PARTYstation – GDPR Compliance Statement

Effective Date: May 26, 2025

At PARTYstation, we are committed to protecting the privacy and personal data of our users in full compliance with the General Data Protection Regulation (EU) 2016/679 ('GDPR').

This document outlines the key principles and actions we have taken to ensure GDPR compliance.

1. Data Controller

PARTYstation is the data controller responsible for the processing of personal data provided through our platform.

For any questions or data protection requests, please contact us at info@partystation.tv.

2. Lawful Basis for Processing

We process personal data based on the following lawful bases defined by the GDPR:

• Consent – freely given by users (e.g., when creating an account or joining a game)

• Contract – when processing is necessary to provide our services

• Legitimate Interest – such as improving platform performance and ensuring security

• Legal Obligation – where required by applicable laws

3. User Rights Under GDPR

Users located in the European Economic Area (EEA) have the following rights:

• Right of Access – to request a copy of personal data we hold

• Right to Rectification – to correct inaccurate or incomplete data

• Right to Erasure ('sRight to be Forgotten')

• Right to Restrict Processing

• Right to Data Portability

• Right to Object

• Right to Withdraw Consent – at any time, without affecting the lawfulness of processing based on consent before its withdrawal

To exercise any of these rights, users may contact us at info@partystation.tv.

4. Data Collection and Minimization

We only collect the minimum necessary data to provide and improve our services, including:

• Display name

• Game interaction data

• Technical device and usage data (e.g., IP address, browser type)

We do not collect sensitive data such as biometric, payment, or medical information.

5. Data Retention

Personal data is retained only as long as necessary for the purpose it was collected, or as required by law. After this period, data is securely deleted or anonymized.

6. Data Transfers and Hosting

We may process and store personal data on secure servers located outside the EU/EEA, using data processors that provide appropriate safeguards, such as:

• Standard Contractual Clauses (SCCs)

• Adequacy decisions by the European Commission

7. Third-Party Processors

We carefully select data processors that comply with GDPR standards. These may include:

• Hosting providers

• Analytics services (e.g., Yandex Metrica, Sentry)

• Customer support tools

All third-party processors operate under data processing agreements.

8. Security Measures

We implement technical and organizational measures to protect personal data, including:

• Encryption (TLS/HTTPS)

• Access controls and authentication

• Regular security assessments

• Monitoring and alerting for breaches

9. Breach Notification

In the event of a personal data breach, we will notify the relevant supervisory authority within 72 hours and affected users where required by law.

10. Supervisory Authority

Users in the EEA have the right to lodge a complaint with their national data protection authority. Contact information is available on the European Data Protection Board website.

Contact

For questions, complaints, or requests related to GDPR, please contact: info@partystation.tv.