Loot Drama Logo

Loot Drama

Privacy Notice
Last Updated: February 12, 2026

1. Introduction

1.1 We respect your privacy and are committed to protecting your personal data.

1.2 This Privacy Notice Policy (hereinafter referred to as the "Privacy Notice") is issued pursuant to and reflects compliance with the requirements and/or obligations and/or duties introduced by the EU General Data Protection Regulation 2016/679 (hereinafter referred to as the "GDPR"), as amended and replaced from time to time in relation to all processing activities carried out by us in respect of your Personal Data.

2. Scope and Objective of the Privacy Notice

2.1 We respect individuals' rights to privacy and the protection of Personal Data. The scope of this Privacy Notice is to explain and elaborate on how we collect, use, process and store your Personal Data in the course of our business.

2.2 "Personal Data" or "Data" means any information relating to an identified or identifiable natural person ('data subject'); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.

2.3 We may update the Privacy Notice from time to time. When we make any updates, we will communicate such updates to you and publish the updated Privacy Notice on our website.

2.4 We would encourage you to visit our website regularly to stay informed about the purposes of processing of your Personal Data and your rights to control how we collect, use or process your Personal Data.

3. The Personal Data we process

3.1 We collect, use and process various categories of Personal Data at the start of, and for the duration of, your business relationship with us as well as after the termination of our business relationship. We will limit the collection and processing of Personal Data to the necessary Data to meet the purpose and legal basis as described in Section 6 of this Privacy Notice.

3.2 Personal Data may inter alia, include:

  1. Basic Personal Data, including but not limited to name; and
  2. Email address;
  3. Online identifiers and account identifiers, such as usernames and user IDs provided through third-party login providers (e.g., Discord, Twitch, Google);
  4. Technical and usage data, such as IP address, device/browser information, and information about interactions with the Website (analytics).

3.3 We do not intentionally collect or process special categories of Personal Data. Where such data is provided to us voluntarily (e.g., within free-text communications), we will process it only where necessary and in accordance with GDPR.

4. Controller of Personal Data

4.1 For the purposes of the GDPR, we act as the data controller of the Personal Data provided by you and accordingly are subject to applicable EU and national data protection laws. We are responsible for deciding the purposes of the processing, how to hold and retain the data provided, and we are under an obligation to inform you about the categories of Personal Data we hold, your rights, as well as how we use Personal Data.

4.2 Below you may find the principles according to which we as data controller comply with:

  1. Lawfulness, Fairness and Transparency: Personal Data is processed lawfully, fairly and in a transparent manner. The data subject is informed on the processing that will occur and the purposes for that processing.
  2. Purpose limitation: Personal Data is collected for specified, explicit and legitimate purposes. No further processing incompatible with these purposes occurs. The processing is limited to only what is necessary to meet the specified purpose.
  3. Data minimisation: Personal Data obtained is adequate, relevant and limited to what is necessary for the intended purposes.
  4. Accuracy principle: data is accurate and updated. Any inaccurate data is rectified and redundant data is deleted.
  5. Storage Limitation: data is kept in a form which permits the identification of the relevant data subject for no longer than necessary for the intended purpose of processing. Data wherever possible, is stored in a way that prevents or limits identification of the data subject.
  6. Integrity and Confidentiality: we warrant that data is processed in a manner that ensures the security of the data and that the data is properly protected against unauthorised or unlawful processing, accidental destruction or loss and destruction or damage. The integrity and confidentiality of the data is ensured at all times through the use of appropriate technical and organisational measures.
  7. Accountability: we are responsible for and are able to demonstrate compliance with this Privacy Notice and applicable law.

5. How Personal Data is collected

5.1 Your Personal Data may be collected:

  1. From you via email and our website;
  2. From third parties, established or located within and/or outside the EEA;
  3. During our contractual relationship with you;
  4. From third-party authentication providers when you choose to log in using their services (e.g., Discord, Twitch, Google);
  5. Automatically through cookies and analytics tools when you use the Website.

