PRIVACY POLICY

Last updated: February 15, 2026

We value your privacy and are committed to protecting your personal data. This Privacy Policy explains how your personal data is collected, used, stored, and shared when you access or use the CS2MONEY services.

The processing of personal data is carried out in accordance with the United Kingdom General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018, as well as any other applicable UK data protection laws.

Please read this Privacy Policy carefully to understand how we handle your personal data. By accessing or using the Services, you acknowledge that you have read and understood this Privacy Policy and agree that your personal data may be collected, used, and shared as described herein.

Data Controller Details

TEMATRIX LTD, a company duly registered under the laws of United Kingdom; Registration number: SC867543; Registered address and the principal place of business: 5 South Charlotte Street, Edinburgh, Scotland, EH2 4AN. (“CS2MONEY” or “we”).

Scope of Privacy Policy

How We Collect Your Data

By personal data or data, we mean any information capable of being associated with you as an individual, such as your name, e-mail address, or that can be connected to you indirectly, such as your language or currency choice. We collect data directly from you or our partners. When you visit our Website we collect technical data and information about how you use the Website. We do it using cookies set by our partners or us. We need this data to provide you with the Website, analyze their use, remember your settings, and personalize content and ads. Please visit our Cookie Policy for more details on how we use or disable cookies.

Data We Collect

Device and Location Data

When you visit our Website, we collect the following data:

IP address and location info (country, city, etc.)
Device and OS information (screen size, OS, browser information)

We use these data to recognize you and provide you with the Website that is capable of your device, your location, etc.

Account Data

When you log in to the Website through your Steam, we collect specific data from a corresponding third party. This data may include your account ID (like Steam ID), avatar, username, the list of your virtual items, and other public information. Besides these, account data also includes your registration data, the number of your trades, your trade link, and the seller link. You may provide additional information in your profile, such as your avatar.

Usage Data

We collect information about your use of the Website. These data include your activity on the Website, such information as:

your Website’s personal settings;
your trade, cart, payments, refunds, withdrawals, search history;
your visits, views, comments, likes;
your activity logs;
information you provide when you request information or feedback from us;
your recommendations on how to improve our Services.

Contact Data

● E-mail address

Know-Your-Customer Data

We do our best to prevent fraud and other illegal activities. If your activity, transaction, or payment instrument seems suspicious to us or to activate withdrawals, we will ask you to provide additional information:

First and last name
ID document (i.e. passport) number
Copy of your ID document
Picture of you holding an ID document
Photo of your bank card partly covered
Video of your face
Utility bill or bank statement

The Know-Your-Customer procedure is carried out by a third-party service provider or us to identify and detect fraud.

Payment and Purchase Data

When you make a purchase or request a refund, you disclose your payment credentials directly to a respective payment service provider. They process your payment data under their privacy policies. We may receive from our payment partners and process a part of your credit card number information about your credit card issuer. For billing purposes, we may collect your full address.

Survey Data

From time to time, we organize surveys primarily for research purposes. For this purpose, we collect answers to the questionnaire and the responder’s profile (gender, age, education, occupation, place of residence). We may publish our research results in articles on public domains. Research results contain aggregated depersonalized information unless otherwise agreed upon in writing with the responder.

Purposes and Legal Basis of Use of Personal Data

Description of why CS2MONEY processes our personal data (‘processing purpose’)	Legal Basis for the processing purpose	Categories of personal data used by CS2MONEY for the processing purpose
To provide the Website	Performance of a contract	Device and Location Data
To personalize the Websites	Performance of a contract	Device and Location Data, Usage Data, Account Data
To provide the Services	Performance of a contract	Device and Location Data, Usage Data, Account Data, Contact Data, KYC Data
For processing payments and billing	Performance of a contract	Device and Location Data, Account data, Payment and Purchase Data, KYC Data, Contact Data
To conduct researches	Consent	Contact Data, Device and Location Data, Account Data, Survey Data
To diagnose and fix issues with Website	Performance of a contract	Device and Location Data, Usage Data, User Activity Data
To evaluate and develop new features, technologies, and improvements to the Service	Legitimate interest	Device and Location Data, Usage Data, User Activity Data
To directly advertise our Services	Consent	Device and Location Data, Usage Data, Account Data, Contact Data
To analyze the Services and target ads	Consent	Device and Location Data, Usage Data, Account Data
To comply with legal requirements and law enforcement requests	Compliance with legal obligations	Device and Location Data, Usage Data, Account data, Contact data, KYC data, Payment and Purchase Data
To establish, exercise, or defend legal claims	Legitimate interest	Device and Location Data, Usage Data, Account data, Contact data, KYC data, Payment and Purchase Data
To conduct business planning, reporting, and forecasting	Legitimate interest	Device and Location Data, Usage Data
To detect fraud, to develop and exercise anti-fraud measures, to secure user accounts	Legitimate interest	Device and Location Data, Usage Data, Account data, Contact data, KYC data, Payment and Purchase Data

If the processing of Personal Data is carried out based on your consent, you have the right to withdraw it at any time by sending us a request to [email protected] or following the instruction given in our Cookie Policy.

