Privacy Policy

This page explains what data we collect when you use Infinity-Filter, why we collect it, and what your rights are. It applies to our website and to our anti-DDoS filtering service.

Last update: May 23, 2026

1. Who we are

Infinity-Filter is operated by FAVVEY, a French SAS headquartered at 52 boulevard Maurice Berteaux, 95110 Sannois, France, registered with the R.C.S. of Pontoise under no. 949 953 558. We are the data controller for the information described on this page.

For any privacy matter, write to contact@infinity-filter.com with “Privacy” in the subject line.

2. Information we collect

We only collect what we need to provide and improve the service.

Account information. When you create an account we collect your email address, a username, and a hashed password. If you subscribe to a paid plan we also store an identifier linking your account to your payment profile.

Service configuration. The domains you point at our network, the backend addresses you configure, and the filtering settings you choose.

Traffic data. Source IP addresses of the players who connect to your protected server, along with packet and byte counters. We need to see this traffic to filter it.

Player session data. For each player who connects to a server you protect with us, we record the in-game username, the platform (Java or Bedrock), the server they joined, the client version, the country derived from their IP, and session timestamps. This data powers the analytics dashboard you signed up for.

Support messages. Anything you send us by email, through the contact form, or via our community channels.

Website analytics. If you accept analytics cookies, we collect aggregated usage data through Google Analytics to understand how the site is used. See our Cookies Policy for details.

3. Information we don’t collect

  • We never sell personal data.
  • We don’t use behavioural advertising or cross-site tracking.
  • We don’t profile individual players outside of the security and analytics features described above.
  • We don’t read the content of game packets beyond what’s needed to identify and drop malicious traffic.
  • Our service is intended for users aged 16 and over. We don’t knowingly collect personal data from minors under 16.

4. How we use your information

We use the information above to operate and improve the service, specifically to:

  • Create your account, authenticate you, and process your subscription.
  • Route, filter, and mitigate malicious traffic targeting your server.
  • Provide the analytics dashboard you subscribed to.
  • Send you transactional emails (account verification, password reset, billing receipts, service alerts).
  • Respond to your questions and improve the service based on your feedback.
  • Detect, prevent, and respond to abuse, fraud, and security incidents.
  • Comply with our legal obligations (accounting, lawful requests from authorities).

Our anti-DDoS engine automatically classifies traffic as legitimate or malicious. The only effect of this automated processing is whether a packet is allowed through or dropped. If you believe your traffic was wrongly blocked, write to us with the IP and the timestamp and we’ll review it manually.

If you are in the European Economic Area or the United Kingdom, we process your personal data on the following legal bases:

  • Contract — to provide the service you subscribed to (account, configuration, filtering, billing).
  • Legitimate interest — to keep our network and our customers’ servers secure, prevent abuse, deliver analytics, and improve the service.
  • Consent — for optional cookies and any other processing where we explicitly ask for it. You can withdraw consent at any time.
  • Legal obligation — for accounting records and responses to lawful requests from authorities.

6. How long we keep it

We keep your data only as long as we need it. In practice:

  • Account data is kept for as long as your account is active and deleted shortly after closure, except for invoicing records which we keep for 10 years as required by French law.
  • Traffic data (player IPs) is purged within a few days.
  • Player session data is kept while the corresponding server exists on your account, then removed after the server is deleted.
  • Support messages are kept for up to 2 years after the conversation ends.
  • Website analytics data is kept for up to 14 months.

7. How we share your information

We share personal data only when it’s strictly needed to run the service, and only with carefully selected providers bound by appropriate confidentiality and data protection commitments. This includes payment processing, transactional email delivery, infrastructure hosting in the European Union, anti-bot protection in front of the dashboard, and optional website analytics.

We do not share your data with anyone else except where we are legally required to (for example, in response to a valid request from a competent authority).

8. International transfers

Our core systems are hosted in the European Union. Our edge filtering network operates from points of presence in France, Germany, Poland, and Canada.

Where personal data is processed outside the European Economic Area, we rely on appropriate transfer mechanisms recognised by the European Commission (such as adequacy decisions or Standard Contractual Clauses) to maintain an equivalent level of protection.

9. Security

We use appropriate technical and organisational measures to protect your data, including encryption in transit, strong password hashing, two-factor authentication for customer accounts, role-based access controls, encrypted backups, and a web application firewall in front of the dashboard.

If a personal data breach ever occurred and was likely to put your rights at risk, we would notify the competent authority and, where appropriate, the affected users without undue delay.

10. Your rights

You have the right to access the personal data we hold about you, correct it, delete it, restrict or object to its processing, request a portable copy, and withdraw any consent you’ve given. You can exercise these rights at any time by writing to contact@infinity-filter.com. We may ask you to verify your identity to protect against fraudulent requests, and we’ll respond within one month.

If you think we’ve mishandled your data, you can lodge a complaint with the French data protection authority, the CNIL (cnil.fr), or with the supervisory authority in your country.

11. Cookies

See our Cookies Policy for details on the cookies we use and how to manage them.

12. Changes to this policy

We may update this policy from time to time. The “Last updated” date at the top reflects the latest revision. Where a change requires your consent, the consent banner will re-prompt you.

13. Contact

FAVVEY SAS, 52 boulevard Maurice Berteaux, 95110 Sannois, France contact@infinity-filter.com, subject: “Privacy”