PRIVACY POLICY

This Privacy Policy ("Policy") defines the procedure for the collection, processing, storage, protection, and destruction of personal data carried out by Individual Entrepreneur Kulichenko Olga Nikolaevna, IIN 770530400037, business activity notification No. KZ89UWQ05650293 ("Operator").

1.2. The Policy has been developed in accordance with:

• the Law of the Republic of Kazakhstan dated May 21, 2013 No. 94-V "On Personal Data and Their Protection";
• other regulatory legal acts of the Republic of Kazakhstan.

1.3. The Policy applies to the website https://mineguard.pro/ ("Website").

Use of the Website, registration of a Personal Account, or payment for services constitutes a conclusive action confirming the User's unconditional consent to all terms of this Policy and consent to the collection and processing of their personal data.

2.1. This Policy uses concepts as defined by the legislation of the Republic of Kazakhstan.

• 2.1.1. Personal data – data relating to a specific or identifiable subject of personal data, recorded on electronic, paper, and (or) other material media.
• 2.1.2. Processing of personal data – actions (operations) performed with personal data, including collection, recording, systematization, accumulation, storage, clarification, use, transfer, depersonalization, blocking, and destruction.
• 2.1.3. Cross-border transfer – transfer of personal data to the territory of foreign states.
• 2.1.4. Collection of personal data – actions aimed at obtaining personal data.

3.1. The Operator processes personal data of the following categories of subjects:

• Users of the MineGuard service (owners of protected servers).
• Players (visitors to users' servers) whose network traffic passes through the MineGuard infrastructure.

4.1. The Operator processes the following user data:

• Registration data: name (if provided), email address, password (in encrypted form).
• Technical data: IP address upon login and actions in the control panel; browser data (User-Agent); system action logs.
• Payment data: payment amount; payment method; IP address and email specified during payment; transaction identifiers.
• Support request data: text of support requests; attachments submitted by the user.
• Infrastructure data: IP addresses of protected servers; domain names; backend IP addresses; filtering and routing settings.
• Notification data (if voluntarily provided): Telegram Chat ID; Discord webhook; additional e-mail for notifications.

5.1. In the course of providing traffic protection and filtering services, the Operator may process:

• IP address;
• gaming nickname;
• Minecraft account UUID;
• country (determined by IP using a local geolocation database);
• game client version;
• connection and disconnection date and time;
• gaming session duration;
• volume of transmitted traffic.

5.2. Processing of player data is carried out exclusively for the purposes of:

• detecting and preventing DDoS attacks and other network threats;
• filtering malicious or anomalous traffic;
• ensuring stable operation of users' servers;
• investigating information security incidents;
• maintaining technical security logs.

5.3. The Operator does not use player data for advertising, marketing, or mailings.

6.1. Personal data are processed for the purposes of:

• conclusion and performance of agreements;
• user identification;
• providing access to the service;
• ensuring network and information security;
• compliance with the legislation of the Republic of Kazakhstan;
• maintaining accounting and tax records;
• processing requests and providing technical support;
• preventing fraud and abuse.

7.1. Processing of users' personal data is carried out on the basis of:

• their consent to the collection and processing of personal data;
• the concluded offer;
• this Policy;
• requirements of the legislation of the Republic of Kazakhstan.

7.2. Processing of player data is carried out as part of the technological process of ensuring information security and within the legitimate interests of the service user in protecting their infrastructure.

The Subject's consent to the collection and processing of personal data is provided in electronic form that allows confirmation of its receipt (by clicking the "Register" or "Pay" button or checking the corresponding checkbox).

8.1. The Website may use cookies – small text files stored on the user's device.

8.2. Cookies may be used for:

• ensuring correct Website operation;
• saving user settings;
• ensuring security and preventing unauthorized access;
• analyzing Website usage.

8.3. Within web analytics, the following may be processed:

• IP address;
• device type;
• browser type and version;
• information about visited pages;
• date and time of visit;
• source of referral to the Website.

8.3.1. The Website uses the Yandex Metrica web analytics service provided by Yandex. This service is used to analyze Website traffic, improve its operation, and enhance usability.

