Privacy Policy
Last update: March 25, 2026
This policy was updated for operations involving customers in Brazil and the European Union/EEA. Mandatory rights under the LGPD, GDPR, and local consumer/privacy laws override conflicting clauses.
You can reopen the banner and change your cookie choice without clearing your browser data.
1. Data Collected
We collect data you provide and data generated by your use of the platform, including: - account and access data: name, email, securely stored password, verification status, language preferences, and avatar; - authentication and security data: session tokens, login/logout logs, email verification state, and 2FA-related data when enabled; - Discord integration data: Discord ID, username, avatar, account linking status, and notification preferences; - commercial and billing data: orders, coupons, payment method, amounts, wallet top-ups, financial history, and payment status; - digital product and license data: issued licenses, expiration, downloads, authorized IPs, extra IPs, renewals, upgrades, auto-renew, and payment-instance-related records when applicable; - support and relationship data: support messages, AI support conversations, wishlist entries, notifications, and account interactions; - analytics and operational data: pageviews, clicks, traffic source, session data, device information, referrer, timezone, locale, and, when available from the proxy/CDN layer, country, region, and city. As a rule, the platform is not directed to children. If you contract on behalf of a company, team, or server, account and billing data may still be treated as personal data of the responsible individual.
2. Cookies, Analytics, and Local Storage
We use cookies plus local/session storage to keep the site working and to measure platform usage. Necessary cookies may be used for authentication, language preference, cookie consent, Discord OAuth flow state, and core account functionality. Analytics cookies and identifiers are only enabled when you choose to allow all cookies in the consent banner. In that mode, the site records pseudonymous visitor/session identifiers, navigation data, clicks, traffic source, funnel events, aggregated heatmap/clickmap information, and approximate region data when available. In Brazil and the EU/EEA, non-essential cookies remain disabled until you consent. You can change your choice at any time through the site footer or this page.
3. How We Use Data and Legal Bases
We use data to: - create and maintain your account; - authenticate access, protect sessions, and investigate abuse, fraud, or misuse; - process orders, confirm payments, release free products, issue licenses, allow downloads, and operate the internal wallet; - manage IP-limited licenses, renewals, upgrades, Discord roles, and payment-instance products; - send site, Discord, or email notifications when those channels are part of the service; - provide manual support and AI support based on product setup guides; - measure traffic, site usage, conversion, top pages, and aggregated behavior in order to improve the platform; - meet operational, contractual, and legal requirements. Where the law requires a specific legal basis, we process data as applicable under contract performance, compliance with legal or regulatory obligations, fraud prevention and security, exercise of rights, proportionate legitimate interests, and consent, especially for optional cookies and analytics.
4. Sharing, Processors, and International Transfers
We share data only to the extent needed to provide the service. This may include: - payment providers such as Stripe and Mercado Pago for checkout, charging, PIX, webhooks, and reconciliation; - email and infrastructure providers for transactional messages, hosting, and technical operation; - Discord when you sign in/link through Discord or when the platform attempts to send notifications or manage automatic roles; - the external AI provider configured by the site for AI support, using your prompt, conversation history, and relevant excerpts from the product guide; - technical integrations used to synchronize permissions/licensing for certain mods, including authorized IP synchronization when applicable; - authorized administrators and operators when strictly necessary for support, auditing, fraud prevention, and service maintenance. Full card details are not stored directly by the platform; card processing is handled by payment providers. Depending on the service, those third parties may act as processors/service providers or as independent controllers for their own operations. Because we use global providers, data may be processed in Brazil, the EEA, the United States, and other countries where those partners operate. When international transfers occur, we aim to use contractual, technical, and organizational safeguards compatible with applicable law.
5. Security, Retention, and Internal Access
We use technical and organizational measures consistent with the service, such as password hashing, HttpOnly/Secure session cookies, administrative access controls, audit logs, and optional 2FA support. No internet-connected environment is perfectly secure, so we cannot guarantee absolute security. Even so, we work to reduce risk and limit unauthorized access. We keep data for as long as necessary to operate the account, fulfill contracts, preserve order/license history, provide support, run audits, and comply with legal obligations. Certain technical, financial, and security records may remain stored even after parts of an account are removed when that is necessary for defense, fraud prevention, financial reconciliation, bookkeeping, or regulatory obligations. Authorized administrators may access account, order, license, analytics, and audit data and, when necessary for support or investigation, may view support chats and use account preview/impersonation tools.
6. Your Rights and Choices
Subject to applicable law and operational limits of the service, you may: - confirm whether we process your data and request access to applicable records; - update profile information; - request correction, anonymization, blocking, deletion, or portability where legally available and technically feasible; - change your password and 2FA settings; - link or unlink supported integrations; - choose the notification channel between Discord and on-site notifications when available; - withdraw consents you previously gave, especially for optional cookies and analytics; - object to or request review of automated processing where applicable law grants that right and it is relevant to the case; - request information about sharing and international transfers; - lodge a complaint with the ANPD, consumer authorities, or the competent supervisory authority in the EU/EEA, as applicable. We also strongly recommend that you do not send passwords, tokens, private keys, or other secrets through AI support or general support channels.
7. Contact and Updates
We may update this policy to reflect changes in the site, products, integrations, and legal requirements. The latest version will always remain published on this page together with its last-update date. If you have questions about privacy, data handling, rights requests, or account-related matters, please use MMMods Store official support channels, especially your account area and the official channel identified by the store. If local law requires a specific contact path, that path prevails for handling the request.