Early Access is openBe among the first server owners on ZenithCMS

ZenithCMS

Legal

Privacy Policy

Last updated: June 2026

This Privacy Policy explains how ZenithCMS (“we”, “us”, “our”) collects, uses, and protects information when you use our control-panel platform for Lineage 2 private servers (the “Service”). By using the Service you agree to the practices described here.

1. Who we are

ZenithCMS is a software-as-a-service platform that provides player portals and administration dashboards to Lineage 2 server owners. We act as the data controller for account data of server owners, and as a data processor for the player data that server owners manage through our Service.

2. Information we collect

We collect the following categories of data:

  • Account data — name, email address, and a hashed password when you register.
  • Billing data — handled by our payment processor (Stripe). We never store your full card number.
  • Server configuration — your server name, branding, and an encrypted copy of the database credentials you provide to connect your L2J server.
  • Usage data — log data such as IP address, browser type, and pages visited, used for security and analytics.

3. How we use your data

We use your data to:

  • Provide, operate, and maintain the Service;
  • Process payments and manage your subscription;
  • Send transactional emails (verification, password reset, receipts);
  • Detect, prevent, and address fraud or abuse;
  • Comply with legal obligations.

4. Database credentials

When you connect your L2J database, the credentials you supply are encrypted at rest using AES-256 before being stored. They are decrypted only at the moment a query needs to run on your behalf and are never exposed in our interface or logs.

5. Sharing your data

We do not sell your personal data. We share data only with the sub-processors required to run the Service: Stripe (payments), Resend (transactional email), Supabase (database hosting), and Vercel (application hosting). Each is bound by its own data-protection agreement.

6. Data retention

We retain account data for as long as your account is active. If you delete your account, we remove your personal data within 30 days, except where we are legally required to retain certain billing records.

7. Your rights

Under the GDPR and similar laws, you have the right to access, correct, export, or delete your personal data, and to object to or restrict its processing. To exercise these rights, email legal@zenithcms.app.

8. Security

We use industry-standard measures including encrypted connections (TLS), encrypted credential storage, and hashed passwords. No method of transmission is 100% secure, but we work continuously to protect your data.

9. Changes to this policy

We may update this Privacy Policy from time to time. Material changes will be announced through the Service or by email. Continued use of the Service after changes take effect constitutes acceptance.

Questions about this policy?

Contact us at legal@zenithcms.app