GDPR Compliance
Effective Date: March 1st, 2026
Keynero is committed to protecting your personal data and complying with the General Data Protection Regulation (GDPR) (EU) 2016/679 and the UK GDPR. This page explains how we collect, use, and protect your data, and the rights available to you as a data subject.
1. Overview
The GDPR grants individuals in the European Economic Area (EEA) and United Kingdom significant rights over their personal data. Keynero takes these obligations seriously and has implemented appropriate technical and organizational measures to ensure compliance.
Our GDPR compliance applies to all users in the EEA, UK, and we extend the same protections to all users globally as a matter of principle.
2. Data Controller
Keynero acts as the Data Controller for personal data collected through our website. This means we determine the purposes and means of processing your personal data. For data processing questions or requests, please contact us using the details in Section 8.
3. Lawful Basis for Processing
We process your personal data under the following lawful bases:
Contractual Necessity (Art. 6(1)(b))
Processing your name, email, and billing information to fulfill your order and deliver the purchased license key.
Legitimate Interests (Art. 6(1)(f))
Fraud prevention, security monitoring, and improving our services based on anonymous usage analytics.
Legal Obligation (Art. 6(1)(c))
Retaining transaction records for tax and financial compliance obligations.
Consent (Art. 6(1)(a))
Where we ask for your consent (e.g. marketing communications or non-essential cookies), you can withdraw consent at any time.
4. Data We Collect
We collect the minimum data necessary to provide our services:
- Identity data: First name, last name, email address.
- Billing data: Billing address, country, phone number (stored on your profile).
- Transaction data: Order details, purchased products, order amounts, currency.
- Technical data: IP address, browser type, device type (collected automatically for security).
- Communication data: Messages sent via our contact form.
We do not collect special category data (health, political, religious, biometric data).
5. Your GDPR Rights
Under the GDPR, you have the following rights:
Right of Access (Art. 15)
Request a copy of the personal data we hold about you.
Right to Rectification (Art. 16)
Request correction of inaccurate or incomplete personal data.
Right to Erasure (Art. 17)
Request deletion of your personal data where there is no legitimate reason to continue processing it.
Right to Restriction (Art. 18)
Request that we restrict the processing of your personal data in certain circumstances.
Right to Data Portability (Art. 20)
Receive your personal data in a structured, commonly used, machine-readable format.
Right to Object (Art. 21)
Object to processing based on legitimate interests, including profiling.
Right to Withdraw Consent
Where processing is based on consent, you can withdraw it at any time without affecting previous processing.
To exercise any of these rights, email us at support@keynero.com. We will respond within 30 days. You also have the right to lodge a complaint with your local supervisory authority.
6. International Data Transfers
Some of our service providers (such as Stripe for payments) are based outside the EEA. Where personal data is transferred outside the EEA, we ensure appropriate safeguards are in place - including Standard Contractual Clauses (SCCs) or transfers to countries with an adequacy decision from the European Commission.
7. Data Retention
We retain personal data only for as long as necessary to fulfil the purposes for which it was collected, including legal and financial obligations. Order and transaction data is retained for a minimum of 5 years. Account data is retained until you request deletion. You may request deletion of your account at any time.
8. Contact & DPO
For any GDPR-related enquiries, data subject requests, or complaints, please contact our data protection team:
Email: support@keynero.com
Website: keynero.com/contact