Privacy Policy
- Home
- Privacy Policy
Privacy Policy
Last updated: 10 July 2026
This Privacy Policy explains how Agovenzi Limited, trading through Keyvixa (“Keyvixa”, “we”, “us” or “our”), collects, uses, stores, shares and protects personal data when you visit https://keyvixa.com (the “Website”), create an account, place an order, purchase a digital product, contact us, or otherwise use our services.
Keyvixa is an online store offering digital products such as game activation keys, software licence keys, gift cards, wallet codes and other digitally delivered products. Agovenzi Limited is the data controller responsible for the personal data described in this Privacy Policy, except where another party acts as an independent controller under its own privacy notice.
1. Data Controller
Company: Agovenzi Limited
Trading website: Keyvixa
Registered office: 124 City Road, London, EC1V 2NX, United Kingdom
Website: https://keyvixa.com
Email: info@keyvixa.com
2. Personal Data We Collect
The personal data we collect depends on how you use the Website. We may collect the following categories of information:
| Data category | Examples | Main purpose |
|---|---|---|
| Identity data | First name, last name and account identifier | Customer identification, account administration and order processing |
| Contact data | Email address and, where requested, telephone number | Order confirmation, digital delivery notices, security checks and customer support |
| Billing data | Billing address, country, postcode, invoice information and applicable tax details | Payment processing, invoicing, tax compliance and fraud prevention |
| Order and transaction data | Products purchased, order value, currency, order status, payment status, delivery status and refund history | Contract performance, digital fulfilment, customer service, accounting and dispute handling |
| Digital fulfilment data | Product region, platform, licence type, delivery email, fulfilment reference and activation-related support information | Supplying the correct digital product and resolving activation or delivery issues |
| Account data | Username, encrypted password, saved preferences and account activity | Account access, security and personalised service |
| Communications data | Support requests, emails, complaints, refund requests and correspondence | Customer support, dispute resolution, service improvement and legal record keeping |
| Technical data | IP address, browser type, device type, operating system, language, time zone and security logs | Website operation, security, fraud prevention, troubleshooting and analytics |
| Usage data | Pages viewed, links selected, session duration, referring source and interaction data | Analytics, website improvement and understanding customer use |
| Consent and preference data | Cookie choices, marketing preferences and consent records | Managing consent and complying with privacy and electronic marketing rules |
| Fraud and risk data | Risk indicators, transaction checks, attempted payment information, device signals and verification results | Preventing fraud, chargebacks, account misuse and unauthorised transactions |
Because our products are delivered digitally, we do not normally require a shipping address. A billing address or country may still be requested for payment verification, tax, invoicing, regional product restrictions or fraud-prevention purposes.
3. How We Collect Personal Data
We collect personal data from the following sources:
- directly from you when you register, order, contact us or submit a request;
- automatically through cookies, logs and similar technologies when you use the Website;
- from payment processors when they confirm payment status or provide fraud-prevention results;
- from digital product suppliers and fulfilment providers when an order is processed or delivered;
- from analytics, security, hosting and customer-support providers;
- from publicly available or lawful fraud-prevention sources where necessary.
4. How We Use Personal Data
We may use personal data to:
- create and administer customer accounts;
- process payments and confirm orders;
- deliver game keys, software licences, gift cards and other digital codes;
- verify product region, platform, licence type and eligibility;
- send order confirmations, digital delivery messages and service notices;
- provide activation, refund, complaint and customer-support services;
- detect and prevent fraud, chargebacks, misuse and security incidents;
- maintain transaction, invoice, accounting and tax records;
- operate, monitor, secure and improve the Website;
- measure Website performance and understand how customers use our services;
- send marketing communications where permitted and where required consent has been obtained;
- establish, exercise or defend legal claims;
- comply with legal, regulatory, payment-network and law-enforcement obligations.
5. Lawful Bases for Processing
| Lawful basis | How it applies |
|---|---|
| Performance of a contract | To create an account, process an order, accept payment, deliver a digital product, communicate about the order and provide customer support. |
| Legitimate interests | To protect the Website, prevent fraud and chargebacks, maintain business records, improve our services, understand Website use and defend legal claims, provided those interests are not overridden by your rights. |
| Legal obligation | To comply with tax, accounting, consumer-protection, data-protection, regulatory, court and law-enforcement requirements. |
| Consent | For non-essential cookies, certain analytics or marketing communications where consent is required. Consent may be withdrawn at any time. |
Where we rely on legitimate interests, we assess the necessity and impact of the processing and balance our interests against your rights and reasonable expectations.
