KarasuCSKARASUCS
Back homeLogin
Privacy policy

Privacy, safety, and player trust.

A clear explanation of what KarasuCS collects, why it is needed, how good users can understand their data, and how we preserve evidence against cheating, abuse, fraud, and attacks.

Last updated: 2026-05-28

01

Who runs KarasuCS and how to contact us

KarasuCS operates this CS2 community platform, including the website, accounts, queues, matches, demos, support, moderation, subscriptions, and related server tooling. For privacy requests or data questions, contact vlad@karasu.live and include Privacy Request in the subject so it can be routed and verified properly.

This policy is written for normal players who want to understand what happens to their data, while also making clear that we may keep and use security evidence when someone tries to cheat, abuse, evade bans, attack the service, or harm the community.

02

The basic promise to good users

We collect data to run KarasuCS, not to sell player profiles. Good users should know what is needed for the platform to work: Steam login, match records, support history when you contact us, payment status if you subscribe, and safety logs that help us protect matches.

We try to keep personal data limited to what is useful for account access, competitive integrity, community safety, platform operations, billing, and legal compliance. We do not want private information that is unrelated to KarasuCS, and users should avoid sending unnecessary sensitive information in tickets or messages.

03

Account and identity data

  • Steam identity details such as Steam ID, display name, avatar URL, Steam profile references, linked-account state, login/session state, role, region, and optional email address if provided or needed for account, support, billing, or notifications.
  • KarasuCS profile details such as username, display settings, profile visibility, badges, Karasu+ entitlement state, clubs, community memberships, rank or progression information, match history summaries, and eligibility or restriction state.
  • Authentication and account-security records such as login timestamps, session identifiers, token metadata, redirect targets, account-linking events, failed login patterns, suspicious session changes, and administrative account actions.
  • If a user changes identity details, creates duplicate accounts, links/unlinks accounts, or attempts to hide identity after enforcement, we may retain historical identifiers where needed for fraud prevention, abuse prevention, moderation continuity, and legal protection.
04

Match, queue, and gameplay records

  • Queue entries, party membership, captain assignments, team assignment, match IDs, server assignment, region, map pool, veto actions, ready checks, connect attempts, reconnects, substitutions, forfeits, cancellations, and match state transitions.
  • Match results, scoreboard data, player statistics, round events where available, demo references, demo access permissions, uploaded demo metadata, checksums, server logs, match plugin logs, and timing records needed to resolve disputes or prove what happened.
  • Evidence submitted by users or staff, including clips, screenshots, demo timestamps, chat excerpts, report notes, witness context, and staff review notes. Do not submit private information about other people unless it is directly needed for a report or appeal.
  • Spectator, broadcast, tournament, lobby, and event records where those features are used, including participant eligibility, staff actions, lobby state, and visibility/access settings.
05

Client, anti-cheat, and integrity signals

When KarasuClient or other integrity checks are required, we process the information needed to decide whether a user may queue, join, continue, or receive rewards from a match. This may include client version, session identifiers, heartbeat recency, compliance status, integrity flags, configuration state, game/server connection state, and security-related failure reasons.

We may also process server-side and platform-side signals that indicate cheating, tampering, automation, account sharing, ban evasion, VPN/proxy abuse, exploit attempts, unusual connection patterns, suspicious match behavior, or attempts to bypass match restrictions.

06

Support, reports, appeals, and moderation data

  • Support tickets, categories, messages, attachments, internal notes, status changes, assigned staff, timestamps, audit trail, and resolution history.
  • Reports and appeals, including alleged rule violations, submitted evidence, staff review notes, action history, punishment reason, punishment duration, issuer, affected account, affected match, and appeal outcome.
  • Community-safety data such as warnings, restrictions, bans, mutes, abuse patterns, harassment evidence, impersonation evidence, spam patterns, malicious links, and attempts to manipulate staff or other users.
  • We may keep moderation and safety records even if profile-facing data is removed, because deleting all evidence would let malicious users repeatedly reset history, evade bans, charge back payments, or attack players and staff without accountability.
07

Payments, subscriptions, and fraud prevention

If you buy Karasu+ or another paid feature, payment processing is handled by the payment provider. We do not need full card details from you and do not intentionally store full card numbers. We may store provider customer/subscription references, transaction IDs, invoice or receipt metadata, status changes, failed payment signals, refund or chargeback events, entitlement history, tax/accounting metadata where required, and fraud-prevention signals.

Payment status may be connected to your KarasuCS account so the platform can grant or remove entitlements, handle cancellations, investigate chargebacks, detect payment abuse, and answer billing questions.

08

Device, network, and security logs

  • IP addresses, request timestamps, browser or client user-agent, approximate region, referrer where available, rate-limit events, failed requests, suspicious request patterns, and error logs.
  • Signed internal request metadata, nonce checks, webhook validation results, admin audit events, permission checks, API health events, server heartbeat telemetry, and infrastructure logs.
  • Security events such as brute-force attempts, credential/session abuse, scraping, spam, denial-of-service behavior, exploit probes, malformed requests, unauthorized admin access attempts, and attempts to bypass queue, payment, demo, or moderation controls.
  • We may use these logs to protect KarasuCS, investigate incidents, block abuse, preserve evidence, improve reliability, and comply with legal obligations.
09

Cookies, local storage, and similar technologies

KarasuCS may use cookies, local storage, session storage, or similar technologies for login sessions, security, preferences, routing, language/locale, anti-abuse checks, analytics, and service reliability. Some are necessary for the platform to work; optional analytics or preference features may depend on the choices available in the cookie settings page.

