The data controller
PSN.GG is operated by PSN.GG (LLC) ("we", "us"), a Nevada limited liability company and wholly-owned subsidiary of Rebirthed Group. For data-protection purposes we are the controller of personal data you provide. Contact us via PSN.GG Support for data-subject requests.
Categories of data
- Account data: email, hashed password, display name, optional avatar, account creation date.
- PSN profile data: when you verify a PSN ID, we cache your public PlayStation profile (online ID, account ID, trophy counts, avatar, "About Me", trophy library) as returned by Sony's APIs. This data is already publicly visible on PlayStation.
- Forum activity: posts, threads, votes, reactions, badges, and timestamps.
- Payments: we do not store full card numbers. Stripe, PayPal, Coinbase Commerce, and BTCPay Server retain payment details under their own policies. We retain transaction metadata (amount, currency, status, last 4 digits, provider order ID).
- Technical data: IP address (for rate-limiting + abuse detection), user-agent, country derived from your Cloudflare edge geo header, session cookies. We do not run third-party tracking pixels.
- Communications: support tickets, private messages between members, content you send through the site.
Legal bases
We process data to provide the service you signed up for (contract), to keep the site secure and fight abuse (legitimate interest), to comply with tax and accounting law (legal obligation), and where required, with your consent (e.g., cookie preferences). You can withdraw consent at any time.
Third-party processors
- Cloudflare — CDN, DDoS protection, edge geo lookups.
- Stripe, PayPal, Coinbase Commerce, BTCPay Server — payment processing.
- Resend — transactional email delivery.
- Sony PlayStation Network APIs — public profile + trophy data lookups (read-only on our side).
- IGDB / Twitch — game metadata enrichment.
- Shopify — physical merchandise fulfillment (only for orders that include shipped goods).
- Cloudflare R2 — image hosting (avatars, trophy icons, game art).
We do not sell personal data. We may disclose data when required by lawful subpoena, court order, or to protect rights and safety.
How long we keep it
- Account data: while the account is active, plus 30 days after deletion (for fraud-recovery windows).
- Forum posts: persist after account deletion in anonymized form to preserve thread integrity.
- Payment metadata: retained 7 years for tax + audit compliance.
- Server access logs: 30 days.
- PSN profile cache: refreshed on access, evicted after 12 months of inactivity.
Access, correction, deletion, portability
Depending on where you live, you may have rights under GDPR (EU/UK), CCPA / CPRA (California), or analogous laws to access, correct, delete, or port your personal data, and to object to certain processing. Most controls are self-serve from Account Settings; anything that isn't, send to support and we'll respond within 30 days.
Right to opt out of sale
Nevada Revised Statutes Chapter 603A grants Nevada residents the right to direct a covered operator not to sell certain items of personally identifiable information that the operator has collected or will collect about the resident.
We do not sell personal data. PSN.GG (LLC) has not sold, and does not currently plan to sell, any Nevada resident's covered information as that term is defined by NRS 603A.340. This is true for every visitor to PSN.GG, regardless of state of residence.
If you are a Nevada resident and would like to submit a verified opt-out request anyway — for the record, or because our practice changes in the future — send it to PSN.GG Support with the subject line Nevada Opt-Out and the email address tied to your account. We will respond within 60 days as required by statute.
Cookies and storage
See our Cookie Policy for the specific cookies we set and how to opt out of non-essential ones.
Under-13 / COPPA
PSN.GG is not directed at children under 13. We do not knowingly collect personal data from children under 13. If we learn that we have collected such data, we will delete it. Parents or guardians who believe their child has registered can contact support.
How we protect data
Passwords are hashed with bcrypt. Traffic is TLS 1.2+ enforced via Cloudflare. Payment data never touches our servers — it is tokenized by the relevant processor. Backups are encrypted at rest. No system is perfectly secure; if a breach affects you, we will notify you in line with applicable law.
Policy updates
Material changes will be posted here at least 30 days before taking effect, with an update to the "Last updated" date at the top of this page.