TERMS OF USE

These Terms govern your access to and use of mrcoda.com and the purchase and electronic delivery of digital products (including digital gift codes, stored-value vouchers, game currency and similar items) to consumers and, where separately agreed in writing, to business customers.

By creating an account, placing an order or using the site, you accept these Terms. Our Privacy Policy (including our Cookie Notice) form part of this agreement.

Age Requirement

Our services are intended solely for individuals who are at least 18 years of age or the age of legal majority in their jurisdiction, whichever is higher. By accessing or using mrcoda.com, creating an account, or making a purchase, you represent and warrant that:

• You are at least 18 years old or have reached the age of majority in your jurisdiction
• You have the legal capacity to enter into a binding agreement
• You are not prohibited from using our services under any applicable law

Age Verification

We may implement age verification measures, including but not limited to age confirmation prompts, identity verification requests, or third-party age verification services. By proceeding past any age verification prompt, you confirm under penalty of perjury that the information you provide is accurate.

Minors and Parental Responsibility

Our services are not directed to individuals under 18. We do not knowingly collect personal data from minors. If you are a parent or guardian and believe your child has accessed our services or provided personal information without your consent, please contact us immediately at [email protected]. We will take appropriate steps to remove such information and terminate the associated account.

Parents and guardians are responsible for monitoring their children’s internet use. We are not liable for any unauthorized use of our services by minors.

Account Responsibility

You are solely responsible for:

• Maintaining the confidentiality of your account credentials
• All activities that occur under your account
• Ensuring that no unauthorized person accesses your account
• Notifying us immediately at [email protected] if you suspect unauthorized access

Account Suspension and Termination

We reserve the right to suspend, restrict, or terminate your account and access to our services, with or without notice, if we reasonably believe that:

• You are under the required age
• You have provided false, inaccurate, or misleading information
• There is fraud, abuse, or unauthorized activity on your account
• You have violated these Terms or any applicable law
• There is a sanctions risk or regulatory concern

Account termination may result in forfeiture of any account balance in accordance with Section 04B.

Prices are shown at checkout in the indicated currency and may include or exclude applicable taxes depending on your location.

Your issuing bank or payment provider may apply exchange rates and fees.

Last updated: May 23, 2026. These payment and delivery terms apply to orders placed on or after May 21, 2026.

How Your Card is Processed

Card payments are processed by a PCI DSS Level 1-compliant payment gateway. Card data is entered through the payment provider’s secure payment flow and does not pass through our servers. We receive only payment tokens, payment status, masked PAN details such as the last four digits, and related transaction metadata as needed for order records, fraud prevention, refunds, and dispute handling. We do not store full card numbers, CVC codes, or sensitive authentication data.

Payment Authorization and 3D Secure

By placing an order, you confirm that you are authorized to use the selected payment method and that the payment information you provide is accurate and lawful.

For card payments, we may require 3D Secure, issuer authentication, CVC verification, AVS checks, wallet authentication, or other risk-based verification before accepting or fulfilling an order. A successful 3D Secure authentication, including challenge or frictionless authentication, may be used as evidence that the payment was authenticated by the card issuer or payment provider.

For fraud prevention, compliance, customer support, and payment dispute response, we may retain and use relevant payment and checkout records, including the payment processor transaction ID, PaymentIntent or Charge ID, 3D Secure result, Electronic Commerce Indicator (ECI), payment method type, order timestamp, IP address, device/browser information, checkout consent record, and delivery status.

Payment Verification and Liability Shift

For card payments and eligible wallet payments, we may require successful payment authentication, 3D Secure authentication, issuer approval, CVC/AVS checks, or equivalent payment-provider liability shift before accepting or fulfilling an order.

If the payment processor, card network, wallet provider, or our fraud prevention systems indicate that authentication was not completed, liability shift is not available, CVC verification failed, the risk level is elevated, or the transaction appears suspicious, we may decline the payment, cancel the order, refund the payment where appropriate, or temporarily hold digital delivery for manual review.

A successful payment authorization does not always mean immediate delivery. For digital products, we may delay delivery until fraud checks, payment authentication checks, and any required security review are completed.

Our PCI SAQ and Testing Posture

Because we use a hosted payment page or hosted payment fields, we validate annually using the applicable PCI self-assessment process for our integration. If our payment integration changes, the applicable PCI validation scope may also change. We conduct security reviews and keep remediation evidence where appropriate.

Technical Safeguards (Summary)

• We enforce HTTPS/TLS for web and API traffic
• Sensitive operational data is protected using appropriate access controls
• Passwords are stored as salted cryptographic hashes
• We do not store full card numbers, CVC codes, or sensitive card authentication data
• Payment flows route card data through the PCI-compliant payment provider

MRCODA provides an account balance feature that allows you to make purchases on mrcoda.com. Your account balance is not a bank account, e-money, or regulated stored-value instrument.

