Security Policy

Effective Date: 03/04/2026

1. Policy Purpose and Application

This Information Security Policy describes the safeguards implemented by DIGISKINS LTD (the “Company”, “we”, “us”, or “our”) in connection with the operation of the online platform available at https://skinbix.com (the “Platform”).

The purpose of this document is to explain how the Company protects technical infrastructure, digital assets, user activity, and operational data from unauthorized access, misuse, disruption, loss, or compromise.

This Policy applies to:

users of the Platform;
employees and contractors of the Company;
external service providers;
any individuals granted authorized access to systems or environments supporting the Platform.

The Company maintains its security framework in accordance with recognised cybersecurity practices and applicable legal requirements within the United Kingdom and the European Union.

2. Security Framework Objectives

The Company maintains a structured approach to information security designed to:

safeguard user identifiers and platform-related operational data;
protect virtual assets processed through the Service;
maintain reliable and continuous Platform availability;
reduce exposure to cyber threats and unauthorized activity;
detect and respond to security incidents in a timely manner;
comply with applicable regulatory and data protection obligations.

Security controls are reviewed periodically and adjusted where necessary to address evolving risks and technical developments.

3. Fundamental Security Principles

The Company’s information security program is based on the following key principles:

restricting access to confidential and sensitive information;
ensuring integrity and reliability of stored and processed data;
maintaining operational continuity of the Platform;
assigning clear responsibilities for information security compliance;
continuously improving protective measures in response to emerging threats.

4. Technical Security Measures

4.1 Protection of Data Transmission and Storage

Communication between users and the Platform is protected using current encryption technologies. Sensitive operational information and system data are stored within secured environments that follow industry-standard protection practices.

4.2 Hosting Infrastructure

The Platform operates on professionally maintained hosting infrastructure located within the European Union. Administrative access is restricted to authorized personnel and is subject to monitoring controls.

Backup mechanisms are implemented to support system recovery in the event of technical disruption or security-related incidents.

4.3 Network-Level Protection

Network protection measures include traffic filtering technologies, monitoring systems for suspicious activity, and automated mitigation tools designed to reduce risks associated with unauthorized access attempts, denial-of-service attacks, and automated abuse.

4.4 Authentication and Access Controls

User authentication is performed exclusively through official Steam authentication mechanisms.

Access to internal systems requiring elevated privileges is subject to enhanced verification procedures. Internal access permissions are reviewed regularly and adjusted where necessary.

4.5 Logging and Monitoring

System activity, user operations, and transaction-related events are recorded for security monitoring, operational stability, and investigation of potential misuse or irregular activity.

Logs are retained for a defined minimum period consistent with operational and security requirements.

5. Organisational Security Measures

5.1 Internal Access Restrictions

Access to internal systems and operational data is granted only where necessary for legitimate business purposes. Permissions are periodically reviewed and updated when required.

5.2 Staff Awareness

Individuals involved in maintaining or supporting the Platform receive guidance on information security responsibilities. Awareness measures are implemented to reduce risks associated with credential misuse, phishing, and social engineering threats.

5.3 Incident Management Procedures

The Company maintains procedures for identifying, assessing, documenting, and responding to security incidents.

Where required by applicable law or where reasonably necessary under the circumstances, affected users may be notified of relevant security events.

5.4 Risk Evaluation

Operational and technical risks are reviewed periodically. Where appropriate, the Company may involve internal specialists or independent third-party experts to evaluate the effectiveness of implemented safeguards.

6. Responsibilities of Users

Users are responsible for maintaining the confidentiality and security of their connected Steam accounts and authentication credentials.

Any suspected unauthorized access or security concern should be reported to the Company without delay.

Failure to comply with these responsibilities may result in restricted access to the Platform or associated losses, for which the Company cannot be held responsible.

7. Relationship with Other Platform Policies

This Security Policy should be read together with other governing documents of the Platform, including:

Terms of Service;
Privacy Policy;
Cookie Policy;
Refund & Chargeback Policy.

Together, these documents establish the legal and operational framework governing use of the Platform.

8. No Absolute Security Guarantee

Although the Company applies reasonable and up-to-date technical and organisational safeguards, no digital system can be considered entirely immune from risk.

The Company shall not be responsible for security incidents arising from third-party systems or services outside its control, including authentication providers and payment processors.

9. Updates to This Policy

This Security Policy may be revised periodically to reflect changes in technology, operational processes, or legal requirements.

Any updated version becomes effective upon publication on the Platform unless stated otherwise.

Continued use of the Platform after updates are published constitutes acceptance of the revised Policy.

10. Contact Information

DIGISKINS LTD
167–169 Great Portland Street, Fifth Floor
London, United Kingdom, W1W 5PF
Phone: +44 7458 148289
Email: info@skinbix.com
Website: https://skinbix.com

Cookie	Duration	Description
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.