Privacy policy

TiiDON Marketplace — Privacy Policy

Last Updated: 11/14/2025

This Privacy Policy explains how TiiDON Innovations Limited (“TiiDON”, “we”, “us”, “our”) collects, uses, stores, shares, and protects your personal information when you access or use our website, marketplace, dashboards, mobile apps, APIs, or any related services (collectively, the “Platform”).

By using the Platform, you consent to the practices described in this Privacy Policy.

If you do not agree with the terms of this Privacy Policy, please do not use the Platform.

1. Information We Collect

To operate the TiiDON Marketplace and provide you with a secure and efficient service, we collect various categories of information. This section explains what data we collect, how we collect it, and why we collect it.

We collect information in the following categories:

1.1. Information You Provide to Us

This is information you intentionally share with TiiDON when creating an account, making a purchase, submitting a product, or interacting with our support systems. These include:

1.1.1. Account Information

When you register on the Platform, we collect:

• Full name or display name
• Email address
• Username
• Password (securely hashed and never stored in plain text)
• Optional phone number
• Country of residence

This information is necessary to create, manage, and secure your account.

1.1.2. Profile Information

Users may optionally provide:

• Profile bio
• Portfolio or website links
• Avatar or profile image
• Social media handles
• Contact details and preferences

This information helps personalize your public profile and improves communication between Buyers and Authors.

1.1.3. Author/Seller Information

If you become an Author, we collect additional information required for:

• Verification
• Earnings
• Payouts
• Compliance
• This may include:
• Business or brand name
• Company registration documents
• Tax information where applicable
• Bank account details (partial data only)
• Mobile Money details (MTN, Airtel, etc.)
• Cryptocurrency wallet addresses
• KYC documents such as:
• National ID / NRC
• Passport
• Driver’s license
• Proof of address (e.g., utility bill)
• Selfie or video verification (if required)

This information ensures fraud prevention, secure payouts, and compliance with financial regulations.

1.1.4. Purchase & Billing Information

When Buyers purchase products, we may collect:

• Billing name
• Billing address (if provided)
• Country of purchase
• VAT or tax IDs (optional)
• Type of product purchased
• Purchase codes
• License type
• Price paid
• Applicable fees
• Invoice and receipt details

This information is necessary for transaction processing, receipts, tax compliance, and dispute resolution.

1.1.5. Support & Communication

When you contact us or interact with Authors, we collect:

• Support ticket messages
• Email correspondence
• Attachments or screenshots
• In-product comments or reviews
• Chat messages (where enabled)
• Feedback or surveys
• Reports regarding product issues or policy violations

We use this information to provide customer support, resolve issues, and improve the platform.

1.1.6. Uploaded Product Data

When Authors upload or submit digital products, we collect:

• Product files (e.g., ZIP, script files, themes, plugins, EAs, graphics, docs)
• Product descriptions and tags
• Screenshots or preview images
• Video or audio previews
• Version numbers
• Update logs
• Metadata such as file size, format, and structure

This information is necessary to host, review, publish, and sell your product.

1.2. Information Collected Automatically

When you use the Platform, TiiDON automatically collects certain information using cookies, analytics tools, log files, and tracking technologies. This helps us secure the Platform, analyze performance, and improve your experience.

1.2.1. Device & Technical Information

We automatically collect details such as:

• IP address (for security, fraud detection, and geolocation)
• Browser type and version
• Preferred language
• Device type (mobile, desktop, tablet)
• Device identifiers (if applicable)
• Operating system and version
• Screen resolution
• User agent string

This helps us optimize performance and compatibility across devices.

1.2.2. Usage & Interaction Data

We track how you interact with the Platform, including:

• Pages viewed
• Buttons clicked
• Navigation patterns
• Time spent on pages
• Scroll depth
• Referring URLs (the website or link you came from)
• Click logs and behavior events

This helps improve design, user experience, and recommendation accuracy.

