privacy policy

1. What we collect

Account & profile

• Email address (from Google sign-in or magic-link).
• Display name and avatar (you choose these; default is generated).
• Profile bio and social links (optional, you control).
• Age confirmation timestamp once you tap "I’m 18+".

Identity verification (only if you opt in to host adult-category streams)

• Government-issued photo ID and a selfie.
• Verification outcome (approved / rejected / pending) and reviewer notes.

Payment & payouts

• Purchase history (token packs, amounts, timestamps, processor session ID).
• Bank account name, account number, routing/bank code (only if you request payouts).
• Dispute / chargeback events received from our payment partners.
• We do not store card numbers. Cards are handled entirely by our PCI-compliant payment partner.

Activity

• Streams you host (title, category, start/end time, viewer counts, thumbnails).
• Chat messages, direct messages, gifts sent and received.
• Follows, room joins, paid VIP entries.
• Notification reads, login timestamps.

Technical

• IP address (kept in short-term server logs for abuse / fraud detection).
• User-agent / device class (for compatibility, e.g. EDGE detection).
• WebSocket connection events (connect, disconnect, room id).
• Our real-time media provider routes audio/video tracks between participants;we do not record streams unless you explicitly enable recording.

2. Why we collect it

• Provide the Service — you can’t enter rooms or buy tokens without an account, balance, or session.
• Process payments and prevent fraud — chargeback handling, dispute clawbacks, payout verification.
• Enforce safety rules — remove harmful content, ban repeat offenders, comply with subpoenas.
• Improve reliability — debug crashes, scale capacity, detect connection-quality issues on slow networks.
• Comply with law — tax records for payouts, reports of CSAM to NCMEC, responses to valid legal requests.

3. Who else sees it

We share data with a small number of vetted service providers, only as needed to operate the Service. We disclose the category of each processor rather than the specific vendor, in line with our security practice of not publishing the full infrastructure stack. The full vendor list and DPAs are available to data-protection authorities and enterprise customers on request.

• Authentication & database — stores account records, sessions, and OAuth handoff (Google sign-in, magic-link email).
• Real-time media provider — WebRTC routing for live audio and video between you and other room participants.
• Content delivery network (CDN) — serves your avatar, room thumbnails, DM media attachments, and (during review) ID-verification documents.
• Payment processors — PCI-compliant card processor for global token purchases, plus a regional processor for selected markets. Card data never touches our servers.
• Cloud infrastructure — EU-based hosting that runs the drift API, database, and the web app.
• Email / transactional delivery — sends sign-in links, dispute notices, and payout confirmations.

We do not sell your data, do not run third-party ad networks, and do not share data with advertisers. We never share your ID documents, bank details, or DMs except with the above processors or in response to valid legal process.

4. Retention

• Account data: until you delete your account.
• ID verification documents: deleted within 30 days of the verification decision, or sooner on request, unless required to resolve an abuse investigation.
• Payment records & payout receipts: kept for at least 7 years for tax and dispute purposes (this is a legal obligation we cannot opt you out of).
• Chat & DMs: kept as long as both parties keep the conversation. Either party can delete their own messages; deleting an account removes your messages from the sender side (recipient copies may persist).
• IP / device logs: 30 days.
• Suspension reason & dispute history: retained indefinitely on terminated accounts to prevent ban-evasion.

5. Your rights

You can, at any time:

• See and export your data — email [email protected].
• Correct your profile, bank details, age confirmation from inside the app.
• Delete your account — email [email protected]or use the in-app option when available. We will delete or anonymize your data within 30 days except where retention is legally required (see §4).
• Object to processing or restrict it — contact us with the request.
• Lodge a complaint with your local data-protection authority.

If you’re in the EU/EEA, UK, or California, you have additional statutory rights under GDPR / UK GDPR / CCPA respectively. We honour them on the same address.

6. Children

drift is not for users under 18. We do not knowingly collect data from minors. If you believe a child has created an account, email[email protected] immediately so we can remove it.

7. Security

We use TLS 1.2+ for all traffic, hash passwords with industry-standard algorithms via our authentication provider, and hash API keys with SHA-256. Webhook secrets and JWT secrets are rotated periodically. No system is perfectly secure; we will notify affected users without undue delay in the event of a breach affecting personal data, and notify the relevant authority where required by law.

8. International transfers

Our primary infrastructure runs in the European Union; some of our processors operate globally. Where your data is transferred outside the EEA, we rely on the processor’s contractual safeguards (typically Standard Contractual Clauses) to maintain GDPR-equivalent protection.

9. Cookies

We use a small number of strictly-necessary cookies for your sign-in session, and browser localStorage to hold your drift session token and age-confirmation flag. We do not use tracking cookies, analytics cookies, or advertising cookies.

10. Changes & contact

We’ll announce material changes to this Privacy Policy on the landing page or via in-app notification at least 7 days before they take effect.

privacy & data requests: [email protected]
security disclosures: [email protected]