Privacy Policy
Effective date: April 15, 2026
1. Who we are
Counterwatch is operated by Supre.me AB, a company registered in Sweden. Supre.me AB is the data controller for personal data processed through the Counterwatch website (counterwatch.gg) and the Counterwatch desktop application distributed via Overwolf. This Privacy Policy covers both surfaces and explains what we collect, why, and what rights you have.
The Overwolf client has its own privacy policy governing the Overwolf platform itself. This policy is not an agreement with Overwolf.
2. Personal data we collect
Depending on how you use Counterwatch, we may collect or receive the following categories of data.
Account information (desktop app and website)
- Email address (for signed-in users).
- Single-sign-on (SSO) / authentication identifiers and tokens.
- Profile information you choose to provide (e.g., display name).
Hashed email (desktop app only, advertising identity)
- For certain user tiers of the desktop app, an email hash may be generated for advertising identity purposes. A hashed email is a cryptographic hash of your email address and is used to help advertisers measure and personalize ads without revealing your plain email address.
- You can opt out of hashed email usage via Overwolf client settings ("Use data to customize Overwolf for you").
- The website (counterwatch.gg) does not generate or use a hashed email and does not currently carry advertising.
Usage and device information
- Feature interactions and diagnostic / performance information.
- Technical identifiers such as device type, browser, and IP address, used for security, fraud prevention, and (in the desktop app) advertising.
Communications
- Information you provide when you contact support, including your email address and the content of your request.
3. How we use personal data
- To provide and operate Counterwatch services and features.
- To authenticate users and manage accounts.
- To improve the app and website, fix bugs, measure performance, and develop new features.
- For advertising measurement and personalization in the desktop app (as applicable to your user tier). The website does not carry advertising at this time.
- For audits, fraud prevention, security, and compliance.
4. Legal bases for processing (GDPR)
Where GDPR applies, we rely on the following legal bases:
- Contract: to provide the service you sign up for, including account authentication.
- Consent: for website analytics cookies (Mixpanel) and for desktop-app advertising features where consent is required. You can withdraw consent at any time (see section 8).
- Legitimate interest: for security, fraud prevention, and ensuring the reliability of our service.
5. Cookies and similar technologies (website)
The website uses cookies and browser storage for two purposes: keeping you signed in, and understanding which features people actually use so we can improve them. No advertising cookies, no third-party marketing trackers.
| Name | Provider | Purpose | Category | Duration |
|---|---|---|---|---|
Supabase auth tokens (sb-*) | Supabase | Sign-in / session | Strictly necessary | Session / up to 1 year |
cc_cookie | Counterwatch | Records your cookie choices | Strictly necessary | 12 months |
mp_* (localStorage) | Mixpanel | Product analytics (anonymous ID, page views, feature usage) | Analytics (opt-in) | Up to 12 months |
Analytics are only activated if you accept them in the cookie banner. You can change your choice at any time using the "Cookie settings" link in the footer.
6. Which desktop-app users have hashed emails
Hashed email and advertising behaviour in the desktop app varies by user tier:
| Tier | Has email hash | Sees ads |
|---|---|---|
| Guest | No | Yes |
| Free | Yes | Yes |
| Plus | Yes | No |
| Premium | Yes | No |
7. Sharing personal data
Overwolf (desktop app, required disclosure)
We share desktop-app users' email addresses, SSO information, and data related to advertising (as applicable to your tier) with Overwolf. Overwolf is the platform that distributes the desktop app.
Service providers (processors)
We share personal data with third-party service providers that help us operate the service. Current processors:
- Supabase: authentication and backend services, including account management.
- Mixpanel: product analytics for the website and desktop app.
If we add additional providers (e.g., advertising, support, payment processing), we will update this Privacy Policy.
8. International data transfers
Supre.me AB is based in Sweden. Some of our service providers are located in the United States, which means your personal data may be transferred outside the European Economic Area. We rely on the EU-U.S. Data Privacy Framework and, where applicable, Standard Contractual Clauses (SCCs) as the legal mechanism for these transfers. Each processor is contractually bound to protect your data.
9. Data retention
- Account data: retained for the life of your account. You can request deletion at any time (see section 10).
- Website analytics data: up to 12 months from collection, then anonymized or deleted.
- Support correspondence: up to 24 months after the matter is resolved.
- We may retain specific records longer where required to comply with legal obligations, resolve disputes, or enforce agreements.
10. Your rights and choices
- Access, correction, deletion, portability, and restriction: you can request any of these at any time by emailing the address in section 12.
- Withdraw consent:you can change or withdraw cookie consent using the "Cookie settings" link in the website footer. You can opt out of hashed email usage in the desktop app via Overwolf client settings ("Use data to customize Overwolf for you").
- Object: you can object to processing based on legitimate interest.
- Lodge a complaint: with a supervisory authority (see section 11).
11. Supervisory authority
If you are in the EU / EEA and you believe we are processing your data unlawfully, you have the right to lodge a complaint with a supervisory authority. The authority for Sweden is the Swedish Authority for Privacy Protection (Integritetsskyddsmyndigheten, IMY), available at imy.se.
12. Contact information
To exercise your rights or ask questions about this Privacy Policy, contact us:
Name: Supre.me AB
Address: Kommendörsgatan 9, C/O Tech Farm, 114 48 Stockholm, Sweden
Email: oskar@counterwatch.gg
This Privacy Policy may be updated from time to time. Material changes will be announced on this page with an updated effective date.