Privacy Policy

Lootworth (“Lootworth,” “we,” “us”) provides a mobile app that tracks the market value of your Counter-Strike 2 (CS2) Steam inventory. We act as the data controller for the personal data described below.

Data controller: the Lootworth operating entity (to be confirmed before launch). You can reach us about your data at support@lootworth.eu.

We collect only what we need to track your inventory and run the features you use:

• Steam ID and public Steam data you choose to track. When you add a Steam account, we read its public inventory and profile data to calculate your aggregate value, item count, value history, persona, and leaderboard position.
• An account identifier. This is an anonymous device session by default. If you choose to create a permanent account, it becomes your email address so you can keep your data across devices.
• A device push token — only if you enable notifications — so we can deliver alerts to your device.
• Purchase and entitlement state for Lootworth Pro — so we know whether your Pro features are active.

Billing for Lootworth Pro is handled by the App Store or Google Play —Lootworth never receives or stores your card or payment details. To manage your entitlement, we share a pseudonymous app user identifier with our subscription provider (RevenueCat); this lets us confirm whether your Pro features are active without linking the purchase to your real-world identity.

We do not sell your personal data, and we do not use it for third-party advertising.

Lootworth is built for the EU and processes personal data under the General Data Protection Regulation (GDPR). We rely on:

• Performance of a contract — to provide the core service you ask for (tracking the inventory you add, running your account).
• Consent — for optional features you switch on, such as push notifications.
• Legitimate interests — to keep the service secure, prevent abuse, and improve reliability, balanced against your rights.

We use a small set of vetted providers to operate Lootworth. Each processes data only for the purpose listed:

Our hosting and primary data store are self-hosted on Hetzner infrastructure located in Germany (EU).

Your account data lives on our EU-hosted infrastructure in Germany. Some of the sub-processors listed above are based outside the EU — for example, Steam Web API / steamapis, RevenueCat, and OneSignal are US providers. Where personal data or pseudonymous identifiers are processed in a third country, those transfers rely on appropriate safeguards under the GDPR, such as the European Commission’s Standard Contractual Clauses or an applicable adequacy decision.

The friends leaderboard shows you where you sit within a distribution of aggregate values, using k-anonymity. It never displays an individual friend’s inventory value or exact rank. Privacy here is a feature, not an afterthought.

Under the GDPR you have the right to access, export, correct, and delete your personal data, and to restrict or object to certain processing. Lootworth makes the core rights self-service:

• Access & export — available from inside the app.
• Deletion — available from inside the app (see retention below).

You may also contact us at support@lootworth.eu to exercise any of these rights, and you have the right to lodge a complaint with your local EU data protection authority.

You can delete your Lootworth account and the data tied to it in two ways:

• In the app — open Settings and choose to delete your account. This is the fastest route.
• By email — if you cannot access the app, email support@lootworth.eu from the address on your account (or include your account identifier) and ask us to delete your account and data.

Either way, deletion is subject to the 30-day grace period described below, after which your data is permanently purged.

We retain the data tied to your tracked inventory and account for as long as your account is active. When you request deletion, we apply a 30-day grace period (so you can change your mind or recover an accidental deletion), after which the data is permanently purged from our systems.

Lootworth is not directed at children and is intended for users who meet the minimum age required to hold a Steam account in their country. We do not knowingly collect data from children below that age.

Value figures shown in Lootworth are informational estimates aggregated from public market data. They are not appraisals, offers, or financial advice, and they may differ from the price any marketplace will actually pay.

Lootworth is not affiliated with, endorsed by, or sponsored by Valve Corporation or Steam. Counter-Strike 2, CS2, and Steam are trademarks of Valve Corporation. All other trademarks are the property of their respective owners.

We may update this policy as Lootworth evolves. Material changes will be reflected here with an updated date at the top of the page.

Questions about your privacy? Email support@lootworth.eu.