Privacy Policy

Effective Date: 20th March 2026 Last Updated: 20th March 2026 This Privacy Policy explains how ByteBox Media Ltd (“ByteBox Media”, “we”, “us”, or “our”) collects, uses, stores, shares, and protects personal data when you visit our website, create an account, subscribe to our services, use Game Launcher Creator (“GLC”), use Launcher Vaults, contact us, or otherwise interact with our services. For identification purposes, the upcoming version 4 release of Game Launcher Creator may sometimes be referred to as GLCV4. However, within this Privacy Policy, we refer to the service as Game Launcher Creator or GLC. Please read this Privacy Policy carefully. By using our website or services, you acknowledge that your personal data will be handled in accordance with this Privacy Policy.

1. Who We Are

Data Controller: ByteBox Media Ltd Suite A 82 James Carter Road Mildenhall Bury St. Edmunds IP28 7DE United Kingdom Contact Email: support@bytebox.media For the purposes of applicable data protection law, including the UK GDPR and the Data Protection Act 2018, ByteBox Media Ltd is the controller of the personal data described in this Privacy Policy, unless stated otherwise.

2. Scope of This Privacy Policy

This Privacy Policy applies to personal data we collect or process in connection with:

• our website and any related pages, portals, forms, and account areas;
• Game Launcher Creator, including subscriptions, downloads, templates, plugins, launcher-related tools, and associated services;
• Launcher Vaults, which is a separate service within the same wider website and business ecosystem;
• customer support, service communications, account management, and billing;
• our business operations, fraud prevention, compliance, and service security; and
• communications with users, potential customers, partners, or rights holders.

This Privacy Policy does not apply to third-party websites, services, tools, plugins, payment providers, integrations, or external platforms that may be linked to or used alongside our services. Those third parties have their own privacy policies and terms.

3. The Personal Data We Collect

We may collect, receive, store, and process the following categories of personal data, depending on how you interact with us:

3.1 Identity and Account Data

• name or display name;
• username;
• email address;
• account ID or internal user identifier;
• login credentials or authentication-related data;
• subscription level, account status, and service entitlements.

3.2 Contact Data

• email address;
• support correspondence;
• messages submitted through contact forms, tickets, or customer support channels.

3.3 Billing and Transaction Data

• purchase history;
• subscription type and billing cycle;
• payment status;
• order records, invoices, and transaction references;
• limited billing-related information provided by payment processors.

We do not usually store full payment card details ourselves. Payments are generally handled by third-party payment processors.

3.4 Technical and Usage Data

• IP address;
• browser type and version;
• device type;
• operating system;
• referrer information;
• date and time of access;
• session data;
• log data;
• crash reports, diagnostics, and error information;
• platform usage activity, feature usage, and account events;
• download, login, licensing, update, and service interaction records.

3.5 User Content and Hosted Data

• files, launcher configurations, templates, uploads, metadata, and other content you upload, host, store, or make available through GLC or Launcher Vaults;
• information associated with your projects, vault uploads, or launcher-related services;
• moderation, review, security, and enforcement records relating to uploaded content.

3.6 Marketing and Communication Data

• email marketing preferences;
• communications you choose to receive from us;
• records of whether emails were opened or links were clicked, where such tracking is used lawfully.

3.7 Cookies and Similar Technologies Data

• cookie identifiers;
• session identifiers;
• analytics data;
• preferences and settings data;
• information collected through similar technologies such as scripts, tags, pixels, local storage, or comparable storage/access tools, where used.

4. How We Collect Personal Data

We collect personal data in a number of ways, including:

• directly from you when you create an account, subscribe, make a purchase, upload content, contact us, or use our services;
• automatically through your use of our website, account area, launcher services, editor services, and related systems;
• from payment processors, hosting providers, analytics providers, service providers, and technical suppliers who support our business;
• from cookies and similar technologies, where permitted;
• from fraud-prevention, security, moderation, or compliance activity;
• from third parties where you connect or interact with third-party integrations, plugins, or services through our platform.

