Privacy Policy
Your privacy matters to us at Gaxyon
Last updated: December 2024
Introduction
At Gaxyon, we're committed to protecting your privacy and being transparent about how we collect, use, and safeguard your personal information. This privacy policy explains our practices regarding data collection and usage when you interact with our 3D game level design platform and services.
We understand that trust is fundamental to our relationship with users, and we take this responsibility seriously. This policy covers all aspects of data handling, from initial collection to final deletion, ensuring you have complete visibility into our practices.
Information We Collect
We collect information in several ways to provide you with the best possible experience on our platform:
Personal Information
- Account registration details including name, email address, and chosen username
- Profile information you voluntarily provide such as bio, location, and professional background
- Communication preferences and subscription settings
- Payment information for premium services (processed securely through third-party providers)
Usage Data
- Platform interaction data including pages visited, features used, and time spent
- Game level design projects, assets, and creative content you upload
- Performance metrics and analytics to improve our services
- Device information including browser type, operating system, and IP address
How We Use Your Information
Your information helps us deliver, maintain, and improve our services in meaningful ways:
We never sell your personal information to third parties. Your data is used exclusively to enhance your experience with Gaxyon and provide the services you've requested.
| Purpose | Data Used | Legal Basis |
|---|---|---|
| Account Management | Registration details, preferences | Contract performance |
| Service Delivery | Usage data, project files | Legitimate interest |
| Communication | Contact information | Consent |
| Platform Improvement | Analytics, feedback | Legitimate interest |
Data Sharing and Third Parties
We work with carefully selected third-party services to provide you with the best possible experience. Here's how we handle data sharing:
- Cloud Storage Providers: Your project files are stored securely with industry-leading cloud providers who meet strict security standards
- Payment Processors: Financial transactions are handled by certified payment processors who comply with PCI DSS standards
- Analytics Services: We use privacy-focused analytics tools to understand platform usage and improve our services
- Email Services: Communication and notifications are sent through secure email service providers
All third-party partners are bound by strict data protection agreements and can only use your information for the specific purposes we've authorized. We regularly review these partnerships to ensure they maintain our high standards for privacy protection.
Your Rights and Choices
You have significant control over your personal information and how it's used. We respect your rights and make it easy to exercise them:
Access Your Data
Request a complete copy of all personal information we hold about you, delivered in a commonly used format.
Update Information
Correct or update any personal information that's inaccurate or incomplete through your account settings.
Delete Your Account
Request complete deletion of your account and associated data, with confirmation provided within 30 days.
Control Communications
Manage email preferences, unsubscribe from marketing communications, or limit data processing.
To exercise any of these rights, simply contact us using the information provided at the bottom of this policy. We'll respond to all requests within 30 days and provide clear confirmation of any actions taken.
Data Security and Protection
Protecting your information is our top priority. We implement multiple layers of security to keep your data safe:
- Encryption: All data is encrypted both in transit and at rest using industry-standard AES-256 encryption
- Access Controls: Strict role-based access ensures only authorized personnel can access your information
- Regular Audits: We conduct quarterly security assessments and vulnerability testing
- Incident Response: Comprehensive procedures are in place to detect, respond to, and report any security incidents
- Data Backups: Regular secure backups ensure data availability while maintaining protection standards
In the unlikely event of a data breach affecting your personal information, we will notify you within 72 hours and provide detailed information about the incident, its impact, and the steps we're taking to resolve it.
Data Retention and Deletion
We retain your information only as long as necessary to provide our services and comply with legal obligations:
- Active Accounts: Personal information is retained while your account remains active and for 12 months after your last login
- Project Data: Your creative content and project files are stored indefinitely unless you request deletion
- Usage Analytics: Aggregated, anonymized usage data may be retained for up to 3 years for service improvement
- Legal Requirements: Some information may be retained longer when required by law or for legitimate business purposes
When data is deleted, it's permanently removed from our active systems within 30 days. Backup systems are purged within 90 days to ensure complete deletion.
International Data Transfers
As a Turkish-based company serving users globally, we may transfer your personal information across borders to provide our services effectively. All international transfers are protected by appropriate safeguards:
- Standard Contractual Clauses approved by the European Commission
- Adequacy decisions recognizing equivalent privacy protection
- Binding corporate rules for transfers within our organization
- Your explicit consent for specific transfer purposes
We ensure that your rights and protections travel with your data, regardless of where it's processed or stored.
Children's Privacy
Our platform is designed for users aged 13 and older. We do not knowingly collect personal information from children under 13 years of age. If we discover that we have inadvertently collected such information, we will delete it immediately.
Parents or guardians who believe their child has provided personal information to us should contact us immediately. We take children's privacy seriously and will work quickly to address any concerns and remove any inappropriate data.
Changes to This Policy
We may update this privacy policy periodically to reflect changes in our practices, legal requirements, or service offerings. When we make significant changes, we will:
- Notify you via email at least 30 days before changes take effect
- Display a prominent notice on our platform
- Update the "Last updated" date at the top of this policy
- Provide a summary of key changes in the notification
Your continued use of our services after changes take effect constitutes acceptance of the updated policy. If you don't agree with the changes, you can delete your account before they take effect.
Contact Us About Privacy
If you have questions about this privacy policy or want to exercise your rights, please contact us:
İsmet Kaptan
Hürriyet Blv. 11 A
35210 Konak/İzmir, Turkey
Phone: +90 533 434 5650
Email: info@gaxyon.com