1.2.3. Login & Activity Logs

These logs include:

• Login timestamps
• Logout timestamps
• Failed login attempts
• Download history
• Product purchase activity
• IP-based location approximation
• Device changes and session IDs

This helps detect suspicious or unauthorized access.

1.2.4. Cookies & Tracking Technologies

We use:

• Essential cookies (needed for login, cart, checkout)
• Analytics cookies (Google Analytics, internal analytics)
• Affiliate tracking cookies (to attribute referrals)
• Security cookies (fraud detection, session protection)
• Advertising cookies (where applicable and permitted)

You may disable cookies through browser settings, although some functions may stop working.

1.2.5. Automated Decisions & Profiling

To enhance efficiency and safety, TiiDON may use:

• Automated fraud checks
• Risk scoring for suspicious logins
• Automated affiliate attribution
• Product recommendation engines

These systems do not override your fundamental rights and are reviewed regularly.

1.3. Financial Information

We collect and process financial-related information necessary for:

• Purchases
• Payouts
• Transaction verification
• Dispute resolution
• Fraud prevention

1.3.1. Payment Information

We collect:

• Payment confirmation responses
• Transaction IDs
• Amounts paid
• Currency
• Product ID and license type

Payment method used (card, Mobile Money, PayPal, Crypto, etc.)

We DO NOT store:

• Full credit card numbers
• CVV codes
• Full debit card data

All card payments are processed through trusted, PCI-compliant third-party gateways.

1.3.2. Payout Information

For Authors and Affiliates, we process:

• Mobile Money wallet numbers (e.g., MTN, Airtel, Zamtel)
• Bank account details (account name, account number, bank name)
• Cryptocurrency wallet addresses
• Payout history
• Transfer confirmations
• Withdrawal requests
• All payout data is encrypted where required.

1.3.3. Financial Verification

To ensure secure financial operations, we may collect:

• Proof of ownership of payout accounts
• Screening information for fraudulent withdrawals
• Reconciliation logs
• Chargeback data

Tax-related information (where required)

1.3.4. Third-Party Payment Processors

Payments processed through external partners (such as PayPal, Stripe, Flutterwave, Coinbase Commerce, etc.) are subject to their privacy policies.

TiiDON only receives partial confirmation details—not your sensitive card or wallet information.

1.3.5. Fraud Prevention

Financial information may be used to:

• Detect unusual transaction patterns
• Prevent illegal activity
• Comply with financial regulations
• Conduct chargeback investigations
• Verify ownership of funds

1.4. Identity Verification (KYC)

To maintain a secure marketplace, comply with financial regulations, and prevent fraud, we may require Users—particularly Authors, Affiliates, and high-risk accounts—to complete Know Your Customer (KYC) verification. This verification helps us confirm your identity before allowing payouts, large transactions, or access to certain features.

We may collect the following KYC documents and data:

1.4.1. Government-Issued Identification

Such as:

• National Registration Card (NRC) – for Zambian users
• National ID – for users in other countries
• Passport – for international users
• Driver’s license

We may collect the document number, issuance date, and expiry date.

1.4.2. Proof of Address

To verify your residency, we may request:

• Utility bills (electricity, water, internet)
• Bank or mobile money statements
• Lease agreements
• Government correspondence
• Any official document showing your name and address

Documents typically must be dated within the last 3 months.

1.4.3. Business Verification

If operating as a company, we may collect:

• Business registration certificates
• Tax Identification Numbers (TIN)
• Business licenses
• Corporate documents proving ownership
• Proof of bank account ownership

1.4.4. Biometric Verification

In cases where identity risk is high, we may request:

• Selfie verification
• Short video verification
• Facial match validation against ID documents
• Liveness detection checks
• These measures reduce fraud, impersonation, and financial abuse.

1.4.5. Additional Verification Data

These may include:

• IP address patterns
• Device fingerprints
• Login behavior analysis
• Geolocation consistency checks
• Third-party identity verification results

All verification data is processed securely and stored in compliance with applicable laws.

