================================================================================
PRIVACY POLICY

  • YodaKeys — www.yodakeys.com

Last Updated: feb 3, 2026
================================================================================

INTRODUCTION

YodaKeys (“we,” “us,” or “our”), operated from Al Jerf 1, Ajman, United Arab
Emirates/ uk and canada  is committed to protecting your personal information and your right to
privacy. This Privacy Policy explains in detail how we collect, use, store,
share, and protect information about you when you visit or make a purchase on
www.yodakeys.com (the “Website”).

By accessing or using our Website, creating an account, or completing a
purchase, you acknowledge that you have read, understood, and agree to the
practices described in this Privacy Policy. If you do not agree, please
discontinue use of the Website immediately.

This Policy applies to all visitors, users, and customers regardless of
location. Where applicable, it is drafted in compliance with the UAE Federal
Decree-Law No. 45 of 2021 on Personal Data Protection, the EU General Data
Protection Regulation (GDPR) (for users in the European Economic Area), and
other applicable data protection laws.

——————————————————————————–
1. INFORMATION WE COLLECT
——————————————————————————–

1.1 Information You Provide Directly

We collect information you voluntarily provide when you:

a) Create an account: full name, email address, username, and password
(stored in encrypted form).

b) Place an order: billing name, email address, payment details (processed
exclusively via secure third-party payment gateways — we do not store raw
card numbers), billing address, and order details.

c) Contact our support team: name, email address, and the content of your
messages or enquiries.

d) Submit product reviews: your display name, rating, and review text.

e) Subscribe to our newsletter or promotional emails: your email address and
communication preferences.

1.2 Information Collected Automatically

When you visit the Website, we automatically collect:

a) Device and technical data: IP address, browser type and version, operating
system, device identifiers, screen resolution, and time zone.

b) Usage data: pages visited, products viewed, links clicked, referral URLs,
session duration, and navigation paths.

c) Transaction data: order IDs, product keys delivered, delivery timestamps,
and purchase history.

d) Cookie and tracking data: as described in Section 5 below.

1.3 Information from Third Parties

We may receive information about you from:

a) Payment processors (e.g., Stripe, PayPal, or other gateways) confirming
successful or failed transactions.

b) Fraud prevention and identity verification services.

c) Social media platforms, if you choose to connect your social accounts or
interact with our pages.

d) Analytics providers that help us understand Website traffic and user
behaviour.

——————————————————————————–
2. HOW WE USE YOUR INFORMATION
——————————————————————————–

We use your information for the following purposes and on the following legal
bases (where GDPR applies):

PURPOSE LEGAL BASIS
─────────────────────────────────────────────────────────────────────────────
Process and fulfil your orders, deliver Performance of Contract
digital keys and licences, and send order
confirmation and delivery emails.

Create and manage your account. Performance of Contract

Process payments and prevent fraudulent Performance of Contract /
transactions. Legitimate Interest

Provide customer support and respond to Performance of Contract /
enquiries. Legitimate Interest

Send transactional communications Performance of Contract
(receipts, delivery confirmations,
account alerts).

Send marketing and promotional emails, Consent (you may opt out
newsletters, and special offers. at any time)

Improve the Website, analyse user Legitimate Interest
behaviour, and personalise your experience.

Comply with legal obligations, enforce our Legal Obligation /
Terms & Conditions, and resolve disputes. Legitimate Interest

Detect, prevent, and investigate fraud, Legitimate Interest /
abuse, and security incidents. Legal Obligation

Conduct internal research and analytics to Legitimate Interest
develop new products and services.

We will never use your personal data for automated decision-making that
produces legal or significant effects without human oversight, unless required
by law.