Key Restrictions

• No withdrawals — Balance cannot be converted to cash, transferred to a bank account, or refunded to any payment method
• No transfers — Balance cannot be sent to other users or third parties
• Single purpose — Balance may only be used for purchases on mrcoda.com
• No interest — Balance does not earn interest or any financial return

MRCODA is not a bank, payment institution, or money transmitter.

Inactivity Policy

Account balances are subject to expiration due to prolonged inactivity:

• An account is considered inactive if no purchase or login occurs for 36 consecutive months
• At 24 months of inactivity, a reminder notice will be sent to your registered email
• At 32 months of inactivity, a final warning will be sent
• At 36 months of inactivity, any remaining balance will be permanently forfeited

Any purchase or account login resets the inactivity period. It is your responsibility to maintain a valid email address and to use your balance before expiration.

Forfeiture Conditions

We reserve the right to freeze, reverse, or forfeit account balance that was:

• Added through fraudulent or unauthorized transactions
• Obtained through abuse of promotions or Terms violations
• Associated with chargebacks, payment disputes, or confirmed payment fraud
• Held in terminated or suspended accounts
• Subject to legal, regulatory, sanctions, or payment processor requirements

Forfeiture provisions may not apply where prohibited by local consumer protection laws. Users in such jurisdictions should contact [email protected] before balance expiration.

Digital items are delivered electronically. Depending on the product type, delivery may occur by making the item available in your MRCODA account area, displaying it after checkout, sending it to your registered email address, or fulfilling it to the account, user ID, server, region, phone number, email address, or other identifier you provide during checkout.

When Delivery Is Complete

For digital codes, delivery is complete when the code is made available in your MRCODA account, displayed after checkout, or sent to your registered email address.

For top-ups, game currency, vouchers, and third-party platform products, delivery is complete when our system, supplier, or fulfillment provider confirms that the product has been delivered to the account ID, user ID, server, region, phone number, email address, or other delivery details entered during checkout.

Delivery does not require the product to be redeemed, used, spent, or consumed by you. Once the digital item is made available or fulfillment is confirmed, the order is treated as delivered, subject only to the non-delivery and verified invalid-code exceptions in our Refund and Returns Policy.

Customer Responsibility for Delivery Details

You are responsible for entering the correct product, region, platform, account, server, user ID, phone number, email address, and other delivery details before placing an order. We are not responsible for failed, delayed, or misdirected delivery caused by incorrect information provided by you, unless required by applicable consumer protection law.

Delivery Delays and Review

On rare occasions, we may delay delivery for fraud checks, payment review, regulatory screening, sanctions checks, supplier availability, publisher/platform restrictions, account verification, or technical issues.

Security Verification Before Delivery

For certain orders, especially digital products, high-risk transactions, first-time customers, unusual payment activity, mismatched payment signals, payment processor risk alerts, or orders selected by our fraud prevention systems, MRCODA may temporarily hold delivery and request additional verification through a support ticket or email.

Verification may include confirmation of billing details, order details, delivery account/ID, and a redacted bank app or card statement screenshot showing the MRCODA transaction, amount, date, and the last 4 digits of the card.

Customers must not send full card numbers, CVC codes, passwords, login credentials, identity documents, selfies, bank balances, or unrelated private information unless specifically required by a regulated verification provider.

If verification is not completed, information is inconsistent, or we cannot reasonably verify the order, we may cancel the order, refund where appropriate, refuse delivery, suspend the account, or take other fraud-prevention action.

If an order cannot be fulfilled, we will cancel the order and, where applicable, provide a replacement, redelivery, account balance credit, or refund according to our Refund and Returns Policy.

Digital Delivery Evidence

For fraud prevention, customer support, and payment dispute response, we may keep delivery evidence such as order ID, product description, delivery timestamp, delivery destination, supplier fulfillment status, email delivery status, account access logs, IP address, device/browser information, checkout consent record, payment authentication metadata, and relevant customer communications.

Because digital content is made available immediately, all sales are final once a code is delivered, viewed, displayed in your account, sent by email, or fulfilled to the customer-provided account, ID, server, region, phone number, or email address.

Exceptions

• Non-delivery — We did not deliver the item to your account, email, or customer-provided delivery details
• Defective/invalid code — Subject to verification with the relevant provider, supplier, or publisher

You must notify us within 48 hours of delivery for an exception to be considered.

Security Verification Outcomes

If an order is held for security verification before delivery and verification cannot be completed, MRCODA may cancel the order and refund it where appropriate.

If the digital product has already been delivered, displayed, emailed, viewed, or fulfilled to the customer-provided account, ID, server, region, phone number, or email address, the sale is final except for verified non-delivery or a verified invalid code.

Incorrect Delivery Details

Refunds may be declined where the product was delivered to the email, account ID, user ID, UID, server, region, phone number, or other delivery details entered by the customer at checkout, even if those details were incorrect.