1.5. Information From Third Parties

TiiDON may receive certain information from trusted third-party partners to ensure secure transactions, verify account legitimacy, improve your experience, and comply with regulations.

We may receive information from the following:

1.5.1. Payment Gateways

Payment processors may provide:

• Payment confirmations
• Fraud alerts
• Chargeback notifications
• Partial billing data
• Risk scoring indicators
• We do not receive your full card details.

1.5.2. Affiliate Tracking Partners

These systems may provide:

• Referral IDs
• Attribution cookies
• Traffic source information
• Device identifiers
• Lead quality scoring

This ensures accurate payout of affiliate commissions.

1.5.3. Anti-Fraud & Security Services

These tools help us detect:

• Suspicious transactions
• Fake accounts
• VPN/proxy usage
• Known fraud patterns
• Stolen identity data
• Repeated abuse across platforms

This helps protect both Buyers and Authors from fraudulent behavior.

1.5.4. Public Databases

We may collect publicly available information such as:

• Social media profiles
• Public business directories
• Company registration details
• Public blacklist or sanction lists

This helps validate identity and ensure compliance.

1.5.5. Social Login Providers

If you sign in using:

• Google
• Facebook
• GitHub
• Microsoft
• Apple
• Other approved social login providers
• We may access basic profile details such as:
• Name
• Email
• Profile picture
• Verified status

We do not receive your social media passwords.

2. How We Use Your Information

We use your personal data to operate, secure, and improve the TiiDON Marketplace.
Your data is never sold; it is used strictly for platform functionality, legal compliance, and user experience enhancement.

2.1. Operate and Improve the Platform

We use your information to:

2.1.1. Create and Manage Accounts

• Register new users
• Authenticate logins
• Manage profiles and settings
• Enable account recovery

2.1.2. Enable Purchases and Downloads

• Process product orders
• Grant access to purchased or free items
• Verify product licenses
• Track download activity

2.1.3. Process Author Payouts

• Calculate earnings
• Validate withdrawal requests
• Transfer funds to bank, mobile money, or crypto wallets
• Prevent payout fraud

2.1.4. Verify User Identity

• KYC/AML checks
• Fraud prevention
• Platform safety

2.1.5. Prevent Fraud and Security Threats

We use automated and manual systems to:

• Detect unauthorized access
• Block suspicious accounts
• Prevent duplicate or fake accounts
• Monitor abnormal financial activity

2.1.6. Provide Customer Support

• Respond to tickets
• Resolve disputes
• Troubleshoot issues
• Offer updates and assistance

2.1.7. Improve Platform Performance

We analyze usage patterns to:

• Enhance navigation
• Improve page loading
• Optimize search results
• Fix bugs and technical issues

2.2. Marketplace Operations

We use your data to keep the marketplace functional and organized.

This includes:

2.2.1. Publishing Product Listings

• Displaying product titles, descriptions, badges, ratings
• Showing author profiles and stats
• Showcasing screenshots, previews, and demos

2.2.2. Displaying Author Profiles

Your public profile may include:

• Name
• Username
• Avatar
• Country (optional)
• Number of products
• Follower count
• Reviews and ratings

2.2.3. Tracking Purchases and Downloads

We record:

• Purchase history
• Licensing details
• Download logs
• User activity

This helps authors verify customers and provide support.

2.2.4. Attribute Affiliate Referrals

Affiliate tracking ensures:

• Correct commission payouts
• Fraud detection
• Promotion analytics

2.2.5. Handling Disputes and Refunds

We use necessary data to:

• Verify authenticity of claims
• Review product issues
• Communicate with both parties
• Apply the refund policy fairly

2.2.6. Reviewing Product Submissions

We assess:

• Code quality
• Documentation
• Licensing issues
• Malware risks
• Misleading descriptions

This maintains marketplace integrity.

