Privacy Policy (GDPR)
Last updated: January 10, 2026
1. Data Controller
FX Server Manager
Denmark
Contact: privacy@fxservermanager.com
2. Scope of This Policy
This Privacy Policy applies to the FX Server Manager FiveM admin panel (the “Service”), which is used exclusively for server administration, moderation, and technical management of FiveM servers.
The Service is intended for administrators and authorized staff only and is not a public-facing consumer application.
3. Personal Data Processed
The Service processes only the personal data necessary to operate and secure a FiveM admin panel.
- User account identifiers and email address
- Roles, permissions, and admin access levels
- Authentication and session metadata
- FiveM-related player identifiers (e.g. license, citizen ID)
- Server, resource, and administrative activity data
- IP address, device type, browser, and access timestamps
Player and server-related data originates from FiveM servers and is processed solely for administrative and moderation purposes.
4. Purpose of Processing
- Authenticate administrators and authorized users
- Provide access to the FiveM admin dashboard
- Display server status, player data, and administrative logs
- Moderate players and manage server operations
- Prevent abuse, unauthorized access, and security incidents
- Ensure system stability, auditing, and troubleshooting
5. Legal Basis for Processing
Personal data is processed in accordance with Article 6 of the GDPR on the following legal bases:
- Article 6(1)(b) – Processing is necessary for the performance of a contract or to provide access to the Service.
- Article 6(1)(f) – Processing is necessary for our legitimate interests in operating, securing, and maintaining a FiveM admin panel.
- Article 6(1)(c) – Where processing is required to comply with legal obligations.
6. Data Processors
- Supabase – authentication, database services, and infrastructure hosting.
- Stripe – payment and billing processing (acts as an independent data controller for payment data).
7. International Data Transfers
Personal data may be processed outside the EU/EEA. Where applicable, such transfers are safeguarded through adequacy decisions or Standard Contractual Clauses in accordance with GDPR requirements.
8. Data Retention
Personal data is retained only for as long as necessary for administrative, security, and operational purposes.
- User account data is retained while the account is active
- Administrative logs are retained for security and auditing
- Data may be deleted or anonymized when no longer required
9. Data Subject Rights
Under the GDPR, data subjects have the following rights:
- Right of access
- Right to rectification
- Right to erasure, where applicable
- Right to restriction of processing
- Right to data portability
- Right to object to processing
- Right to lodge a complaint with the Danish Data Protection Agency (Datatilsynet)
10. Cookies and Storage
The Service uses only strictly necessary cookies or storage mechanisms required for authentication, session management, and security. No tracking or marketing cookies are used.
11. Changes to This Policy
This Privacy Policy may be updated to reflect legal or technical changes. The latest version will always be available on this page.