Refund Method

When a refund is approved:

• Refunds are issued to your account balance by default where legally permitted
• For verified non-delivery, pre-delivery cancellation, or failed security verification before delivery, we may refund to the original payment method where appropriate
• Upon request, we may process a refund to the original payment method at our discretion
• Refunds to the original payment method may take 5-14 business days depending on your payment provider

Balance-Funded Purchases

• Purchases made using account balance will be refunded to account balance only
• For mixed payments, each portion may be refunded to its original source where technically and legally possible

Chargebacks

Unfounded chargebacks may result in:

• Immediate account suspension
• Forfeiture, freeze, or reversal of any account balance associated with fraud, abuse, or payment disputes
• Sharing of order, payment, delivery, support ticket, verification, and dispute materials with the payment processor, card network, bank, wallet provider, or legal authorities where appropriate
• Permanent account termination for repeated violations

If you have an issue with an order, please contact [email protected] before initiating a chargeback.

You may not:

• Use stolen or unauthorized payment instruments
• Resell codes without a written reseller agreement
• Bypass technical or regional restrictions
• Violate platform/publisher terms
• Engage in money-laundering, sanctions violations or fraudulent activity
• Deploy bots or malicious automation

These restrictions mirror our internal acceptable-use and access-control requirements.

We may request identity verification, payment verification, order verification, delivery-account verification, or other documentation to prevent fraud, comply with sanctions, AML/KYC, payment network, payment processor, and legal requirements.

Support Ticket Verification

If an order is selected for manual security review, we may open a support ticket or contact you by email. You may be asked to confirm your billing name, country/region, ZIP/postal code, order details, product delivery account/ID, and whether you authorized the payment.

We may also request a redacted screenshot from your bank app or card statement showing the MRCODA transaction, amount, date, and last 4 digits of the card. You should hide unrelated private information.

Information You Should Not Send

You must not send full card numbers, CVC codes, passwords, login credentials, identity documents, selfies, bank balances, private conversations, or unrelated transactions unless specifically required by a regulated verification provider.

Ticket Activity Records

When you open, read, or reply to a support ticket, we may record ticket activity such as message timestamps, read status, message IDs, IP address, browser/user agent, related order references, verification outcome, and customer communications. These records may be used for customer support, fraud prevention, delivery verification, refunds, chargeback defense, and legal or payment processor compliance.

Failure to Complete Verification

We may decline, cancel, refund, delay, or refuse delivery for orders where verification is not completed, the information provided is inconsistent, fraud indicators are present, sanctions or regulatory concerns exist, or risk thresholds are exceeded.

We collect only what we need to operate the service and meet legal obligations—typically your name, email address, contact number, transaction metadata (order ID, timestamp, payment status) and service logs (IP address, device identifiers).

We do not store full card numbers or sensitive authentication data; we receive tokens and last four digits only.

Data Retention Periods:

• Customer account data: active period + 24 months
• Transaction records (no full PAN): 7 years
• Support tickets: 24 months
• IP/device logs: 12 months

After these periods, data is securely deleted or anonymized. We honor data-subject requests within statutory timeframes (e.g., GDPR/CCPA) after verifying identity.

We maintain layered security controls including MFA for sensitive access, least-privilege authorization, logging/monitoring and vulnerability management.

We run backups (off-site and encrypted) and conduct restore tests as part of business continuity.

Digital items are redeemed on third-party platforms that have their own rules, regional restrictions and availability windows. We are not responsible for third-party outages or changes, though we will provide reasonable support in good faith.

Site content is owned by us or our licensors. Digital products are licensed for personal, non-transferable use unless otherwise stated. Resale and commercial exploitation require a written B2B agreement.

The service and digital items are provided “as is” and “as available.” To the extent permitted by law, we disclaim implied warranties of merchantability, fitness for a particular purpose and non-infringement.

We are not liable for indirect, incidental, special or consequential damages. Our total liability for direct losses is limited to the total amount you paid to us for the affected order in the preceding three (3) months. Mandatory consumer rights are not limited by this section.

You agree to indemnify and hold us harmless from claims and expenses arising from your violation of these Terms, unlawful use of the service, or misuse of digital items.

Bulk purchases, special pricing, API use, credit terms and resale rights apply only where a separate written agreement is executed. Late payments may incur interest and recovery costs per that agreement.

B2B Credits and Prepayments

For business customers under a separate written agreement, we may apply invoice credits, prepayments, or deposits against future invoices. These amounts are not consumer stored value, are not usable by end users on the site, and are not redeemable for cash except as expressly provided in the B2B agreement or required by law. Card-funded top-ups are not accepted for any B2B balance unless explicitly agreed in writing.

You must comply with applicable export control and sanctions rules. We may restrict or cancel orders where required by law.

We maintain a business continuity and disaster recovery program, including RTO/RPO targets and tested backup/restore procedures.

These Terms are governed by the laws of the State of Delaware (conflict-of-laws principles excluded). Disputes should first be addressed through good-faith negotiations for 30 days; failing that, the competent Delaware courts shall have jurisdiction unless the parties agree to arbitration.

We may update these Terms from time to time. Material changes will be posted on the site with a new effective date.