Effective Date: September 10, 2025

This Privacy Policy explains how ConsoleDrop (“we,” “us,” or “our”) collects, uses, discloses, and safeguards your information when you visit https://consoledrop.net/ and use our services, including purchasing and receiving digital console game keys (e.g., PlayStation, Xbox, Nintendo). By using our website and services, you agree to the terms of this Policy.

1) Data Controller

ConsoleDrop (ConsoleDrop.net) is the data controller for your personal data.
Contact: privacy@consoledrop.net

2) Information We Collect

  • Personal Identifiers: name, email address, billing address, country/region, and (where necessary) phone number.

  • Transaction Data: order ID, products purchased (keys/editions/regions), price, currency, discounts, refunds, and payment status.

  • Payment Data: we use third-party processors (e.g., Stripe, PayPal, and other gateways configured in our store). We do not store full card numbers or CVV on our servers.

  • Technical Data: IP address, device and browser type, operating system, language, referring URLs, and cookie identifiers.

  • Support/Communications: any information you provide in chats, emails, forms, or dispute/resolution messages.

3) How We Collect Data

  • Directly from you: at checkout, account creation, newsletter opt-in, or when you contact support.

  • Automatically: via cookies, log files, and analytics when you browse the site.

  • From third parties: payment processors, anti-fraud tools, analytics providers, and e-commerce platforms/plugins (e.g., WooCommerce extensions).

4) Purposes and Legal Bases (UK/EU GDPR)

We process your data to:

  • Provide the service and fulfill contracts (Art. 6(1)(b)): process orders, deliver activation codes/keys, manage your account, provide support.

  • Comply with legal obligations (Art. 6(1)(c)): tax/accounting, fraud prevention, regulatory requests.

  • Pursue legitimate interests (Art. 6(1)(f)): secure our services, prevent abuse, improve site performance and user experience, measure sales performance.

  • With your consent (Art. 6(1)(a)): send marketing emails, set non-essential cookies/analytics, run remarketing where applicable. You may withdraw consent at any time.

5) How We Use Your Information

  • Process payments and deliver digital keys/activation instructions.

  • Communicate about orders, delivery, and support.

  • Personalize and improve the website, fix issues, and analyze usage.

  • Detect, investigate, and prevent fraud or abuse.

  • Send marketing communications if you’ve opted in (you can unsubscribe anytime).

6) Sharing and Disclosure

We may share personal data with:

  • Payment processors and fraud-prevention providers to complete and protect transactions.

  • Hosting, e-commerce, analytics, and communication providers who help us run the site (acting as processors under contract).

  • Customer support and marketing platforms (for opted-in communications).

  • Authorities or third parties where required by law, to protect our rights, or in connection with a business transfer (merger, acquisition).
    We do not sell your personal data.

7) International Transfers

Some providers may process data outside the UK/EEA. Where this occurs, we rely on approved safeguards such as UK/EU Standard Contractual Clauses (and the UK Addendum) or adequacy decisions.

8) Retention

We keep data only as long as necessary for the purposes above:

  • Orders, invoices, and related records: typically 6–10 years (tax/accounting laws may require longer).

  • Support tickets and communications: typically up to 3 years after closure.

  • Marketing data: until you unsubscribe or your consent is otherwise withdrawn.
    We will securely delete or anonymize data when retention periods expire.

9) Security

We use technical and organizational measures designed to protect personal data (HTTPS, access controls, encryption by providers where applicable, least-privilege access). However, no system is 100% secure.

10) Your Rights

Depending on your location, you may have the right to:

  • Access your data and receive a copy.

  • Correct inaccurate data.

  • Delete your data (subject to legal/contractual limits).

  • Restrict or object to certain processing.

  • Portability of data you provided to us.

  • Withdraw consent for consent-based processing at any time.

  • Complain to a supervisory authority (e.g., the ICO in the UK or your local EEA authority).

To exercise your rights, email privacy@consoledrop.net.

US (California) Notice: If you are a California resident, you may have additional rights under the CPRA (e.g., to know, delete, correct, and opt-out of certain sharing). You can contact us to exercise these rights. We do not sell personal information.

11) Cookies and Tracking

We use cookies and similar technologies for essential site functions, analytics, and (where enabled) marketing. See our Cookie Policy for details and to manage preferences.

12) Children’s Privacy

Our services are not directed to children under 16. We do not knowingly collect data from children under 16. If you believe a child has provided personal data, contact us to delete it.

13) Third-Party Links

Our website may link to third-party sites. Their privacy practices are governed by their own policies; please review them before providing information.

14) Changes to This Policy

We may update this Policy from time to time. We will post updates here with a new Effective Date. Material changes may be additionally highlighted on the site.

Contact Us

ConsoleDrop (ConsoleDrop.net)
Email: privacy@consoledrop.net