8.3.2. The Yandex Metrica service may use Webvisor technology, which allows recording user actions on the Website, including: cursor movements; clicks on interface elements; page scrolling; interaction with Website elements. The data obtained is used in anonymized form exclusively for analyzing user behavior and improving the Website's user interface.

8.4. The Website uses cookies and similar technologies to ensure correct Website operation, analyze user activity, and improve the quality of provided services.

8.4.1. By continuing to use the Website, the User agrees to the use of cookies and processing of technical information about their device and actions on the Website, including IP address, browser data, information about visited pages, and interaction time.

8.4.2. The User may restrict or disable the use of cookies in their browser settings.

8.5. When processing user requests through the Service's ticket system, artificial intelligence technologies may be used for automated analysis of requests and preparation of preliminary response options.

8.5.1. Such technologies are used exclusively for:

• accelerating the processing of user requests;
• improving the quality of technical support;
• automatic classification and routing of requests.

8.5.2. The final decision on a user's request may be made by the Contractor's employees. The use of artificial intelligence technologies does not imply automatic making of legally significant decisions regarding the user.

9.1. Users' personal data are stored by the Contractor for the duration of the User's use of the Service, as well as for 5 (five) years from the date of cessation of use of the Service, unless a longer retention period is required in accordance with the legislation of the Republic of Kazakhstan. Upon expiration of the specified period, personal data are subject to deletion or anonymization, except in cases where their further storage is necessary for compliance with legal requirements, dispute resolution, or protection of the rights and legitimate interests of the Contractor.

9.2. Network activity logs and player data are stored for the period necessary to ensure infrastructure security and investigate incidents.

9.3. Destruction of personal data is carried out by irreversible erasure of data from electronic media or physical destruction of material media, precluding the possibility of data recovery.

9.4. The Operator confirms that the collection and processing of personal data of Subjects located in the Republic of Kazakhstan are carried out using databases located (physically situated) in the Republic of Kazakhstan, in accordance with Article 12 of the RK Law "On Personal Data and Their Protection."

9.4.1. Technical data necessary for the functioning of the network traffic filtering system, including:

• IP addresses of connecting users (players);
• connection logs;
• network attack and traffic statistics,

may be processed on the Contractor's server infrastructure located outside the Republic of Kazakhstan, including servers located in the European Union. Such processing is carried out exclusively for the purpose of ensuring the functioning of the Service and protecting the Customer's servers from network attacks.

10.1. Personal data may be transferred to:

• payment organizations;
• hosting providers and data centers;
• government authorities upon lawful request.

10.2. Within the functioning of the Service, cross-border transfer of users' technical data to servers located outside the Republic of Kazakhstan may be carried out.

10.2.1. Such transfer is carried out to server infrastructure located in Germany and the Netherlands and is used exclusively for the purposes of:

• network traffic filtering;
• protecting Customers' servers from DDoS attacks;
• analyzing network activity and attack statistics.

10.2.2. Transfer is carried out only to the extent necessary to ensure the operation of the Service's network protection mechanisms.

10.3. The Subject gives consent to the cross-border transfer of their data for the purpose of fulfilling the terms of the Offer (providing traffic protection services, using global filtering and analytics systems).

11.1. The personal data subject has the right to:

• obtain information about the availability and composition of their data;
• request their clarification;
• request blocking or destruction;
• withdraw consent;
• appeal to the authorized body or court.

11.2. Requests should be directed to: support@mineguard.pro

11.3. To withdraw consent, the Subject sends a request to the email address support@mineguard.pro. The Operator undertakes to cease processing and destroy data within 10 (ten) business days from the date of receiving the request, except in cases where data storage is mandatory in accordance with the law of the Republic of Kazakhstan.

12.1. The Operator takes organizational and technical measures, including:

• restricting access to personal data;
• using password hashing;
• logging data access;
• protecting network infrastructure;
• regular information security monitoring.

12.2. In ensuring the protection of personal data, the Operator is guided by the Unified Requirements in the field of information and communication technologies and information security, approved in the Republic of Kazakhstan.

The service user:

• independently notifies players about the use of the filtering system;
• ensures the existence of legal grounds for transferring traffic through MineGuard;
• bears responsibility for the lawfulness of processing player data on their side.

14.1. The Operator may amend this Policy.

14.2. The current version is posted on the Website.

14.3. Continued use of the service constitutes consent to the new version.