5.2 You are encouraged to provide updates to the Personal Data you have provided to us so that it remains current, accurate and correct. You acknowledge that we rely on the Personal Data provided to us in providing our services and meeting applicable legal obligations.

5.3 Where you provide us with Personal Data relating to another individual, you confirm that you have informed that individual of the relevant information contained in this Privacy Notice, where applicable.

6. Purpose of Processing and Legal Basis

6.1 We would like to ensure that you fully understand the purpose and the legal basis of collecting, using, processing and storing of your Personal Data. Thus, in this Section we will describe the purposes for which your Personal Data may be used as well as the legal basis of processing of your Personal Data.

6.A Purpose of processing

6.A.1 We will only collect, use, process, store, share or transfer your Personal Data where it is necessary for us to carry out our lawful business activities and provide our services. We will process your Personal Data for the purpose of or in connection with the provision of our services to you, to maintain the security of the Website, and for compliance with our legal obligations.

We set out below in further detail the legal bases on which your Personal Data is being processed.

6.B Legal Basis of processing of your Personal Data

We have described the legal basis for which your Personal Data may be used in detail below:

6.B.1 Performance of a Contract/Contractual necessity

6.B.1.1 We may process your Personal Data where it is necessary to enter into a contract with you for the provision of our services or to perform our obligations or duties under such contract.

6.B.1.2 On the basis of Contractual necessity we may process Data such as username, email address (where provided), and account identifiers.

6.B.1.3 Please note that if you don't agree to provide us with the Data required on the basis of Contractual necessity we may have to suspend or terminate the services provided to you.

6.B.2 Legal and Regulatory Obligations

6.B.2.1 When you establish a business relationship with us in order to provide you with our services, throughout your relationship with us and after the termination of your business relationship with us, we are required by the law to collect, use, process and store certain Personal Data about you.

This may include Personal Data necessary:

  1. To comply with applicable legal and regulatory obligations;
  2. to be used in courts, law enforcement agencies, regulatory agencies, tax authorities and other competent authorities, in any jurisdiction within or outside the EEA;
  3. To protect our rights, privacy, safety or property whatsoever;
  4. to protect the Website and users from suspected fraud, abuse or security incidents.

6.B.2.2 We may process Personal Data such as username, contact details (where provided), and technical identifiers (e.g., IP address) where required to meet applicable legal obligations.

6.B.2.3 Please note that if you don't agree to provide us with the Data required to meet our legal and/or regulatory obligations we may have to suspend or terminate the services provided to you.

6.B.3 Legitimate interests

6.B.3.1 We may collect, process, use, and store your Personal Data where it is in our legitimate interests and without prejudicing your interests or fundamental rights and freedoms.

6.B.3.2 We may process your Personal Data to manage our business, financial affairs as well as to protect our Website, users and operations. It is in our interests to ensure that our processes and systems operate effectively and that we can continue operating as a business.

6.B.3.3 This may include processing of your Data to:

  1. Monitor, maintain and improve internal business processes, information and data, technology and communications solutions and services;
  2. Ensure business continuity and disaster recovery responding to information technology and business emergencies;
  3. Ensure network and information security, including but not limited to monitoring authorised users' access to our information technology for the purpose of preventing cyber-attacks, unauthorised use of our telecommunications, trading or other systems and websites, prevention or detection of crime and protection of your Personal Data;
  4. Provide assurance on the management of our material risks;
  5. Protect our legal rights and interests.

6.B.3.4 It is in our interest to ensure that we provide you with the most appropriate services.

6.B.3.5 This may require processing of your Data to enable us to:

  1. Understand your actions, behaviour, preferences, expectations, feedback in order to improve our services and develop new services;
  2. Monitor and improve the performance and effectiveness of services.

6.B.3.6 On the basis of legitimate interests we may process Data such as IP address, device/browser information, and usage data to maintain and improve the Website.

