Privacy Policy

Effective Date: April 15, 2025

This Privacy Policy describes how NextSecure Ltd ("NextSecure", "we", "us", or "our") collects, uses, discloses, and protects personal data in compliance with applicable laws including the EU General Data Protection Regulation (GDPR) and UK Data Protection Act 2018.

1. Categories of Personal Data

• Identifiers: IP address, hardware identifiers (hashed disk serials, MAC addresses, CPU info), FiveM platform IDs (Rockstar license, Steam ID, Xbox Live ID).
• User-Provided Data: Discord OAuth data (user ID, username, avatar) for authentication and support.
• Usage Data: Logs of attempted cheats, crash reports, performance metrics, and server events.
• Analytics: Aggregated, anonymized service performance and usage metrics.

2. Legal Bases for Processing

• Contract: To provide and maintain the Service under our licensing agreement.
• Legal Obligation: To comply with applicable laws, ban enforcement, and security requirements.
• Legitimate Interests: To protect the integrity, security, and performance of our Services; we ensure these interests do not override your rights.

3. Purposes of Processing

• Detect and prevent cheating, exploits, and malicious behavior.
• Authenticate and authorize users.
• Enforce bans and maintain fair play.
• Improve, debug, and optimize the Service.
• Respond to legal requests and protect rights.

4. Data Sharing and Recipients

We do not sell personal data. We may share with:

• Server administrators for ban enforcement and troubleshooting.
• Trusted service providers under confidentiality agreements.
• Legal authorities as required by law.
• Potential acquirers in a merger or sale, with confidentiality safeguards.

5. International Transfers

Data may be transferred to and processed in the UK, EEA, or other countries with adequate protections or standard contractual clauses in place. By using our Services, you consent to these transfers.

6. Data Retention

We retain personal data only as long as needed for specified purposes. Ban-related identifiers and all related ban evidence (including video recordings of FiveM gameplay, screenshots, detected cheat triggers, or logs of malicious injected code detections) are retained indefinitely to support ban validation and appeals. Other logs and analytics are retained for up to 24 months unless legal obligations require longer retention.

7. Ban Management, Configuration, and Appeals

Any bans triggered or detected by the Service are implemented and managed by the server operator utilizing NextSecure. NextSecure provides detection data and the associated evidence, but does not make final ban decisions. The server operator is solely responsible for reviewing evidence, enforcing, modifying, or lifting bans on their server.

The Service is highly configurable: server operators may define which detection triggers result in a ban, kick, warning, or other actions; adjust sensitivity thresholds; customize automated responses; and tailor criteria to their community’s needs. Operators retain full control over automated and manual enforcement settings and can update configurations at any time.

8. Your Rights

Under GDPR, you may:

• Access your data and receive copies.
• Rectify inaccurate or incomplete data.
• Erasure: Request deletion of data not required for ban enforcement. Deletion requests for banned or restricted accounts will be denied.
• Restrict processing or object to processing for direct marketing/profiling.
• Data portability: Receive data in a structured, machine-readable format.
• Lodge a complaint with a supervisory authority (e.g., ICO in the UK).

9. Cookies & Tracking

We use cookies and localStorage for authentication tokens, preferences, and performance data. You may disable cookies, but this may affect Service functionality.

10. Children’s Privacy

Our Services are not for those under 13. We do not knowingly collect data from children. If discovered, we will delete such data.

11. Data Security

We employ technical and organizational measures (encryption, hashing, access controls) to safeguard data. Report breaches to dpo@nextsecure.com.

12. Updates to Policy

We may revise this policy. Changes will be posted with a new effective date. Continued use after updates indicates acceptance.

13. Contact Us

For inquiries or to exercise rights, contact our Data Protection Officer at dpo@nextsecure.com or via our official Discord support.