Metagigs Privacy and Cookie Policy
Effective Date: March 1, 2026 Last Updated: March 1, 2026
Introduction
Welcome to the Metagigs Privacy and Cookie Policy ("Policy"). This Policy describes how Metagigs Inc ("Metagigs," "we," "us," or "our") collects, uses, stores, and shares your personal information when you use our gaming software platform, including websites on the metagigs.gg domain, embedded platform integrations on third-party community sites, and associated services (collectively, the "Services").
By using the Services, you agree to the practices described in this Policy. If you do not agree, please do not use the Services. This Policy should be read together with our Terms of Use.
Who This Policy Applies To
This Policy applies to all users of the Services, including Buyers, Platform Professionals (Pros), and visitors to our websites and embedded Storefronts. Any capitalized terms not defined in this Policy have the meanings set forth in our Terms of Use.
Definitions
i) "Personal Information" means any information relating to an identified or identifiable natural person, including name, email address, date of birth, identification numbers, location data, and online identifiers.
ii) "Processing" means any operation performed on Personal Information, such as collecting, recording, organizing, storing, adapting, disclosing, or otherwise using it.
Contact Us
For questions or requests regarding your Personal Information, contact us at support@metagigs.gg.
1. Age Requirement and Data Collection
a) 18+ Account Requirement
You must be at least 18 years of age to create a Metagigs account. Date of birth is the first field collected during account creation to verify eligibility. If you are under 18, you may browse unauthenticated Storefronts but may not create an account or provide any Personal Information to Metagigs.
b) No Data Collection from Unauthenticated Users
Metagigs does not collect Personal Information from unauthenticated users. No cookies, persistent identifiers, or IP addresses are logged for users browsing the unauthenticated Storefront. Aggregate, cookieless analytics (via Rybbit) may be collected on unauthenticated surfaces — this data does not constitute Personal Information as it contains no individual identifiers.
c) Data Collection Begins at Account Creation
Personal data collection begins at account creation, starting with date of birth. No Personal Information is collected before age verification is complete.
2. Information We Collect
a) Account Information
When you create an account, we collect:
- Date of birth (for age verification)
- Username
- Email address
- Authentication credentials (password or third-party identity provider tokens)
b) Platform Professional Information
If you apply to become a Platform Professional, we or our payout provider (currently Payoneer) may additionally collect:
- Full legal name
- Government-issued photo identification
- Address and bank account information
- IRS Form W-9 (U.S. taxpayers) or Form W-8BEN (non-U.S. taxpayers)
- Gaming account credentials (for badge and skill verification via third-party gaming APIs)
Identity verification and KYC (Know Your Customer) information is collected by Payoneer as part of their onboarding process and is subject to Payoneer's own privacy policy.
c) Payment Information
When you purchase MetaCredits (prepaid digital platform credits), payment information such as credit card details is collected and processed by our payment processor (currently Stripe, or a Merchant of Record provider as applicable). Metagigs does not store or have direct access to your full payment card information.
d) Session Data
When you participate in a Session facilitated through the Platform, the following data is collected:
- Periodic screenshots — visual snapshots captured at regular intervals during the Session
- Audio transcript — an audio recording is captured, transcribed to text using AssemblyAI, and the audio file (MP4) is deleted immediately after transcription is complete
- Session metadata — start and end times, booking details, and participant information
For full details on session recording, see Section 6 of our Terms of Use.
e) Usage and Analytics Data
For authenticated users, we collect information about how you use the Services, including pages visited, features used, and session activity. This data is collected using Rybbit, a cookieless analytics platform. For unauthenticated users, Rybbit collects only aggregate, anonymous data. For authenticated users, analytics data is associated with your account upon login.
f) Communications
We collect information you provide when you contact customer support, submit a report, or otherwise communicate with us, including your email address, username, and the content of your communication.