6.B.3.7 Where you object to processing based on legitimate interests, we will assess your request in accordance with Section 7 and applicable law. Please note that restricting certain processing (e.g., security-related logs) may affect the availability or functionality of the Website.

6.B.4 Consent

6.B.4.1 We rely on your consent where required, including in relation to non-essential cookies and analytics technologies, and for marketing communications where you have opted in (if applicable).

7. Your rights

7.1 We take all the appropriate measures to make sure that you are fully informed about your rights in regards with all Personal Data we collect, process, use and store.

7.2 As a result, all rights and the circumstances under which such rights may be exercised are described in the table below. In the event you wish to exercise any of the rights described below or if you have any queries about how we collect, use, process or store your Personal Data that are not answered in this Privacy Notice, or if you wish to complain to our Data Protection Officer, please contact us at support@lootdrama.com or via our Discord.

RightExplanation
AccessYou have the right to access your Personal Data including, where applicable, relevant correspondence, subject to applicable legal limitations and the rights of third parties. You have the right to enquire as to whether we process any Personal Data of yours as well as which Personal Data is processed and the manner of such processing. You have the right to receive a copy of your Personal Data free of charge unless the request is manifestly unfounded or excessive.
RectificationYou have a right to rectification of inaccurate Personal Data and to update incomplete Personal Data. In case you believe that any of the Personal Data held by us is inaccurate, you are entitled to request to restrict the processing of that Personal Data and rectify the inaccuracies.
Erasure

You may request to delete your Personal Data in case you believe that:

  • We no longer need to process your Personal Data for the purposes for which it was provided;
  • the processing is based on your consent which you withdraw;
  • the processing of your Personal Data is unlawful;
  • your Personal Data must be erased for reasons of compliance with legal obligations;
  • your Personal Data is being processed pursuant to our legitimate interest or a third party and you object to such processing and we (or the third party as the case may be) do not have an overriding legitimate interest.
Restriction

You may request us to restrict processing your Personal Data where:

  • we are investigating whether any of your Personal Data held by us is inaccurate;
  • we no longer need to process your Personal Data for the purposes for which it was provided, but you require such Data to establish, exercise or defend legal proceedings;
  • your Personal Data is processed in an unlawful manner and you chose to exercise the right to restrict processing instead of your right to deletion;
  • for a period enabling us to verify whether any legitimate interest on which we are relying for the processing of your Personal Data overrides your interest.
PortabilityYou have the right to receive your Personal Data or to request that we transmit such Personal Data to another third party (where this is technically feasible) in a structured, commonly used machine-readable format where the processing is based on your consent or pursuant to our contract with you or where processing is carried out by automated means. Where you request that we provide such Data directly to third parties, we shall not be responsible for any such third parties' use of your Personal Data, which will be governed by their agreement with you and any privacy statement they provide to you.
ObjectionYou have a right to object to us processing your Personal Data for marketing purposes or on the basis of the legitimate interest as described in Section 6 of this Privacy Notice – unless we can demonstrate compelling and legitimate grounds for the processing, which may override your own interests, or for the establishment, exercise or defence of legal claims. We may need to restrict or cease processing your Personal Data altogether or, where requested, delete your information. Please note that if you chose to exercise this right, we may have to suspend or terminate the services provided to you.
Withdraw consentWhere we rely on your consent to process your Personal Data (including, if applicable, any special category data you voluntarily provide), you have the right to withdraw your consent at any time by contacting us at support@lootdrama.com or via our Discord.
Raise a complaint

If you wish to make a complaint, you can contact our Data Protection Officer at support@lootdrama.com or via our Discord, who will investigate the matter.

We expect to be fully able to address any concerns you may have directly in the first instance; however, we would like to inform you of your right to address any complaint to the relevant supervisory authority at any time should you so wish. A list of EU data protection authorities can be found at edpb.europa.eu

You also have the right to lodge a complaint with the relevant supervisory authority in your country of residence, or your place of work or the place where the alleged infringement has taken place where this is within the EU.

