Privacy Notice
Last updated: June 20, 2026
This Privacy Notice explains how AncientDraft ("we", "us", or "our") collects, uses, shares, and protects your personal data when you use AncientDraft (the "Service"). AncientDraft is the data controller responsible for your personal data.
1. Personal data we collect
- Account data — when you log in with Steam, we receive your Steam ID, account ID, and public Steam username.
- Usage data — searches you perform, feature usage counts, and limited telemetry used to operate and improve the Service.
- Subscription status — whether your account holds an active premium subscription.
- Technical data — IP address and device/browser information collected automatically when you access the Service.
Payment card details are collected and processed directly by Paddle, our payment provider; we do not receive or store your full card details.
2. How and why we use your data
- to create and manage your account (performance of a contract);
- to provide the Service and its features (performance of a contract);
- to enforce free-usage limits and provide premium access (performance of a contract);
- to maintain security and prevent fraud and abuse (legitimate interests);
- to improve and develop the Service (legitimate interests);
- to respond to support requests (legitimate interests).
3. Legal basis
Where the GDPR or similar laws apply, we rely on the legal bases noted above: performance of a contract, our legitimate interests, compliance with legal obligations, and your consent where required (for example, non-essential cookies).
4. How we share your data
We share personal data only with:
- Service providers / subprocessors — hosting, database, and analytics providers that help us run the Service.
- Paddle (Merchant of Record) — for the sale of Premium subscriptions, subscription management, payments, tax compliance, and invoicing.
- Third-party data sources — we query public Dota 2 data from Steam, OpenDota, and STRATZ to provide statistics.
- Authorities and advisers — where required by law or to obtain professional advice.
5. Data retention
We keep personal data only for as long as needed to provide the Service and for legitimate business or legal purposes. When data is no longer needed, we delete or anonymise it.
6. International transfers
Your data may be processed in countries outside your own. Where data leaves the UK/EEA, we rely on appropriate safeguards such as Standard Contractual Clauses or adequacy decisions.
7. Your rights
Subject to applicable law, you may have the right to access, rectify, erase, restrict, or object to the processing of your personal data, to data portability, and to withdraw consent. Where the GDPR applies, you also have the right to lodge a complaint with your supervisory authority, and we will respond to requests within one month. To exercise your rights, contact us through the support channels on AncientDraft.
8. Security
We use appropriate technical and organisational measures — including encryption in transit and access controls — to protect your personal data against unauthorised access, loss, or misuse.
9. Cookies
We use essential cookies to operate the Service and analytics cookies (Google Analytics) to understand usage. You can manage cookie preferences through your browser settings.
10. Contact
If you have questions about this Privacy Notice or how we handle your data, please contact us through the support channels on AncientDraft.