.

For purposes of this Policy, the following terms have the meanings set out in the EU General Data Protection Regulation (GDPR) and equivalent laws: "Personal Data" means any information relating to an identified or identifiable natural person (the "Data Subject"). "Processing" means any operation performed on Personal Data, whether or not by automated means (collection, recording, storage, retrieval, transmission, deletion, etc.). "Controller" means the entity that determines the purposes and means of Processing — for the purposes of this Policy, that is Runner LLC. "Processor" means any third party that processes Personal Data on the Controller's behalf (for example, our hosting and payment providers). "Consent" means a freely given, specific, informed, and unambiguous indication of your wishes by which you agree to the Processing of your Personal Data. "Pseudonymisation" means processing Personal Data in a way that the data can no longer be attributed to a specific Data Subject without additional information that is kept separately and protected.

The Controller responsible for the Personal Data described in this Policy is **Runner LLC**, a Delaware limited liability company. Inquiries should be directed to privacy@runner.gg. For European Economic Area, United Kingdom, and Switzerland data subjects, our Data Protection Officer can be reached at dpo@runner.gg. Postal address: Runner LLC, Privacy Office, [postal address to be supplied at launch].

We collect information in three ways. **(a) Information you provide directly**, including your email address, optional username, in-game information (game username, server, character name) you share to enable fulfillment, support communications, and any documentation you submit during KYC verification (where required). We may collect this information when you (i) register or subscribe; (ii) place an order; (iii) contact support or live chat; (iv) participate in a survey, contest, or referral program; (v) respond to marketing communications you have opted into; or (vi) otherwise interact with the Service. **(b) Information about your orders**, including what you bought, when, the price, the fulfillment status, and the assigned pilot for service orders. **(c) Limited technical information collected automatically**, such as IP address, approximate location derived from IP, browser type, device identifiers, referring URL, and pages viewed, used to operate and secure the Service. We do not collect or store payment card numbers, cryptocurrency wallet seed phrases or private keys, or other sensitive payment credentials — these are handled directly by our payment processors (NOWPayments and our card-network partner) under their own terms.

We use the information we collect to (a) fulfill your orders and communicate with you about them; (b) provide customer support; (c) operate, maintain, secure, and improve the Service; (d) detect and prevent fraud and abuse; (e) comply with our legal and regulatory obligations; and (f) communicate with you about updates to the Service, with your consent where required by law. Aggregated, anonymized information that does not identify any individual may be used for analytics, research, and product development without restriction.

We share information with: (a) our payment processors (NOWPayments for cryptocurrency, our card-network partner for traditional payments) as necessary to process transactions; (b) the pilot assigned to your service order, limited to the in-game information necessary to perform the work; (c) our subprocessors for hosting (Vercel), application data (Convex), authentication (Clerk), email delivery, and analytics, each operating under data protection agreements; (d) law enforcement, regulators, or other parties when required by law, valid legal process, or to protect our rights, property, or safety, or that of our users or the public; and (e) in connection with a merger, acquisition, financing, or sale of assets, with notice to you. We do not sell your personal information to third parties for marketing or profiling purposes.

We use a small number of cookies and similar technologies to operate the Service (for example, to remember your locale preference and session state). We do not use cookies for cross-site behavioral advertising. Analytics, where used, operate on aggregated and anonymized data only and do not identify individual users. Your browser settings allow you to refuse or delete cookies; doing so may affect the functionality of the Service.

We retain information for as long as needed to provide the Service and for the periods required by law: (a) order records and related transaction data for at least seven (7) years for tax and regulatory compliance; (b) account information for as long as your account is active, then for ninety (90) days after deletion to allow recovery and to satisfy any legitimate operational needs; and (c) pilot session logs for ninety (90) days, then automatically purged. After the applicable retention period, we delete or anonymize the information.

We use commercially reasonable administrative, technical, and physical safeguards to protect the information we collect, including encryption in transit (TLS) and at rest where appropriate, access controls limited to authorized personnel, and incident-response procedures. No method of transmission over the Internet or electronic storage is completely secure, however, and we cannot guarantee absolute security. In the event of a personal data breach affecting you, we will notify you in accordance with applicable law.

You may request access to, correction of, or deletion of your personal information at any time by emailing privacy@runner.gg. We respond to verified requests within thirty (30) days, subject to extensions permitted by law. You may also request a portable copy of your data and may opt out of marketing communications at any time. If we deny your request, you may appeal by emailing the same address with "Privacy Appeal" in the subject line.

Residents of California, Colorado, Connecticut, Utah, Virginia, and other states with comprehensive privacy laws may have additional rights under those laws, including the right to know, the right to correct, the right to delete, the right to data portability, the right to opt out of the sale or sharing of personal information for cross-context behavioral advertising, and the right to non-discrimination for exercising these rights. We do not sell or share personal information for cross-context behavioral advertising as those terms are defined under California law (CCPA, as amended by the CPRA). California residents may also request information about our disclosures under "Shine the Light." Contact privacy@runner.gg for all state privacy requests.

If you are accessing the Service from outside the United States, please be aware that your information may be transferred to, stored, and processed in the United States or in other countries where our service providers operate. By using the Service, you consent to such transfer. We rely on Standard Contractual Clauses (SCCs) and equivalent safeguards for cross-border transfers where required. We aim to comply with applicable data protection laws in the jurisdictions where we operate, including: the EU General Data Protection Regulation (GDPR) and the United Kingdom GDPR for European data subjects; the Singapore Personal Data Protection Act 2012 (PDPA); the Brazilian Lei Geral de Proteção de Dados (LGPD); the People's Republic of China Personal Information Protection Law (PIPL) for users accessing the Service from China; and the Canadian Personal Information Protection and Electronic Documents Act (PIPEDA). You may have additional rights under your local law, including the right to lodge a complaint with your local supervisory authority. Data protection inquiries: dpo@runner.gg.

The Service is not directed to children under the age of thirteen (13). We do not knowingly collect personal information from children under thirteen (13). If you are a parent or guardian and believe your child has provided us with personal information without your consent, please contact privacy@runner.gg and we will promptly delete such information. California residents under the age of sixteen (16) may have additional rights regarding the sale or sharing of personal information; we do not sell or share personal information of minors under sixteen (16) without affirmative authorization.

We may update this Policy from time to time. The "Last updated" date at the top of this page reflects the date of the most recent revision. For material changes, we will provide notice via email to active users at least fourteen (14) days before the changes take effect, or as otherwise required by applicable law. Continued use of the Service after the effective date of an update constitutes your acknowledgment of the updated Policy.

Questions, comments, or requests regarding this Policy should be directed to privacy@runner.gg. EU/UK data protection inquiries: dpo@runner.gg. Postal mail: Runner LLC, Privacy Office, [postal address].