# Privacy Policy

<mark style="color:$info;">**Last updated: 2025-12-15**</mark>

***

#### **1. Introduction**

This Privacy Policy explains how Fortem (“we”, “our”, or “us”) collects, uses, stores, and protects personal data in connection with the Fortem platform (the “Service”).

The Service is operated by **FORTEM LABS S.A.**, a company incorporated in **Panama**, which acts as the **Data Controller**.

This Policy applies to all users of the Service.

By using the Service, you consent to the practices described in this Policy.

***

#### **2. Data We Collect**

Fortem follows a data minimization principle and collects only the information necessary to operate the Service.

We may collect the following categories of data:

**A. Account & Identity Information**

* Email address (if provided)
* Wallet address
* Username or display name

**B. Usage & Technical Data**

* IP address
* Browser and device information
* Access logs and session information
* Security and rate-limit logs

**C. Transaction & On-chain Interaction Data**

* Minting, listing, selling, and purchasing metadata
* Ownership changes recorded on-chain
* Smart-contract execution states (success/failure)

**D. Game Integration Data**

* Export requests
* Single-use Redeem Code issuance and validation results
* Game synchronization states and timestamps

**E. Cookies & Analytics**

* Essential cookies for authentication and session management
* Analytics cookies for service improvement and usage analysis

Fortem does **not** collect:

* Credit card or bank information
* Government-issued identification
* Biometric data
* Off-chain financial data

***

#### **3. How We Use Data**

We use personal data solely for legitimate operational purposes, including:

* Providing and maintaining access to the Service
* Processing listings, purchases, and on-chain actions
* Managing Export, Redeem, and game integration workflows
* Ensuring platform security, fraud prevention, and abuse detection
* Improving platform performance and user experience
* Complying with applicable legal obligations

Fortem does **not** sell personal data to third parties.

***

#### **4. Data Storage & Security**

Personal data is stored on servers located in **Panama and the United States (Virginia)**.

We implement reasonable technical and organizational safeguards, including:

* Encryption in transit and at rest
* Role-based access controls
* Audit logging and monitoring
* Secure internal access policies

Only authorized personnel may access personal data for legitimate operational purposes.

***

#### **5. Cross-border Data Access and Transfers**

Due to the global nature of Fortem’s operations, personal data may be securely accessed from multiple jurisdictions, including:

* **Panama** – primary operations and administration
* **United States (Virginia)** – infrastructure and hosting services
* **Republic of Korea** – authorized technical and operational staff

Such access is limited to what is strictly necessary and is protected through:

* Encrypted communication channels
* Role-based access controls
* Internal confidentiality and security policies

Fortem ensures that any cross-border access maintains an appropriate level of data protection.

***

#### **6. Legal Basis for Processing**

We process personal data based on one or more of the following legal grounds:

* Performance of a contract (providing the Service)
* Legitimate interests (security, fraud prevention, platform optimization)
* Compliance with applicable laws
* User consent where required (e.g., optional analytics cookies)

***

#### **7. Data Retention**

Fortem retains personal data only for as long as reasonably necessary to fulfill operational and legal purposes.

**On-chain Data Exception**

Blockchain records are immutable and cannot be altered or deleted.

If you request deletion, Fortem will remove off-chain identifiers that link personal data to on-chain records, where technically feasible.

***

#### **8. Your Rights**

Depending on applicable law, you may request:

* Access to your personal data
* Correction of inaccurate information
* Deletion of off-chain personal data
* Restriction of processing
* Information regarding automated processing
* Details about cross-border data access

Requests may be submitted through Fortem support channels.

***

#### **9. Cookies**

Fortem uses:

* Essential cookies required for authentication and security
* Optional analytics cookies for service improvement

Fortem does **not** use advertising or third-party tracking cookies.

***

#### **10. Third-Party Services**

Fortem may use third-party infrastructure and analytics providers (such as cloud hosting or security services).

All such providers operate under contractual obligations to protect data and process it solely for Fortem’s operational purposes.

Fortem does not use third-party payment processors and does not handle fiat payments.

***

#### **11. Children**

The Service is intended for users aged **18 or older**.

Fortem does not knowingly collect personal data from minors.

***

#### **12. Changes to This Policy**

Fortem may update this Privacy Policy from time to time.

Any changes will be posted on this page, and continued use of the Service constitutes acceptance of the revised Policy.


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://help.fortem.gg/legal/privacy-policy.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.