Last updated · May 18, 2026

Privacy Policy

How OnlyPPV collects, uses, discloses, and safeguards partner information across the affiliate platform. Compliant with GDPR and CCPA / CPRA.

01

Introduction

OnlyPPV ("we", "us") is a performance-marketing network connecting affiliate partners with advertisers in the Telegram ecosystem. This Privacy Policy explains how we collect, use, disclose, and safeguard information when you use our affiliate platform at onlyppv.io and app.onlyppv.io.

By accessing or using OnlyPPV, you acknowledge that you have read this Policy and agree to be bound by it.

02

Information We Collect

Account & onboarding

  • Display name and Telegram handle
  • Email address
  • Country / region of operation
  • Declared traffic sources (Facebook Ads, TG Ads, in-app push, etc.)
  • Expected monthly volume and verticals of interest

KYC (required only for payouts above $5,000 per month)

  • Government-issued ID (passport or national ID)
  • Proof of address (utility bill or bank statement, no older than 90 days)
  • For companies: certificate of incorporation and UBO declaration

Tracking & traffic data

When you generate a tracking link and run traffic to it, we record click metadata: IP address, user-agent, GEO, referrer, sub_id values, click ID, and the timestamp of the click. When the advertiser fires a conversion postback, we record the conversion metadata together with the originating click.

Payout information

  • USDT / TON wallet addresses you provide
  • Withdrawal history and amounts
  • Network and blockchain transaction hashes

Platform usage data

  • Login sessions and dashboard activity
  • Postback delivery logs (status codes, retries)
  • Device information (browser, OS, IP address)
04

How We Use Your Data

Network operation

  • Operating your affiliate account and dashboard
  • Recording and attributing clicks and conversions
  • Firing S2S postbacks to your tracker
  • Calculating balances and processing crypto payouts

Anti-fraud

Click and conversion events are scored in real time using device fingerprints, click-to-conversion timing, GEO consistency and sub_id behaviour. Events identified as fraudulent are flagged and excluded from payouts.

Network analytics

  • Aggregated performance benchmarks shared with advertisers
  • Internal product and quality improvements
  • Operational monitoring of postback delivery
05

Who We Share Data With

Advertisers

Click and conversion data

For each click and conversion you generate, the relevant advertiser receives the data needed to operate the offer — typically click ID, sub_id, GEO and device class. We never share your personal identity, payout details, KYC documents or wallet addresses with advertisers.

Service providers

  • Cloud infrastructure (hosting, databases, CDN)
  • Blockchain payment processors for USDT and TON
  • KYC providers (only when you trigger KYC review)

What we do NOT do

  • We do not sell your data to third parties
  • No data brokers
  • No advertising networks
  • No cross-site tracking of you as a partner

Law enforcement

We may disclose data if legally required, in response to court orders, subpoenas, or formal requests from competent authorities.

06

Data Retention

Data typeRetentionLegal basis
Account informationUntil deletion or 180 days inactivityContract — Art. 6(1)(b)
Click & conversion logs24 months rollingLegitimate interest — Art. 6(1)(f)
Anti-fraud signals12 months rollingLegitimate interest — Art. 6(1)(f)
KYC documents5 years after last activityLegal obligation — Art. 6(1)(c)
Payout records7 yearsLegal obligation — Art. 6(1)(c)
Support tickets24 monthsContract — Art. 6(1)(b)
07

Your GDPR Rights

You have the following rights under GDPR. All requests are processed within 30 days at no cost.

Art. 15 — Access

Request a JSON export of your data. Email privacy@onlyppv.com with subject "Data Access Request".

Art. 16 — Rectification

Correct inaccurate data via your dashboard or by emailing privacy@onlyppv.com.

Art. 17 — Erasure ("Right to be Forgotten")

Request account deletion via Settings → Delete Account, or by emailing privacy@onlyppv.com. We delete within 30 days. Exceptions: tax records (7 years) and KYC documents (5 years) are retained by law.

Art. 20 — Portability

Receive your data in a machine-readable JSON format on request.

Art. 21 — Objection

Opt out of marketing or non-essential analytics at any time.

Art. 77 — Lodge a complaint

You may complain to your local data protection authority. Contact us first at privacy@onlyppv.com — we will help you exercise your rights.

08

International Data Transfers

Your data may be processed in multiple locations including the EU, the United States, and the United Kingdom.

Safeguards

  • TLS 1.3 encryption in transit
  • AES-256 encryption at rest
  • Standard Contractual Clauses with non-EU processors
  • Minimal data sharing — only what is necessary
09

Security

We implement industry-standard security measures:

  • AES-256 encryption at rest
  • TLS 1.3 encryption in transit
  • Role-based access controls with least privilege
  • Continuous security monitoring and logging
  • Encrypted backups with retention policies
  • Documented incident-response procedures
Breach notification

In the event of a data breach affecting personal data, we will notify affected partners within 72 hours as required by GDPR, with details of the breach, affected data, and remediation steps. Contact: security@onlyppv.com.

10

California Residents (CCPA / CPRA)

If you reside in California, you have additional rights:

  • Right to know — what we collect and how we use it
  • Right to delete — request deletion of your data
  • Right to opt out of sale — we do not sell data, but you may opt out anyway
  • Right to correct — update inaccurate information

Email privacy@onlyppv.com with "California Privacy Rights" in the subject. Response within 45 days (extendable to 90 days with notice). Free of charge.

11

Cookies & Tracking

Essential cookies (required)

  • Session cookies for partner login
  • Authentication tokens
  • CSRF protection cookies

Click tracking on advertiser landing pages

When you run traffic to an advertiser via our tracking links, we set a click identifier (in the URL or as a short-lived cookie) so the advertiser can attribute later conversions back to your account. This identifier does not contain personal information about the end user.

On the OnlyPPV dashboard we use Google Analytics 4 (GA4) for aggregated, privacy-respecting usage analytics. You may disable cookies in your browser; essential cookies remain necessary for the Service to operate.

12

Changes to This Policy

We may update this policy. Material changes are posted on this page with a new "Last updated" date. Continued use of the Service after the change constitutes acceptance.

13

Contact Us

Privacy questions

privacy@onlyppv.com — response within 7 business days.

GDPR / CCPA requests

privacy@onlyppv.com with subject "[GDPR] [Request type]" — response within 30 days.

Security issues

security@onlyppv.com — response within 24 hours for critical issues.

Affiliate support

partners@onlyppv.com — response within 4 business hours.

By using OnlyPPV, you acknowledge that you have read, understood, and agree to this Privacy Policy.