Not be subject to automated decision-makingYou have the right not to be subject to a decision, based solely on automated processing of Personal Data. At this point, we do not have in place any automated-decision making in respect of your Personal Data.

8. Changes to the way we use your Personal Data

8.1 We reserve the right to change the way and/or the purpose of processing and use of your Personal Data. As a result, where we decide to process or use your Personal Data for purpose other than the purpose for which such Personal Data were initially collected, processed and used and stored, we will provide you with all relevant information of such change including the new purpose under which such Personal Data will be used and/or processed as well as all of your rights as described in Section 7 of this Privacy Notice.

9. Communications about your Personal Data

9.1 We may directly contact you to provide you with information in regards with the status, operation and maintenance of your Personal Data including updated information about how we collect, use, process and store your Personal Data by email using the contact details you have provided to us.

9.2 We may contact you regarding service-related notifications (where applicable).

10. How we use and share Personal Data

10.1 We will only use and share your Personal Data where it is necessary for us to lawfully carry out our business activities and/or provide our services.

11. Sharing with third-parties

11.1 We may share your Personal Data, inter alia, with the following recipients and categories of recipients:

  1. Third party organisations that provide applications, data processing or IT services to us including cloud-based software, identity management, web-hosting, data analysis, security and storage services;
  2. Competent authorities, regulators or law enforcement where required by applicable law.

11.2 We may share your Personal Data with third parties in the following cases:

  1. with consent (if applicable);
  2. for service providers (hosting, analytics, authentication);
  3. legal obligation / lawful request;
  4. security incidents/fraud prevention.

11.3 Our third-parties to which we share and/or transfer your Personal Data are not allowed to use or disclose or share whatsoever for any other purpose other than the purpose to provide services, as agreed, to us.

11.4 We will not disclose to any third party your Personal Data for its own marketing purposes without your consent.

11.5 Personal Data may be processed in EEA and/or in other locations where our service providers operate, including outside the EEA, in accordance with Section 12.

11.6 If you would like a copy of your Personal Data held by the third parties or if you want to receive more details on how your Personal Data is collected, used, processed or stored by the third parties please contact us at support@lootdrama.com or via our Discord.

12. Transferring Information to third countries

12.1 We may share or transfer your Personal Data with recipients in non-EU countries where:

  1. the European Commission has decided that the country or the organisation we are sharing your Personal Data with will protect your Data adequately;
  2. the transfer has been authorised by the relevant data protection authority;
  3. we have entered into a contract with the organisation with which we are sharing your Personal Data (on terms approved by the European Commission) to ensure your Personal Data is adequately protected.

13. How long we store your Data

13.1 We retain the Personal Data processed by us for as long as we consider necessary for the purpose for which it was collected, as required and/or as required under any legal provision to which we are subject and/or for such other periods as can be lawfully justified in each case.

13.2 Personal data may be held for longer periods where extended retention periods are required by the Law or regulations and/or in order to establish, exercise or defend our legal rights before a Court or tribunal or Arbitral tribunal whatsoever.

14. Security information

14.1 We are committed to ensuring that your Personal Data is secure. For more information about the steps we are taking to protect your Personal Data please contact us at support@lootdrama.com or via our Discord.

14.2 In the event of any loss or destruction or other form of personal data breach in respect of your Personal Data which is likely to result in a high risk to your rights and freedoms, we will contact you using the contact details you have provided to us, unless you have provided alternative contact details for such notifications.

15. Cookie Policy

Cookies are small text files that a website stores on your device when you visit it. We use cookies to ensure that the performance and functionality of our Website is robust and enhanced. Please click here to read our Cookie Policy.

16. Data Controller and Contact Information

16.1 We act as a data controller for the Personal Data processed under this Privacy Notice. If you have any queries about how we collect, use, process or store your Personal Data that are not answered in this Privacy Notice, or if you wish to complain, please contact us at support@lootdrama.com or via our Discord.

Return to Home