——————————————————————————–
3. HOW WE SHARE YOUR INFORMATION
——————————————————————————–

We do not sell, rent, or trade your personal information to third parties for
their marketing purposes. We share your data only in the following limited
circumstances:

3.1 Service Providers

We share data with carefully vetted third-party service providers who process
data on our behalf, including:

– Payment processors to handle transactions securely.
– Email delivery providers to send transactional and marketing emails.
– Cloud hosting and server infrastructure providers.
– Analytics platforms (e.g., Google Analytics).
– Customer support software providers.
– Fraud detection and prevention services.

All service providers are contractually obligated to handle your data
confidentially and only for the purposes we specify.

3.2 Legal Compliance and Protection

We may disclose your information if required to do so by law, court order, or
governmental/regulatory authority, or if we believe in good faith that
disclosure is necessary to:

– Comply with a legal obligation or regulation.
– Protect and defend the rights, property, or safety of YodaKeys, our
customers, or others.
– Detect or prevent fraudulent, harmful, or illegal activity.

3.3 Business Transfers

If YodaKeys undergoes a merger, acquisition, restructuring, or sale of all or
substantially all of its assets, your personal data may be transferred to the
successor entity. You will be notified via email and/or a prominent notice on
the Website prior to such a transfer.

3.4 Aggregated or Anonymised Data

We may share aggregated, anonymised, or de-identified information that cannot
reasonably be used to identify you, for research, marketing, analytics, or
other business purposes.

——————————————————————————–
4. DATA RETENTION
——————————————————————————–

We retain your personal data only for as long as necessary to fulfil the
purposes outlined in this Policy, unless a longer retention period is required
or permitted by law.

– Account data: retained for the duration of your account and for up to
5 years after account closure for fraud prevention and legal purposes.

– Order and transaction records: retained for a minimum of 5 years to comply
with applicable financial and tax regulations.

– Customer support records: retained for 3 years after resolution.

– Marketing data: retained until you withdraw consent or unsubscribe.

– Website usage logs: retained for up to 24 months.

Upon expiry of the applicable retention period, your data is securely deleted
or anonymised.

——————————————————————————–
5. COOKIES AND TRACKING TECHNOLOGIES
——————————————————————————–

5.1 What Are Cookies?

Cookies are small text files placed on your device by websites you visit. We
use cookies and similar technologies (pixels, local storage, session storage)
to operate the Website and improve your experience.

5.2 Types of Cookies We Use

ESSENTIAL COOKIES
Required for the Website to function. These include session management,
shopping cart persistence, login authentication, and security tokens.
You cannot opt out of these cookies without disabling core Website
functionality.

PERFORMANCE AND ANALYTICS COOKIES
Help us understand how visitors interact with the Website (pages visited,
errors encountered, time spent). We use tools such as Google Analytics.
Data collected is aggregated and anonymised where possible.

FUNCTIONAL COOKIES
Remember your preferences (language, currency, display settings) to
personalise your experience.

MARKETING AND TARGETING COOKIES
Used to deliver relevant advertisements and track the effectiveness of
our marketing campaigns. May be set by third-party advertising partners.

5.3 Managing Cookies

You can manage cookie preferences through:
– Your browser settings (most browsers allow you to refuse or delete cookies).
– Our cookie consent banner displayed on your first visit.
– Opt-out tools provided by third parties (e.g., Google Analytics Opt-Out).

Please note that disabling certain cookies may impact Website functionality.

——————————————————————————–
6. SECURITY OF YOUR INFORMATION
——————————————————————————–

We implement industry-standard technical and organisational measures to protect
your personal data against unauthorised access, alteration, disclosure, or
destruction. These include:

– SSL/TLS encryption for all data transmitted between your browser and our
servers (HTTPS).
– Encryption of sensitive data (including passwords) at rest.
– Access controls ensuring only authorised personnel can access personal data.
– Regular security assessments and vulnerability scanning.
– Secure, tokenised payment processing — we never store full payment card
details on our servers.
– Monitoring for suspicious activity and breach detection protocols.

Despite these measures, no method of transmission over the internet or
electronic storage is 100% secure. In the event of a data breach that poses
a risk to your rights and freedoms, we will notify you and relevant authorities
as required by law.

