Privacy Policy
Last Updated: December 18, 2024
RiftSurge ("we," "us," or "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our platform and services (the "Service").
Please read this Privacy Policy carefully. By using RiftSurge, you consent to the data practices described in this policy.
1. Information We Collect
1.1 Information You Provide
We collect information you voluntarily provide when using our Service:
Account Information:
- Email address
- Username and display name
- Password (encrypted)
- Profile picture (optional)
- Timezone preferences
Team Information:
- Team name and branding
- Team member roles and permissions
- Roster configurations
Game Data:
- Compositions and strategies you create
- Scrim notes and analysis
- Playbook entries
1.2 Information from Third-Party Services
When you connect third-party accounts, we receive:
Discord Integration:
- Discord user ID
- Discord username and avatar
- Server membership (for team integrations)
Riot Games Integration:
- Riot Account ID (PUUID)
- Summoner name and tagline
- Region information
- Match history data (for games where you participate)
- Champion mastery and rank information
1.3 Information Collected Automatically
When you access our Service, we automatically collect:
Usage Data:
- Pages visited and features used
- Time spent on the platform
- Actions taken (clicks, searches)
- Error logs and performance data
Device Information:
- Browser type and version
- Operating system
- Device type (desktop, mobile, tablet)
- Screen resolution
Network Information:
- IP address
- Approximate geographic location (country/region)
- Referring website
1.4 Cookies and Tracking Technologies
We use cookies and similar technologies to:
- Maintain your login session
- Remember your preferences
- Analyze usage patterns
- Improve the Service
You can control cookies through your browser settings. However, disabling cookies may limit certain features of the Service.
2. How We Use Your Information
We use the information we collect for the following purposes:
2.1 Providing the Service
- Creating and managing your account
- Processing subscriptions and payments
- Delivering features and functionality
- Syncing data across devices
2.2 AI-Powered Analysis
- Generating personalized insights and recommendations
- Analyzing gameplay patterns and performance
- Creating team-specific coaching suggestions
- Powering the Surge AI features
2.3 Communication
- Sending service announcements and updates
- Responding to your inquiries and support requests
- Delivering notifications (in-app, email, Discord)
- Providing scrim scheduling reminders
2.4 Improvement and Analytics
- Understanding how users interact with the Service
- Identifying and fixing bugs and issues
- Developing new features and improvements
- Conducting research and analysis
2.5 Security and Compliance
- Detecting and preventing fraud or abuse
- Enforcing our Terms of Service
- Complying with legal obligations
- Protecting users and the Service
3. How We Share Your Information
We do not sell your personal information. We may share your information in the following circumstances:
3.1 With Your Team
When you join a team, the following information is visible to team members and managers:
- Your username and profile
- Your roster position and role
- Your game performance within team activities
- Your activity status
3.2 Public Information
Certain information may be publicly visible:
- Your team's public profile (if enabled)
- Public scrim listings
- Team statistics on the teams directory
3.3 Service Providers
We share information with third-party vendors who assist in operating our Service:
| Provider | Purpose | Data Shared |
|---|---|---|
| Stripe | Payment processing | Payment details, billing address |
| Discord | Notifications and integrations | Discord ID, message content |
| Riot Games API | Game data retrieval | Riot account ID |
| Google Analytics | Usage analytics | Anonymous usage data |
| Cloud Hosting | Infrastructure | All service data (encrypted) |
These providers are contractually obligated to protect your data and use it only for the specified purposes.
3.4 Legal Requirements
We may disclose your information if required by law or in response to:
- Court orders or legal process
- Government requests
- Protection of our legal rights
- Prevention of fraud or security threats
3.5 Business Transfers
In the event of a merger, acquisition, or sale of assets, your information may be transferred as part of the transaction. We will notify you of any such change.
4. Data Retention
4.1 Active Accounts
We retain your data for as long as your account is active or as needed to provide the Service.
4.2 Deleted Accounts
When you delete your account:
- Personal data is deleted within 30 days
- Anonymized aggregate data may be retained for analytics
- Backup data is purged within 90 days
4.3 Legal Requirements
We may retain certain information longer if required by law or for legitimate business purposes (e.g., fraud prevention, dispute resolution).
