Privacy Policy

Last updated: 2025-12-15

1. Introduction

This Privacy Policy explains how Fortem (“we”, “our”, or “us”) collects, uses, stores, and protects personal data in connection with the Fortem platform (the “Service”).

The Service is operated by FORTEM LABS S.A., a company incorporated in Panama, which acts as the Data Controller.

This Policy applies to all users of the Service.

By using the Service, you consent to the practices described in this Policy.

2. Data We Collect

Fortem follows a data minimization principle and collects only the information necessary to operate the Service.

We may collect the following categories of data:

A. Account & Identity Information

• Email address (if provided)

• Wallet address

• Username or display name

B. Usage & Technical Data

• IP address

• Browser and device information

• Access logs and session information

• Security and rate-limit logs

C. Transaction & On-chain Interaction Data

• Minting, listing, selling, and purchasing metadata

• Ownership changes recorded on-chain

• Smart-contract execution states (success/failure)

D. Game Integration Data

• Export requests

• Single-use Redeem Code issuance and validation results

• Game synchronization states and timestamps

E. Cookies & Analytics

• Essential cookies for authentication and session management

• Analytics cookies for service improvement and usage analysis

Fortem does not collect:

• Credit card or bank information

• Government-issued identification

• Biometric data

• Off-chain financial data

3. How We Use Data

We use personal data solely for legitimate operational purposes, including:

• Providing and maintaining access to the Service

• Processing listings, purchases, and on-chain actions

• Managing Export, Redeem, and game integration workflows

• Ensuring platform security, fraud prevention, and abuse detection

• Improving platform performance and user experience

• Complying with applicable legal obligations

Fortem does not sell personal data to third parties.

4. Data Storage & Security

Personal data is stored on servers located in Panama and the United States (Virginia).

We implement reasonable technical and organizational safeguards, including:

• Encryption in transit and at rest

• Role-based access controls

• Audit logging and monitoring

• Secure internal access policies

Only authorized personnel may access personal data for legitimate operational purposes.

5. Cross-border Data Access and Transfers

Due to the global nature of Fortem’s operations, personal data may be securely accessed from multiple jurisdictions, including:

• Panama – primary operations and administration

• United States (Virginia) – infrastructure and hosting services

• Republic of Korea – authorized technical and operational staff

Such access is limited to what is strictly necessary and is protected through:

• Encrypted communication channels

• Role-based access controls

• Internal confidentiality and security policies

Fortem ensures that any cross-border access maintains an appropriate level of data protection.

6. Legal Basis for Processing

We process personal data based on one or more of the following legal grounds:

• Performance of a contract (providing the Service)

• Legitimate interests (security, fraud prevention, platform optimization)

• Compliance with applicable laws

• User consent where required (e.g., optional analytics cookies)

7. Data Retention

Fortem retains personal data only for as long as reasonably necessary to fulfill operational and legal purposes.

On-chain Data Exception

Blockchain records are immutable and cannot be altered or deleted.

If you request deletion, Fortem will remove off-chain identifiers that link personal data to on-chain records, where technically feasible.

8. Your Rights

Depending on applicable law, you may request:

• Access to your personal data

• Correction of inaccurate information

• Deletion of off-chain personal data

• Restriction of processing

• Information regarding automated processing

• Details about cross-border data access

Requests may be submitted through Fortem support channels.

9. Cookies

Fortem uses:

• Essential cookies required for authentication and security

• Optional analytics cookies for service improvement

Fortem does not use advertising or third-party tracking cookies.

10. Third-Party Services

Fortem may use third-party infrastructure and analytics providers (such as cloud hosting or security services).

All such providers operate under contractual obligations to protect data and process it solely for Fortem’s operational purposes.

Fortem does not use third-party payment processors and does not handle fiat payments.

11. Children

The Service is intended for users aged 18 or older.

Fortem does not knowingly collect personal data from minors.

12. Changes to This Policy

Fortem may update this Privacy Policy from time to time.

Any changes will be posted on this page, and continued use of the Service constitutes acceptance of the revised Policy.