5. How We Use Personal Data

We use personal data for the following purposes:

• to provide, operate, maintain, and improve our website and services;
• to create and manage user accounts;
• to process subscriptions, purchases, renewals, cancellations, and billing administration;
• to authenticate users and manage access rights, licences, and account entitlements;
• to provide customer support and respond to enquiries;
• to host, manage, moderate, and administer launcher-related content and Launcher Vaults activity;
• to send service-related notices, support messages, security alerts, technical notices, and administrative communications;
• to monitor usage, performance, errors, abuse, fraud, piracy, security risks, and service integrity;
• to investigate suspected breaches of our Terms and Conditions, misuse, prohibited content, or unlawful activity;
• to develop, improve, test, secure, and optimise our systems, tools, and infrastructure;
• to comply with legal obligations, court orders, regulatory requirements, and law enforcement requests where applicable;
• to protect our legal rights, business interests, users, staff, systems, and intellectual property; and
• to send marketing communications where permitted by law or where you have opted in, where consent is required.

6. Our Lawful Bases for Processing

Depending on the circumstances, we rely on one or more of the following lawful bases for processing personal data:

6.1 Contract

We process personal data where necessary to perform a contract with you, or to take steps at your request before entering into a contract. This includes providing access to GLC, managing subscriptions, supporting Launcher Vaults, processing orders, and administering accounts.

6.2 Legitimate Interests

We process personal data where necessary for our legitimate interests, provided those interests are not overridden by your rights and interests. These legitimate interests may include:

• running and improving our business and services;
• maintaining account security and service integrity;
• preventing fraud, piracy, abuse, infringement, and unauthorised access;
• protecting our systems, staff, users, and intellectual property;
• moderating content and enforcing our terms;
• responding to enquiries and managing support;
• business administration, analytics, diagnostics, and service optimisation.

6.3 Legal Obligation

We process personal data where necessary to comply with legal and regulatory obligations, including tax, accounting, consumer protection, law enforcement, court, and regulatory requirements.

6.4 Consent

We process personal data on the basis of consent where required, such as for certain marketing communications or certain non-essential cookies and similar technologies. Where we rely on consent, you may withdraw it at any time, although this will not affect the lawfulness of processing carried out before withdrawal.

7. Marketing Communications

We may send you service-related communications that are necessary for your account, subscription, security, billing, or use of the service. These are not promotional in nature. We may also send marketing or promotional communications where permitted by law or where you have given consent where required. You can opt out of marketing emails at any time by using the unsubscribe link in the email or by contacting us at support@bytebox.media.

8. Cookies and Similar Technologies

We may use cookies and similar technologies on our website and related services for functions such as:

• essential website operation;
• login and session management;
• security and fraud prevention;
• saving preferences and settings;
• analytics and performance measurement;
• understanding website usage and improving user experience;
• measuring marketing effectiveness, where applicable.

Some cookies or similar technologies may be strictly necessary for the operation of our website or services. Others, such as certain analytics or marketing technologies, may require your consent before being placed or used, depending on the applicable law and how they operate. You can manage cookie preferences through our cookie tools where provided, your browser settings, or other device controls. Blocking some cookies may affect the functionality of parts of the website or services. Where required, we will seek consent for non-essential cookies and similar technologies separately from this Privacy Policy.

9. Launcher Vaults and User Uploads

Launcher Vaults is a separate service within the same wider website and service ecosystem. If you use Launcher Vaults or upload content through our services, we may process personal data associated with hosted files, account activity, moderation, reporting, support, security, and enforcement. You are responsible for ensuring that you have the legal right to upload or otherwise use the content you submit through Launcher Vaults or other parts of GLC. We may review, moderate, investigate, restrict, suspend, remove, or report content and associated account activity where reasonably necessary for security, moderation, compliance, rights-holder concerns, abuse prevention, or legal protection.

10. Sharing Personal Data

We may share personal data where necessary with:

• payment processors and financial service providers;
• hosting providers, infrastructure providers, and cloud storage providers;
• email, support, analytics, security, and technical service providers;
• professional advisers, such as legal, accounting, compliance, or insurance advisers;
• law enforcement agencies, courts, regulators, or public authorities where required or where legally justified;
• rights holders, complainants, or affected third parties where reasonably necessary in connection with legal claims, moderation, infringement complaints, or enforcement;
• buyers, investors, successors, or advisers in connection with a business sale, merger, reorganisation, financing, or asset transfer; and
• other third parties where you have requested, authorised, or clearly initiated an integration or interaction.

