Politique de confidentialité

Preamble

Respect for privacy and the protection of personal data are top priorities for Instant Gaming. For this reason, we are committed to processing such data in the strictest compliance with the General Data Protection Regulation (EU) No. 2016/679 of 27 April 2016 (hereinafter referred to as the “GDPR”).

This Privacy Policy is addressed to Instant Gaming’s customers and is intended to inform you about how we collect and process your personal information.

About us

This website is operated by Aliasing DMCC, a private company incorporated under the laws of United Arab Emirates under company registration number DMCC179752 and having its registered office at Office Unit 1204, Jumeirah Business Center 3, Cluster Y, Jumeirah Lakes Towers, Dubai, UAE (“Instant Gaming”, “we”, “us”, “our”).

The website www.instant-gaming.com and our mobile applications (“website”) lists various digital content, e.g. downloadable game titles and other downloadable content (“Content”). We sell on the website official keys, issued by the publisher and/or the developer of relevant Content (“Developer”), which allow the user to unlock, access and download the relevant Content from the Developer’s platform (“Code(s)”). We are not the Developer of the Content, and we do not own or operate the Developer’s platform.

1. Who does this Privacy Policy apply to?

This privacy policy applies to individuals who access, browse and use our website. Its aim is to give you information on how we collect and process your personal data through your use of the website. We collect personal data when you access our website, register with us, contact us, send us feedback and product reviews, purchase Codes and other products via our website, post material to our website, request marketing updates and take part in promotions, surveys, affiliation or partnership programs via our website.

If you are an Instant-Gaming partner this privacy policy applies to you like any other user of the website. However, we will also process certain personal data relating to you in order to perform our partnership agreement with you.

It is important that you read this privacy policy together with any other privacy policy or fair processing policy we may provide on specific occasions when we are collecting or processing personal data about you so that you are aware of how and why we are using your personal data.

2. Who is the data controller?

As part of the provision of the various Services, Instant Gaming will act as the “Data Controller” within the meaning of the General Data Protection Regulation (GDPR).

Aliasing DMCC,
private company under company registration number DMCC179752
Unit 1204, Jumeirah Business Center 3, Cluster Y, Jumeirah Lakes Towers, Dubai, UAE

3. What types of personal data we process?

“Personal data” refers to any information relating to an identified or identifiable natural person, either directly or indirectly.

In this Privacy Policy, the term “processing” refers to any operation or set of operations performed on personal data, regardless of the method used (such as collection, recording, organization, storage, adaptation, alteration, retrieval, consultation, use, disclosure by transmission or dissemination, or any other form of making data available, as well as alignment or combination).

The personal data we collect about you depends on the particular activities carried out through our website. For example, we collect different types of personal data depending on whether you create a user account, purchase Codes or only browse the website. Typically we collect and process the following kinds of personal data:

• Identity and Contact Data includes your name, postal address, email address, date of birth and any personal data provided when contacting us. In the case of Instant-Gaming partners, any personal data provided in the course of our partnership. In certain specific cases, a copy of an identity document.
• Financial Data includes information necessary for processing payments and fraud prevention, and in respect of Instant-Gaming partners this includes all billing-related information. If you pay us by payment card this will include payment card numbers, cardholder name(s), security code numbers and expiry dates. For all payment types, we will process payment details received from your payment card issuer or the provider of your chosen method of payment.
• Transaction Data includes details about payments to and from you and other details of products and services you have purchased from us, and in the case of Instant-Gaming partners this includes personal data relating to the administration, management and performance of our business relationship.
• Technical Data may include internet protocol (IP) address, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform and other technology on the devices you use to access our website.
• Usage Data includes information about how you use the website such as the services you view or search for, page response times, download errors, length of visits and page interaction information (such as scrolling, clicks and mouse-overs); and
• Marketing and Communications Data includes your preferences in receiving marketing communications from us and your communication preferences.

We also collect, use and share aggregated data such as statistical or demographic data for various purposes. Aggregated data may be derived from your personal data but is not considered personal data in law as this data does not directly or indirectly reveal your identity. For example, we may aggregate your Usage Data to calculate the percentage of users accessing a specific website feature. However, if we combine or connect aggregated data with your personal data so that it can directly or indirectly identify you, we treat the combined data as personal data which will be used in accordance with this privacy policy.

We do not collect any special categories of personal data about you, such as data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, as well as genetic data, biometric data used for the unique identification of a person, or data concerning health or sexual orientation.

