PRIVACY and Data Protection POLICY



1.        Introduction

We, INTERNATIONAL BUSINESS SYSTEMS S.R.L. operate the website This Privacy Policy is intended for users’ enlightenment and describes how we process users’ data and what rights users have as data subject.

INTERNATIONAL BUSINESS SYSTEMS S.R.L., is a company incorporated in the Singapore with registration number 202016923N and registered office at 10 Anson Road #20-05 International Plaza, Singapore.

We at INTERNATIONAL BUSINESS SYSTEMS S.R.L. are dedicated to safeguarding and preserving Your personal data and privacy when visiting Our Website, utilising Our services, products or communicating electronically with Us.

For the purposes of the data protection laws that apply to Us, including the GDPR which is the European General Data Protection Regulation and PDPA, which is the Singapore Personal Data Protection Act, We act as the Data Controller for the personal data that We collect and process to enable You to make use of Our Services.

The purpose of this Privacy Policy is to transparently provide You with an explanation of the legal basis for Us collecting and processing Your personal data, the categories of personal data that We may collect about you, what happens to the personal data that We may collect, where We process Your personal data, how long We are required to retain Your personal data, who We may share Your personal data with and to also explain Your rights as a data subject.

We update this Privacy Policy from time to time and will post all updates to Our Website as and when issued. Please do review this policy regularly on Our Website for any changes.

2.         Definitions

In this Privacy Policy the following terms shall have the following meanings:

“Cookies” mean small text files placed on Your computer or device by Our Website when You visit certain parts of Our Website.

“Consent” of Personal data procession shall mean any freely given, specific, informed and unambiguous indication of the Data Subject's wishes by which he or she, by a statement or by a clear affirmative action, signifies agreement to the processing of personal data relating to him or her.

“GDPR” means the General Data Protection Regulation (EU) 2016/679, of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of Personal Data and on the free movement of such data, and repealing Directive 95/46/EC, as amended, replaced or superseded and in force from time to time and as transposed into member-state legislation.

“PDPA” means the Personal Data Protection Act (No.26 of 2012) of  Singapore, which aims to govern the collection, use and disclosure of personal data by organisations, and to establish Do Not Call Register and to provide for its administration, and for matters connected therewith, and to make related and consequential amendments to various other Acts.

“Privacy Policy” means this Privacy Policy updated from time to time and made public on Our Websites.

“Personal Data” in accordance with GDPR means any information which relates to an identified or identifiable natural person. An identifiable person is one who can be identified directly or indirectly in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.

“Personal Data” in accordance with PDPA is data, whether true or not, about an individual who can be identified from that data or from that data and other information to which the organisation has or is likely to have access.

“Personal data procession” or “Processing” means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.

We store and process Personal data for as long as it is necessary to achieve the purpose for which it was collected, or to comply with legal requirements and regulations.

“Third party” means a natural or legal person, public authority, agency or body other than the Data Subject, Controller, processor and persons who, under the direct authority of the Controller or processor, are authorized to process personal data.

“Services” mean all Our services delivered through our Website.

“You” (“your”) refers to You when You are visiting Our Websites, utilising Our services, products or communicating electronically with us.

“We” (“us” or “our”) refers to INTERNATIONAL BUSINESS SYSTEMS S.R.L.

3.         Your data protection rights

Under the GDPR you, as a data subject, have certain rights over the personal data that We hold and process.

At INTERNATIONAL BUSINESS SYSTEMS S.R.L., We are committed to make it easy for You to exercise these rights in the most transparent manner possible. You can exercise any of Your rights in relation to the data that INTERNATIONAL BUSINESS SYSTEMS S.R.L. holds about you, by contacting Our data protection officer through the email address provided at the end of this section.

The following are the specific rights You have over Your personal data We hold and process, namely:

1) The right to be informed about Our collection and processing of Your personal data including without limitation the legal basis for the collection and processing, the categories of data, the methods of data use, the envisaged period for which the personal data will be retained. This Privacy Policy should tell You everything You need to know, but You can always contact Us to find out more or to ask any questions.

2) The right to access Your personal data We collect about you, commonly referred to as “Subject Access Requests”, which provides you, as the data subject, the right to obtain a copy of Your personal data that We are processing for You

Pursuant to GDPR We are required to respond without undue delay to all Subject Access Requests in practice this means We have to respond within 1 month of receipt of the Subject Access Request.

