logo

PRIVACY POLICY

for the mobile application «SkinDealer»

Effective date: March 1, 2026
Last updated: April 28, 2026

1. Who we are and how to contact us

The administration of the «SkinDealer» application (hereinafter referred to as “We”) acts as the controller of your personal data and determines the purposes and means of its processing.

Contact for data-related questions:
Email: skindealer.trade@gmail.com

We respond to requests within 30 days.

2. What data we collect

2.1. Data from Steam (upon authentication via Steam OpenID):

  • SteamID64;
  • Public profile name (nickname);
  • Avatar URL and link to the Steam profile;
  • CS2 inventory data — obtained directly through the official Steam Web API exclusively at the moment of display in the Application and not stored on our servers after the end of the user session.

2.2. Technical and usage data (collected automatically):

  • IP address;
  • Device information (model, operating system, Application version, language settings);
  • Usage data (screen views, actions in the Application) — for ensuring functionality and analytics;
  • Unique technical device identifiers assigned by the operating system (non-advertising).

2.3. Data when contacting support:

  • Email address provided in the request;
  • Content of the request and correspondence.

3. Data we do NOT collect

We consciously do not collect or process:

  • Passwords to Steam accounts;
  • Payment details (bank card data, e-wallets);
  • Phone numbers;
  • Passport data;
  • Biometric data;
  • Precise geolocation data (GPS);
  • Advertising device identifiers (IDFA, GAID).

4. Purposes of processing and legal bases

4.1. Provision of Application features. We process your SteamID64, nickname, avatar, profile link, and CS2 inventory data to provide the core functions of the Application: searching for P2P trade partners, displaying profiles, inventories, and listings. Legal basis: performance of a contract (clause 2.1 of the User Agreement).

4.2. Technical support. We process your email address and the content of your request to respond to support inquiries. Legal basis: performance of a contract / legitimate interests.

4.3. Security and prevention of abuse. We process your IP address, technical device identifiers, and usage data to ensure security, prevent fraud and abuse of the service, including preventing the creation of multiple accounts. Legal basis: legitimate interests.

4.4. Usage analytics. We process usage data, technical device data, and crash logs to analyze stability, improve quality, and enhance user experience of the Application. Legal basis: your revocable consent (you may withdraw it at any time without affecting the core functions of the Application). To opt out of analytics, please email us at skindealer.trade@gmail.com.

4.5. Compliance with legal obligations. We may process any of the listed data to fulfill requirements of applicable legislation. Legal basis: legal obligation.

5. Minors

The Application is intended exclusively for persons aged 18 and older. We do not knowingly collect data from individuals under 18 years of age. If we become aware that we have received personal data from a minor, we will delete such data without delay. If you are a parent or legal guardian and believe that your child has provided us with data, please contact us.

6. Data retention periods and security

6.1. Retention periods:

  • Steam profile data and activity — for the duration of your use of the Application plus 1 year after account deletion or cessation of use (to protect against claims and comply with statutes of limitations);
  • CS2 inventory data — not stored permanently, processed only at the moment of request;
  • Support request data — 1 year after the last response;
  • Analytics data — in accordance with the policies of the analytics service providers (usually up to 26 months) or until you withdraw your consent.

6.2. Security measures: we apply technical and organizational measures to protect data from unauthorized access, loss, alteration, or destruction. Access to data is restricted and granted only to the extent necessary to perform job duties.

7. Cross-border data transfers

We strive to minimize cross-border transfers and use servers in jurisdictions with an adequate level of protection where technically possible. Data may be processed on servers located outside the country of your residence, including in jurisdictions not recognized by the European Commission as providing an adequate level of protection. When transferring personal data of users from the European Economic Area (EEA) and other jurisdictions with similar requirements, we use the European Commission’s Standard Contractual Clauses or other applicable safeguards.

8. Third parties (processors)

We do not sell personal data. Transfer to third parties occurs only in the following cases:

8.1. Infrastructure and analytics providers. Usage data, technical device data, and crash logs may be transferred to cloud and analytics service providers (for example, Google Firebase, Crashlytics, or similar services) to ensure stability and improve the Application. Processing is carried out in accordance with their privacy policies and on the basis of data processing agreements. The list of current service providers is available upon request or will be updated in this Privacy Policy.

8.2. Government authorities. Only upon lawful request from competent authorities in accordance with applicable law.

9. Your rights

Depending on your jurisdiction, you may have the following rights:

  • Right of access — to know what data we process;
  • Right to rectification — to request correction of inaccurate data;
  • Right to erasure (“right to be forgotten”) — to request deletion of data;
  • Right to restriction of processing — under certain conditions;
  • Right to data portability — to receive data in a structured format;
  • Right to object — against processing based on legitimate interests;
  • Right to withdraw consent — at any time (for analytics);
  • Right to lodge a complaint — with the data protection supervisory authority of your country (for EU users — with the data protection authority of your Member State).

To exercise your rights, send a request to skindealer.trade@gmail.com with the subject “Personal Data Request”. We will respond within 30 days. In some cases, we may request proof of your identity to prevent unauthorized access to data.

For California residents (CCPA): we do not sell your personal data. You have the right to request disclosure of collected data (right to know), deletion (right to delete), and to opt out of sharing data with third parties (right to opt-out of sharing). Use the same email address for these requests.

10. Analytics and device identifiers

We do not use advertising identifiers (IDFA on iOS, GAID on Android). For stability analysis and improving user experience, internal technical identifiers assigned by the operating system or analytics providers may be used. These data do not allow personal identification outside the context of the Application.

11. Changes to this Policy

We may update this Privacy Policy to reflect changes in legislation or Application functionality. The new version becomes effective from the moment it is published in the Application. Continued use of the Application after the update constitutes acceptance of the new version. In case of significant changes, we will notify you via push notification or banner in the Application.

12. Contact information

For all questions related to the processing of personal data, this Privacy Policy, or exercising your rights:

Email: skindealer.trade@gmail.com