We also do not collect any information relating to criminal convictions or offences. Please do not provide, through the website or in any communication with us, any special categories of personal data and/or personal data relating to criminal convictions or offences concerning yourself, nor any personal data relating to any other individual.

Where we are required to collect personal data by law or under the terms of a contract we have entered into with you (for example, our general terms and conditions of sale), and you fail to provide such data when requested, we may be unable to perform the contract we have entered into or are attempting to enter into with you.

At the time of collecting your personal data, we will inform you whether providing such data is necessary to use the website or any of our services, and whether the provision of the personal data we request is optional.

4. How your personal data is received ?

We may receive your personal data through various means including:

• Direct interactions: You may give us your Identity and Contact Data, Profile Data, Financial Data and Transaction Data by creating and managing your user account, purchasing Codes, using IG Credits and gift cards, selecting preferences, providing product reviews, filling in website forms, sharing product details or by corresponding with us by post, phone, email, SMS, social media or otherwise. This includes personal data you provide when you enter a competition, promotion or survey, give us feedback or contact us.
• Automated technologies or interactions: As you interact with our website, we collect Technical Data and Usage Data including details of your device, browsing actions and patterns, searches, sections viewed, traffic data, web logs and other communication data and the resources that you access. We collect this personal data by using cookies, tracking codes, server logs and other similar technologies. We may also receive Technical Data if you visit other websites using our cookies.
• Third party sources: We may also receive personal data about you from third parties, as set out below:
  • i. Transaction Data from Developers, confirming the redemption of Codes you purchase from us.
  • ii. Technical Data from our analytics provider, Google Analytics.
  • iii. Identity and Contact Data, Financial Data and Transaction Data from providers of payment services such as PayPal, HiPay and Paysafecard.
  • iv. Identity and Contact Data, Profile Data, Financial Data and Transaction Data from Transactial Limited which is our Irish subsidiary company that provides various services in conjunction with the purchase and redemption of Codes including the processing of payments depending on the method of payment selected when purchasing Codes, customer services and technical support.
  • v. Identity and Contact Data from publicly available sources such as a registrar of companies.
  • vi. Identity and Contact Data (your email address and name) when you login using the services of either Facebook or Google.

5. How we use your personal data?

We describe below the purposes for which we process your personal data and the legal bases on which we rely to do so:

