Loot Raiders Privacy Policy

Last updated: 25 February 2025

At Loot Raiders, protecting your privacy is a core part of our commitment to building a trusted and rewarding experience for every player and community leader.

By accessing, using, or registering on the Loot Raiders platform, you confirm that you have read, understood, and agreed to this Privacy Statement.

If you do not agree with the terms outlined here, we respectfully ask you to refrain from using the platform.

We encourage all Users to actively exercise their rights regarding their personal data, including the right to access, correct, and delete information, as detailed in this Statement.

Who We Are

Loot Raiders is operated by:

EOAS INC SOCIEDAD DE RESPONSABILIDAD LIMITADA

  • Address: Boulevard Ernesto Rohrmoser, Edificio Sabana Business Center, Piso Doce, Diagonal al Estadio Nacional, Costa Rica
  • Registration Number: 4062001334635
  • Linked exclusively to the Elements of a soul web3 gaming project

Scope of This Privacy Statement

This Statement applies to all services, features, and experiences provided through the Loot Raiders platform, including but not limited to:

  • Account creation
  • Participation in giveaways
  • Communication with our team
  • Engagement with promotional activities

It explains how we collect, use, share, and protect your personal data, and your rights under applicable privacy laws such as the General Data Protection Regulation (GDPR).

We update this Privacy Statement periodically. Changes will be posted here, and where appropriate, communicated to you directly.

1. Information Collection

Depending on how you interact with the Loot Raiders platform, we may collect the following categories of personal data:

Contact Data

  • Email Address
  • Billing Address (if applicable)
  • Phone Number (if provided)

Technical Data

  • Internet Protocol (IP) Address
  • Browser Type and Version
  • Operating System Details
  • Device Type and Model
  • Unique Device Identifiers (such as UUIDs)
  • Referring URL (webpage visited before accessing Loot Raiders)

Usage Data

  • Pages visited within the platform
  • Date and time of access
  • Time spent on each page
  • Clickstream Data (e.g., buttons or links interacted with)

Transactional Data (where applicable)

  • Payment Details (processed securely through third-party providers; Loot Raiders never stores full credit card numbers)
  • Purchase or Order History related to services or rewards

Cookies and Tracking Technologies

  • Session Cookies: Manage your login sessions
  • Persistent Cookies: Save login preferences
  • Analytics Cookies: Understand site usage
  • Tracking Pixels/Beacons: Measure engagement with content and communications

Voluntarily Provided Data

  • Feedback submitted through surveys or support tickets
  • Additional details shared during Customer Support interactions

Marketing Data

  • Newsletter Subscription Status
  • Communication and Marketing Preferences

2. How We Use Personal Data

Loot Raiders processes your data only when necessary — always respecting the principles of fairness, transparency, and minimalism.

We use your personal data to:

Providing and Improving Services

  • Operate, maintain, and enhance the platform's functionality.
  • Resolve technical issues and improve platform stability.

Legal Basis: Performance of a Contract; Legitimate Interests

Account Administration

  • Create and manage User accounts and login credentials.
  • Provide you secure access to the platform and its features.

Legal Basis: Performance of a Contract

Navigation and Personalized User Experience

  • Improve your browsing experience based on your preferences.
  • Customize content or recommendations within the platform.

Legal Basis: Legitimate Interests; Consent (where personalization involves cookies)

Understanding User Needs

  • Analyze User behavior, preferences, and feedback to optimize services.
  • Improve future Loot Raiders features based on real User interaction.

Legal Basis: Legitimate Interests

Fulfilling User Requests

  • Process inquiries, support tickets, and service requests promptly.

Legal Basis: Performance of a Contract

Communication and Updates

  • Send essential updates regarding your account, service changes, or new features.
  • Communicate major giveaway announcements and eligibility updates.

Legal Basis: Legitimate Interests; Consent (for marketing communications)

Marketing and Promotions

  • Deliver newsletters, promotions, and community engagement materials.

Legal Basis: Consent

Ensuring Compliance and Legal Obligations

  • Comply with financial, legal, and security regulations.
  • Prevent fraud and unauthorized access.

Legal Basis: Legal Obligation; Legitimate Interests

Data Minimization Commitment

We only collect and process data strictly necessary for the purposes listed above.

You retain full rights to request access, correction, deletion, or objection to certain types of processing — at any time.

More information about your rights can be found in the section "Your Rights Under the GDPR".

