Last updated: 12 September 2025
1) Who We Are (Data Controller)
Controller: mogaiptv LTD (trading as mogaiptv)
Company number: 18722994890
Registered address: Ireland
Contact (privacy/support): support@mogaiptv.com
Website: https://mogaiptv.com/
We have designated support@mogaiptv.com as our privacy contact. If in the future a formal DPO is required under GDPR, this page will be updated with those details.
2) What Personal Data We Process
- Account & identity: name, email, password hash, country, address (for billing/VAT if needed).
- Purchase & billing: order history, VAT/tax info, transaction IDs, last 4 digits of card (card data is stored by our payment processors, not by us).
- Technical & usage: IP address, device/OS info, authentication events, error logs, basic stream access logs for fraud prevention and fair-use (not full viewing history).
- Support: messages, attachments, and diagnostics you share.
- Marketing (optional): email preferences and consent status.
- Cookies: see our Cookie Policy for details.
Data minimisation: we collect only what is necessary to provide, secure, and operate the service, comply with law, and support legitimate interests. Where possible, we pseudonymise or aggregate data.
3) Why We Use Your Data & Our Lawful Bases
| Purpose | Examples | Lawful basis (GDPR Art. 6) |
|---|---|---|
| Provide the IPTV service | Account creation, authentication, plan management, compatibility guidance | Contract (Art.6(1)(b)) |
| Payments & invoicing | Process payments, prevent fraud, VAT records | Contract & Legal obligation (Art.6(1)(b),(c)) |
| Security & fair use | Abuse prevention, IP/device anomaly checks, CDN/DDoS protection | Legitimate interests (Art.6(1)(f)) |
| Support & incident response | Troubleshooting, ticket histories | Legitimate interests / Contract |
| Service communications | Transactional emails about orders, outages, policy updates | Legitimate interests / Legal obligation |
| Marketing (optional) | Newsletters/offers (opt-in only) | Consent (Art.6(1)(a)); withdraw anytime |
| Compliance | Record keeping, lawful requests | Legal obligation (Art.6(1)(c)) |
4) How Long We Keep Data (Retention)
| Data category | Typical retention | Reason |
|---|---|---|
| Account data | While account is active + 24 months after closure | Support history, fraud prevention |
| Orders & invoices | 6 years | Tax/VAT and accounting laws |
| Technical logs | 90–365 days (default 180 days) | Security, diagnostics, fair-use enforcement |
| Support tickets | 24 months | Quality, dispute handling |
| Marketing preferences | Until you opt-out / delete account | Consent records |
We may retain data longer if required by law or to establish, exercise, or defend legal claims. When retention ends, we delete or irreversibly anonymise data.
5) Sharing & Processors
We use vetted processors under GDPR contracts. They act on our instructions:
| Processor | Purpose | Location | Transfer mechanism | More info |
|---|---|---|---|---|
| Stripe, Inc. / Stripe Payments Europe | Payments, anti-fraud | EU/US | EU entity & EU-US Data Privacy Framework and/or SCCs | Privacy |
| PayPal (Europe) S.à r.l. et Cie | Payments | EU/US | EU entity & EU-US Data Privacy Framework and/or SCCs | Privacy |
| Web host | Website hosting | EU/EEA (or stated region) | EEA hosting or SCCs if outside EEA | Privacy |
| Cloudflare, Inc. (if enabled) | CDN, DDoS protection | EU/US | EU-US DPF and/or SCCs | Privacy |
| Email provider (e.g., Google Workspace/Zoho) | Transactional & support email | EU/US | EU-US DPF and/or SCCs | Privacy |
| Helpdesk (e.g., Zendesk/Freshdesk) (if used) | Support ticketing | EU/US | EU-US DPF and/or SCCs | Privacy |
| Analytics (e.g., GA4 or self-hosted) (if used) | Site analytics | EU/US | IP anonymisation, DPF/SCCs (if US) | Privacy |
Other sharing: professional advisers (legal/accounting), law enforcement where required, or in a business transfer (e.g., merger). We do not sell personal data.
6) International Transfers
If data is transferred outside the EEA, we rely on lawful safeguards such as the EU-US Data Privacy Framework (where applicable), European Commission Standard Contractual Clauses (SCCs), and additional measures. You can request details at support@mogaiptv.com.
7) Your GDPR Rights
- Access to your personal data.
- Rectification of inaccurate/incomplete data.
- Erasure (“right to be forgotten”) where applicable.
- Restriction of processing in certain cases.
- Portability of data you provided, in a commonly used format.
- Object to processing based on legitimate interests or direct marketing.
- Withdraw consent at any time where processing relies on consent.
To exercise your rights, email support@mogaiptv.com. We may verify your identity before responding.
8) Irish DPC (Supervisory Authority)
You may lodge a complaint with the Irish Data Protection Commission (DPC), our lead supervisory authority in Ireland: dataprotection.ie.
9) Security
We implement appropriate technical and organisational measures (TLS in transit, least-privilege access, logging/alerting, regular updates). No method is 100% secure; we will notify authorities and affected individuals of personal data breaches when legally required.
10) Children
Our services are for adults (18+). We do not knowingly collect data from children. If you believe a child has provided data to us, contact us to delete it.
11) Cookies & Similar Technologies
We use necessary cookies for core functionality and (if enabled) optional analytics/marketing cookies with consent. See our Cookie Policy and cookie banner for details (names, lifetimes, purposes).
12) Automated Decision-Making
We do not perform automated decision-making producing legal or similarly significant effects. Automated checks may help detect fraud or abuse; where needed, humans review outcomes.
13) Third-Party Links & Apps
Our setup guides may reference third-party IPTV apps/devices. Their privacy practices are their own; review their policies before use.
14) Changes to This Policy
We may update this policy to re