Purposes	Details of tde purposes of processing	Type of Data	Grounds for processing
User account management	To allow you to create and manage a user account on our website.	Identity and Contact Data Profile Data	Necessary for the performance of a contract with you or in order to take steps at your request prior to entering into a contract
Personalization of the online experience	To manage your public profile wish list products of interest, preferences, feedback, to product reviews and survey responses, connecting with other website members and sharing games with your friends.	Identity and Contact Data Profile Data	Necessary for our legitimate interests of enabling users to create and develop personalised accounts, to facilitate purchases and recording of product and service preferences, for running our business and to develop new business
Direct marketing communications to you via email, text message or other electronic means.	To send you information about our services, upcoming game releases, preorders and offers, which may be of interest to you.	Identity and Contact Data Profile Data Usage Data	Your consent to receive marketing communications
	To send you information about our services, upcoming game releases, preorders and offers, which may be of interest to you.	Identity and Contact Data Profile Data Usage Data	Our legitimate interest in sending you marketing communications, where permitted by applicable regulations
Management and execution of orders and payment transactions	To check your age eligibility to buy certain Codes,	Identity and Contact Data Profile Data	Necessary to comply with a legal obligation.
	To process and to deliver your order including managing payments, fees, charges and refunds, processing IG Credits and gift card credits.	Identity and Contact Data Profile Data Financial Data Transaction Data	Necessary for the performance of a contract with you or in order to take steps at your request prior to entering into a contract
	To collect and recover money owed to us.	Identity and Contact Data Profile Data Financial Data Transaction Data	Necessary for our legitimate interests to administer our services, to collect sums due to us and to keep our records updated.
Customer relationship management, user support, and legal compliance	To manage our relationship with you, including notification of changes to our services, terms of sale, cookies policy, privacy policy or other policies.	Identity and Contact Data Profile Data Financial Data Transaction Data Technical Data Usage Data Marketing and Communications Data	Necessary for the performance of a contract with you or in order to take steps at your request prior to entering into a contract.
	To respond to queries submitted through the website, telephone, social media or other means and to manage our relationship with you including: (i) product and service support; (ii) user feedback, product review and survey facilities; (iii) user complaints and disputes; (iv) administering your marketing and communication preferences.	Identity and Contact Data Profile Data Financial Data Transaction Data Technical Data Usage Data Marketing and Communications Data	Necessary for our legitimate interests for responding to user queries, attracting new users, affiliates and partners, running our business and to develop new business, keeping our records updated and to gauge consumer satisfaction with our services and/or the codes they purchase.
	To administer your data protection, privacy and other rights.	Identity and Contact Data Profile Data Financial Data Transaction Data Technical Data Usage Data Marketing and Communications Data	Necessary to comply with a legal obligation.
Security, maintenance, and protection of information systems and company assets	To administer and protect our business, products, services, networks, systems, the website and data and property hosted on or made available through the website including implementing and monitoring security measures, troubleshooting, data and usage analysis, testing, system maintenance, support, reporting and hosting of data.	Identity and Contact Data Profile Data Financial Data Transaction Data Technical Data Usage Data Marketing and Communications Data	Necessary for our legitimate interests for running our business, IT systems administration, network security, to identify and/or prevent fraud, to collate statistical business to enhance our services and business, and in the context of a business reorganisation or group restructuring exercise.
Marketing, advertising targeting, and campaign performance measurement	To deliver relevant website content and advertisements to you and measure or understand the effectiveness of the advertising we serve to you.	Identity and Contact Data Technical Data Usage Data Marketing and Communications Data	Necessary for our legitimate interests to study how users use our services, to develop them, to grow our business, to inform our marketing strategy and output and to conduct marketing.
Usage analysis, performance measurement, and continuous improvement of services	To use data analytics to monitor usage of the website, to measure the performance of the website and to optimise the website, to improve our services, marketing strategy and output, user interactions, relationships and experiences.	Technical Data Usage Data	Necessary for our legitimate interests to define types of customers for our products and services, to keep our website updated and relevant, to develop our business and to inform our marketing strategy.
Commercial prospecting and personalized recommendations	To make suggestions and recommendations to you about products or services that may be of interest to you, including by way of news updates and other communications and to observe the readership of our news updates and other communications through the use of tracking technologies.	Identity and Contact Data Technical Data Usage Data Marketing and Communications Data	Necessary for our legitimate interests to develop our products and services, direct market and grow our business.
Management and administration of the commercial partnership program	Instant-Gaming partners only: To register you as a new Instant-Gaming partner; to manage and administer our business relationship; to administer, collect and make payments, fees and charges relating to our business relationship	Identity and Contact Data Financial Data Transaction Data Technical Data Usage Data Marketing and Communications Data	Necessary for the performance of a contract with you or in order to take steps at your request prior to entering into a contract.
	To comply with our legal obligations, including maintaining records.		Necessary to comply with a legal obligation.
	To comply with our insurance policies and to exercise or defend our legal rights, or to comply with court orders.		Necessary for our legitimate interests to keep our records updated, manage sums payable by or to us, effectively manage and grow our business.
Detection and prevention of fraud, anomalies, or suspicious behavior	Only in specific circumstances, notably when the purchase amount is high, in case of inconsistencies, or in the presence of unusual orders or use of the website. To enable you to carry out secure transactions on our website by preventing payment fraud, identity theft, and the misuse of customer accounts.	Identity Data (copy of the buyer’s identity document)	Necessary for our legitimate interests in fraud prevention.

If you agree as part of our cookies framework, we will use certain technologies that allow us to see whether news updates and other communications we send to you have been viewed and read.

6. How long is your data retained?

To determine the appropriate retention period for personal data, we take into account the quantity, nature, and sensitivity of the personal data, the potential risk of harm resulting from unauthorized use or disclosure of your personal data, the purposes for which we process your personal data and the possibility of achieving those purposes by other means, as well as applicable legal and regulatory requirements.

