Privacy Policy
Last Updated: March 9, 2026
1. Introduction
L2ForgeZone ("we", "us", "our") is committed to protecting your privacy. This Privacy Policy explains
how we collect, use, store, and protect your personal information when you use our extension sales platform,
website, customer account portal, Discord integration, and related services (the "Services").
L2ForgeZone is a B2B service provider that sells premium extensions and services to Lineage 2 server owners.
We do not operate a game server; we provide extensions and services for server owners to use on their own servers.
By using our Services, you agree to the collection and use of information in accordance with this policy.
2. Third-Party Affiliation Disclaimer
L2ForgeZone is not affiliated with, endorsed by, or associated with NCsoft Corporation, Discord Inc., or any of their subsidiaries.
L2ForgeZone is an independent service provider that offers extensions and services for Lineage 2 server owners.
We operate independently and have no business relationship, partnership, or official connection with:
- NCsoft Corporation: The developer and publisher of Lineage 2. Any references to Lineage 2, game mechanics, or related content are made solely for the purpose of describing our services and do not imply any affiliation or endorsement by NCsoft.
- Discord Inc.: We utilize Discord's platform and API services to provide customer support, account linking, and communication features. Our use of Discord's services is subject to Discord's Terms of Service and Privacy Policy, but does not constitute an official partnership, endorsement, or affiliation with Discord Inc.
3. Information We Collect
3.1 Account Information
When you create a customer account, we collect:
- Username: Your chosen account username
- Password: Encrypted and hashed (we cannot see your actual password)
- Email Address: For account recovery and important notifications
- IP Address: For security, fraud prevention, and server management
3.2 Discord Integration Data
When you link your Discord account, we store:
- Discord User ID: A unique numeric identifier from Discord, associated with your customer account
- Link timestamps: When the link was created or last verified (linked_at, last_verified)
We do not store Discord OAuth access tokens or your Discord username/display name in our database for this link. This data is used for account verification, support, and access to support channels on Discord.
3.3 Purchase & Transaction Data
When you make purchases, we collect:
- Transaction Records: Purchase history, transaction IDs, amounts, and dates
- Extension Licenses: Information about purchased extensions and licenses
- Account Credits: Credit balance and transaction history
3.4 Payment Information
For product purchases:
- Payment Processor Data: We use Stripe and PayPal; they handle all payment details
- We DO NOT store: Credit card numbers, CVV codes, or banking information
- We DO store: Transaction IDs, purchase amounts, product delivery status, and purchase history
- Product Sales: All transactions are product purchases (extensions, credits, services)
3.5 Technical & Analytics Data
- Browser type and version
- Device information
- Connection data (timestamps, session duration)
- Error logs and crash reports (for service improvement)
- Website usage patterns (anonymized, for improving user experience)
4. How We Use Your Information
We use your data ONLY for the following purposes:
| Purpose |
Data Used |
| Account Management |
Username, password, email, IP address |
| Extension Sales & Licensing |
Purchase history, transaction records, license information |
| Discord Integration |
Discord user ID, link and verification timestamps |
| Security & Fraud Prevention |
IP addresses, login attempts, transaction patterns |
| Purchase Processing |
Transaction IDs, purchase amounts, account names, payment method |
| Customer Support |
Email, account data, purchase history, support tickets |
| Service Improvement |
Analytics, error logs, website usage patterns (anonymized) |
5. Data Sharing & Third Parties
We DO NOT sell, rent, or trade your personal information to third parties.
We only share data with:
- Payment Processors: Stripe and PayPal (for purchase processing only)
- Discord: Customer support and community features when you use Discord; link data is processed per section 3.2
- Infrastructure & security: Cloudflare and similar providers that host or protect our websites, APIs, and databases (traffic is protected with HTTPS; see our Cookie Policy for Cloudflare-related cookies)
- Legal Authorities: Only if required by law or to prevent illegal activities
6. Data Storage & Security
6.1 Security Measures
- Password storage: Passwords are stored using one-way hashing (PBKDF2 with SHA-256, salted, 100,000 iterations). We cannot recover your plaintext password.