——————————————————————————–
7. INTERNATIONAL DATA TRANSFERS
——————————————————————————–

YodaKeys is based in the United Arab Emirates. If you are located outside the
UAE, your data may be transferred to and processed in the UAE or other
countries where our service providers operate (including within the EU and the
United States).

Where we transfer data internationally, we ensure appropriate safeguards are
in place, such as:
– Standard Contractual Clauses (for EU/EEA data subjects).
– Data processing agreements with all third-party processors.
– Transfers only to countries with adequate data protection standards.

——————————————————————————–
8. CHILDREN’S PRIVACY
——————————————————————————–

The Website is not directed to children under the age of 13 (or 16 in the
EU/EEA). We do not knowingly collect personal information from children. If
you are a parent or guardian and believe your child has provided us with
personal data, please contact us immediately at dz@yodakeys.com and we will
take steps to delete such information promptly.

Some products on our Website (e.g., certain games) may carry age ratings.
Users are responsible for ensuring compliance with applicable age requirements.

——————————————————————————–
9. YOUR RIGHTS
——————————————————————————–

Depending on your location, you may have the following rights regarding your
personal data:

RIGHT OF ACCESS Request a copy of the personal data we hold about you.

RIGHT TO RECTIFICATION Request correction of inaccurate or incomplete data.

RIGHT TO ERASURE Request deletion of your personal data (“right to be
forgotten”), subject to legal retention obligations.

RIGHT TO RESTRICTION Request that we restrict processing of your data in
certain circumstances.

RIGHT TO PORTABILITY Receive your data in a structured, machine-readable
format and transfer it to another controller.

RIGHT TO OBJECT Object to processing based on legitimate interests or
for direct marketing purposes.

RIGHT TO WITHDRAW Withdraw consent at any time where processing is
CONSENT based on consent (e.g., marketing emails).

RIGHT TO COMPLAIN Lodge a complaint with your local data protection
authority if you believe we have violated your rights.

To exercise any of these rights, contact us at dz@yodakeys.com with the
subject line “Data Rights Request.” We will respond within 30 days. We may
need to verify your identity before processing your request.

——————————————————————————–
10. THIRD-PARTY LINKS
——————————————————————————–

The Website may contain links to third-party websites, platforms, or services
(e.g., game publishers, payment gateways). We are not responsible for the
privacy practices of those third parties. We encourage you to review their
privacy policies before providing any personal information.

——————————————————————————–
11. MARKETING COMMUNICATIONS
——————————————————————————–

With your consent, we may send you promotional emails about new products,
special offers, and company news. You can unsubscribe at any time by:
– Clicking the “unsubscribe” link in any marketing email.
– Updating your account preferences on the Website.
– Emailing us at dz@yodakeys.com.

We will process your unsubscribe request promptly. Please note that even after
opting out of marketing emails, you will continue to receive essential
transactional emails related to your orders and account.

——————————————————————————–
12. CHANGES TO THIS PRIVACY POLICY
——————————————————————————–

We reserve the right to update this Privacy Policy at any time to reflect
changes in law, technology, or our business practices. When we make material
changes, we will:

– Update the “Last Updated” date at the top of this document.
– Post the revised Policy on the Website.
– Notify registered users by email where required by law.

Your continued use of the Website after the effective date of any changes
constitutes acceptance of the updated Policy.

——————————————————————————–
13. CONTACT US
——————————————————————————–

If you have any questions, concerns, or requests regarding this Privacy Policy
or our data practices, please contact us:

YodaKeys
Al Jerf 1, Ajman, United Arab Emirates/ uk / Canada
Email: dz@yodakeys.com
Website: www.yodakeys.com

We aim to respond to all privacy-related enquiries within 5 business days.

================================================================================
© 2026 YodaKeys. All Rights Reserved.
================================================================================