3. How We Use Your Information
We use your information for the following purposes:
a) Providing the Services — creating and managing your account, processing MetaCredit purchases, facilitating Sessions, delivering platform features, and communicating with you about your account and transactions.
b) Session Moderation and Safety — reviewing session recordings (screenshots and transcripts) for compliance with our Terms of Use and Community Standards.
c) Dispute Resolution — using session data, booking records, and user communications to investigate and resolve disputes between users.
d) Fraud Prevention — detecting and preventing unauthorized access, fraudulent transactions, chargebacks, and other harmful activity.
e) Platform Improvement — analyzing usage patterns and session data to improve the Services and develop new features.
f) Communications — sending service-related notifications, including booking confirmations, session reminders, dispute updates, and account alerts.
g) Marketing — with your explicit consent only, sending promotional emails about the Services. You can unsubscribe from marketing emails at any time.
h) Legal Compliance — complying with legal obligations, responding to lawful requests from authorities, and protecting our rights.
4. GDPR Lawful Basis for Processing
For users in the European Economic Area (EEA) and other jurisdictions where a lawful basis for processing is required, we process Personal Information on the following grounds:
| Data Category | Lawful Basis |
|---|---|
| Account data (username, email, DOB) | Contract performance |
| Platform Professional identity and tax data | Contract performance |
| Transaction, booking, and payment data | Contract performance |
| Session delivery data | Contract performance |
| Customer support communications | Contract performance |
| Platform service notifications | Contract performance |
| Session recordings (screenshots, transcripts) | Legitimate interest (dispute resolution, fraud prevention, platform safety) |
| Authenticated analytics | Legitimate interest (platform improvement) |
| Marketing emails | Consent (opt-in only) |
Unauthenticated analytics (Rybbit, cookieless) fall outside the scope of GDPR as no Personal Information is collected from unauthenticated users.
5. When We Share Your Information
a) Service Providers (Data Processors)
We share Personal Information with third-party service providers who process data on our behalf to provide the Services. These providers are contractually obligated to use your information only for the purposes we specify and to maintain appropriate security measures.
Our current service providers include:
| Provider | Purpose |
|---|---|
| Stripe | Payment processing (MetaCredit purchases) |
| Payoneer | Platform Professional identity verification (KYC) and payouts |
| Daily.co | Video and communication infrastructure |
| AssemblyAI | Audio transcription for session moderation |
| Rybbit | Analytics (cookieless for unauthenticated users; account-linked for authenticated users) |
| Supabase | Database infrastructure |
| Vercel | Hosting |
b) Other Users
When you participate in a Session or interact with other users on the Platform, certain information — such as your username, display name, and Pro level or badges — may be visible to other users as necessary to facilitate the interaction. We do not share your email address, real name, or contact information with other users.
c) Legal Requirements
We may disclose your Personal Information when required by law, in response to legal process (such as a court order or subpoena), or to protect the rights, property, or safety of Metagigs, our users, or the public. This includes cooperating with law enforcement and responding to lawful requests from government authorities.
d) Business Transfers
In the event of a merger, acquisition, sale of assets, or similar transaction, your Personal Information may be transferred as part of the transaction. We will notify you of any such transfer where required by law.
e) Aggregated and De-identified Data
We may share aggregated or de-identified data that cannot reasonably be used to identify you for business analytics, research, and other purposes.
6. Session Recording Disclosure
a) What Is Recorded
All Sessions conducted through the Platform are recorded as a condition of using the session delivery features. The recording consists of:
- Screenshots: Periodic visual snapshots captured at regular intervals during the Session
- Audio Transcript: An audio recording is made, transcribed to text by AssemblyAI, and the audio file (MP4) is deleted immediately after transcription is complete
No continuous video recording occurs.
b) Purpose of Recording
Session recordings are used for:
- Dispute resolution between Buyers and Platform Professionals
- Fraud prevention and detection
- Enforcement of the Terms of Use and Community Standards
- Platform safety and improvement
c) Retention
Session data (screenshots and transcripts) is retained for 180 days following the Session. Retention is extended if a dispute is active, until the dispute is resolved plus 30 days. A legal hold applies if litigation is threatened or pending, and data is retained until the matter is concluded.
d) GDPR Basis for Recording
Session recording is processed under the legitimate interest lawful basis (not consent). The legitimate interests pursued are: dispute resolution, fraud prevention, and platform safety. Users are informed of recording through the Terms of Use, a one-time first-booking acknowledgment, and a passive indicator during Sessions. Because recording is based on legitimate interest rather than consent, it cannot be opted out of — it is a non-optional condition of using the Platform's session delivery features.
