MuDefender GameGuard — Privacy Policy

Controller: MuDefender Software Solutions (operating as [DBA NAME — registration pending]), New York, United States (the "Developer", "we", "us"). Registered address: [Business address — New York, NY, USA — to be added upon registration] Privacy contact: privacy@mudefender.com

Effective date: 19 June 2026 Version: 1.0

This Privacy Policy explains how we handle data. We serve two groups: Server Owners (our paying customers) and, indirectly, the Players of the games protected by our Software. The way we treat data for each group is deliberately different — please read Sections 2 and 3.

1. Summary (plain language)

We collect normal account/billing data from our customers (Server Owners) to run the service.
We do NOT receive or store Players' IP addresses, MAC addresses, screenshots, in-game names, or device files on our systems.
The only Player-related data we receive centrally is a pseudonymous, salted hardware fingerprint (HWID) of a detected cheater, plus the detection reason and time — used to keep cheaters out across participating servers.
All detailed Player data stays only on the Server Owner's own server, under their control. For that data, the Server Owner is the data controller, not us.

2. Data we process about Server Owners (our customers)

When you register, purchase, or operate a license through our website / billing platform (WHMCS) and admin panel, we process:

Identity & contact: name, email address, and contact details you provide.
Billing: transaction records processed through our payment provider (PayPal). We do not store full card details.
Operational/technical: your server's public IP / hostname, license key, software version, subscription status, connection/player counts, and update-notification settings.
Support: the content of tickets and communications you send us.

Purpose: to provide and manage the Software and your license, process payments, send service notifications and updates, and provide support. Legal basis: performance of our contract with you (and our legitimate interest in operating and securing the service). Storage: in our billing system (WHMCS) and admin panel, protected by industry-standard security.

3. Player data — our role and what we do (and do not) receive

Our Software runs on a client-server model. All detailed Player data is processed and stored exclusively on the Server Owner's own server (VPS), which we do not control or access.

3.1 What stays only on the Server Owner's server (we never receive it)

IP address, MAC address, in-game account/character name, running processes/drivers/loaded files, operating-system details, and any screenshots (captured only if the Server Owner enables that feature and only upon a detection). For this data, the Server Owner is the data controller and is responsible for informing Players and complying with applicable law. These logs are, by default, automatically deleted on the Server Owner's server on a rolling 30-day basis.

3.2 What we receive centrally (and only this)

For the purpose of preventing detected cheaters from moving between participating servers, our Software transmits to us, when a violation is detected:

a pseudonymous, salted Hardware Identifier (HWID) — a one-way cryptographic hash derived from hardware characteristics (e.g., CPU, motherboard, disk). It contains no name, email, IP, MAC, or location, and cannot, by us, be reversed to identify a natural person;
the detection category/reason (e.g., "kernel", "DMA", "heuristics");
a timestamp; and
the Server Owner's own server IP (this is our business customer's address — not Player data).

We also receive aggregated, anonymous statistics (e.g., total number of active servers, total player counts via salted hashes, and detection counts by category) which cannot identify any individual.

The HWID is pseudonymous personal data under the GDPR. We do not treat it as fully anonymous. We process it on the basis of our legitimate interest (Art. 6(1)(f) GDPR) in detecting and preventing fraud and cheating across the network we provide, balanced against the limited, minimized, non-identifying nature of the data.

4. Cross-server cheat-prevention network

The pseudonymous HWIDs of detected cheaters are shared among participating Server Owners through our service, so that an offender banned on one server can be blocked on others. Only the pseudonymous HWID and the detection reason are shared. No Player IP, MAC, screenshot, name, or content is shared.

5. Sharing with third parties

We do not sell Player or customer data. We share data only with service providers strictly necessary to operate, such as our payment processor (PayPal) for billing, and our hosting/infrastructure provider, under appropriate safeguards.

6. International transfers

We are based in the United States and our customers are international. Where we process data of individuals in the EU/EEA/UK, we rely on appropriate transfer mechanisms (such as the Standard Contractual Clauses) where required. The data we hold centrally about Players is limited to the pseudonymous HWID described above.

7. Retention

Customer (Server Owner) data: kept while the account/license is active and as required by tax and accounting law, then deleted or anonymized.
Pseudonymous cheater HWIDs: retained for as long as necessary to maintain effective cross-server ban protection, or until a removal request is validated.
Aggregated statistics: retained indefinitely in anonymous form.

8. Your rights

Server Owners (customers): you may request access to, correction of, or deletion of your account data by contacting privacy@mudefender.com.
Players: because we do not hold your IP, MAC, name, or other identifying data, requests regarding your raw data (access, deletion, etc.) must be directed to the Server Owner of the game you played, who is the controller for that data. If you believe a pseudonymous HWID should be removed from our cross-server network, the relevant Server Owner may submit a validated request to support@mudefender.com.
Depending on your jurisdiction (e.g., EU/UK GDPR), you may also have the right to lodge a complaint with your local data-protection authority.

9. Security

We apply industry-standard measures (encryption in transit, signed and authenticated APIs, access controls) to protect customer data and the pseudonymous HWID database against unauthorized access.

10. Children

The Software is provided to game-server operators (businesses/operators), not directly to children. We do not knowingly collect identifying personal data of minors; any in-game data handling is the responsibility of the Server Owner.

11. Changes to this Policy

We may update this Policy from time to time. The current version is posted at mudefender.com with its effective date.