Our legitimate interests are:

To develop, improve and deliver our Services;
To make our Services known and popular in the gaming industry;
To make the use of our Services secure for the Users;
To appeal chargebacks and resolve disputes;
To prevent fraud and other illegal use of our Services.

We may combine all the information we collect from or receive about you for the outlined purposes. We may aggregate or de-identify your information and may use or share aggregated or de-identified information for any purpose. Such information is not subject to this Privacy Policy.

Sharing Your Personal Data

We may share your data with the following categories of third parties:

Payment service providers – To fulfill your payment requests;
Providers of marketing – To analyze, develop and improve our Services. To perform marketing research, understand our Users better, and provide personalized content and advertisements;
Government authorities, auditors, and consultants – To fulfill official requests, our tax, and other obligations;
Other service providers – We may outsource some functions to third-party service providers for any purpose outlined in this Privacy Policy;

Data Retention

We store your Personal Data as necessary for providing you the Service, compliance with our legal obligations, fulfillment of our legitimate interests, or during the validity of your consent as stated in this Privacy Policy. As soon as information stops serving these purposes, we delete it. After you close your account and/or upon your request, we will delete and/or anonymize your Personal Data without undue delay but no later than 30 days. We will keep some Personal Data that we are allowed or required to maintain in such cases as:

If there were monetary transactions under your account, we would keep the data necessary for defending legal claims for 180 days from the last transaction;
If there is an unresolved issue relating to your account, such as an outstanding credit on your account and/or an unresolved claim and/or dispute – we will retain the necessary Personal Data until the said issue is resolved;
Where required to comply with legal, tax, audit, and accounting obligations and/or any other legal obligation, we will retain the necessary Personal Data for the period required by the applicable law;
Where necessary to fulfill our legitimate interests such as fraud prevention and/or maintenance of our Users’ security.

KYC data: ID document (i.e., passport) number, copy of your ID document, picture of you holding ID document, photo of your bank card partly covered, video of your face, utility bill, or bank statement are stored for three months for appealing chargebacks and resolving disputes.

Your Rights

Right to access your Personal Data - You may request a copy of your Personal Data and/or how we store your Personal Data.

Right to rectification - You may request to change some of your Personal Data and/or correct your Personal Data if this is inaccurate.

Right to erasure - You may request to delete all or some of your Personal Data. For example, if:

They are no longer needed for any processing purposes;
Consent has been used as a legal basis for their processing;
There is no legitimate interest in the further processing of Personal Data.

Right to object - You may object to processing your Personal Data on grounds relating to your particular situation and/or to object processing your Personal Data for direct marketing purposes.

Right to object to automated processing - You may object to a decision based on automated processing. It means that you may request to review your Personal Data manually if you believe that automated processing of your Personal Data may not consider your unique situation.

Right for data portability - You may request to provide you a copy of your Personal Data in a structured, commonly used, and machine-readable format (e.g., XML, CSV). Furthermore, you have the right to request to transmit the said Personal Data directly to another controller.

Right to lodge a complaint - You have the right to lodge a complaint with the Information Commissioner’s Office (ICO), which is the UK supervisory authority for data protection matters.

To exercise any of these rights, please contact us via email at [email protected].

For security purposes, before exercising any of your rights, we may ask you to prove your identity.

Sale of Personal Data

We do not sell Personal Data as the term “sell” is traditionally understood. Although to the extent the word “sale” is interpreted under the CCPA, the fact that we use third-party cookies may be understood as a sale. We disclose the following categories of personal information: identifiers, commercial or transaction information, internet activity, and inferences drawn from Google Analytics (Third-party services).

Personal Data Breach

A Personal Data breach may result in a physical, material, or non-material risk to your rights and freedoms if not addressed appropriately and promptly. Therefore, as soon as we become aware that a Personal Data breach has occurred, we will notify the Personal Data Breach to the Commissioner for Personal Data Protection without undue delay and, where feasible, not later than 72 hours after having become aware of it, unless we can demonstrate, following the accountability principle, that the Personal Data breach is unlikely to result in a risk to your rights and freedoms. Where such notification cannot be achieved within 72 hours, the reasons for the delay should accompany the notice without undue further delay.

Cross-Border Data Transfer

CS2MONEY may transfer Personal Data to data controllers and processors established outside the United Kingdom for the purposes described in this Privacy Policy. The countries to which personal data may be transferred may not provide an equivalent level of data protection to that required under UK data protection laws.

To ensure that Personal Data remains adequately protected when transferred internationally, we rely on appropriate safeguards in accordance with the UK General Data Protection Regulation (UK GDPR). These safeguards include the use of International Data Transfer Agreements (IDTAs) and/or UK Addenda to the EU Standard Contractual Clauses, as approved by the UK Information Commissioner’s Office (ICO).

Our partners and service providers located in jurisdictions without an adequacy decision have implemented these contractual safeguards where required, ensuring that personal data is processed lawfully, securely, and in compliance with applicable UK data protection requirements.

Changes to Privacy Policy

We may amend this Privacy Policy from time to time. We will post any changes to the Privacy Policy. By continuing to use our Services, you acknowledge that you are familiar with the updated Privacy Policy. We encourage you to review our Privacy Policy before using the Services and/or accessing the Website and promptly read the updates.