Privacy Policy

ARTEMIX LIMITED acts as the data controller for personal data processed through the Website and related services.

ARTEMIX LIMITED

Company number: 758562

Registered office: 36-42 Donnybrook Road, Donnybrook House, D04 E6X0 Dublin, Ireland

For privacy-related questions, contact: gdpr@noctra.gg

Depending on how you interact with us, we may process personal data that you provide directly, including your first name, last name, email address, optional phone number, billing details, Steam Trade URL, order details, delivery details and communications with customer support.

We may also process technical and usage data collected when you access the Website, including IP address, browser type, device information, language settings, approximate location, cookie identifiers and interaction data.

In connection with transactions, we may receive and process limited payment-related information from our payment partners, including payment status, transaction references, authentication results and fraud-prevention signals.

Card payment details are processed by our PCI-compliant payment partners. We do not collect or store full card numbers.

We may also process fulfilment-related information, including order references, item identifiers, delivery status, delivery timestamps and platform delivery identifiers where needed to deliver Digital Items and handle support requests.

We process personal data only where necessary and where we have a legal basis under applicable data protection law.

We process personal data to operate the Website, provide account or login functionality where available, process purchases, arrange delivery of Digital Items and provide customer support. This processing is necessary for the performance of our contract with you.

We process payment and transaction data to facilitate payments, verify transactions, manage refunds and reconcile orders. This processing is necessary for contract performance and our legitimate interest in operating a secure payment process.

We process delivery details, including Steam Trade URLs and related validation results, to check delivery information, arrange delivery and confirm fulfilment. This processing is necessary for contract performance.

We process fraud-prevention, security and technical data to detect and prevent fraud, unauthorised payments, misuse, chargeback abuse and security threats. This processing is based on our legitimate interest in protecting our customers, Website, payment partners and business.

We process customer support communications to respond to questions, investigate issues, handle complaints and assist with refunds or delivery problems. This processing is based on contract performance and our legitimate interest in providing support.

We process personal data to comply with legal, accounting, tax, bookkeeping and record-keeping obligations. This processing is based on legal obligation.

We may process personal data to establish, exercise or defend legal claims, including in connection with payment disputes and chargebacks. This processing is based on our legitimate interest in protecting our legal rights.

We may process personal data to send marketing communications to existing customers where permitted by law, or where you have consented. You may opt out at any time.

Non-essential cookies and similar technologies are used only where permitted by law and, where required, with your consent.

We apply technical and organisational measures to protect the Website, customers and transactions.

This may include automated or manual screening tools that analyse transaction-related data, including IP address, device information, payment authentication results, behavioural signals and delivery details, to detect and prevent fraud, unauthorised activity and misuse.

Where relevant, such processing may involve automated risk assessment. Appropriate safeguards are applied, and decisions may be subject to human review where required.

We disclose personal data only where necessary, proportionate and subject to appropriate safeguards.

This may include sharing personal data with payment processors, acquiring banks, card issuers, card networks and fraud-prevention providers to process payments, verify transactions, prevent fraud and manage chargebacks.

We may share limited order, item, inventory and fulfilment-related data with suppliers, inventory providers and fulfilment providers where necessary to source, reserve, purchase or deliver Digital Items.

We do not share customer contact details with suppliers unless required for fulfilment.

Where delivery involves Steam, Valve or another Supported Platform, delivery information such as Steam Trade URLs, trade offer identifiers or related platform data may be processed by that platform in accordance with its own terms and privacy policy.

We may also share personal data with hosting providers, IT providers, analytics providers, affiliate tracking providers, email providers, customer support tools, accountants, auditors, legal advisers, public authorities or courts where necessary.

NOCTRA is established in Ireland and focuses on customers in the EU/EEA.

Some providers involved in payment processing, analytics, fraud prevention, hosting, support or delivery through Supported Platforms may process personal data outside the European Economic Area.

Where personal data is transferred outside the EEA, we ensure that appropriate safeguards are in place, such as adequacy decisions, Standard Contractual Clauses approved by the European Commission or equivalent mechanisms recognised under applicable data protection laws.

We retain personal data only for as long as necessary for the purposes described in this Privacy Policy and in accordance with applicable legal obligations.

Transaction and accounting records are typically retained for up to seven (7) years.

Fraud-prevention and security-related data, including transaction logs and technical identifiers, may be retained for up to twenty-four (24) months.

Customer support communications are generally retained for up to three (3) years following resolution.

Personal data relevant to disputes, chargebacks or legal claims may be retained for up to ten (10) years.

Marketing preferences are retained until you opt out, withdraw consent or object. Cookies are retained according to their defined lifespan.

Cookies and similar technologies are used to ensure the Website functions correctly, maintain security, support checkout and account functionality, analyse Website performance and, where permitted, support affiliate tracking and marketing measurement.

We may use the following categories of cookies:

• strictly necessary cookies for core Website functionality, checkout and security;
• functional cookies to remember preferences;
• performance and analytics cookies to understand Website usage, including Google Analytics;
• affiliate and advertising cookies to measure referrals, campaign performance and advertising effectiveness.

On your first visit, you may be presented with options to accept or manage non-essential cookies. You may adjust your preferences through Website controls where available or through your browser settings.

Blocking cookies may affect some Website features.

Under applicable data protection laws, you may have the right to request access to, rectification or erasure of your personal data, to restrict or object to certain processing activities, and to receive personal data in a portable format where applicable.

Where processing is based on consent, you may withdraw that consent at any time.

You may object to marketing communications at any time by using the unsubscribe link in the relevant email or contacting us.

We may need to verify your identity before responding to a rights request.

To exercise your rights, contact: gdpr@noctra.gg

You have the right to lodge a complaint with the Data Protection Commission in Ireland or another competent supervisory authority.

We apply technical and organisational measures designed to protect personal data against unauthorised access, loss, misuse, alteration or disclosure.

However, no website, platform, payment process or internet transmission can be guaranteed to be completely secure.

We may update this Privacy Policy from time to time to reflect changes to our Website, products, payment methods, delivery methods, suppliers, service providers, legal requirements or operational practices.

The “Last updated” date indicates when this Privacy Policy was most recently revised.

Significant changes may be communicated through the Website or other reasonable means.

For privacy-related and general data protection enquiries, contact:

ARTEMIX LIMITED

36-42 Donnybrook Road, Donnybrook House, D04 E6X0 Dublin, Ireland

Email: gdpr@noctra.gg