Privacy Policy

BoxLinkTV ("we", "us", or "our") is committed to protecting your personal data and respecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our IPTV streaming service and website.

This policy complies with the General Data Protection Regulation (GDPR) and other applicable privacy laws. If you are located in the European Economic Area (EEA), you have additional rights described in Section 9.

We collect the following categories of personal data:

We use your personal data for the following purposes:

• Providing and managing your subscription and account
• Processing payments and preventing fraud
• Delivering customer support and responding to inquiries
• Sending account-related communications (activation, renewal reminders)
• Monitoring and improving service performance and reliability
• Detecting and preventing abuse, fraud, or Terms of Service violations
• Complying with legal obligations

We do not use your data for targeted advertising, and we do not sell your personal data to third parties.

For users in the EEA, our legal basis for processing personal data is:

• Contract performance: Processing necessary to fulfil your subscription
• Legitimate interests: Fraud prevention, security, service improvement
• Legal obligation: Where required by applicable law
• Consent: For marketing communications, where we ask for your explicit consent

Our website uses essential cookies to enable core functionality (e.g., session management, theme preference). We do not use advertising or tracking cookies.

Essential cookies cannot be disabled, as they are necessary for the website to function. You can manage non-essential cookies through your browser settings, though this may affect site functionality.

We work with the following categories of third-party service providers who may process your data:

• Payment processors (PayPal, Stripe) — for secure payment handling
• Hosting and infrastructure providers — for server hosting and content delivery
• Communication tools — for customer support through available channels
• Security and anti-abuse services — for form protection and abuse prevention

All third-party providers are bound by contractual obligations to protect your data and use it only for the purposes we specify. We do not share your data with third parties for their own marketing purposes.

We retain your personal data only as long as necessary for the purposes described in this policy or as required by law:

• Account data: for the duration of your subscription plus 12 months
• Payment records: 7 years (legal/tax requirement)
• Support communications: 24 months
• Usage/access logs: 90 days

You may request deletion of your account data at any time by contacting our support team. We will process deletion requests within 30 days, subject to legal retention requirements.

We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, alteration, disclosure, or destruction. This includes encryption of data in transit (HTTPS/TLS), access controls, and regular security reviews.

No method of transmission over the internet or electronic storage is 100% secure. While we strive to protect your data, we cannot guarantee absolute security.

If you are in the EEA, you have the following rights regarding your personal data:

• Access: Request a copy of the personal data we hold about you
• Rectification: Request correction of inaccurate data
• Erasure: Request deletion of your personal data ("right to be forgotten")
• Restriction: Request limitation of how we use your data
• Portability: Receive your data in a machine-readable format
• Objection: Object to processing based on legitimate interests
• Complaint: Lodge a complaint with your local Data Protection Authority

To exercise your rights, contact us through our contact page. We will respond within 30 days.

Your data may be processed in countries outside your country of residence. Where we transfer personal data internationally, we ensure appropriate safeguards are in place, such as Standard Contractual Clauses approved by the European Commission.

Our Service is not directed to children under 13 years of age. We do not knowingly collect personal data from children under 13. If we become aware that we have collected data from a child under 13, we will take steps to delete it promptly.

We may update this Privacy Policy from time to time. We will notify you of significant changes by email or a prominent notice on our website. The "Last updated" date at the top of this page indicates when the policy was last revised.

For privacy-related inquiries, data access requests, or to exercise your rights, please contact our support team. We aim to respond to all privacy requests within 30 days.