Privacy Policy

Last updated: 27-01-2026

1. Introduction

Exeedme ("Exeedme", "we", "us", or "our") values your privacy and is committed to protecting your personal data. This Privacy Policy explains how we collect, use, disclose, and safeguard personal information when you access or use the Exeedme platform available at https://skinsprotocol.com (the "Platform" or "Service").

This Privacy Policy applies to all users of the Platform and should be read together with our Terms and Conditions. In the event of any conflict regarding personal data matters, this Privacy Policy shall prevail.

2. Data Controller

The controller responsible for the processing of your personal data is:

EXEEDME OÜ Harju maakond, Tallinn, Kristiine linnaosa, Kotkapoja tn 2a–10 10615, Republic of Estonia
Exeedme LDA (operational and support entity) Praça do Município, n.º 68, 1.º andar 4700–435, Braga, Portugal
Email: [email protected]

Unless otherwise stated, Exeedme OÜ acts as the primary data controller.

3. Personal Data We Collect

We collect and process different categories of personal data depending on how you use the Platform.

3.1 Data You Provide Directly

  • Email address
  • Steam account identifier and Steam Trade URL
  • Account-related information and communications with support
  • Any information you voluntarily provide when contacting us

3.2 Data Collected via Steam

When you authenticate through Steam, we receive limited data required to operate the Platform, such as:

  • Steam ID
  • Public profile information
  • Inventory and tradable item data relevant to marketplace transactions

Steam operates independently and processes your data under its own privacy policy.

3.3 Transaction and Wallet Data

  • Listings, purchases, sales, and trade history
  • Virtual Wallet balance and transaction records
  • Deposit and withdrawal references (excluding full payment credentials)

Exeedme does not store full payment card details, bank credentials, or crypto wallet private keys.

3.4 Technical and Usage Data

  • IP addresses
  • Device and browser information
  • Log files, timestamps, pages visted, and interaction data
  • Cookies and similar technologies

4. Purposes and Legal Bases for Processing

We process personal data only when legally permitted under the GDPR.

PurposeLegal Basis
Account creation and authenticationContract
Marketplace transactions and Instant SellContract
Wallet operations and transaction recordsContract / Legal obligation
Customer support and communicationsContract / Legitimate interest
Fraud prevention, security, AML monitoringLegal obligation / Legitimate interest
Compliance with tax, accounting, and AML lawsLegal obligation
Platform analytics and performanceLegitimate interest
Marketing communicationsConsent (where required)

You may withdraw consent for marketing at any time.

5. Sharing of Personal Data

We do not sell or rent your personal data.
Your data may be shared only with trusted third parties when necessary:

5.1 Service Providers

  • Hosting and infrastructure providers
  • Security and monitoring services
  • Customer support tools

5.2 Payment and Financial Partners

  • Licensed Payment Service Providers (PSPs)
  • Crypto on-ramp and off-ramp providers

These entities act as independent data controllers or processors under their own legal obligations, including KYC/AML.

5.3 Steam (Valve Corporation)

Used for authentication and digital item delivery. Steam processes data under its own policies.

5.4 Legal and Regulatory Authorities

Where required by law, court order, or regulatory obligation.

6. International Data Transfers

Some service providers may process data outside the European Economic Area (EEA). Where this occurs, Exeedme ensures appropriate safeguards are in place, such as:

  • Adequacy decisions
  • Standard Contractual Clauses (SCCs)
  • Equivalent legal protections

7. Cookies and Similar Technologies

We use cookies to:

  • Ensure core functionality
  • Analyze usage and performance
  • Remember user preferences

Cookie categories include:

  • Strictly necessary cookies
  • Performance and analytics cookies
  • Functional cookies

You can manage cookies through your browser settings. Disabling essential cookies may affect Platform functionality.

8. Data Retention

We retain personal data only for as long as necessary:

  • Account data: while your account is active
  • Transaction and wallet records: as required by tax and AML laws (typically several years)
  • Support communications: as needed to resolve issues

When data is no longer required, it is securely deleted or anonymized.

9. Data Security

We implement appropriate technical and organizational measures to protect personal data, including:

  • Encryption in transit (SSL/TLS)
  • Access controls and monitoring
  • Secure infrastructure and hosting

However, no system is completely secure, and we cannot guarantee absolute security.

10. Your Rights Under GDPR

You have the right to:

  • Access your personal data
  • Rectify inaccurate data
  • Request erasure (“right to be forgotten”)
  • Restrict processing
  • Object to processing
  • Data portability
  • Withdraw consent (where applicable)

To exercise your rights, contact us at [email protected].
You also have the right to lodge a complaint with your local data protection authority.

11. Third-Party Links

The Platform may contain links to third-party websites or services. We are not responsible for their privacy practices and encourage you to review their policies before providing personal data.

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. Material changes will be communicated via the Platform or email. Continued use of the Platform after changes take effect constitutes acceptance of the updated policy.

13. Contact

For privacy-related questions or requests:
[email protected]