7. Data Retention
| Data Type | Retention Period |
|---|---|
| Account data | While your account is active, plus any applicable legal retention period |
| Session data (screenshots, transcripts) | 180 days post-Session; extended if dispute active or legal hold applies |
| Transaction and billing records | As required by applicable law (typically 7 years for tax and financial records) |
| Customer support records | As long as needed to resolve the issue, plus reasonable retention for quality assurance |
| Analytics data | Aggregated and retained indefinitely; individual-level data retained while account is active |
When Personal Information is no longer needed for its stated purpose, we delete or anonymize it.
8. Cookies and Similar Technologies
a) Our Cookie Usage
Metagigs uses only strictly necessary cookies — specifically, authentication session cookies (via Supabase) required to keep you logged in. We do not use advertising cookies, tracking pixels, or third-party analytics cookies.
b) Cookieless Analytics
We use Rybbit for analytics, which operates without cookies or persistent identifiers. For unauthenticated users, Rybbit collects aggregate, anonymous data only. For authenticated users, analytics data is associated with your account via a server-side identify call upon login.
c) Cookie Consent
Because Metagigs uses only strictly necessary cookies (authentication), no cookie consent banner is required under current EU ePrivacy rules. If we introduce non-essential cookies in the future, we will update this Policy and implement appropriate consent mechanisms for users in jurisdictions that require them.
9. Your Rights
a) Access and Portability
You have the right to request a copy of the Personal Information we hold about you in a structured, commonly used format.
b) Correction
You have the right to request correction of inaccurate or incomplete Personal Information.
c) Deletion (Right to Erasure)
You may request deletion of your account and associated Personal Information by contacting support@metagigs.gg. Account deletion requests are processed manually. Upon deletion:
- Your account will be deactivated and Personal Information deleted or anonymized
- Anonymized transaction records may be retained for legal and accounting purposes
- Session recordings related to active disputes or legal holds will be retained as described in Section 7
- Deletion is carried out across all platform systems within a reasonable timeframe
d) Restriction and Objection
Where applicable under your local law, you have the right to request restriction of processing or to object to processing of your Personal Information, particularly for processing based on legitimate interest.
e) Withdraw Consent
Where processing is based on consent (e.g., marketing emails), you may withdraw your consent at any time by unsubscribing or contacting us. Withdrawal of consent does not affect the lawfulness of processing prior to withdrawal.
f) GDPR-Specific Rights
If you are in the EEA, you have the right to lodge a complaint with your local data protection authority. Note that session recording is processed under legitimate interest (not consent), as described in Section 6(d).
g) California Residents (CCPA)
If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA), including the right to know what Personal Information we collect and how it is used, the right to request deletion, and the right to opt out of the sale of Personal Information. Metagigs does not sell Personal Information.
h) Exercising Your Rights
To exercise any of the rights described in this Section, contact us at support@metagigs.gg. We will respond to your request within the timeframe required by applicable law.
10. International Data Transfers
Metagigs is based in the United States. Your Personal Information is stored and processed on servers in the United States. If you are located outside the United States, your data will be transferred to the U.S. for processing. We rely on standard contractual clauses (SCCs) included in our data processing agreements with service providers to ensure adequate protection for international data transfers, where required by applicable law.
11. Data Security
We implement appropriate technical and organizational security measures to protect your Personal Information from loss, misuse, unauthorized access, disclosure, alteration, and destruction. However, no method of transmission over the internet or method of electronic storage is completely secure, and we cannot guarantee absolute security. To the fullest extent permitted by applicable law, we do not accept liability for unintentional disclosure.
If we learn of a security incident that may qualify as a data breach under applicable law, we will notify you and relevant authorities in accordance with the law.
12. Changes to This Policy
We may update this Policy from time to time. We will notify you of material changes by email (if we have your email address) or by posting a prominent notice on the Services prior to the change becoming effective. The "Last Updated" date at the top of this Policy indicates when the latest changes were made. Your continued use of the Services after changes take effect constitutes acceptance of the updated Policy.
13. Additional Information by Region
If you live in certain regions, you may have additional rights regarding your Personal Information beyond those described in Section 9. If you wish to exercise any rights or have questions about region-specific privacy laws, please contact us at support@metagigs.gg.