Data Act Addendum
1. Known Risks to Uninterrupted Services
Known risks to the uninterrupted provision of functions or services include DDoS attacks, hardware and power outages, and data loss resulting from hardware defects. To mitigate these risks, Nitrado implements multi-layer DDoS protection in cooperation with provider partners, deploys dedicated hardware firewalls at the network edge, and coordinates closely with game developers. In addition, each server has redundant power supply with two independent power units on separate electrical circuits and a fully redundant network infrastructure. To prevent data loss, Nitrado performs regular backups on separate systems that enable automated restoration of game worlds; customers also have the option, at any time, to create their own backups.
2. Exportable Data and Digital Assets
Exportable data and digital assets include: (i) all stored game states and world data (e.g., game worlds, maps, save games, databases), to the extent the respective game permits export; (ii) server-side configuration files and settings (e.g., .ini or .cfg files, as well as web interface settings); (iii) server user data such as admin and moderator lists, whitelists/blacklists, or comparable administrative data (for voice servers, e.g., server groups, channel structures, and permissions); and (iv) mods, plug-ins, maps, or other files uploaded by the customer (e.g., installed ARK mods or uploaded mission files).
3. Non-Exportable Data and Digital Assets
The following are not exportable: (i) proprietary software components such as the source code and internals of the Nitrado platform (e.g., the web interface, the “GameFabric” orchestration software, internal scripts for server administration); (ii) server software and images (e.g., the executable server files for Minecraft, ARK, etc.), including specially adapted container or VM images; (iii) internal logs and monitoring data such as utilization statistics, internal log files, hardware performance data, and DDoS traffic analyses; and (iv) security-relevant configurations such as DDoS-protection filter rules, firewall settings, internal network topologies, or passwords/keys.
4. Information on Switching Procedures and Formats
To initiate a change of provider, the customer shall notify Nitrado Customer Support at least two months before the planned switching date. The switch shall be completed within a transition period of 30 calendar days. If this is not technically feasible, Nitrado shall inform the customer within 14 working days and specify an alternative transition period not exceeding seven months. A one-time extension by the customer is possible.
Exported data and digital assets are provided in common formats; any technical constraints (e.g., necessary server stoppages or large data volumes) will be communicated transparently.
The customer is responsible for exporting and importing the data, even if third parties are engaged for this purpose. However, Nitrado will provide reasonable support and will ensure service availability during the transition period.
The customer shall notify Nitrado without undue delay upon completion of the switch. An additional retrieval period of 30 days then applies; thereafter, all exportable data will be deleted to the extent no statutory retention obligations exist. The contractual relationship ends upon successful change of provider or after complete deletion of the data. The Terms and Conditions apply.
5. Online Register
Nitrado maintains an Online Register of Data Structures and Data Formats based on Applicable Standards and Open Interoperability Specifications.
6. Jurisdiction of the ICT Infrastructure
Nitrado operates server locations in Australia, Brazil, Germany, Japan, Singapore, the United Kingdom, and the United States. Where necessary, the infrastructure is supplemented by Google Cloud Platform (GCP), with priority given to data-center regions in the country or region in which the customer is located (e.g., EU customers are primarily scaled in EU data centers). The ICT infrastructure used in each case is subject to the jurisdiction and national law of the respective location.
7. Safeguards Against Unlawful Government Access
Nitrado implements technical, organizational, and contractual measures to prevent unlawful access to data. These include encryption of customer data and limiting administrative access to authorized personnel. marbis responds to official requests only pursuant to binding orders from authorities or courts; customers are informed to the extent permitted by law. In addition, multi-layer security and monitoring systems as well as strict access controls are employed. For sub-service providers outside the EU, Nitrado enters into contracts that expressly prohibit unlawful disclosures of data.
