Privacy Policy

1. Controller

The controller responsible for data processing on this website pursuant to Art. 13(1)(a) GDPR is:

2. What Data We Collect

When you use Evolve Performance, we collect the following data:

• Discord account information: User ID, username, and avatar (provided via Discord OAuth2)
• System specifications: CPU, GPU, RAM, motherboard, storage, and cooler details you submit during checkout
• Purchase records: Plan purchased, transaction ID, payment amount, currency, and email address associated with payment
• Support ticket references: Discord channel IDs for your support tickets
• Hardware ID (HWID): A unique identifier derived from your hardware configuration, used for license activation and binding

3. Why We Collect This Data

We process your data based on the following legal grounds (GDPR Art. 6):

• Contract fulfillment (Art. 6(1)(b)): Discord OAuth2 authentication, system specs processing, purchase record management, license activation, and support ticket creation
• Contract fulfillment (Art. 6(1)(b)): Avatar storage for user profile display
• Legitimate interest (Art. 6(1)(f)): Fraud prevention via HWID binding (one license per device), purchase record maintenance for accounting and support

4. Third-Party Services

We share data with the following third parties, only as needed to provide our services:

• Creem — Payment processing. Receives your email and payment details. Creem acts as Merchant of Record. Registered in Estonia (EU). No third-country transfer.
• Discord — Authentication and support delivery. We access your public profile via OAuth2 and create support tickets in our server. Registered in the US. Transfer safeguard: EU-US Data Privacy Framework.
• Vercel — Hosting provider. Processes HTTP requests and logs. Registered in the US. Transfer safeguard: EU-US Data Privacy Framework.
• MongoDB Atlas — Database provider. Stores purchase records. Cluster located in EU (Frankfurt). No third-country transfer.

5. Data Retention

We retain your purchase records for as long as your account exists or as required by applicable tax and accounting laws (typically 10 years for financial records in Germany). You may request deletion at any time — see Your Rights below.

6. Your Rights (GDPR)

Under the General Data Protection Regulation, you have the following rights:

• Right of access (Art. 15): You can export all data we store about you from your profile page.
• Right to erasure (Art. 17): You can delete all your data from your profile page. This removes your purchase records from our database.
• Right to rectification (Art. 16): You can request correction of inaccurate personal data.
• Right to restriction of processing (Art. 18): You can request restriction of processing under certain conditions.
• Right to data portability (Art. 20): Your data export is provided as a standard JSON file.
• Right to lodge a complaint: You have the right to lodge a complaint with the Hessischer Beauftragter für Datenschutz und Informationsfreiheit.

7. Automated Decision-Making

No automated decision-making or profiling within the meaning of Art. 22 GDPR takes place.

8. Cookies & Local Storage

We do not use cookies. We use browser localStorage solely to keep you logged in across page reloads. This data never leaves your device and is cleared when you log out. No tracking cookies, analytics cookies, or third-party cookies are used.

9. Contact

For any privacy-related questions or to exercise your rights, contact us at: support@evolveperf.com or through our Discord server.