2.3. Legal & Compliance

We process your data for legal and regulatory reasons, including:

2.3.1. KYC/AML Checks

To comply with:

• Anti-money laundering laws
• Fraud prevention regulations
• Financial transaction guidelines
• International sanctions policies

2.3.2. Tax Reporting

Where necessary, we may use your data for:

• Tax documentation
• Fraud investigations
• Financial audits

2.3.3. Law Enforcement Requests

We may disclose information:

• When required by law
• For court orders and subpoenas

To assist with investigations into fraud, cybercrime, or illegal activity

2.3.4. Preventing Unlawful Content

This includes:

• Removing pirated or copyrighted materials
• Blocking malicious scripts
• Filtering harmful content
• Enforcing author compliance

2.3.5. Enforcing Terms of Use

We use your data to:

• Detect violations
• Suspend or terminate accounts
• Protect authors, buyers, and the platform

2.4. Communication

We may use your information to communicate with you through email, dashboard notifications, or in-app messages.

We may contact you regarding:

2.4.1. Account Activity

• Login alerts
• Password resets
• Verification requests

2.4.2. Purchases or Downloads

• Order confirmations
• Invoice/receipt delivery
• License information
• Update notifications

2.4.3. Payouts

• Withdrawal confirmations
• Payment status
• KYC requests or payout delays

2.4.4. Important Updates

• Platform changes
• Feature announcements
• Scheduled downtime

2.4.5. Security Alerts

• Suspicious activity
• Unauthorized access warnings
• Mandatory password resets

2.4.6. Promotions and Marketing

Only if you opt-in, we may send:

• Discounts and offers
• New product announcements
• Marketplace events
• Author promotions and sales

You can unsubscribe at any time using the link provided in emails.

2.4.7. Policy Changes

We will notify you of:

• Privacy Policy updates
• Terms of Use updates
• Refund policy changes
• Compliance requirements

Continuing to use the Platform means you accept updated terms.

3. Legal Basis for Processing (International Compliance)

TiiDON processes personal data only where we have a valid legal basis to do so. Our processing activities align with global data protection standards, including the General Data Protection Regulation (GDPR), the Zambian Cybersecurity & Cybercrimes Act, the California Consumer Privacy Act (CCPA), and internationally recognized e-commerce and digital marketplace principles.

3.1. Contractual Necessity

We process data to:

• Create and maintain your account
• Process purchases and downloads
• Deliver digital products
• Transfer author payouts
• Provide customer support
• Enforce your licenses and transactions

Without this processing, we cannot provide our services.

3.2. Legitimate Interest

We process certain data to:

• Prevent fraud and abuse
• Improve platform functionality
• Monitor site performance
• Analyze usage patterns
• Protect Users and Authors
• Secure financial transactions

We always balance these interests with your privacy rights.

3.3. Consent

Certain processing activities are based on your explicit consent, including:

• Marketing emails and newsletters
• Cookie tracking for analytics
• Affiliate attribution
• Storing optional profile data
• Social login integrations

You may withdraw consent at any time.

3.4. Legal Obligation

Some data must be processed to comply with laws relating to:

• KYC/AML requirements
• Transaction records
• Tax compliance
• Law enforcement requests
• Financial audits
• Prevention of money laundering and cybercrime

We only keep what is legally required.

3.5. Vital & Security Interests

We may process data to:

• Protect Users from fraud
• Prevent unauthorized account access
• Secure payouts and financial systems

Investigate security breaches

4. Cookies and Tracking Technologies

TiiDON uses cookies and similar tracking technologies to provide a secure, reliable, and personalized experience. Cookies help us remember your preferences, maintain sessions, process purchases, and analyze usage.

4.1. Types of Cookies We Use

4.1.1. Essential Cookies

Required for:

• Logging in
• Managing your cart
• Secure checkout
• Account sessions
• Download access
• Anti-fraud protection

Disabling these may break core functions.