Ordinarily Subject Access Requests are free of charge. However, if you reside in Singapore, a reasonable fee may apply.

We may extend the time period for responding to a Subject Access Request by a further two months and may charge a reasonable fee if We deem the request to be manifestly unfounded or  excessive, however, We are required to advise You of Our intention to do this within 1 month of Your subject access request.

Should You wish to make a Subject Access Request this can be done by contacting the Company using the contact details in Section 9.

3) The right to have Your personal data rectified if any of Your personal data that We collect and process is in any way inaccurate or incomplete.

4) The right of erasure (otherwise known as “the right to be forgotten”), i.e. the right to ask Us to delete or otherwise dispose of any of Your personal data that We process. Please note that this is not an absolute right and We may not be able to comply with Your request as We may be legally obliged to continue to retain Your personal data for a specific period

5) The right to restrict (i.e. prevent) the processing of Your personal data by us.

6) The right to object to Us processing Your personal data for a particular purpose or purposes. Please note that the right to object only applies in certain circumstances  and will depend on the purposes or legal basis for the processing.

7) The right to data portability. This only applies where You have provided personal data to Us directly, the legal basis for Us processing Your personal data is i) consent or ii) for the performance of a contract and We are processing Your data using automated means. In such instances  You have the right to receive Your personal data (or request that We transfer it to another Controller) in a structured, commonly used and machine readable format.

8) Rights relating to automated decision-making and profiling. We do not use Your personal data in this way.

9) The right to lodge a complaint with any relevant Data Protection Authority, in particular in the member State of Your residence, place of work or the place of processing Your personal data.

If You wish to exercise any of the aforementioned rights, please contact Us. We request that in the first instance You contact Our data protection officer at any time via

We shall promptly consider Your request and respond to You in accordance with the requirements of PDPA and GDPR accordingly.

Complaints to the Singapore Personal Data Protection Commission should be made by using the instructions provided in the Singapore Personal Data Protection Commission Website

4.         Consent

The Personal data can be processed only after receiving clear “Consent” of Personal data procession from user.

This Policy applies only to the Website and Services and We do not control and are not responsible for third party websites to which the user can click on the links available on the Website. On such sites, the user may collect or request other personal information, and other actions may be performed.

The user’s consent to the processing of personal data is valid indefinitely from the moment of acceptance of terms of this Policy in full.

5.         Use of Cookies

To enhance the quality of Our services, We use technologies, such as Cookies. Cookies do not typically contain any information that personally identifies users, but personal information that We store about users may be linked to the information stored in and obtained from Cookies.

We use Cookies to learn about users’ traffic patterns and Website usage to help Us develop the design and layout of the Website in order to enhance users’ experience browsing Our Website.

We use the following types of cookies:

· Strictly necessary cookies – these are cookies that are required for the operation of Our websites.

Through cookies, Personal data is being processed for the purposes as described in Section 4 (“Purposes”) in the following way:

Ø Cookies are to be deleted when user closes the browser (session cookies).

Ø Cookies remain stored on end user device even after the browser was closed (permanent cookies).

If You want to delete any cookies already stored on Your personal device or stop the cookies, You can do so by deleting Your existing cookies and/or altering Your browser's privacy settings. However, if, as mentioned above, due to Your personal device settings or browser settings, We are not able to use other technical solutions to store respective information, restriction/deletion of cookies may lead to your inability to access the content of Our Website.

In order to restrict it to certain cookies, users can use browser settings. *

*Details can be found in browser helpdesk (usually accessible via the F1 key on keyboard).

6.         Personal data we collect about you

6.1         Legal basis for collecting and processing personal data

INTERNATIONAL BUSINESS SYSTEMS S.R.L. processes Your personal data based on the following:-

Ø the performance of Our contract with You (i.e. the provision of Our Services to you);

Ø our legitimate business interests (i.e. for fraud prevention, maintaining the security of Our network and services, seeking to improve the Services that We provide and Your interaction with us). Whenever We rely upon on this lawful basis We assess Our business interests to make sure that they do not override Your rights. Furthermore, in some cases You have the right to object to this processing;

Ø with Your consent for direct marketing purposes so that We may keep You fully up to date with other products and services that We supply and think may be of interest to you. Where We rely upon consent, We will need Your explicit consent, which may be removed at any time.

