Privacy Policy

Last Updated: May 7, 2026

UTop.me is a privacy-focused digital goods provider. We sell game cards, gift cards, prepaid cards, license keys, and vouchers. This Privacy Policy explains what data we collect, why we collect it, how it is protected, and what control you have over it.

Core Privacy Principles

  • Data minimization. We collect only what is needed to run the service and complete your orders.

  • No surveillance. We do not run behavioral advertising, cross-site profiling, or ad targeting.

  • No data sales. Personal data is never sold, rented, or traded.

  • Anonymous by design. You can use UTop.me without an email by creating an anonymous account.

  • User control. You can view, correct, and delete your data at any time, by yourself, without asking us.

Information We Collect

Account Information

  • Email address (registered users and guest checkout only).

  • Anonymous identifier, a random 16-character code used in place of an email for anonymous accounts.

  • Google verified email address, only if you sign in with Google.

  • Customer group, used to apply automatic discounts.

Transaction and Wallet Information

  • Order numbers, items purchased, currency, totals, applied discounts, and order status.

  • Selected payment method and the payment status returned by the provider. We do not store payment credentials such as card numbers, bank details, or crypto wallet private keys.

  • Wallet, gift card, and reward point balances and a record of every related transaction.

  • The voucher codes you have purchased, stored securely and shown only to the order owner after payment is confirmed.

Communications

  • Support messages you send through our support system.

  • Reviews and review replies you submit, including the rating, content, and the order they relate to.

  • Order-related emails we send to you and their delivery status.

Automatically Collected Information

  • IP address. Used for rate limiting, currency selection, and to keep the service safe from abuse.

  • Approximate location at the city level, worked out from your IP address using an offline lookup. We do not collect precise GPS or device location.

  • Basic information about your browser and device, such as browser type and operating system. We use this to make sure pages load correctly and to keep your sign-in session safe on the device you used to log in.

  • Pages you view on UTop.me, the products you search for, and short-term visitor data used to show live activity counters. Most of this data is stored only for a short window and is automatically removed.

  • Cart contents while you are shopping, stored in our cache and tied to your account or guest session.

  • Aggregated traffic statistics collected by our infrastructure provider, Cloudflare. This includes information such as page views, country, browser type, and basic performance metrics. It is collected without cookies and is not used to identify individual visitors.

How We Use Information

  • Process payments and deliver digital products.

  • Show your order history, voucher codes, wallet, and reward balances.

  • Send transactional emails such as sign-in links, order confirmations, payment updates, voucher delivery, refund notices, support replies, and review requests after a completed order.

  • Provide customer support and answer your questions.

  • Keep the service safe from fraud, abuse, and automated bots. As part of this, we may automatically reduce friction for known customers and add extra checks for accounts or IP addresses showing unusual activity.

  • Maintain platform reliability, fix issues, and improve performance.

  • Meet legal, accounting, and tax obligations.

UTop.me operates a strict no-spam policy. We do not send newsletters, marketing emails, or promotional communications. All emails are transactional and order-related.

Data Sharing

We share data only when it is needed to run the service or required by law. The categories of recipients are:

  • Payment providers who process your payments. Examples include crypto payment gateways, fiat payment gateways, UPI processors, and other regional payment partners. They receive only the data needed to process and confirm your payment.

  • Email delivery providers that send sign-in links, order confirmations, voucher codes, and other transactional emails on our behalf.

  • Currency rate providers that supply fiat and cryptocurrency exchange rates. We send no personal data to them.

  • Cloudflare, our infrastructure and security provider. Cloudflare delivers UTop.me to your browser, protects the site from attacks and abuse, powers the human verification widget (Cloudflare Turnstile) shown on sensitive pages such as sign-in and checkout, and collects aggregated traffic statistics through its analytics beacon. Cloudflare's analytics beacon does not use cookies and does not track you across other sites.

  • Google if you choose to sign in using your Google account, in line with Google's own privacy policy.

  • Live chat provider if you choose to start a chat session through our support widget. The chat provider only receives what you type into the chat.

  • Legal authorities when a valid legal request requires us to disclose specific data.

We do not sell, rent, or trade personal information to third parties. We do not allow third-party advertising trackers on UTop.me.

Data Security

We protect your data using current industry practices:

  • All traffic is encrypted in transit using HTTPS.

  • Sensitive data such as gift card codes and stored credentials are encrypted at rest. Voucher codes are stored securely and only shown to the order owner after payment is confirmed.

  • Each order has a built-in check that confirms it has not been altered.

  • Sign-in sessions are tied to the device you used to log in and end automatically if we notice unusual activity.

  • Sign-in attempts are tracked. After several failed attempts in a row, the account or IP address may be temporarily blocked to protect against guessing.

  • Important events such as sign-ins, payments, and refunds are recorded in separate logs that help us catch problems quickly.

No system is perfectly secure. If you believe your account has been used by someone else, sign in and end your active sessions, then contact support.

Data Retention

We keep data only for as long as we need it. The main rules are:

  • Active accounts are kept until you delete them.

  • Cart data is short-lived. It is removed automatically after a period of inactivity or when you delete your account.

  • Live visitor and search counters are kept only briefly, usually for a few minutes.

  • Sign-in sessions expire after their set duration and inactive sessions are removed.

  • Order, payment, wallet, and reward records are kept for as long as required by tax, accounting, fraud-prevention, and audit obligations, even after account deletion. Personal details in these records are removed when you delete your account.

  • Security logs are kept for the time required by our security policy and applicable law.

Your Rights

You have the right to:

  • View the personal data we hold about you.

  • Correct inaccurate or outdated information.

  • Delete your account at any time, by yourself, from your account settings.

  • Convert an anonymous account into an email registered account, or use an anonymous account if you prefer not to share your email.

You can delete your account directly from your UTop account settings. The action is self-service and does not require contacting support. When you delete your account:

  • Your sessions and login data are removed.

  • Your cart, internal messages, and personal profile data are removed.

  • Past orders are kept for legal and audit reasons but personal details on them are removed so they no longer identify you.

  • Wallet and reward transaction records are kept for audit reasons but stripped of personal details.

  • Any unused wallet balance, reward points, or store credit is forfeited unless the law requires otherwise.

  • Account deletion cannot be undone.

Cookies and Local Storage

UTop.me uses a small number of cookies and similar technologies. They fall into these groups:

  • Essential. Sign-in and session cookies, guest session cookie, security tokens, and the cookie that stores your cookie preferences. These are required for the site to work and cannot be disabled.

  • Cart and checkout. Used to remember your cart contents, selected currency, and a short-lived order check needed to deliver your codes after payment.

We do not use third-party advertising or cross-site tracking cookies. For traffic statistics, we rely on Cloudflare's privacy-friendly analytics beacon, which does not use cookies and does not track you across other sites.

Eligibility

UTop.me is not intended for users under 18, or under the legal age of majority in your country. We do not knowingly collect personal data from minors. If you believe a minor has provided us with data, please contact support so we can remove it.

International Data Transfers

Some of our service providers, such as payment gateways, email delivery partners, and Cloudflare, may be located outside your country. When data is transferred internationally, we rely on appropriate legal safeguards offered by these providers and limit the data shared to what is needed to deliver the service.

Changes to This Policy

We may update this Privacy Policy from time to time. The current version is always available on this page, and the date at the top reflects the latest update. If you continue to use UTop.me after the updated version is posted, you accept the new policy.

Contact

For privacy-related questions or requests, contact us through our support system.

By using UTop.me, you acknowledge that you have read and agreed to this Privacy Policy.