This document describes what personal data FoxReload processes, on what legal bases, how we protect it, and what rights the Partner has. It supplements the Terms of Service.
1. Data we collect
Registration: email, name, country, legal-entity type. Payment: requisites, transaction history, balances (but not full card numbers — processed by the payment provider). Technical: IP address, user-agent, API logs (method, path, status, timestamp). Behavioural: order history, dashboard usage. We do not collect biometric or health data.
2. Purposes and lawful bases
Performance of contract (Terms of Service) — order processing, code issuance, balance accounting, support. Legal compliance — AML/KYC, tax reporting, responses to lawful authority requests. Legitimate interests — fraud prevention, service security, product analytics. Consent — marketing communications and third-party analytics, always with opt-out available.
3. Sharing with third parties
Data is shared with: digital-goods suppliers (minimum necessary scope — e.g. a player UID for game top-ups); payment providers (USDT wallets, banks, SBP operators); hosting infrastructure providers; analytics services; law enforcement upon lawful request. A list of key sub-processors is available on request. We do not sell personal data.
4. Cookies and trackers
Technical cookies (session, selected language/currency) are necessary for the site to work and are always set. Analytics cookies are only used after explicit consent in the first-visit banner. Preference management is available at any time. We do not use third-party advertising/targeting trackers.
5. Retention periods
Registration data — during account activity and 3 years after closure (accounting requirements). Transactional data and AML logs — 5 years from the transaction date. Technical API logs — 90 days. Marketing consents — until withdrawn. After retention expires, data is deleted or anonymised.
6. Partner rights
The Partner has the right to: obtain a copy of their data (access); request correction of inaccurate data; request erasure (where not contradicted by retention obligations); restrict or object to processing; port data in a machine-readable format; withdraw previously given consent; lodge a complaint with the supervisory data-protection authority.
7. Security
Protection measures: TLS in transit, encryption of sensitive data at rest, access controls, privileged-action logging, regular security reviews, API-key rotation. Security incidents affecting personal data are investigated and, where required, reported to the Partner and the supervisory authority within statutory deadlines.
8. International transfers
The Platform uses infrastructure and subprocessors across multiple jurisdictions. When data is transferred outside your country, we use standard contractual clauses or other mechanisms permitted by law. A list of processing jurisdictions is available on request.
9. Data contact
Data subject requests: privacy@foxreload.com. General support: Telegram t.me/foxreload. Response time — within 30 calendar days.
Effective from June 1, 2026