6. Payment Information and Card Security
Keyvixa does not intentionally collect or store customers’ complete payment-card numbers, card security codes (CVV/CVC) or full card credentials on its Website servers.
Card details are submitted through the secure environment of the relevant third-party payment service provider. The payment provider may send us limited transaction information, such as payment status, payment method type, masked card details, transaction reference, risk result, currency and amount.
Payments may be protected by encrypted connections, payment-provider security controls, fraud checks and applicable payment-card security standards. Card issuers or payment providers may require 3D Secure authentication to verify the cardholder and reduce unauthorised transactions.
Payment providers may act as independent data controllers for some processing. Their handling of personal data is governed by their own privacy notices and legal obligations.
7. Digital Product Suppliers and Fulfilment
To fulfil an order, we may share the minimum information necessary with digital product suppliers, distributors, marketplace infrastructure providers or fulfilment partners. This may include an order reference, product identifier, region, currency, delivery status, fraud-prevention result and, where necessary, the customer’s delivery email.
These providers help us source, validate, allocate or deliver digital activation codes and may assist with activation, replacement or product-related support. We do not permit service providers acting on our behalf to use personal data for unrelated purposes.
8. Cookies and Similar Technologies
We use cookies and similar technologies for essential Website functions, account authentication, shopping-cart operation, checkout, security, consent management, analytics and, where permitted, marketing.
Non-essential cookies are used only where permitted by applicable law and in accordance with your choices. You can review or change your preferences through the cookie settings on the Website.
For more information, including examples of cookie names, purposes and retention periods, please read our Cookie Policy.
9. Who We Share Personal Data With
We may share personal data with the following categories of recipients:
- payment processors, banks, card networks and payment-security providers;
- digital product suppliers, distributors and fulfilment providers;
- website hosting, cloud storage, content-delivery and technical-support providers;
- email, customer-support and communications providers;
- analytics and cookie-consent providers, subject to applicable consent requirements;
- cybersecurity, identity-verification and fraud-prevention providers;
- professional advisers, including accountants, auditors, insurers and legal advisers;
- tax authorities, regulators, courts, law-enforcement bodies or other authorities where legally required;
- potential buyers, investors or advisers in connection with a merger, restructuring, financing or sale of all or part of the business, subject to appropriate safeguards.
We do not sell personal data. We do not disclose personal data to third parties for their own unrelated direct-marketing purposes without a valid legal basis.
10. International Data Transfers
Some service providers may process personal data outside the United Kingdom. Where a restricted international transfer occurs, we use an appropriate legal safeguard where required, such as:
- UK adequacy regulations;
- the UK International Data Transfer Agreement;
- the UK Addendum to approved Standard Contractual Clauses;
- another lawful transfer mechanism recognised under applicable data-protection law.
Additional technical and organisational safeguards may also be applied where appropriate. You may contact us for further information about the safeguards relevant to your data.
11. Data Security
We use reasonable and appropriate technical and organisational measures designed to protect personal data against accidental or unlawful destruction, loss, alteration, unauthorised disclosure or access. Measures may include access controls, encrypted connections, account authentication, logging, backups, security monitoring, software updates and restricted staff or contractor access.
No internet transmission or electronic storage method is completely secure. We therefore cannot guarantee absolute security, but we regularly review our safeguards and respond to identified risks.
You are responsible for keeping your account password confidential and for notifying us promptly if you suspect unauthorised account use.
12. Data Retention
We retain personal data only for as long as reasonably necessary for the purposes described in this Privacy Policy, including contractual, customer-support, security, accounting, tax, regulatory and legal-claim requirements.
| Record type | Typical retention approach |
|---|---|
| Order, payment-status, invoice and accounting records | Normally retained for up to six years after the end of the relevant financial period, or longer where required by law, an audit, dispute or investigation. |
| Customer account data | Retained while the account remains active and for a reasonable period afterwards, subject to legal, fraud-prevention and dispute requirements. |
| Support, complaint and refund records | Retained for the time needed to resolve the request and for a reasonable period to manage disputes, legal claims and service quality. |
| Fraud, chargeback and security records | Retained for a proportionate period based on risk, contractual obligations and limitation periods. |
| Marketing consent and suppression records | Retained until consent is withdrawn and, where necessary, afterwards to record and respect the withdrawal or objection. |
| Cookie preferences | Retained according to the relevant cookie or consent record, as described in the Cookie Policy. |
| Technical and server logs | Retained for a limited period appropriate to security, fraud prevention, diagnostics and operational needs. |
When personal data is no longer required, it is deleted, anonymised or securely overwritten in accordance with our operational procedures. Backup copies may remain for a limited period until they are automatically overwritten or securely deleted.
