Controller and contact
The public SCUM.SK community website is managed by the SCUM.SK team. For privacy questions, rights requests, or security reports, use info@scum.sk.
If you interact through Discord, Steam, Google, or Stripe, part of the processing also takes place under the terms and policies of those services.
Data we may process
The scope of data depends on which features you use. A normal website visit requires less data than registration, social sign-in, a ticket, a donation, or community server features.
- Technical data: IP address, user agent, security logs, request time, and information required to deliver the page.
- Account and sign-in: e-mail, nickname, hashed password, e-mail verification, session, and data from connected providers.
- Community and game data: Steam ID, Discord identifier, public nickname, server statistics, ticket materials, banlist data, and profile settings.
- Forms and support: name or nickname, e-mail, subject, message, attachments, or evidence you submit yourself.
- Payments and server support: amount, currency, payment status, order, selected public/anonymous visibility, and technical data from the payment gateway.
- Cookies and consent: language, session, CSRF protection, remembering cookie choices, and any optional analytics or marketing identifiers.
Purposes and legal bases
We use data only for specific purposes related to operating the community website and SCUM servers. Where consent is required, we ask for it separately and you can withdraw it.
- Website, account, session, and security operation: service performance, legitimate interest in secure operation, and legal obligations depending on the situation.
- Contact, tickets, reports, and appeals: handling your request, protecting the community, and legitimate interest in moderation and security.
- Donations and payments: payment execution, transaction records, accounting or legal obligations, and voluntary donor visibility according to your choice.
- Analytics and marketing: only based on your consent through cookie settings.
- Banlist and community safety: protection of servers and players and legitimate interest in preventing abuse; private identifiers are not shown publicly.
External services and recipients
We do not provide data to third parties for their own marketing without a legal reason. Some services are necessary or optional for specific website features.
- Hosting, database, e-mail, and technical infrastructure for website operation.
- Discord, Google, and Steam for social sign-in or account linking.
- Stripe for payments and donations.
- Google reCAPTCHA for protecting forms against spam.
- Google Analytics or Google Tag Manager only when measurement is configured and the relevant consent exists.
Retention
We keep data only for as long as needed for the processing purpose, security, dispute handling, legal obligations, or community protection. Technical logs should be short-term; accounts and related community records last while the account exists or while there is a reasonable operational need.
If you request deletion, we assess it by data type. Some data may remain stored if needed for security, accounting, legal claims, or community record integrity.
Your rights
Under GDPR, you may request access, rectification, erasure, restriction of processing, portability, object to processing, or withdraw consent where processing is based on consent.
- Send requests to info@scum.sk and specify which account or communication they concern.
- For security or community data, we may need to verify identity and assess legitimate retention reasons.
- If you are not satisfied with the handling of your request, you may contact the Slovak Data Protection Authority.
Security
We use appropriate technical and organisational measures, separation of public and private data, CSRF protection, password hashing, and role-based access limits. No system is risk-free, so report security concerns to info@scum.sk.