Skip to main content
Arayas
ARAYAS CHEATS
Sign in
Arayas · Data

Privacypolicy

Effective April 22, 2026. Short and to the point — reads in a couple of minutes.

Short and to the point. What we collect, why, who we share it with, how to delete it. No legal noise, no hidden clauses — only the stuff that actually affects your data on our side.
01

What we collect

Required

  • E-mail — to deliver your key and let you recover access
  • IP, User-Agent, browser fingerprint — to catch multi-accounts and fraud
  • HWID — to bind the key to your device
  • Purchase history — to calculate your rank

Optional

  • Telegram username — to link the bot
  • In-game nickname

Never

  • Credit/debit card data (handled by the payment processor)
  • Passwords or chats from third-party services
  • Biometric data
02

Why

  • Deliver the product you bought
  • Apply your rank discount
  • Protect the store from fraudsters
  • Send important notices (cheat update, subscription expiration)
  • Compute overall statistics — anonymized
  • Marketing blasts without your consent — never
03

Who we share it with

  • Payment processor — the minimum required to run the payment
  • Anti-fraud systems — fingerprint and IP, not tied to e-mail
  • Government authorities — only on a lawful request
  • We don't sell the database — not to anyone, not for any money
04

How long we keep it

  • Account and purchases — while it exists + 12 months after deletion
  • Action logs and fraud attempts — 12 months
  • Support conversations — 24 months
05

How to delete

Write to support with a deletion request — we wipe it, no retention pitch. Processed within 7 working days. After deletion, basic logs (12 months) remain anonymized — that's an anti-fraud requirement, with no link back to you.

06

Cookies

Functional only (session, cart, language) and analytics (Yandex.Metrica for aggregate stats). No ad trackers, no Meta pixels, no Google Ads tags, nothing like that. We don't drop cookies from other sites.

07

Security

  • Passwords stored only as a bcrypt hash — not even we can see your original password
  • HTTPS on every page, no exceptions
  • Employee access — minimum required permissions with full logging of every action
If a leak is detected, we notify every affected user within 72 hours — by e-mail and in your account.