13. Your Data-Protection Rights
Depending on applicable law and the circumstances, you may have the right to:
- request access to your personal data and receive a copy;
- request correction of inaccurate or incomplete personal data;
- request deletion of personal data where the legal conditions are met;
- request restriction of processing;
- object to processing based on legitimate interests;
- object at any time to direct marketing;
- request data portability where applicable;
- withdraw consent at any time where processing is based on consent;
- not be subject to a solely automated decision producing legal or similarly significant effects, except where legally permitted;
- lodge a complaint with a competent data-protection supervisory authority.
These rights are not absolute and may be limited by applicable law. For example, we may need to retain certain transaction records to meet tax, accounting, fraud-prevention or legal-claim obligations.
14. Exercising Your Rights
To exercise a privacy right, email info@keyvixa.com. Please clearly describe your request and the account or order to which it relates.
We may request reasonable information to confirm your identity and protect personal data from unauthorised disclosure. We will respond without undue delay and within the period required by applicable law. In many cases, this will be within one month, although the period may be extended where legally permitted for complex or multiple requests.
Requests are generally free of charge. We may charge a reasonable fee or refuse a request where permitted by law, including where a request is manifestly unfounded or excessive.
15. Marketing Communications
We may send marketing communications only where we have a lawful basis to do so. Where consent is required, we will request it before sending marketing messages.
You may unsubscribe at any time by using the unsubscribe option in a marketing email or by contacting info@keyvixa.com. Service messages about orders, security, accounts, refunds or legal changes are not marketing messages and may still be sent where necessary.
16. Automated Fraud and Risk Checks
Orders may be subject to automated or semi-automated fraud and security checks using transaction, account, device, location and payment-risk signals. These checks help prevent unauthorised payments, account misuse and chargebacks.
A transaction may be delayed, rejected, cancelled or referred for manual review where a risk is identified. Where applicable law gives you rights relating to a solely automated decision with legal or similarly significant effects, you may contact us to request human review, express your point of view or challenge the decision.
17. Children’s Privacy
The Website and its purchasing services are intended for individuals who are legally able to enter into a binding purchase contract. We do not knowingly collect personal data from a child who is not legally permitted to use the service without the required consent or authorisation.
If you believe a child has provided personal data contrary to applicable law, contact info@keyvixa.com. We will review the matter and take appropriate action, which may include deletion of the information.
18. Third-Party Links and Platforms
The Website may link to third-party websites, game platforms, software publishers, payment services or activation pages. Those third parties operate under their own terms and privacy notices. We are not responsible for their independent handling of personal data.
When redeeming or activating a digital product, the relevant platform or publisher may collect information directly from you. You should review that party’s privacy notice before providing personal data.
19. Personal Data Breaches
We maintain procedures for assessing and responding to personal-data incidents. Where a breach creates a risk that triggers a legal notification obligation, we will notify the competent supervisory authority and, where required, affected individuals within the applicable legal timeframe.
20. Complaints
Please contact us first at info@keyvixa.com so that we can review and address your concern.
You also have the right to lodge a complaint with the UK Information Commissioner’s Office (ICO) or another competent supervisory authority applicable to your location. Further information is available on the ICO’s official website.
21. Changes to This Privacy Policy
We may update this Privacy Policy to reflect changes in law, technology, service providers, security practices or our business operations. The revised version will be published on this page and the “Last updated” date will be changed.
Where a change materially affects how we use personal data, we will provide additional notice where required by law.
22. Contact Us
For privacy questions, requests or complaints, contact:
Agovenzi Limited
124 City Road
London, EC1V 2NX
United Kingdom
Website:
https://keyvixa.com
Email:
info@keyvixa.com