In any case, we will only retain your personal data for as long as is reasonably necessary for the purposes for which they were collected, including to comply with any legal or regulatory obligations, as summarized in the table below:

Processing	Retention Period
User account management and personalization of the online experience	For the entire duration of the contractual relationship
Management and execution of orders and payment transactions	For the entire duration of the contractual relationship followed by intermediate archiving for the duration of the applicable statute of limitations (five (5) years for evidentiary purposes). Accounting documents shall be retained for 10 years from the end of the financial year concerned.
Customer relationship management, user support, and legal compliance	To manage our relationship with you, including notification of changes to our services, terms of sale, cookies policy, privacy policy or other policies.
Security, maintenance, and protection of information systems and company assets	For the entire duration of the contractual relationship, followed by intermediate archiving for the duration of the applicable statute of limitations, i.e., five (5) years for evidentiary purposes.
Marketing, advertising targeting, and campaign performance measurement	For the entire duration of the contractual relationship, followed by intermediate archiving for the duration of the applicable statute of limitations, i.e., five (5) years for evidentiary purposes.
Usage analysis, performance measurement, and continuous improvement of services	For the entire duration of the contractual relationship, followed by intermediate archiving for the duration of the applicable statute of limitations, i.e., five (5) years for evidentiary purposes.
Commercial prospecting and personalized recommendations	Until consent is withdrawn or for a period not exceeding three (3) years from your last contact with our company.
Management and administration of the commercial partnership program	For the entire duration of the contractual relationship, followed by intermediate archiving for the duration of the applicable statute of limitations (five (5) years for evidentiary purposes).
Detection and prevention of fraud, anomalies, or suspicious behavior	For a maximum period of thirty (30) days, after which they are automatically and permanently deleted. By exception, where our documented analysis reveals a high risk (case-by-case assessment), this period may be extended up to a maximum of one hundred and eighty (180) days, particularly when such retention is necessary for evidentiary purposes.

7. What are your rights regarding your personal data?

In accordance with the GDPR, you have several rights regarding your personal data:

• Right to access: You have the right to request access to your personal data (commonly referred to as a “data subject access request”). This allows you to receive a copy of the personal data we hold about you and to verify that we are processing it lawfully (Article 15 GDPR).
• Right to rectification: You have the right to request the correction of the personal data we hold about you. This allows you to have any incomplete, outdated, or inaccurate personal data corrected (Article 16 GDPR).
• Right to erasure: You have the right to request the deletion of your personal data and to prevent any future collection for the reasons set out in Article 17 GDPR. This allows you to ask us to delete or erase personal data when there is no legitimate reason for us to continue processing it. You also have the right to request the deletion of your personal data when you have exercised your right to object to processing, when we have processed your personal data unlawfully, or when we are required to erase your personal data to comply with applicable regulations. We may not always be able to comply with your request for erasure for specific legal reasons, which will be communicated to you at the time of your request, if applicable.
• Right to object: You have the right to object to the processing of your personal data where we rely on a legitimate interest (or that of a third party) and your particular situation leads you to object to processing for this reason because you believe it infringes on your fundamental rights and freedoms. You also have the right to object to the processing of your personal data for marketing purposes. Please note, however, that we may continue processing your personal data despite this objection for legitimate grounds or the establishment, exercise, or defense of legal claims (Article 21 GDPR).
• Right to restriction of processing: You have the right to request that we temporarily freeze the use of your personal data in the following cases: (a) if you want us to verify the accuracy of the data; (b) where our use of personal data is unlawful, but you do not want us to erase it; (c) where you need us to retain personal data even if we no longer need it because you need it to establish, exercise, or defend legal claims; or (d) where you have objected to our use of your personal data but we need to verify whether we have compelling legitimate grounds to continue processing it (Article 18 GDPR).
• Right to data portability: You have the right to request the transfer of your personal data to yourself or to a third party under certain conditions. This allows you to ask us to provide your personal data, or to provide it to a third party of your choice, in a structured, commonly used, and machine-readable format. Please note that this right only applies to automated information that you initially authorized us to use, or where we have used the personal data to perform a contract with you (Article 20 GDPR).
• Right to withdraw your consent at any time: If you have given your consent for the processing of your personal data for one or more purposes, you have the right to withdraw your consent for such processing at any time. Once we receive notification of your wish to withdraw consent, we will take the necessary steps to stop processing your personal data for the purposes you initially consented to, unless we have another legal basis for doing so under the law. Withdrawal of consent will not affect the legality of processing based on consent before its withdrawal (Article 13.2(c) GDPR).

In order to exercise one or more of your rights in respect of your personal data, please contact us in writing using the information provided in article 13 below. We will need you to provide us with information to identify you on our records, we will also need proof of your identity and address, and the information to which your request relates.