3. Data Sharing: Service Providers, Communities, and External Platforms

At Loot Raiders, we collaborate carefully with trusted partners and service providers to ensure the smooth operation, security, and continuous improvement of our platform.

All external relationships are governed by contracts that enforce strict data protection standards and GDPR compliance.

Third-Party Service Providers

We engage specialized third parties to perform essential operational tasks, including:

  • Website hosting and maintenance
  • Database management and secure storage
  • Web analytics and User behavior tracking
  • Payment processing and billing
  • Customer support operations

These service providers have access to your personal data only to the extent necessary to fulfill their specific functions.

They are bound by strict confidentiality and security obligations under contract.

Community Partners and Clients

Loot Raiders allows community organizations — such as brands or content creators managing Giveaways — to access certain limited personal data of Users (e.g., account ID, participation history).

This access is restricted solely to managing community-based Giveaways.

All community partners must sign a Data Processing Agreement (DPA) with EOAS INC to guarantee lawful and secure handling of User data, in full compliance with GDPR.

Specific Third-Party Integrations

Authentication Providers:

If you choose to register or log in using platforms such as Google, Discord, Twitch, X (formerly Twitter), or Facebook, those providers will process your authentication data according to their own privacy policies.

  • We only process the minimum necessary data to enable your Loot Raiders account creation and login.
  • Data transfers to non-EU countries (e.g., the United States for Google) are protected under Standard Contractual Clauses (SCCs) or equivalent GDPR-compliant safeguards.

Analytics and Tracking Providers:

  • Services like Google Analytics help us understand overall platform engagement and improve User experiences.
  • Data is aggregated and anonymized wherever possible to protect privacy.

Payment Processors:

  • When making transactions, your payment-related data (e.g., name, billing information) is securely handled by PCI-DSS-compliant processors.
  • Sensitive financial information is never stored on Loot Raiders servers beyond the necessary transaction references.

Legal Compliance:

  • We may disclose personal data to public authorities or regulators if legally required, or to protect our platform's rights and integrity.

Security and Minimization Principle

All data shared with third parties is:

  • Limited strictly to what is operationally necessary
  • Protected by strong encryption, access controls, and data protection agreements
  • Regularly audited to maintain high security standards

Loot Raiders never shares or sells User personal data for unsolicited commercial purposes.

4. Account Creation and Authentication

Creating an account on Loot Raiders unlocks access to Giveaways, reward systems, and exclusive features.

You may choose to register using either:

  • Your email address, or
  • A third-party authentication provider (Google, Discord, Twitch, X, Facebook).

Personal Data Processed During Registration

Method Data Collected
Email Registration Full Name, Email Address, Encrypted Password
Third-Party Login Name, Email Address, Profile Picture (where applicable), Other authorized public profile information

During third-party authentication, you explicitly authorize the sharing of this information as part of the registration process.

Data Sharing with Authentication Providers

When using third-party login:

  • Login providers (e.g., Google) independently process your login details according to their privacy policies.
  • Loot Raiders only receives the necessary information to authenticate and create your User profile.
  • We and the login providers act as independent data controllers for the information exchanged during login.

Example:

When logging in with Google, your Google account data is processed by Google under its own Privacy Policy. Loot Raiders simply uses your basic profile information to create your in-game identity.

Legal Basis for Processing

The creation and management of your Loot Raiders account are based on:

  • Performance of a Contract: Providing access to your User account and services
  • Consent: Specifically when you authorize third-party platforms to share information during authentication

You may revoke consent for third-party login integrations at any time by:

  • Adjusting your Loot Raiders account settings, or
  • Contacting us directly (see "Contact Us" section)

Security and Best Practices

  • All passwords are stored using encrypted hashing algorithms.
  • Authentication data is transmitted via secure SSL/TLS protocols.
  • We recommend you also maintain your own account security by:
    • Using strong, unique passwords
    • Logging out after accessing from public or shared devices

5. Your Rights Under the General Data Protection Regulation (GDPR)

At Loot Raiders, we recognize and respect your rights under the GDPR and related privacy laws.

As a User of our platform, you retain full control over your personal data.

You have the following rights:

Right of Access

You may request confirmation of whether Loot Raiders is processing your personal data.

If so, you are entitled to access the data and receive detailed information about its processing.

Right to Rectification

If any of your personal data is inaccurate or incomplete, you have the right to request correction or updates.

