Privacy Policy
Kordvi Service
1. GENERAL INFORMATION
1.1. This Privacy Policy explains how Kordvi ("we," "us," or "our") collects, uses, and discloses information about you when you use our website at app.kordvi.com (the "Service").
1.2. The Data Controller responsible for your personal data is Maciej Iwanicki. You can contact the Controller at: support@kordvi.com.
1.3. We process personal data in compliance with the Regulation (EU) 2016/679 of the European Parliament and of the Council (GDPR).
2. DATA WE COLLECT
2.1. Data provided by you:
- Account Data - Email address and username (necessary for registration)
- Profile Data (Optional) - Discord nickname, profile customization (colors, icons)
2.2. Automatically collected data:
- Activity Data - Gaming statistics (XP, levels, rankings), badges, achievements, and event history
- Technical Data - IP address, browser type (User-Agent), access times, and operating system
2.3. Security Data:
- Encrypted passwords (hashes)
- Security logs
3. PURPOSE AND LEGAL BASIS FOR PROCESSING
| Processing Purpose | Description | Legal Basis |
|---|---|---|
| Service Provision | To create accounts, manage events, and track progress | Art. 6(1)(b) GDPR (Performance of a contract) |
| Communication | To send important service notifications and respond to support requests | Art. 6(1)(b) GDPR (Performance of a contract) |
| Security & Troubleshooting | To detect fraud, prevent abuse, and fix errors | Art. 6(1)(f) GDPR (Legitimate Interest) |
| Analytics | To analyze usage trends to improve the Service | Art. 6(1)(f) GDPR (Legitimate Interest) |
4. COOKIES AND LOCAL STORAGE
We use cookies and similar technologies. For detailed information, please see our Cookie Policy.
For detailed information, please see our Cookies .
4. DATA RECIPIENTS
4.1. We engage trusted third-party service providers to help us operate the Service. These providers act as data processors and are contractually bound to process data only on our instructions:
- Hosting Providers - For server infrastructure (servers located within the EU)
- Error Monitoring - Sentry (for technical error logging and debugging)
4.2. We do not sell your personal data to third parties.
4.3. Data is generally processed within the European Economic Area (EEA). If a transfer outside the EEA occurs, it is conducted based on Standard Contractual Clauses or other valid transfer mechanisms approved by the EU Commission.
5. DATA RETENTION
| Data Category | Retention Period |
|---|---|
| Account & Gaming Data | Until you delete your account, plus a grace period of 30 days |
| Technical Logs | Up to 90 days |
| Security Logs | Up to 180 days |
6. YOUR RIGHTS UNDER GDPR
You have the following rights regarding your personal data:
- 6.1. Access - Request a copy of the personal data we hold about you.
- 6.2. Rectification - Correction of inaccurate or incomplete data.
- 6.3. Erasure ("Right to be forgotten") - Request deletion of your data where applicable.
- 6.4. Restriction - Request restriction of processing under certain conditions.
- 6.5. Portability - Receive your data in a structured, machine-readable format.
- 6.6. Objection - Object to processing based on legitimate interest.
- 6.7. Complaint - Lodge a complaint with a supervisory authority (e.g., UODO in Poland).
To exercise these rights, please contact us at: support@kordvi.com
7. SECURITY
We implement industry-standard security measures, including:
- Argon2id/bcrypt algorithms for password hashing
- HTTPS/TLS 1.2+ encryption for data in transit
- Strict access controls to production servers
8. CHANGES TO THIS POLICY
We may update this Privacy Policy from time to time. If we make material changes, we will notify you through:
- The Service interface
- Email to your registered address
Continued use of the Service implies acceptance of the changes.
9. CONTACT
Data Controller: Maciej Iwanicki
E-mail: support@kordvi.com
© 2024-2026 Maciej Iwanicki. All rights reserved.