- SSL/TLS: All web traffic is encrypted via HTTPS
- Access Control: Database access is restricted to essential systems only
- Backups: We maintain backups of our systems in line with operational needs
- Server Monitoring: Continuous intrusion detection and logging
6.2 Data Retention
- Active Accounts: Data retained as long as account is active
- Inactive Accounts: May be archived after 12 months of inactivity
- Discord Links: Stored until you manually unlink your Discord account
- Transaction Records: Kept for 7 years for accounting/legal purposes
- Purchase History: Retained indefinitely for customer records and support
- Support Communications: Retained for 2 years for quality assurance and dispute resolution
7. Data Breach Notification
In the unlikely event of a data breach that compromises your personal information, we are committed to
transparency and will take immediate action to address the situation.
7.1 Our Response Process
In the event of a data breach, we will:
- Immediately Investigate: Take immediate steps to contain and investigate the breach
- Assess the Risk: Evaluate the nature and extent of the breach and the risk to affected users
- Notify Authorities: Report the breach to relevant supervisory authorities as required by law (within 72 hours under GDPR, if applicable)
- Notify Affected Users: Inform affected users without undue delay if the breach poses a high risk to their rights and freedoms
- Remediate: Take appropriate measures to prevent future breaches and address any vulnerabilities
7.2 What We Will Tell You
If you are affected by a data breach, we will notify you and provide information about:
- The nature of the breach and what happened
- What personal data was compromised
- The likely consequences of the breach
- The measures we have taken or propose to take to address the breach
- Recommendations for steps you should take to protect yourself (such as changing passwords)
- How to contact us for more information
7.3 How We Will Notify You
We will notify affected users through the most appropriate means available, which may include:
- Email to the email address associated with your account
- Notification through our Discord support channels (if you have linked your Discord account)
- Public announcement on our website (for major breaches affecting many users)
Important: We implement strong security measures to protect your data and prevent breaches.
However, no system is 100% secure. If you suspect any unauthorized access to your account or notice any
suspicious activity, please contact us immediately at
Email Support
or through our Discord Support.
8. Your Privacy Rights
You have the following rights regarding your data:
8.1 Access
You can request a copy of all personal data we hold about you.
8.2 Correction
You can update your email address and password via the account management page.
8.3 Deletion
You can request account deletion. Note: This will permanently delete your account, purchase history, and all associated data.
Transaction records may be retained for legal/accounting purposes as required by law.
8.4 Discord Unlinking
You can unlink your Discord account at any time from the account management page.
8.5 Data Portability
You can request an export of your account data, including purchase history and transaction records, in a machine-readable format.
To exercise these rights:
9. Cookies, Browser Storage & Tracking
We use few cookies. Our customer account experience relies primarily on browser storage (e.g. localStorage) on the account portal to keep you signed in and show account information, rather than a classic server session cookie. The public website may use short-lived sessionStorage (e.g. to cache non-sensitive public API stats for display). Clearing site data in your browser may sign you out or reset cached page data.
Cloudflare and similar security providers may set necessary security cookies (such as bot challenges). Details are in our Cookie Policy.
- No analytics trackers: We do NOT use Google Analytics or similar third-party analytics cookies
- No advertising: We do NOT use advertising or remarketing cookies
10. Children's Privacy
Our Services are intended for users aged 16 and older. We do not knowingly collect personal
information from anyone under 16 years of age.
11. Changes to This Policy
We may update this Privacy Policy from time to time. Changes will be posted on this page with
an updated "Last Updated" date. Continued use of our Services after changes constitutes acceptance
of the updated policy. Major changes will be announced via Discord, email, and our website.
12. Contact Us
If you have questions, concerns, or requests regarding this Privacy Policy or your personal data:
Your privacy and data security are our top priorities. We are committed to transparency and protecting your information.