Back to Home
Last updated: Fev, 2026Version 1.3

Privacy Policy

To ensure the seamless delivery of our services and maintain the trustworthiness of our platform, we collect and process specific categories of information.

Introduction

Our approach to data management is rooted in the principles of transparency, necessity, and security. We are dedicated to protecting all collected information, adhering to strict confidentiality protocols and relevant legal standards. By engaging with our services, you acknowledge and consent to the responsible handling of your data in alignment with our established policies.

Website Data Collection

Types of Collections:

  • Cloudflare: Our website (www.cria.ac) is protected by Cloudflare's most advanced encryption and has SSL and encrypted client-side encryption.
  • Discord: Website login is done via Discord API. We only request your Discord ID, username, and avatar. We do not collect email or other information. When you log in, the Discord API shows you what information you will authorize.
  • Cria: The only data that the Cria website natively obtains is your Discord-ID, Nametag and Avatar.
  • Registration: Registration on the website is based on the Discord ID of the user registered as a customer. If the Discord ID is registered and is on our official Discord server discord.gg/cria, the user will have access to our platform.

Scanner Data Collection

The Cria scanner collects technical forensic data from the scanned system. This data is used exclusively to generate a diagnostic report.

  • Hardware identifiers (for context and correlation)
  • Running processes and loaded modules
  • Recently executed files and their metadata
  • File system artifacts relevant to cheat detection
  • Memory strings relevant to known cheat signatures
  • Custom strings provided by the customer (via the platform)

NOT Support: The Cria does not allow strings in regex format and custom-detections for everyone's safety.

Download

  • The official download method is through the domain https://www.cria.ac/download.
  • When you enter the generated PIN/Code to download, a notification and a checkbox will appear allowing you to select and confirm your agreement with the terms of use and privacy policy.
  • The legal basis for data collection through the Cria scanner includes Consent and Legitimate Interest. By downloading and using Cria, you agree to the data collection. Cria.ac has a Legitimate Interest in ensuring fairness in online gaming.

Data Security

We implement rigorous security measures to protect your information:

  • AES-256 encryption
  • HTTPS/TLS communication for secure transmission
  • Continuous monitoring against unauthorized access
  • Regular backups and data redundancy
  • Internal policies for restricted data access

Security: Information is stored on protected infrastructure, including cloud servers and network protection services, with encryption and traffic filtering mechanisms designed to reduce the risk of unauthorized access.

LGPD & GDPR Compliance

  • Data Minimization (Art. 5(1)(c)): Only data strictly necessary for anti-cheat forensic analysis is collected, as detailed in Section 3. No sensitive categories of personal data (Art. 9) are processed.
  • Purpose Limitation (Art. 5(1)(b)): All collected data is used exclusively for the purpose of detecting cheating indicators and producing forensic reports. No data is sold, shared for advertising, or used for unrelated profiling.
  • Storage Limitation (Art. 5(1)(e)): Data is retained only for as long as necessary for its stated purpose, with scheduled cleanup cycles occurring approximately every 3 months.
  • Integrity and Confidentiality (Art. 5(1)(f)): Technical measures including AES-256 encryption, TLS transmission, and role-based access controls are in place to protect personal data against unauthorized access or accidental loss.
  • Data Subject Rights: If it is necessary to remove any result/diagnosis from the scanner, please request it by contacting jardelsousa04@hotmail.com. Requests will be processed within 14 business days.

Commitment Statement: Cria is a Brazilian-origin platform governed by the LGPD. Where our services reach individuals in the European Union or EEA, we are committed to applying the standards of the GDPR in good faith, as part of our broader commitment to responsible and transparent data handling for all users, regardless of their location.

Privacy Global

The legal bases for data processing include:

  • Consent: For voluntary use of the platform and scanner.
  • Legitimate Interest: For fraud prevention, anti-cheat enforcement, and platform security.
  • Legal Obligation: When retention is required for dispute resolution or compliance.

Privacy and Data Protection

  • Although we operate from Brazil, we are committed to maintaining strong privacy and data protection standards for all users.
  • We recognize that users may be subject to specific data protection laws. In Brazil, personal data is governed by the LGPD (Lei Geral de Proteção de Dados).
  • For users in the European Union or EEA, we apply GDPR standards in good faith as part of our commitment to responsible data handling.

Automated Decision-Making

Role Separation

  • Cria's Role — Data Processor / Analysis Tool: Cria collects and analyzes system data using automated methods (entropy analysis, YARA rules, USN Journal inspection, registry forensics, process memory scanning, and heuristic file verification) and produces a structured forensic report indicating whether suspicious indicators were detected.
  • Customer's Role — Decision Maker: The customer (the server owner, gaming community, or organization using Cria's service) is solely responsible for reviewing the forensic report and deciding whether to apply any sanction, ban, restriction, or other measure against the scanned user. This decision is made by a human operator on the customer's side and is entirely outside Cria's control.
  • No Automatic Enforcement: Cria does not automatically trigger bans, restrictions, or notifications to game servers. No enforcement action is applied without deliberate human intervention by the customer.

Nature of Automated Processing

The automated analysis performed by the Cria scanner includes the following techniques:

  • Entropy and heuristic static analysis of executable files
  • YARA rule-based pattern matching for known cheat signatures
  • NTFS USN Journal inspection for abnormal file system changes
  • Memory scanning for cheat API string references
  • Hardware and system identifier collection for context

The output of this process is a forensic report — not a verdict. The report presents technical findings and indicators. No legal, contractual, or service consequence is applied by Cria as a direct result of this analysis.

Your Rights Regarding Automated Analysis

  • Right to Human Review: Since the final decision affecting you is always made by a human operator (the customer), the mechanism of human review required by GDPR Art. 22 is inherently present in Cria's operational model. The customer reviewing the report constitutes the human decision-making layer.
  • Right to Contest a Decision: If you believe a sanction applied against you by a customer was based on inaccurate or misinterpreted forensic data, you may contact Cria at cria-sup@proton.me and jardelsousa04@hotmail.com to request a review of the technical report associated with your scan. Cria will assess whether the data was accurately collected and reported, and provide clarification where possible.
Terms of ServiceHome
© 2026 Cria.ac — All rights reserved.