5. Your Rights and Choices
5.1 Access and Portability
You have the right to:
- Access the personal information we hold about you
- Request a copy of your data in a portable format
- Understand how your data is being used
5.2 Correction
You can update or correct your personal information through:
- Your account settings
- Contacting our support team
5.3 Deletion
You have the right to request deletion of your personal data. You can:
- Delete your account through settings
- Contact us to request complete data deletion
Note: Some data may be retained for legal or legitimate business purposes.
5.4 Opt-Out Options
You can opt out of:
- Marketing emails: Click "unsubscribe" in any marketing email
- Discord notifications: Manage through team settings
- Analytics cookies: Adjust browser settings or use opt-out tools
5.5 Do Not Track
We do not currently respond to "Do Not Track" browser signals. We treat all users consistently regardless of this setting.
6. Regional Privacy Rights
6.1 European Economic Area (GDPR)
If you are located in the EEA, you have additional rights under the General Data Protection Regulation:
Legal Bases for Processing:
- Consent: For optional features and marketing
- Contract: To provide the Service you requested
- Legitimate Interests: For security, fraud prevention, and analytics
- Legal Obligation: To comply with applicable laws
Additional Rights:
- Right to restrict processing
- Right to object to processing
- Right to lodge a complaint with a supervisory authority
Data Transfers: We may transfer data outside the EEA. We use appropriate safeguards including Standard Contractual Clauses.
6.2 California (CCPA/CPRA)
If you are a California resident, you have the right to:
- Know what personal information we collect and how it's used
- Request deletion of your personal information
- Opt out of the "sale" of personal information (we do not sell data)
- Non-discrimination for exercising your rights
To exercise these rights, contact us at privacy@riftsurge.com.
6.3 Other Jurisdictions
We comply with applicable privacy laws in the jurisdictions where we operate. Contact us if you have questions about your specific rights.
7. Security
We implement industry-standard security measures to protect your data:
7.1 Technical Safeguards
- Encryption of data in transit (TLS/SSL)
- Encryption of sensitive data at rest
- Secure password hashing (bcrypt)
- Regular security audits and updates
7.2 Organizational Safeguards
- Access controls and authentication
- Employee training on data protection
- Incident response procedures
- Regular security assessments
7.3 Your Responsibility
You are responsible for:
- Maintaining the confidentiality of your login credentials
- Using strong, unique passwords
- Reporting suspicious activity immediately
While we strive to protect your data, no system is completely secure. We cannot guarantee absolute security.
8. Children's Privacy
RiftSurge is not intended for children under 13 years of age. We do not knowingly collect personal information from children under 13. If we discover that we have collected data from a child under 13, we will delete it promptly.
If you are a parent or guardian and believe your child has provided us with personal information, please contact us.
9. Third-Party Links
Our Service may contain links to third-party websites or services. We are not responsible for the privacy practices of these third parties. We encourage you to review their privacy policies before providing any personal information.
10. Changes to This Privacy Policy
We may update this Privacy Policy from time to time. We will notify you of significant changes by:
- Posting the updated policy on our website
- Updating the "Last Updated" date
- Sending an email notification for material changes
Your continued use of the Service after changes take effect constitutes acceptance of the updated Privacy Policy.
11. Contact Us
If you have questions about this Privacy Policy or our data practices, please contact us:
RiftSurge Privacy Team
Email: privacy@riftsurge.com
Website: https://riftsurge.com
Data Protection Inquiries:
For GDPR-related requests: privacy@riftsurge.com
For CCPA-related requests: privacy@riftsurge.com
We will respond to your inquiry within 30 days.
12. Cookie Policy
12.1 Types of Cookies We Use
| Cookie Type | Purpose | Duration |
|---|---|---|
| Essential | Login sessions, security | Session |
| Functional | Preferences, settings | 1 year |
| Analytics | Usage statistics | 2 years |
| Advertising | Third-party ads (free tier) | Varies |
12.2 Managing Cookies
You can manage cookies through:
- Browser settings (block or delete cookies)
- Our cookie consent banner
- Third-party opt-out tools
12.3 Consequences of Disabling Cookies
Disabling essential cookies may prevent you from using certain features of the Service, such as staying logged in.
By using RiftSurge, you acknowledge that you have read and understood this Privacy Policy and consent to the collection and use of your information as described.