Right to Erasure ("Right to be Forgotten")

You may request the deletion of your personal data when:

  • It is no longer necessary for the purposes it was collected for, or
  • The processing is based on your consent and you withdraw that consent.

Right to Restriction of Processing

You can request that Loot Raiders limits the processing of your data under certain conditions, such as:

  • Contesting the accuracy of the data
  • Objecting to its processing

Right to Data Portability

You have the right to request a copy of your personal data in a structured, commonly used, and machine-readable format.

You may also request its direct transfer to another data controller, where technically feasible.

Right to Object

You may object at any time to:

  • The processing of your personal data based on our legitimate interests
  • The use of your data for direct marketing purposes

Right to Withdraw Consent

If processing is based on your consent, you may withdraw it at any time.

Withdrawal does not affect the lawfulness of prior processing activities based on consent.

Right to Lodge a Complaint

If you believe your rights have been infringed, you have the right to lodge a complaint with a supervisory authority.

In Costa Rica, you may contact the Agencia de Protección de Datos de los Habitantes (PRODHAB) or your local supervisory body.

Exercising Your Rights

To exercise any of the rights outlined above, please contact us:

Lootraiders@elementsofasoul.com

We will respond to your request in accordance with applicable data protection laws and within legally mandated timeframes.

Changing or Deleting Your Information

At Loot Raiders, you have full control over your account and personal data.

Unsubscribing from Marketing Communications

You may unsubscribe from newsletters and marketing emails at any time.

Each automated marketing email includes an unsubscribe link for your convenience.

Please note:

  • Unsubscribing from marketing communications does not affect service-related notifications, such as:
    • Account updates
    • Transactional communications
    • Winner announcements for Giveaways

Deleting Your User Account

To delete your Loot Raiders account:

  • Send an email to lootraiders@elementsofasoul.com
  • Use the subject line: "Delete Account"

Please note that account deletion is final and results in the loss of:

  • Access to the platform
  • Associated entries, achievements, and history

Data Retention After Deletion

Upon account deletion:

Type Retention Purpose Retention Period
Tax Records Compliance with financial and tax obligations Up to 7 years
Dispute Resolution Defend against legal claims Up to 5 years
Transaction Records Service agreements and accounting Up to 2 years

Where required, data will be securely stored under encryption and strict access control until the retention period expires.

Thereafter, it will be securely deleted or anonymized.

Data Security and Protection Measures

At Loot Raiders, protecting your personal data is not only a legal requirement — it's part of our commitment to your trust and safety.

Security Measures Implemented

We employ a multi-layered security approach, including:

Measure Description
Encryption All sensitive data, including payment information, is transmitted using SSL/TLS encryption protocols
Access Controls Data access is restricted to authorized personnel bound by confidentiality agreements
Data Minimization Only necessary data is collected and stored
Firewalls and Threat Monitoring Continuous monitoring of systems to detect and prevent unauthorized access

Payment Security

  • Loot Raiders does not store full credit card numbers or sensitive payment details.
  • All payments are processed through third-party PCI DSS-compliant providers.
  • Payment data is encrypted and protected throughout the transaction lifecycle.

Proactive Risk Management

We conduct:

  • Regular security audits
  • Penetration testing
  • Ongoing risk assessments

to ensure platform resilience and early identification of vulnerabilities.

Breach Notification Commitment

In the unlikely event of a data breach:

  • Affected Users will be notified promptly
  • Relevant data protection authorities will be informed in compliance with GDPR requirements

Contact Us

If you have any questions regarding this Privacy Statement, or if you wish to exercise any of your rights as outlined in Section 5, please contact us through the following channels:

Business Name Loot Raiders (Operated by EOAS INC SOCIEDAD DE RESPONSABILIDAD LIMITADA)
Registered Address Boulevard Ernesto Rohrmoser, Edificio Sabana Business Center, Piso Doce, Diagonal al Estadio Nacional, Mata Redonda, Cantón 01 San José, Provincia 01 San José, Costa Rica
Identification Number 4062001334635
Email Address lootraiders@elementsofasoul.com

Important:

  • When contacting us, please clearly describe:
    • The nature of your inquiry
    • Which specific right(s) you wish to exercise (if applicable)
  • Providing detailed information helps us process your request swiftly and in full compliance with applicable data protection laws.

We are committed to responding to all valid requests within the legally required timeframes and ensuring the continued protection of your personal data.