Introduction

Cards R Us ("we", "our", "us") operates a global digital marketplace connecting customers with digital gift cards, airtime, data bundles, and software licences across 190+ countries. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our platform or make a purchase.

We are committed to protecting your personal data and processing it fairly and transparently. By using Cards R Us, you agree to the collection and use of information in accordance with this policy.

2.

Information We Collect

We collect information you provide directly: full name and email address, phone number, billing address, payment details (processed securely via PCI-DSS compliant processors), and identity documents submitted for KYC verification.

We also collect technical data automatically through your use of the platform: IP address and approximate location, browser type and version, device identifiers, pages visited and time spent, referral sources, and transaction and usage analytics.

We never sell your personal data to third parties. Your data is used solely to provide and improve our services.

3.

How We Use Your Data

We use your data to: process, fulfil, and deliver your orders; verify your identity and comply with KYC/AML obligations; detect and prevent fraud and unauthorised account access; communicate with you regarding your orders, account, and support requests; personalise your experience and surface relevant products; and improve our platform through analytics and testing.

We process your data on the lawful bases of contractual necessity, legal obligation, legitimate interest, and — where required — your explicit consent.

4.

Data Sharing

We do not sell, rent, or trade your personal data. We share data only with trusted service providers essential to our operations: payment processors, identity verification providers, cloud infrastructure partners, and customer support tools. All third parties are bound by data processing agreements.

We may also disclose data where required by law, court order, or regulatory authority, or to protect the rights, property, or safety of Cards R Us, our users, or the public.

5.

Your Rights

Depending on your jurisdiction, you may have the right to: access a copy of the personal data we hold about you; correct inaccurate or incomplete data; request deletion of your data; object to or restrict our processing; data portability; and lodge a complaint with a supervisory authority (e.g. NDPC in Nigeria, ICO in the UK).

To exercise any of these rights, please contact privacy@cardsrus.com. We will respond within 30 days.

6.

Cookies

We use cookies and similar tracking technologies to keep you logged in, remember your preferences, analyse traffic patterns, and support our marketing. You can control cookie preferences at any time through your browser settings or our Cookie Settings panel accessible via the footer.

7.

Data Security

We implement industry-standard security measures: 256-bit TLS encryption for all data in transit, AES-256 encryption for sensitive data at rest, regular third-party penetration testing, strict role-based access controls, and multi-factor authentication for all staff accessing customer data.

In the event of a data breach, we will notify you and the relevant supervisory authority within 72 hours, as required by applicable law.

8.

Contact Us

For all privacy-related queries, contact us at privacy@cardsrus.com. Our Data Protection Officer can be reached at dpo@cardsrus.com. Postal address: Cards R Us Limited, Victoria Island, Lagos, Nigeria.