Back to DOS.me

Privacy Policy

Last updated: January 28, 2025

1. About DOS.me

DOS.me is a digital identity and authentication platform for gamers, developed and operated by MetaDOS. Our platform provides centralized authentication and identity management for gaming ecosystems, including integration with gaming platforms (Steam, Epic Games, PlayStation, Xbox), Web3 wallets, and social media accounts.

Publisher: MetaDOS
Contact: support@dos.me
Website: https://dos.me

We are committed to protecting your privacy and ensuring the security of your personal information. This Privacy Policy explains in detail how we capture, use, share, and retain your information when you use our services.

2. How We Capture Your Data

We collect information through the following methods:

2.1 Direct Input

When you create an account or update your profile, we capture:

  • Registration data: Email address, username, and password (encrypted)
  • Profile information: Display name, avatar image, bio/description, and cover image
  • Preferences: Language settings, notification preferences, and privacy settings

2.2 OAuth and Third-Party Connections

When you connect external accounts, we receive data through OAuth protocols:

  • Gaming platforms (Steam, Epic Games, PlayStation, Xbox): Platform user ID, display name, avatar, and publicly visible gaming statistics
  • Social accounts (Discord, Twitter/X, Facebook, Google, GitHub, Twitch): Account ID, email (if permitted), display name, avatar URL
  • Web3 wallets: Public wallet address only (we never request or store private keys)

2.3 Automatic Collection

Our servers automatically capture:

  • Device information: Browser type, operating system, device type
  • Network data: IP address, approximate geographic location (country/region level)
  • Usage logs: Login timestamps, pages visited, features used
  • Cookies: Session identifiers, authentication tokens, preference storage

3. How We Use Your Data

We use collected data for the following specific purposes:

3.1 Core Service Functionality

  • Authentication: Verify your identity when logging in and maintain secure sessions
  • Profile management: Display your public profile to other users and across connected services
  • Cross-platform identity: Link your gaming accounts to provide unified identity across DOS ecosystem products
  • Gaming features: Display gaming statistics, achievements, and activity from connected platforms

3.2 Communication

  • Transactional emails: Account verification, password resets, security alerts
  • Service updates: Important changes to our terms, features, or policies
  • Optional notifications: New features, events (only with your consent)

3.3 Security and Compliance

  • Fraud prevention: Detect and prevent unauthorized access or abuse
  • Legal compliance: Meet regulatory requirements and respond to legal requests
  • Service protection: Maintain platform integrity and enforce terms of service

3.4 Service Improvement

  • Analytics: Understand usage patterns to improve user experience (aggregated, anonymized)
  • Bug fixes: Diagnose and resolve technical issues
  • Feature development: Guide development of new features based on usage data

4. How We Share Your Data

We do not sell your personal information. We share data only in these specific circumstances:

4.1 With Your Consent

  • Connected gaming platforms: When you link Steam, Epic Games, or other platforms, we exchange authentication tokens and display names to enable cross-platform features
  • Third-party applications: When you authorize an app to access your DOS.me profile via OAuth, we share only the data scopes you explicitly approve
  • Public profile: Your username, display name, avatar, and gaming stats may be publicly visible based on your privacy settings

4.2 Service Providers

We use trusted service providers who process data on our behalf:

  • Cloud hosting: Google Cloud Platform (servers and databases)
  • Authentication: Supabase (identity management)
  • Email delivery: Transactional email services
  • Analytics: Aggregated usage analytics (no personal identifiers shared)

All service providers are contractually bound to protect your data and use it only for specified purposes.

4.3 Legal Requirements

  • Legal process: When required by valid legal requests (subpoenas, court orders)
  • Safety: To protect the rights, safety, or property of DOS.me, our users, or the public
  • Enforcement: To enforce our terms of service or investigate violations

4.4 Business Transfers

In the event of a merger, acquisition, or sale of assets, user data may be transferred. We will notify users before data becomes subject to a different privacy policy.

5. How We Retain Your Data

We retain your data for different periods depending on the type and purpose:

5.1 Active Account Data

  • Profile information: Retained while your account is active
  • Connected accounts: Retained until you disconnect them or delete your account
  • Preferences: Retained while your account is active

5.2 After Account Deletion

  • Personal data: Deleted within 30 days of account deletion request
  • Backups: Removed from backup systems within 90 days
  • Anonymized analytics: May be retained indefinitely (cannot identify you)

5.3 Legal Retention

  • Transaction records: Retained for 7 years for legal/tax compliance
  • Security logs: Retained for 1 year for fraud prevention and security investigations
  • Legal holds: Data subject to legal proceedings retained until resolved

5.4 Inactive Accounts

Accounts inactive for more than 24 months may be flagged for deletion. We will notify you via email before taking any action, giving you the opportunity to reactivate your account.

6. Data Security

We implement comprehensive security measures to protect your information:

  • Encryption: All data transmitted using TLS 1.3; sensitive data encrypted at rest using AES-256
  • Authentication: Passwords hashed using bcrypt; support for two-factor authentication
  • Infrastructure: Hosted on Google Cloud Platform with SOC 2 Type II compliance
  • Access controls: Strict employee access controls; audit logging for data access
  • Security testing: Regular vulnerability assessments and penetration testing

While we implement industry-standard security measures, no system is 100% secure. We encourage you to use strong, unique passwords and enable two-factor authentication.

7. Your Rights and Choices

You have the following rights regarding your data:

7.1 Access and Portability

  • Request a copy of all personal data we hold about you
  • Export your data in a machine-readable format (JSON)
  • Access this through Settings > Privacy > Download My Data

7.2 Correction

  • Update your profile information at any time through your account settings
  • Request correction of any inaccurate data by contacting support

7.3 Deletion

  • Delete your account and all associated data through Settings > Account > Delete Account
  • Request deletion of specific data by contacting support@dos.me
  • Deletion is processed within 30 days

7.4 Opt-Out

  • Unsubscribe from marketing emails via link in each email
  • Disable non-essential cookies through browser settings
  • Disconnect third-party accounts at any time through Settings > Connections

8. Cookies and Tracking

We use the following types of cookies:

  • Essential cookies: Required for authentication and security (cannot be disabled)
  • Functional cookies: Remember your preferences and settings
  • Analytics cookies: Help us understand how users interact with our services

You can control non-essential cookies through your browser settings. Note that disabling certain cookies may affect functionality.

9. International Data Transfers

DOS.me operates globally. Your data may be transferred to and processed in countries other than your own, including the United States and Singapore where our servers are located. We ensure appropriate safeguards are in place for international transfers, including Standard Contractual Clauses where required.

10. Children's Privacy

DOS.me is not intended for children under 13 years of age. We do not knowingly collect personal information from children under 13. If we discover that we have collected data from a child under 13, we will delete it promptly. If you believe a child has provided us with personal information, please contact us at support@dos.me.

11. Changes to This Policy

We may update this Privacy Policy from time to time. For significant changes, we will notify you via email or through a prominent notice on our website at least 30 days before the changes take effect. The "Last updated" date at the top of this policy indicates when it was last revised.

12. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or your personal data, please contact us:

MetaDOS

Email: support@dos.me

Website: https://dos.me

We aim to respond to all privacy-related inquiries within 30 days.

See also: Terms of Service