Scanner EULA

Plain-language summary

In thirty seconds: Carbon Stealth is a scan tool that a server you're trying to join has asked you to run. It inspects categories of your local Windows state to check for known cheat software and evidence of prior cheat use. It runs once when you launch it, and exits. It does not install anything. It does not read your documents, messages, passwords, keystrokes, clipboard, screenshots, audio, or video; it does not inspect general browsing activity beyond a narrow curated list of known cheat-distribution sites. It sends a signed report to the server operator who asked for the scan. You can close the scanner at any time and refuse the scan entirely.

Scope & parties

This End-User Licence Agreement ("EULA") is presented in the Carbon Stealth scanner binary on first launch and governs your use of that binary. It is entered into between:

• You, the user of the machine on which the scanner is launched; and
• Carbon Stealth VCC (EIK BG208725180, Bulgaria), the software's author and licensor.

The server operator who distributed the scanner and receives your report is a separate data controller with whom you have your own relationship (typically, they are the server you want to play on). This EULA does not govern your relationship with them; their policy governs how they use the report after they receive it.

Explicit consent

The scanner will not perform a scan until you click "I accept" on the EULA dialog. By clicking accept you provide explicit, informed, specific, unambiguous consent under GDPR Art. 4(11) and Art. 7 for Carbon Stealth to inspect the categories of data described below and transmit a signed report to the server operator.

You may decline by closing the scanner window. Declining prevents the scan from running and no data leaves your machine.

What the scanner inspects

When you accept, the scanner reads the following categories of local Windows data, each only to the extent needed to produce a cheat-detection verdict:

• Device fingerprint — a non-reversible hash of hardware identifiers, used only to correlate repeat scans of the same machine.
• Live process state — running processes, modules loaded into supported game processes, and active network connections, compared against internal detection rules.
• System configuration state — a limited, rule-driven set of registry locations and file-system paths associated with known cheat installation patterns.
• Persistent system artefacts — operating-system housekeeping records that evidence software-execution history, to identify cheat software that was used and subsequently removed or concealed. Content extracted is limited to rule matches.
• External-service interaction evidence — signals indicating prior interaction with cheat-distribution or command-and-control infrastructure. Matching is against an internal curated list; other browsing history and network traffic are not inspected.

The scanner is a standard userland process by default. No driver is installed. No background service is created. No persistent footprint remains after scan completion.

Administrator elevation (optional, server-requested). If the server that asked you to run the scanner subscribes to an enhanced-integrity tier, the scanner may, on launch, ask your operating system to show a User Account Control (UAC) prompt requesting administrator privileges for a single additional child process dedicated to deeper forensic checks. The elevated child inspects:

• File-activity journal records — filesystem-level evidence that previously-present cheat binaries were created, renamed, or deleted, even after removal.
• Filesystem metadata history — allocation-table entries that record file names and paths no longer visible in normal directory listings.
• System resource-usage records — operating-system accounting of network activity by name-of-executable, used to correlate past connections with cheat-distribution endpoints.

Content extracted from these records is limited to rule matches, on the same basis as the userland checks. You may decline the UAC prompt at any time; the scanner will continue with its standard (non-elevated) checks and will flag the report as declined-elevation. The server operator then decides whether a declined-elevation result is acceptable for their access policy. The elevated child process exits at the end of its single scan and leaves no persistent artefacts.

The technical inventory of specific rules is intentionally not published, to avoid giving cheat-tool vendors a bypass roadmap. Operators who need the full inventory for a procurement or data-protection review may request it under NDA from dpo@carbonstealth.eu.

What the scanner never does

• ❌ Does not read your personal documents, images, or videos.
• ❌ Does not read your email or chat applications.
• ❌ Does not capture screenshots.
• ❌ Does not record audio or video.
• ❌ Does not function as a keylogger or clipboard monitor.
• ❌ Does not read browser history outside the 26 cheat-marketplace domains list.
• ❌ Does not read passwords, cookies, or saved card details from browsers.
• ❌ Does not access cryptocurrency wallets.
• ❌ Does not install a kernel driver, background service, autorun entry, or scheduled task.
• ❌ Does not persist after the scan completes — the process exits and nothing remains resident.
• ❌ Does not transmit data to Carbon Stealth VCC servers directly — it transmits only to the operator who requested the scan.

How data is transmitted

When the scan completes, findings are serialised to JSON, HMAC-SHA256 signed with a per-operator secret, and POSTed over HTTPS (TLS 1.3) to the operator's panel endpoint. The scanner binary is configured at build time by the operator; each operator's scanner only talks to their own panel. Carbon Stealth VCC does not see the contents of the report.

Who receives your data

The server operator who provided the scanner receives the signed report. They become a data controller for your scan data at the moment of receipt. Their own privacy policy governs what happens next. If you don't trust the operator, the correct action is to decline the scan.

Carbon Stealth VCC receives scan data only for operators on the managed Operator or Enterprise tier (where we host the panel on their behalf). In that case, we process the data as a Processor for the operator under a documented Data Processing Agreement.

Withdrawal of consent & your GDPR rights

You can withdraw consent for future scans simply by closing the scanner or refusing the next EULA dialog. Withdrawal does not affect the lawfulness of the processing that already occurred based on your prior consent.

To exercise any GDPR right over the report already submitted (access, rectification, erasure, restriction, portability, objection), contact the server operator who received it. If they use a Carbon Stealth-hosted managed panel and you cannot reach them, contact us at dpo@carbonstealth.eu and we will relay the request within 72 hours.

Licence to use the binary

Carbon Stealth VCC grants you a personal, non-exclusive, non-transferable, revocable licence to run the scanner binary on machines you own or are authorised to operate, solely for the purpose of performing an anticheat scan requested by a legitimate server operator.

You may not reverse engineer, decompile, disassemble, modify, or otherwise tamper with the binary beyond what is permitted by mandatory local law (e.g. interoperability rights under Art. 6 of Directive 2009/24/EC where applicable). You may not redistribute the binary or use it against systems where you lack authorisation.

No warranty & limitation of liability

The scanner is provided "as is" with no warranty. Carbon Stealth VCC's liability under this EULA is limited to the maximum extent permitted by applicable law. See the Terms of Service §11–12 for full warranty disclaimer and liability cap. Nothing here limits liability that cannot lawfully be excluded.

Contact