Legal // pointy keys

Privacy Policy

How pointy keys collects, uses, and protects your personal data.

Revisionv1.2.0
Updated2026-05-01
13 sections

Overview

This policy explains what data pointy keys collects when you use the Service at pointy-keys.example, why we collect it, and the choices you have. We collect only what is needed to run the marketplace, deliver Keys, and keep accounts secure.

Data We Collect

You provide

  • Account data: name, email address, and password hash.
  • Billing data: the billing address you save for checkout.
  • Support data: the contents of messages you send us.

Collected automatically

  • Order and Wallet activity: purchases, top-ups, and transaction history.
  • Technical data: IP address, device and browser type, and session identifiers.

How We Use Data

  • To process orders, deliver Keys, and maintain your Wallet balance.
  • To authenticate sign-in and protect accounts from unauthorised access.
  • To detect, investigate, and prevent fraud and abuse.
  • To respond to support requests and send service-related notices.

Payments

Payments and top-ups are handled by our third-party payment provider. We do not store full card numbers. We receive only the result of a transaction and a reference identifier used to reconcile your order or Wallet credit.

Cookies & Storage

We use strictly necessary cookies and local storage to keep you signed in and to remember your cart between visits. These are required for the Service to function and are not used for advertising.

Cart

Your cart is stored locally in your browser. Clearing your browser storage will empty it.

Sharing

We do not sell your personal data. We share data only with processors who help us run the Service, and only as needed:

  • Payment provider — to process top-ups and purchases.
  • Key suppliers — to fulfil orders and deliver activation codes.
  • Infrastructure and email providers — to host the Service and send notices.
  • Authorities — where required by law or to protect our rights.

Retention

We keep account and transaction records for as long as your account is active and thereafter for the period required by law (for example, tax and accounting obligations). When data is no longer needed, it is deleted or anonymised.

Your Rights

Subject to applicable law, you may exercise the following rights over your data:

  • Access — request a copy of the data we hold about you.
  • Rectification — correct inaccurate or incomplete data.
  • Erasure — request deletion, subject to legal retention duties.
  • Objection — object to processing based on legitimate interests.
  • Portability — receive your data in a portable format.

To exercise any right, contact us at support@pointy-keys.example. We may need to verify your identity before acting on a request.

Security

Protection

We use encryption in transit, hashed credentials, and access controls to protect your data. No method of transmission or storage is completely secure, so we cannot guarantee absolute security.

Data Controller

The data controller responsible for your personal data is the legal entity below.

Controller
<TODO: legal entity name>
Registration
<TODO: legal entity registration>
Registered address
<TODO: legal entity address>

Changes to This Policy

We may update this policy as the Service or the law evolves. The version and last-updated marker at the top of this document reflect the current revision.

Contact

Privacy questions can be sent to support@pointy-keys.example.

Privacy Policy · v1.2.0 · pointy-keys.examplesupport@pointy-keys.example