6.2        Categories of the personal data we collect

A summary of the Personal Data that We process, when We collect it, how We use it and why We use it (i.e. the legal basis for processing) is listed below:-

Personal Data

When We collect it

How We use it

Why We use it

Steam login, username, icon, other information You made public on Steam

During registration procedure

We use Your personal and contact information to register You as a User and identify You in Our Services. You can use Your Steam login and password to log in

Necessary for the performance of a contract with you


During registration procedure

Use email to restore Your account. We use it to notify You about changes to Our Terms or Privacy Policy; to communicate with you.

Necessary for the performance of a contract with you

We use Your e-mail address to inform You about the latest updates of Our Services and other products You may like. If You have subscribed to Our newsletter, We may send You marketing communications and information that will create an excellent customer experience

Only with Your explicit consent


surname, patronymic, date of birth and other information You made public on

During registration procedure

We use Your personal data from your account to identify You in Our Services

Data on the use of Our services, links, transactions

When You use Our services

We use it to improve Your customer experience and provide bespoke services that satisfy Your needs and preferences

Necessary for Our legitimate interests

Information about Your transactions (bank details, history of transactions)

When You process the transaction

We use it for make transactions. All transactions are carried out using third-party services

Necessary for the performance of a contract with you

All personal data

When You use Our services

We will use all of Your personal data to carry out Our ongoing monitoring process for the purposes of identifying and dealing with potential fraudulent activities.

This is also necessary to assist in making Your transactions secure, enable Us to protect Your assets.

Necessary to comply with a legal obligation

7.         Protecting Your personal data and data retention

We use, store and process Your personal data on INTERNATIONAL BUSINESS SYSTEMS S.R.L. servers which are located in Russian Federation.

By filling a “consent application“ You agree to this conditions of collection, processing, transfer and storing Your personal data. When We process Your personal data for one of the legal bases specified in this Privacy Policy, We will take all steps reasonably necessary to ensure that Your Personal Data is treated securely and in accordance with this Policy.

INTERNATIONAL BUSINESS SYSTEMS S.R.L. protects Your Personal Data under internationally acknowledged standards, using physical, technical, and administrative security measures to reduce the risks of loss, misuse, unauthorized access, disclosure, and alteration. Some of the safeguards INTERNATIONAL BUSINESS SYSTEMS S.R.L. use are firewalls and data encryption, physical access controls to Our data centres, and information access authorization controls. INTERNATIONAL BUSINESS SYSTEMS S.R.L. also authorizes access to Personal Data only for those employees or contractors who require it to fulfil their job or service responsibilities. The INTERNATIONAL BUSINESS SYSTEMS S.R.L.’s staff is trained on procedures for the management of personal information, including limitations on the release of information. Access to personal information is limited to those members of Our staff and contractors whose work requires such access. INTERNATIONAL BUSINESS SYSTEMS S.R.L. conducts periodic reviews to ensure that proper information management policies and procedures are understood and followed. All of Our physical, electronic, and procedural safeguards are designed to comply with applicable laws and regulations.

7.1.         How We protect Your data

When You provide Your personal data through Our Website, this information is transmitted across the internet securely using industry standard encryption. Your personal data will be held encrypted on secure servers.

Where any third parties process Your personal data on Our behalf, We require that they have appropriate technical and organizational measures in place to protect this personal data and We will also ensure that a GDPR compliant Data Processing Agreement is in place between INTERNATIONAL BUSINESS SYSTEMS S.R.L. and the third party so that both parties understand their responsibilities and liabilities pursuant to GDPR.

7.2.         How You can protect Your personal data

When You create Your Steam account, choose a strong password that is unique to this account. Do not share Your password with other people. Using the same password across Your different accounts will increase the risk of Your data being compromised if Your password is accidentally or unlawfully accessed by unauthorized persons. If You suspect that someone else has got access to Your password, make sure that You change it immediately.

As We use  Your Steam account in order to provide You with Our Services, make sure You have

7.3.         Data retention

Your personal data will be retained for as long as necessary to satisfy the purposes We received it for, this includes regulatory and business purposes.

In determining the necessary personal data retention period, the following factors are considered:

· The amount of personal data as We aim to minimize this amount to the extent possible for each specific purpose specified in Section 5.1 of this Privacy Policy.

· The nature of the personal data depending on the exact purpose which this specific personal data serves as detailed in Section 5.1 of this Privacy Policy.

