Privacy Policy

HILBERT TECHNOLOGY (HK) LIMITED ("Agamest", "we") is the data controller for personal data processed through agamest.com. This Privacy Policy explains what we collect, why, and the choices you have.

1. Data we collect - Order data: email address, game account identifier (UID / player ID / server-region), product purchased, order amount and currency. - Account data (optional): email address and a salted bcrypt hash of your password. We never store plaintext passwords. - Payment data: handled entirely by Stripe, our payment processor. We do not receive or store your card number, CVC or banking credentials; we receive only payment status and a transaction reference. - Technical data: standard server logs (IP address, timestamps, user agent) used for security and fraud prevention. - Communications: messages you send to our support and your newsletter subscription status.

2. How we use your data To process and deliver orders; to send order confirmations and redemption codes; to provide customer support; to prevent fraud and abuse; to comply with legal obligations (including accounting and anti-money-laundering rules); and, only where you have subscribed, to send promotional emails.

3. Legal bases We process data to perform our contract with you (orders, delivery, support), to pursue our legitimate interests (security, fraud prevention, service improvement), to comply with legal obligations, and with your consent for marketing emails (withdrawable at any time).

4. Sharing We share data only with: Stripe (payment processing), our infrastructure providers (hosting and database services), email delivery providers (order notifications), and authorities where required by law. We do not sell or rent personal data to anyone.

5. International transfers Our infrastructure providers may store data in data centres outside your jurisdiction. Where required, transfers are protected by appropriate safeguards such as standard contractual clauses offered by our providers.

6. Retention Order records are retained for as long as needed for accounting, tax and dispute-resolution obligations. Account data is retained until you ask us to delete your account. Server logs are kept for a limited period for security purposes.

7. Cookies We use only functional cookies: session cookies for sign-in (HTTP-only, signed) and preference cookies for your language and currency. We do not use third-party advertising or tracking cookies.

8. Security Traffic is encrypted with TLS. Passwords are hashed with bcrypt. Administrative access is restricted and authenticated. Payment credentials never touch our servers.

9. Your rights Subject to applicable law (including the Hong Kong Personal Data (Privacy) Ordinance and, where applicable, the GDPR), you may request access to, correction of, or deletion of your personal data, object to or restrict certain processing, request portability, and withdraw marketing consent at any time. To exercise any right, email info@agamest.com from the address associated with your data. We respond within the timeframe required by applicable law.

10. Children The Services are not directed at children. We do not knowingly collect data from anyone under 18 without parental consent; if you believe a child has provided us data, contact us and we will delete it.

11. Changes We may update this Privacy Policy from time to time. Material changes will be highlighted on this page with an updated date stamp.

12. Contact Data protection enquiries: HILBERT TECHNOLOGY (HK) LIMITED — info@agamest.com