F
FFDATA LEGAL
TermsPrivacy

Privacy Policy for FFDATA

Version: 1.0
Effective Date: May 16, 2026
Last Updated: May 16, 2026

1. INTRODUCTION

At FFDATA ("we," "our," or "us"), we respect your privacy and are committed to being fully transparent about how we handle data. This Privacy Policy explains how we collect, use, process, and protect information when you use the FFDATA API, developer dashboard, website, and related services (collectively, the "Services").

This policy distinguishes between Developer Account Data (information you provide to use our platform) and API Routing Data (the transient game identifiers you query through our API).

2. DEVELOPER ACCOUNT DATA (What We Collect & Why)

To provide you with API access, manage your credits, and secure your account, we collect the following operational data:

  • Authentication Data: If you sign in using third-party identity providers (e.g., Google OAuth), we collect basic profile information (such as your email address and an authentication token) to provision your account.
  • Session & Security Information: We generate JSON Web Tokens (JWTs) and manage active sessions to securely authenticate your dashboard access.
  • Account Metadata: We store your generated API keys (in a hashed format), credit balances, usage limits, and account status.
  • Operational Telemetry: We monitor API key usage, endpoint hit rates, and credit deductions to provide you with dashboard analytics and accurately bill API requests.

3. API ROUTING & TRANSIENT CACHING (Client Data)

FFDATA operates as an infrastructure routing layer, not a permanent data harvesting platform. When you make requests to our API (e.g., querying a game UID):

  • Transient Processing: We process these identifiers strictly to route requests to the appropriate upstream game servers.
  • Performance Caching: We may temporarily cache the resulting responses in-memory or via fast-access storage (like Redis) with a short Time-To-Live (TTL). This reduces upstream load and ensures low-latency responses for your applications.
  • No Permanent Archival: We do not permanently archive, build historical databases, or sell the game identifiers or player profiles you query through our API. Once the cache TTL expires, the payload is purged.

4. SECURITY AND ABUSE PREVENTION

To protect our infrastructure and ensure fair usage for all developers, we actively monitor and log network requests. We collect:

  • IP Addresses & Request Metadata: We log the IP addresses, User-Agent strings, and timestamp data of incoming API requests.
  • Rate-Limit Logging: This metadata is used dynamically by our rate-limiting engines to prevent DDoS attacks, credential stuffing, scraping, and endpoint abuse.
  • Retention: Security and abuse logs are retained only as long as necessary to investigate anomalies and maintain platform stability, after which they are securely rotated or deleted.

5. COOKIES AND LOCAL STORAGE

We use standard browser technologies to maintain your session on our developer dashboard:

  • Strictly Necessary Storage: We use local storage and cookies solely to persist your authentication state (e.g., JWTs) and dashboard preferences.
  • We do not use third-party tracking cookies or cross-site advertising pixels.

6. THIRD-PARTY PROCESSORS

To operate our global infrastructure, we rely on trusted third-party cloud providers (such as Render).

  • These providers act as data processors and only handle data necessary to host our backend, route traffic, and maintain server uptime.
  • Authentication Providers: We utilize third-party services (like Google) for secure login. Their use of your data is governed by their respective privacy policies.
  • No Garena Affiliation: FFDATA is an independent entity. We do not share your developer account data or API telemetry with Garena.

7. DATA RETENTION AND ACCOUNT DELETION

  • Retention: We retain your Developer Account Data for as long as your account is active.
  • Deletion Requests: You have the right to request the complete deletion of your account. Upon receiving a verified deletion request, we will permanently revoke your API keys, erase your authentication data, and delete your operational telemetry, except where retention is required for legal compliance or fraud prevention.

8. CHANGES TO THIS POLICY

We may update this Privacy Policy periodically to reflect changes in our infrastructure, security practices, or legal obligations. We will notify active developers of significant changes via the dashboard or email.

9. CONTACT US

If you have questions about this Privacy Policy, data retention, or wish to submit an account deletion request, please contact us at:

  • Privacy & Compliance: helloffdata@proton.me
  • General Support: helloffdata@proton.me