If you have previously agreed to being contacted by e-mail, you can unsubscribe at any time by using the ‘unsubscribe’ link in emails, changing your notifications settings on your mobile device or by contacting us using the information set out in article 13 below.

Please note that the settings page of your user account enables you to update, manage and download certain of your personal data and to disable your user account and delete [all] personal data associated with your user account.

You have the right to make a complaint to the data protection supervisory authority. However, we would appreciate the chance to deal with your concerns before you contact the supervisory authority and therefore ask you please contact us in the first instance using the information provided in article 13 below.

8. Who may have access to your personal data?

Except as set out in this privacy policy, we do not disclose to any third-party personal data that we collect from you or you provide to us. We may have to share personal data with the parties set out below for the purposes set out in section 6 above.

• Internal third parties: Companies within our group of companies (i.e. a parent company, a subsidiary company and/or a parent of another subsidiary company) to assist us in providing our services. For example, our Irish established subsidiary, Transactial Limited, assists us with the processing of your payments (depending on your chosen method of payment for Codes), customer services, technical support, managing cancellation rights and where applicable issuing refunds or other payments.
• External third parties: Companies that provide products and services to us such as professional advisors, IT systems suppliers and support, data storage, IT developers, analytics companies, website hosting providers and other service providers.
• Public and government authorities: Entities that regulate or have jurisdiction over us. We will disclose personal data in order to comply with any legal obligation, if we are ordered to do so by a court of competent jurisdiction, law enforcement, regulatory or administrative authorities or in order to enforce a contract with you or to protect our rights, property or safety and/or that of our staff, website users and others.
• Corporate activity: Third parties to whom we may choose to sell, transfer or merge parts of our business or our assets. Alternatively, we may seek to acquire other businesses or merge with them. If a change happens to our business, then the new owners may use your personal data in the same way as set out in this privacy policy.

We require all third parties who we disclose personal data which we collect under this privacy policy, to respect the security of personal data and to treat it in accordance with the law. We do not allow our service providers to use your personal data for their own purposes and only permit them to process your personal data for specified purposes and in accordance with our instructions.

Unless prevented by applicable law, we will notify you when your personal data may be provided to third parties in ways other than explained above, and you may have the option to prevent this sharing at the time that we notify you.

9. Transfers outside the European Union

Instant Gaming is located in Dubai and so your personal data will be received and processed by us in Dubai. It may be necessary for us to disclose some of your personal data to our trusted suppliers who provide us with products and services that assist us in providing our services to you.

Our trusted suppliers are located inside the European Economic Area. We will ensure that any international transfers of your personal data are in accordance with applicable laws.

10. Third party links

The website may include links to third party websites, plug-ins and applications. Clicking on those links or enabling those connections may allow third parties to collect or share data about you. We do not control these third-party websites and are not responsible for their privacy policies. When you leave our website, we encourage you to read the privacy policies of every website you visit. Please see our cookies policy for details of cookies and similar technologies served by third parties and how to control these.

For partners that wish to collaborate with us, we may use YouTube API Services to access and collect the number of subscribers you currently have on your YouTube channel. We will store that data for a period of 14 days. That information will not be shared to any external parties and will be used only internally by our marketing team. You can access Google Privacy Policy on http://www.google.com/policies/privacy.

11. Updating your personal data

It is important that the personal data we hold about you is accurate, full and current. Please keep us informed, using your user account settings page, if any of your personal data changes during your relationship with us. You can also contact us using the information provided in article 13 below to update your personal data.

12. Security of data

We have security measures in place to prevent personal data from being accidentally lost or used or accessed in an unauthorised way. We limit access to your personal data to those who have a genuine business need to know it. Those processing your personal data will do so only in an authorised manner and are subject to obligations of confidentiality. You recognise that no entity can keep personal data fully secure. If you have reason to believe that any of your personal data is no longer secure, please notify us immediately by contacting us using the information provided in article 13 below.

13. Contact

If you have any questions about this privacy policy, including any requests to exercise your legal rights, please contact us through the support and contact us links on the website or by logging into your user account and log. You can reach us by mail to Aliasing DMCC, Unit 1204, JBC 3, Cluster Y, Jumeirah Lakes Towers, Dubai, UAE or by email to support AT instant-gaming.com

14. Changes of Privacy Policy

We will change this privacy policy from time to time and any changes will be contained in a revised privacy policy posted on the website. This version of the privacy policy was last updated on 04/11/2025 and historic versions can be obtained by contacting us using the information in article 13 above.