Privacy Policy

Last updated: April 2026

We collect only what we need to run the platform and never sell your data. This policy explains what we collect, why, and your rights over it.

Cookie Policy →Terms of Service →Refund Policy →

1. Who We Are

  • TheBadGamer.in is operated by TheBadGamer Technologies Pvt. Ltd., India ("we", "us", "our").
  • Data controller contact: contact@thebadgamer.in
  • This policy applies to all users of www.thebadgamer.in and the TheBadGamer mobile apps.

2. What We Collect

  • Account data: email address, username, display name, hashed password
  • Profile data: avatar, bio, gaming preferences, linked accounts (Steam, PSN, Xbox etc.)
  • Platform activity: games added to library, reviews written, forum posts, wiki edits, sessions logged
  • Usage & technical data: pages visited, features used, device type, browser, IP address, timestamps
  • Payment data: processed entirely by Razorpay or Stripe — we never store card numbers, CVVs, or full payment details on our servers
  • Communications: emails you send us, support tickets, and newsletter subscription if you opt in

3. Legal Basis for Processing (GDPR)

  • Contract performance: account creation, authentication, subscription management, payment processing
  • Legitimate interests: platform security, fraud prevention, abuse detection, product improvement
  • Consent: analytics cookies (Google Analytics 4), marketing emails / newsletter
  • Legal obligation: retaining payment records for tax and legal compliance

4. How We Use Your Data

  • Operating and improving the Platform (features, recommendations, feed)
  • Processing payments and managing BadGamer Pro subscriptions
  • Sending transactional emails: password reset, account alerts, purchase confirmations
  • Optional newsletter: game updates, tournament announcements, community highlights (opt-in, unsubscribe anytime)
  • Analytics: understanding feature usage to make better product decisions
  • Safety: detecting and preventing abuse, fraud, and policy violations

5. What We Never Do

  • We never sell your personal data to any third party
  • We never share your email address with advertisers
  • We never display targeted advertising based on your personal profile
  • We never use dark patterns or deceptive tactics to obtain consent
  • We never store payment card details — all card processing is handled by Razorpay/Stripe

6. Data Sharing

  • Public profile data (username, level, reviews, wiki contributions) is visible to all users by default — you can set your profile to private in Settings → Privacy
  • Payment processors (Razorpay, Stripe): we share only the minimum required to process transactions
  • Analytics (Google Analytics 4): anonymized usage data, only if you have consented to analytics cookies
  • Legal: we may disclose data when required by a valid court order, law enforcement request, or to prevent serious harm
  • We do not use any advertising networks or data brokers

7. Cookies

  • Essential: authentication tokens and preference storage — required for the Platform to function
  • Analytics: Google Analytics 4 — only loaded with your explicit consent via our cookie banner
  • Advertising: None — we do not use advertising or tracking cookies
  • See our full Cookie Policy for a list of every cookie we set

8. Your Rights

  • Access: request a copy of all personal data we hold about you
  • Correction: update incorrect information at any time in Settings
  • Deletion: delete your account and all associated personal data permanently (Settings → Account → Delete)
  • Export: download your library, reviews, and wiki contributions in JSON format
  • Restrict processing: object to or restrict how we process your data in certain circumstances
  • Withdraw consent: opt out of analytics cookies via the cookie banner; unsubscribe from emails via any email footer link or Settings → Notifications
  • Lodge a complaint: you may complain to a data protection authority if you believe we have mishandled your data
  • To exercise your rights, email contact@thebadgamer.in with subject "Privacy Request"

9. Data Retention

  • Active accounts: data retained while your account is active
  • Deleted accounts: personal data removed within 30 days; anonymized aggregate analytics may be retained indefinitely
  • Payment records: retained for 7 years as required by Indian tax law
  • Support communications: retained for 2 years

10. Security

  • Passwords hashed using bcrypt (never stored in plain text)
  • All data transmitted over HTTPS with TLS 1.2+ encryption
  • Database access restricted to production servers; no public access
  • Regular dependency updates and security reviews
  • To report a security vulnerability: contact@thebadgamer.in (subject: "Security Disclosure")

11. Children's Privacy

  • TheBadGamer is not directed to children under 13. We do not knowingly collect data from children under 13.
  • If you are under 18, you must have parental consent to use the Platform.
  • If you believe we have collected data from a child under 13 without consent, contact us immediately at contact@thebadgamer.in.

12. International Transfers

  • TheBadGamer is based in India. Your data is stored on servers in India.
  • Analytics data (if consented) is processed by Google in accordance with their data processing terms.
  • Payment data is processed by Razorpay (India) or Stripe (US/EU) in accordance with applicable data protection laws.

13. Changes to This Policy

  • We may update this policy. Material changes will be notified via email and a Platform banner at least 14 days before they take effect.
  • The "Last updated" date at the top of this page reflects the most recent revision.
  • Continued use of the Platform after changes constitutes acceptance.

Questions about your data? Email contact@thebadgamer.in with subject "Privacy Request" or visit our contact page.