Blocking required cookies or storage can prevent login, matchmaking, account linking, checkout, support, or protected pages from working correctly.

10

Why we process data

  • To provide Steam login, account linking, profiles, queues, parties, matches, vetoes, server connection, match results, demos, leaderboards, clubs, tournaments, support, and user settings.
  • To protect competitive integrity by detecting cheating, tampering, boosting, smurfing, ban evasion, unauthorized match joining, match disruption, and abuse of queue or server systems.
  • To enforce rules consistently, investigate reports, handle appeals, protect staff and players, prevent harassment, and keep moderation decisions explainable with evidence.
  • To process subscriptions, grant entitlements, prevent payment abuse, handle refunds or chargebacks, maintain accounting records, and comply with provider and legal requirements.
  • To secure infrastructure, prevent attacks, debug incidents, measure reliability, improve platform features, and understand aggregate platform health without needing to expose unnecessary personal details.
11

Legal bases and legitimate interests

Where privacy law requires a legal basis, we rely on contract performance to provide the service you request, legitimate interests to keep KarasuCS fair and secure, legal obligations for accounting and lawful requests, and consent where a feature specifically requires optional consent.

Our legitimate interests include preventing cheating, abuse, fraud, ban evasion, account theft, harassment, infrastructure attacks, payment abuse, and manipulation of moderation or match results. We balance those interests against the privacy expectations of good users by limiting access, using records for defined platform purposes, and avoiding unnecessary public disclosure.

12

What is visible to other users

  • Public or semi-public profile information may include username, avatar, Steam identity references, badges, clubs, ranks, match history, stats, leaderboard position, tournament participation, and moderation-visible eligibility state where relevant.
  • Match participants may see match-related data such as team assignment, server connection state, scoreboard, result, demo availability, and dispute-relevant information.
  • Staff may see more information than normal users where needed for support, moderation, integrity review, billing support, fraud prevention, or security operations.
  • We do not intend to publicly expose private support messages, payment details, private staff notes, raw security logs, or sensitive integrity signals except where disclosure is needed for safety, legal compliance, appeal handling, or defense of KarasuCS.
13

Sharing and processors

  • Steam for authentication and Steam identity information.
  • Payment providers for subscriptions, checkout, payment status, refunds, chargebacks, and billing-related fraud prevention.
  • Hosting, storage, CDN, database, email, analytics, monitoring, logging, and infrastructure vendors needed to operate and secure KarasuCS.
  • Professional advisers, insurers, banks, payment providers, law enforcement, regulators, courts, or dispute-resolution bodies where necessary for legal compliance, claims, fraud prevention, safety, or defense of the platform.
  • Moderation, anti-abuse, or community-safety partners only where needed to investigate abuse, protect users, enforce rules, or preserve competitive integrity.
14

Retention and deletion

We keep data for as long as it is needed for the reason it was collected. Some operational logs can be short-lived, while account history, match history, demos, billing records, moderation evidence, ban-evasion evidence, fraud records, and security incident records may need longer retention.

If an account is deleted, suspended, restricted, permanently banned, or removed from platform access, we may remove or anonymize profile-facing information while retaining records needed for safety, legal compliance, accounting, dispute handling, chargeback defense, anti-cheat, abuse prevention, ban-evasion prevention, match-integrity protection, and protection of KarasuCS, players, and staff.

15

Data requests and user rights

Depending on your location, you may have rights to access, correct, export, delete, restrict, or object to certain processing. Email vlad@karasu.live from the account context you use with KarasuCS, or provide enough verification information, so we can confirm the request is from the account owner.

We may refuse, limit, or delay a request where allowed by law if it would expose another user’s data, reveal anti-cheat or security methods, compromise an investigation, destroy evidence needed for disputes or legal claims, or help a malicious user evade enforcement.

16

Children and age-limited users

KarasuCS is intended for users who are old enough to use Steam, CS2, and online competitive services under the rules that apply to them. If we learn that we have collected data from a user who cannot lawfully use the service, we may restrict or delete the account while retaining safety or legal records where necessary.

17

International transfers

KarasuCS, its hosting, vendors, and staff may operate across different countries. Where applicable law requires safeguards for international transfers, we rely on appropriate contractual, technical, and organizational measures from our providers and internal access controls.

18

Security measures

  • Role-based access controls for staff and admin areas.
  • Protected routes, signed internal requests, timestamp and nonce validation, webhook verification, and audit logs for sensitive operations.
  • Rate limiting, monitoring, backups, health checks, security logging, and incident review for infrastructure and abuse prevention.
  • Access to sensitive records is limited to people and systems that need it for platform operation, moderation, support, billing, security, or legal purposes.
19

Changes to this policy

We may update this policy when KarasuCS changes, when vendors change, when legal requirements change, or when we add new integrity, support, billing, community, or tournament features. Material changes may be announced on the site or in-platform where practical.

If you keep using KarasuCS after a policy update, the updated policy applies to your continued use of the platform.