4.1.2. Analytics Cookies

Used to understand platform performance, including:

• Google Analytics
• Internal tracking tools
• Error monitoring
• User behavior insights

This helps us improve navigation, load speed, and user experience.

4.1.3. Affiliate Tracking Cookies

Used to:

• Attribute referrals
• Track conversions
• Ensure correct affiliate payouts

These cookies do not store personal data.

4.1.4. Security Cookies

Used for:

• Fraud detection
• IP and device risk scoring
• Bot protection
• Login verification

4.1.5. Preference Cookies

Used to remember:

• Language
• Currency
• Theme mode (light/dark)
• Marketplace filters

4.2. Cookie Choices

You may disable cookies through your browser settings.
However, essential features such as login, checkout, and downloads may stop functioning correctly.

5. Sharing Your Information

We do not sell your personal data under any circumstances.

We only share data when necessary to operate the Platform, comply with laws, or deliver your purchased products.

5.1. Service Providers (Processors)

We may share limited data with trusted partners who help us run the Platform, such as:

• Payment processors (e.g., mobile money, banks, crypto providers)
• Cloud hosting providers
• Analytics providers
• Email delivery services
• Fraud detection systems
• Security and firewall partners
• Identity verification providers (KYC/AML)
• Affiliate tracking tools

All partners must meet strict data protection and security requirements and may only process data on our behalf.

5.2. Authors/Sellers

If you purchase an item, we may share limited information with the Author so they can provide licensing and support.

• Authors may receive:
• Your username
• Your purchase code/license
• Product purchased
• Support conversation messages (if you initiate contact)
• Authors do not receive:
• Your email address (unless provided during support)
• Your payment information
• Your real identity (unless required by law)

5.3. Legal Compliance

We may disclose information if required to:

• Comply with legal or regulatory obligations
• Respond to court orders or subpoenas
• Assist in investigations of fraud, cybercrime, or illegal activity
• Protect TiiDON, Users, and the public
• Enforce our Terms of Use
• We only release what is legally required.

6. Data Storage & Retention

We retain personal data only for as long as necessary for:

• Operating the Platform
• Legal and compliance obligations
• Fraud prevention and security
• Payment reconciliation
• Support and dispute resolution
• Maintaining business records

6.1. Retention Periods

• Account data: retained while the account is active
• Purchase and payout records: retained for legal/financial compliance
• KYC documents: retained as required by financial laws
• Support tickets: retained for dispute resolution
• Cookies: vary by type (session vs persistent)

When your account is deleted, some data may be retained where legally required.

6.2. Data Deletion Requests

• You may request account deletion at any time.
  However, we may keep:
• Legally required financial records
• Fraud-related data
• Records needed for dispute resolution
• We will inform you of what cannot be deleted and why.

7. Security Measures

We implement advanced administrative, technical, and physical safeguards to protect your information.

7.1. Technical Safeguards

• SSL/TLS encryption on all data transfers
• Encrypted database storage for sensitive fields
• Password hashing (bcrypt or equivalent)
• Firewalls and intrusion detection
• Rate limiting and IP monitoring
• Malware scanning
• Encrypted backups
• Secure APIs

7.2. Administrative Safeguards

• Strict employee access control
• Role-based permissions
• Mandatory security training
• Confidentiality agreements
• Regular internal audits
• Vendor due diligence

7.3. User Security Tools

We provide security tools including:

• Two-factor authentication (2FA)
• Login activity logs
• Device recognition
• Session management
• Users are encouraged to:
• Use strong passwords
• Enable 2FA
• Keep devices secure
• Avoid sharing login details

7.4. Limitations

While we do everything reasonably possible to protect your data, no system is completely immune to risks.
Users share responsibility in safeguarding their accounts and devices.

8. Your Rights

Depending on your country of residence and applicable data protection laws, you may exercise the following rights regarding your personal information. These rights are available to Users under GDPR (EU/EEA), CCPA (California), PIPEDA, POPIA, and equivalent international privacy laws.

