SKYNS.IO
PRIVACY POLICY
Wollomi Digital OÜ
Effective Date: May 27, 2026 | Last Updated: May 27, 2026
Version 1.0 | GDPR Compliant
This Privacy Policy describes how Wollomi Digital OÜ (“we”, “us”, or “our”) collects, processes, and protects personal data when you access or use Skyns.io — a marketplace for buying and selling Counter-Strike 2 (CS2) in-game items — including weapon skins, knives, gloves, and other inventory items. By using the platform, you agree to the practices described in this policy.
We are not affiliated with or endorsed by Valve Corporation or any other third-party game developer.
1. Who We Are (Data Controller)
| Detail | Information |
|---|---|
| Company | Wollomi Digital OÜ |
| Jurisdiction | Republic of Estonia, European Union |
| Platform | Skyns.io — CS2 Item Marketplace |
| Contact Email | support@skyns.io |
2. Data We Collect
Account & Identity Data
- Steam account ID, username, and profile avatar (collected via Steam OpenID login)
- Email address if provided or linked to your Steam account
- Trade URL and Steam inventory data necessary to facilitate item transfers
Transaction Data
- Purchase and sale history, item listings, prices, and timestamps
- Payment information processed by third-party payment providers — we do not store raw card data
- Withdrawal and deposit records, wallet balances
Technical Data
- IP address, browser type and version, operating system
- Device identifiers and session tokens
- Referring URLs and pages visited on our platform
Communication Data
- Support ticket contents and messages with our support team
- Dispute correspondence
Behavioral & Analytics Data
- Search queries, item views, and interaction patterns on the platform
- Feature usage statistics collected via analytics tools
3. How We Use Your Data
| Purpose | Description |
|---|---|
| Service Delivery | Processing trades, managing listings, facilitating payments and item transfers between buyers and sellers. |
| Account Management | Creating and maintaining your user account, authenticating via Steam, and managing your balance. |
| Fraud Prevention | Detecting suspicious activity, verifying trades, preventing chargeback abuse and account takeovers. |
| Legal Compliance | Meeting AML/KYC obligations, responding to legal requests, and retaining records as required by applicable law. |
| Customer Support | Responding to inquiries, resolving disputes, and processing refund claims. |
| Platform Improvement | Analyzing usage patterns to fix bugs, improve features, and optimize user experience. |
| Marketing | Sending promotional emails and updates — only with your explicit consent, which may be withdrawn at any time. |
4. Legal Basis for Processing (GDPR)
- Contract performance — processing necessary to execute your transactions and provide the marketplace service
- Legitimate interests — fraud detection, platform security, abuse prevention, and analytics (balanced against your rights)
- Legal obligation — compliance with applicable financial regulations and law enforcement requests
- Consent — for marketing communications and non-essential cookies; may be withdrawn at any time
5. Cookies & Tracking Technologies
| Cookie Type | Purpose | Required |
|---|---|---|
| Essential | Session management, authentication tokens, CSRF protection, trade state | Yes |
| Preference | Display settings, language preferences, filter configurations | No |
| Analytics | Understanding platform usage (e.g. Google Analytics) | No |
| Marketing | Delivering relevant advertising and measuring campaign effectiveness | No |
You can manage non-essential cookies through our cookie consent banner or your browser settings. Disabling essential cookies may prevent core platform features from functioning.
6. Sharing Your Data
We do not sell your personal data. We may share data with:
- Payment processors — to handle deposits, withdrawals, and chargebacks securely
- Steam / Valve API — to authenticate your identity and facilitate inventory transfers
- Cloud infrastructure providers — for hosting, storage, and content delivery
- Analytics providers — to measure platform performance (aggregated or anonymized where possible)
- Fraud prevention services — to detect and prevent fraudulent activity
- Legal authorities — when required by law, court order, or to protect the rights and safety of Wollomi Digital OÜ or its users
All third-party processors are bound by data processing agreements and applicable data protection law.
7. International Data Transfers
As an Estonian company within the EU, your data is primarily processed within the EEA. Where transfers outside the EEA occur, we ensure appropriate safeguards are in place:
- Standard Contractual Clauses (SCCs) approved by the European Commission
- Transfers to countries with an EU adequacy decision
- Binding Corporate Rules where applicable
8. Data Retention
| Data Type | Retention Period |
|---|---|
| Active account data | Duration of account + up to 2 years after closure |
| Transaction records | Minimum 7 years (financial recordkeeping obligations) |
| Support communications | 3 years after resolution |
| Marketing data | Until consent is withdrawn or deletion is requested |
| Server logs | Typically 90 days |
Upon expiry of the relevant retention period, data is securely deleted or anonymized.
9. Your Rights Under GDPR
- Right of access — request a copy of the personal data we hold about you
- Right to rectification — request correction of inaccurate or incomplete data
- Right to erasure — request deletion of your data, subject to legal retention obligations
- Right to restriction — request that we limit how we use your data in certain circumstances
- Right to data portability — receive your data in a structured, machine-readable format
- Right to object — object to processing based on legitimate interests, including direct marketing
- Right to withdraw consent — withdraw at any time without affecting prior processing
To exercise any of these rights, contact us at info@skyns.io. We will respond within 30 calendar days as required under GDPR Article 12. You also have the right to lodge a complaint with the Estonian Data Protection Inspectorate — Andmekaitse Inspektsioon (AKI) at www.aki.ee.
10. Security Measures
- TLS/HTTPS encryption for all data in transit between your browser and our servers
- Encrypted storage of sensitive data at rest
- Role-based access controls limiting internal access to personal data
- Two-factor authentication support for user accounts
- Regular security audits and vulnerability assessments
- Incident response procedures for detecting and reporting data breaches
In the event of a personal data breach posing a risk to your rights, we will notify the relevant supervisory authority within 72 hours and affected users without undue delay, as required under GDPR Articles 33–34.
11. Children's Privacy
Skyns.io is not directed at individuals under the age of 16. We do not knowingly collect personal data from minors. If you believe a minor has created an account or provided personal information, please contact us at info@skyns.io and we will delete the relevant data promptly.
Conducting financial transactions on our platform is permitted only for users who are 18 years of age or older, or the legal age of majority in their jurisdiction.
12. Changes to This Policy
We may update this Privacy Policy from time to time to reflect changes in our practices, legal requirements, or platform features. When we make material changes, we will:
- Update the “Last updated” date at the top of this document
- Display a notice on the platform or send an email notification
- Where required by law, seek your renewed consent
Your continued use of Skyns.io after changes are posted constitutes acceptance of the updated policy.
13. Contact Us
For any questions, requests, or concerns regarding your personal data or this Privacy Policy, please contact:
| Detail | Information |
|---|---|
| Company | Wollomi Digital OÜ |
| Role | Data Controller — skyns.io CS2 Marketplace |
| support@skyns.io | |
| Response time | Within 30 calendar days (GDPR Article 12) |