· The sensitivity of the personal data by its nature and substance.

· The potential risk of harm from unauthorized use or disclosure of Your personal data and We continue to run risk assessments and risk mitigation activities to minimize this potential risk including engagement of third party specialized data management and data protection providers.

· The purposes for which We process Your personal data and whether We can achieve those purposes through other means, and the applicable legal requirements.

· We keep records on the ways We have used or disclosed Your personal data for at least 12 months in order to enable Us to provide You with access to Your personal data

8.         Who do We share Your personal data with?

We do not share Your Personal Data to third parties, except cases that are mentioned in this Privacy Policy.

8.1.         With Your consent

We may share information with companies, organizations or individuals outside of INTERNATIONAL BUSINESS SYSTEMS S.R.L. when We have Your explicit consent.

8.2.         To comply with the law

We may share information in response to a request for information if We believe disclosure is in accordance with, or required by, any applicable law, regulation, legal process or governmental request, including, but not limited to, meeting national security or law enforcement requirements. To the extent the law allows it, We will attempt to provide You with prior notice before disclosing Your information in response to such a request.

8.3.         In an emergency

We may share information if We believe that it's necessary to protect the vital interests of the data subject (i.e. to prevent imminent serious physical harm or death to a person.)

8.4.         To enforce Our policies and rights

We may share information if We believe Your actions are inconsistent with Our user agreements, rules, or other INTERNATIONAL BUSINESS SYSTEMS S.R.L. policies, or to protect the rights, property, and safety of ourselves and others.

8.5.         With Our partners

We may share information with vendors, consultants, and other service providers (but not with advertisers and ad partners) who need access to such information to carry out processing activities for us. The partner’s use of personal data will be subject to appropriate confidentiality and security measures.

We engage service providers to perform functions and provide processing services to us. We may share Your private personal data with such service providers subject to obligations consistent with this Privacy Policy and any other appropriate confidentiality and security measures, and on the condition that the third parties use Your private personal data only on Our behalf and pursuant to Our instructions.

Where any third parties process Your personal data on Our behalf, We require that they have appropriate technical and organizational measures in place to protect this personal data and We will also ensure that a GDPR compliant Data Processing Agreement is in place between INTERNATIONAL BUSINESS SYSTEMS S.R.L. and the third party so that both parties understand their responsibilities and liabilities pursuant to GDPR.

8.7        International transfers of personal data

In cases when we transfer Your personal data internationally, We ensure our compliance with all requirements set out in GDPR and PDPA regarding the international transfer of personal data.

8.8        Other information

Other information, that does not personally identify You as an individual is collected by INTERNATIONAL BUSINESS SYSTEMS S.R.L. (such as, by way of example, patterns of use) and is exclusively owned by INTERNATIONAL BUSINESS SYSTEMS S.R.L.. We can use this information in such manner that INTERNATIONAL BUSINESS SYSTEMS S.R.L., in its sole discretion, deems appropriate.

We may share specific aggregated, non-personal information with third parties, such as the number of users who have registered with us, the volume and pattern of traffic to and within the site, etc. That information will not identify you, the individual, in any way.

We shall not use Your email or other contact information for sending of commercial proposal, other marketing needs, without Your prior consent.

In the light of the above, when You send Us messages, We can keep them for administering of Your inquiries, for improving of Our services. We shall not transfer information from such messages to third parties.

9.         Third parties

We may also share users’ Personal Data with our third party providers that provide customer support services in connection with goods, content and Services distributed via Websites. User’s Personal Data will be used in accordance with this Privacy Policy and only as far as this is necessary for performing customer support services. We may also share certain information (including user’s IP address and the identification details with our third party network providers that provide content delivery network services. Our content delivery network providers enable the delivery of digital content users have requested, e.g. when using Website, by using a system of distributed servers that deliver the content to users, based on users’ geographic location.

We do not share user’s Personal data with any third party except for the reason described above or unless this is required by the law.

10.        Contact Us

We welcome any queries, comments or requests You may have regarding this Privacy Policy. If You wish to make a subject access request

Please do not hesitate to contact Us at



11.        Changes to this Privacy Policy

Any changes that We make to Our Privacy Policy in the future will be posted on Our Website.

Where appropriate, We will notify You of the changes when You next visit Our Website.

This Privacy Policy was last updated on 25th June 2020.