1. Who we are

This License Server (“we”, “our”, “the service”) is operated by Apionline. We provide software license sales, validation, and activation services. For questions about this privacy policy or your data, contact us at ccer78@outlook.com.

2. Data we collect

We collect and process the following categories of data:

• Account data: name, email address, and hashed password when you register.
• Transaction data: product purchased, payment method (e.g. Stripe or PayPal), order ID, and license keys generated. We do not store full card numbers; payment details are handled by Stripe or PayPal.
• License and activation data: license keys, product associations, activated site URLs, and activation dates (for license compliance and support).
• Technical and usage data: IP address, browser type, and access logs when you use the website or the license validation/activation API.

3. Legal basis and purposes (GDPR)

We process your data for the following purposes and, where the GDPR applies, on the following legal bases:

• Contract performance: to create and manage your account, process purchases, issue and validate licenses, and allow activations and deactivations.
• Legitimate interests: to prevent fraud, enforce our terms, improve the service, and ensure security (e.g. logs, abuse prevention).
• Legal obligation: where we must retain or disclose data to comply with applicable law.
• Consent: where we ask for your consent for specific processing (e.g. marketing). You may withdraw consent at any time.

4. Your rights (including GDPR)

If the GDPR or similar laws apply to you, you have the right to:

• Access your personal data and receive a copy.
• Rectification of inaccurate or incomplete data.
• Erasure (“right to be forgotten”) in certain circumstances.
• Restriction of processing in certain circumstances.
• Data portability – receive your data in a structured, machine-readable format.
• Object to processing based on legitimate interests or for direct marketing.
• Withdraw consent where processing is based on consent.
• Lodge a complaint with a supervisory authority (e.g. in your country or EU member state).

To exercise these rights, contact Apionline at ccer78@outlook.com. We will respond within the time required by applicable law (e.g. one month under GDPR).

5. Data retention

We retain your data only as long as necessary for the purposes above:

• Account and license data: for the duration of your account and license validity, and as needed for support, disputes, or legal obligations.
• Transaction and payment records: as required by tax and accounting law and payment providers.
• Logs: for a limited period for security and troubleshooting (e.g. 30–90 days unless longer required by law).

6. Sharing and international transfer

We may share data with:

• Payment processors (e.g. Stripe, PayPal) to process payments; they have their own privacy policies.
• Hosting and infrastructure providers that host this service, under strict confidentiality and data-processing terms.
• Authorities when required by law or to protect our rights.

If data is transferred outside the European Economic Area (EEA), we ensure appropriate safeguards (e.g. adequacy decisions, standard contractual clauses) as required by applicable law.

7. Security

We implement technical and organisational measures to protect your data (e.g. encryption, access controls, secure hosting). For more detail, see our Security page.

8. Changes

We may update this privacy policy from time to time. The “Last updated” date at the top will be revised, and we may notify you of material changes via the website or email where appropriate.