GameBoost
Draft.This document is placeholder copy pending review by counsel licensed in British Columbia. Do not rely on it for legal compliance until the "Last updated" date above is set.

Privacy Policy

Last updated: PLACEHOLDER — set on launch

1. Who we are

GameBoost is a boosting service operated by a registered company in British Columbia, Canada. This Privacy Policy explains what personal information we collect, how we use it, who we share it with, and the rights you have over it under PIPEDA (Canada) and comparable US state laws.

2. What information we collect

  • Order details: the game, current/target rank, special requests, and any preferred champions or roles you submit.
  • Account credentials: the username and password for the game account being boosted, and any realtime 2FA code you submit. These are encrypted at rest using AES-256-GCM with keys held only in our application environment.
  • Contact information: the email you use to receive order updates and support replies.
  • Payment information: collected and processed by Stripe. We never see your card number — we only receive a charge confirmation and a tokenised reference to your customer record.
  • Communications: any messages you send through our support tickets or email.

3. Why we collect it

We use your information solely to deliver the service you ordered, communicate about that order, comply with tax and consumer-protection laws, and prevent fraud. We do not sell or rent your information, and we do not use it for advertising.

4. Where it is stored

Application data is stored in PostgreSQL managed by Supabase, with primary regions in Canada and the United States. Payment data is stored by Stripe. Email is delivered through Resend. Each subprocessor is contractually obligated to handle your data under terms at least as protective as this policy.

5. How long we keep it

  • Game account password and 2FA codes: deleted within 24 hours after the boost completes, and never longer than 90 days.
  • Order metadata (rank range, dates, status): retained for 7 years to satisfy tax and accounting requirements.
  • Email and support ticket history: retained for 3 years for dispute resolution.

6. Who can access your information

Decryption of game account credentials is restricted to admin users acting on the specific order, and every decryption event is logged. No third party — including our contracted boosters — receives plaintext credentials except through this controlled workflow for the duration required to complete the boost.

7. Your rights

Under PIPEDA you have the right to access the personal information we hold about you, request corrections, and request deletion (subject to retention requirements above). To exercise any of these rights, email us at the address on the contact page. We respond within 30 days.

8. Changes to this policy

Substantive changes will be announced by email to active customers at least 14 days before they take effect. The "Last updated" date at the top of this page reflects the most recent revision.