8.1. Right to Access

You may request a copy of the personal data we hold about you, including:

• Account information
• Transaction history
• Profile details
• Support logs
• Verification data

We will provide this information unless restricted for security or legal reasons.

8.2. Right to Rectification

If any information we hold is incorrect or incomplete, you may request correction or updates at any time through:

• Your account dashboard
• Contacting support@tiidon.com
• We may require verification before making changes.

8.3. Right to Deletion (Right to Be Forgotten)

You may request that we delete your account and personal data.
However, certain information cannot be deleted where required by law, including:

• Financial transaction records
• Fraud and security logs
• Tax and legal compliance data

We will inform you if any data must be retained and why.

8.4. Right to Restrict Processing

You may request that we temporarily or permanently stop processing your data if:

• You dispute accuracy
• You object to processing
• The data is no longer needed
• You believe the processing is unlawful

Certain platform functions may be restricted while processing is limited.

8.5. Right to Object to Marketing

You may opt out of:

1. Marketing emails
2. Promotional notifications
3. Affiliate and product updates

An unsubscribe link is included in all marketing emails.

8.6. Right to Data Portability

You may request export of your data in a structured, machine-readable format such as:

• CSV
• JSON
• PDF for certain records

This allows you to transfer your information to another service.

8.7. Right to Withdraw Consent

Where processing is based on consent—such as marketing, cookies, or optional profile fields—you may withdraw consent at any time without affecting the lawfulness of prior processing.

8.8. Right to Close Your Account

• You may request account closure through:
• Your account settings
• Emailing support@tiidon.com

Account closure will delete your access and restrict further processing, subject to legal obligations.

8.9. Exercising Your Rights

Requests may be made by contacting:

📧 support@tiidon.com

We may ask for verification to protect your data against unauthorized access.

9. Children’s Privacy

TiiDON is designed for adults and professional creators. We do not knowingly collect or retain information from individuals under 18 years old.

If a minor’s data is discovered:

Access will be immediately revoked

• The account will be deleted
• Associated information will be removed from our systems
• We may notify relevant guardians or authorities if required by law
• Parents or guardians may contact us if they believe a child has provided information without consent.

10. International Data Transfers

Because TiiDON operates globally, your information may be stored or processed in:

Zambia

• Countries where our hosting providers operate
• Countries where payment processors or identity verification partners are located
• Countries where our international team or contractors are based

10.1. Safeguards

We take steps to ensure that international transfers comply with applicable laws, including:

• GDPR Standard Contractual Clauses (SCCs)
• Data Processing Agreements (DPAs) with vendors
• Encryption during transmission and storage
• Vetting and auditing of service providers
• Limiting access to essential personnel only

By using the Platform, you acknowledge that your data may be transferred outside your country of residence with appropriate protections in place.

11. Third-Party Links

Some product pages, author websites, or marketplace listings may contain external links to third-party sites. These sites operate independently of TiiDON.

• We are not responsible for:
• Their privacy policies
• Their security practices
• Their content, services, or data handling
• Any losses arising from use of external sites

We encourage Users to review the privacy policies of any third-party websites before providing personal information.

12. Changes to This Privacy Policy

We may update this Privacy Policy to reflect:

• Changes in laws
• Updates in our features or services
• Security or compliance requirements
• Business or operational adjustments

12.1. Notification Methods

If significant changes are made, we will notify users via:

• Email
• Dashboard notifications
• Prominent notices on the Platform
• The “Last Updated” date will also be revised.
  Continued use of the Platform after changes means you accept the updated policy.

13. Contact Information

If you have questions about privacy, data usage, or your rights, please contact us:

TiiDON Innovations Limited
📧 Email: support@tiidon.com
🌐 Website: www.tiidon.com

We will respond within a reasonable period, usually within 1–48hours.