PRIVACY POLICY

Last Updated: January 06, 2026

Welcome to TEN² (hereinafter referred to as "the Service"). This Privacy Policy describes how we collect, use, process, and disclose your information, including personal data, in conjunction with your access to and use of the TEN² platform.

We are committed to protecting and respecting your privacy. In compliance with the General Data Protection Regulation (EU) 2016/679 ("GDPR"), this document explains our practices regarding your personal data.

1. Principles of Processing

In the processing of your data, we adhere to the following principles:

• Lawfulness, Fairness, and Transparency: Data is processed legally and clearly.
• Data Minimization: We only collect data that is strictly necessary (e.g., no email required for signup).
• Storage Limitation: Data is kept no longer than necessary.
• Integrity and Confidentiality: We ensure appropriate security of the data.

2. Information We Collect

2.1 Information You Give Us

• Account Information: When you register, we collect a Username and an encrypted Password. We also store a cryptographic hash of your Recovery Key to allow account recovery without personal identifiers.
• Communication Data: If you contact us via email, we collect your email address and the content of your message.
• Prize Fulfillment Data: Specifically for prize redemptions (if applicable), we may collect a temporary email address and shipping information solely for the purpose of delivery.

2.2 Information Automatically Collected

• Log Data and Device Information: We automatically collect log data and device information when you access the Service. This includes details about how you use the Service, IP address, access dates and times, hardware and software information, and device event information. This data is used for security purposes (e.g., anti-bot protection, DDOS prevention).
• Gameplay Data: We store your game history, wins, losses, and virtual currency transactions (TENcoins) to maintain the integrity of the game state.

3. Legal Basis for Processing

We process your information under the following legal bases pursuant to Art. 6 GDPR:

• Performance of a Contract: To provide you with access to the Game and Community services (e.g., managing your account, saving game progress).
• Legitimate Interest: To maintain the security of our platform, detect and prevent fraud (such as multi-accounting or cheating), and improve our services.
• Legal Obligation: To comply with applicable laws, regulations, or legal requests (e.g., tax reporting for physical prizes, if applicable).

4. Data Recipients & Hosting

Your data may be processed by third-party service providers ("Processors") who help us provide the Service. These include:

• Hosting & Database Providers: We use third-party cloud infrastructure (e.g., MongoDB Atlas, Cloud Hosting) to store encrypted data. These providers are contractually bound to protect your data.
• Technical Service Providers: Services that assist with traffic monitoring and security.

We do not sell, trade, or otherwise transfer your personal identifiable information to outside parties for marketing purposes.

5. International Data Transfers

If our service providers are located outside the European Economic Area (EEA), we ensure that appropriate safeguards are in place, such as the European Commission’s Standard Contractual Clauses (SCCs), to protect your data in accordance with EU standards.

6. Data Retention

We retain your personal data only for as long as is necessary for the performance of the contract between you and us and to comply with our legal obligations.

• Active Accounts: Retained for the lifetime of the account.
• Inactive Accounts: May be deleted after a prolonged period of inactivity as defined in our Terms and Conditions.
• Logs: Server logs containing IP addresses are retained for a limited period for security auditing and then overwritten or deleted.

7. Your Rights under GDPR

You have the following rights regarding your data:

• Right of Access: You have the right to request a copy of the data we hold about you.
• Right to Rectification: You can request correction of inaccurate data.
• Right to Erasure ("Right to be Forgotten"): You can request deletion of your account and associated data.
• Right to Restriction of Processing: You have the right to request that we limit how we use your data.
• Right to Data Portability: You can request to receive your data in a structured, commonly used, and machine-readable format.
• Right to Object: You can object to the processing of your data based on legitimate interests.

To exercise these rights, please contact the Data Controller. Note that proof of ownership (Recovery Key) will be required.

8. Security

We implement appropriate technical and organizational measures to protect your personal data against unauthorized access, alteration, disclosure, or destruction. This includes bcrypt hashing for passwords and TLS/SSL encryption for data in transit.

9. Data Controller & Contact Information

The Data Controller responsible for your information is:

• Name: Andrea Bianco
• Contact Email: info@ten2square.com
• PEC (Certified Email): andrea.bianco@pecaruba.it

You have the right to lodge a complaint with a supervisory authority (e.g., the Italian Garante per la Protezione dei Dati Personali) if you believe your data rights have been violated.

Back to Login