We do not sell your personal data to third parties as a standalone data brokerage business.

11. International Transfers

Some of our service providers or technical systems may be located outside the United Kingdom. Where we transfer personal data internationally, we will take steps intended to ensure that appropriate safeguards are in place where required by applicable law. These safeguards may include adequacy regulations, standard contractual clauses, contractual protections, or reliance on other lawful transfer mechanisms where available and appropriate.

12. Data Retention

We keep personal data only for as long as reasonably necessary for the purposes described in this Privacy Policy, including for service delivery, account management, legal compliance, dispute handling, fraud prevention, enforcement, and protection of our business interests. Retention periods may vary depending on the type of data and the reason we hold it. For example:

• account data may be retained while your account is active and for a reasonable period afterwards;
• billing and transaction records may be retained for tax, accounting, and audit purposes;
• support records may be retained for customer service, training, legal, and quality purposes;
• security, moderation, and enforcement records may be retained where reasonably necessary to prevent abuse, investigate incidents, or protect our rights;
• backup copies may persist for limited periods as part of routine technical operations.

Where we no longer need personal data, we may delete it, anonymise it, or securely archive it where lawful and appropriate.

13. Data Security

We take reasonable technical and organisational measures intended to protect personal data against unauthorised access, loss, misuse, alteration, disclosure, or destruction. However, no online service, website, software platform, storage system, or method of transmission can be guaranteed to be completely secure. You use our services and transmit information to us at your own risk. You are also responsible for maintaining the security of your own devices, passwords, credentials, and account access methods.

14. Your Rights

Depending on the circumstances and applicable law, you may have the right to:

• be informed about how your personal data is used;
• request access to your personal data;
• request correction of inaccurate or incomplete personal data;
• request erasure of personal data in certain circumstances;
• request restriction of processing in certain circumstances;
• object to processing carried out on the basis of legitimate interests in certain circumstances;
• request transfer of certain personal data to you or another provider, where applicable;
• withdraw consent where we rely on consent;
• lodge a complaint with the Information Commissioner’s Office (“ICO”).

These rights are not absolute and may be subject to legal limitations, exemptions, or conditions. To exercise any of your rights, contact us at support@bytebox.media. We may need to verify your identity before responding to a request.

15. Complaints

If you have concerns about how we handle your personal data, please contact us first at support@bytebox.media so we can try to resolve the issue. You also have the right to complain to the UK Information Commissioner’s Office (ICO) if you believe your personal data has been handled unlawfully or unfairly.

16. Children

Our website and services are not intended for young children, and we do not knowingly collect personal data from children in circumstances where parental consent or another lawful basis would be required and has not been obtained. If you believe that personal data has been provided to us improperly in relation to a child, please contact us so that we can review the issue and take appropriate action where necessary.

17. Third-Party Links and Services

Our website or services may contain links to third-party websites, services, plugins, platforms, communities, providers, or tools. We are not responsible for the privacy practices, content, security, or policies of third parties. You should review the privacy policies of any third-party websites or services you use.

18. Business Transfers

If we sell, transfer, merge, reorganise, refinance, or otherwise restructure all or part of our business or assets, personal data may be disclosed to or transferred to relevant parties involved in that process, subject to applicable confidentiality and legal protections.

19. Changes to This Privacy Policy

We may amend, update, or replace this Privacy Policy from time to time to reflect changes in our services, operations, legal requirements, technologies, or business practices. Any updated version will be posted on our website with a revised effective date or last updated date. Your continued use of our website or services after changes are posted may indicate your acceptance of the updated Privacy Policy where appropriate.

20. Contact Us

If you have any questions about this Privacy Policy or about our handling of personal data, you can contact us at: Email: support@bytebox.media Postal Address: ByteBox Media Ltd Suite A 82 James Carter Road Mildenhall Bury St. Edmunds IP28 7DE United Kingdom