Privacy Policy

1. Introduction

thotee LLC ("we," "us," or "our") respects your privacy and is committed to protecting your personal data. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our platform and services (the "Service").

2. Information We Collect

2.1 Information You Provide

• Account Information: Email address, phone number, username, display name, bio, and profile photo
• Payment Information: Billing details processed through Stripe (we do not store complete card numbers)
• Content: Links, descriptions, and other content you add to your profile
• Communications: Messages you send to us or other users through the Service

2.2 Information Collected Automatically

• Usage Data: Pages visited, features used, actions taken, time and date of visits
• Device Information: IP address, browser type, operating system, device identifiers
• Analytics: Page views, link clicks, referral sources, and engagement metrics
• Cookies: Session cookies and persistent cookies for authentication and preferences

2.3 Information from Third Parties

• Payment Processors: Transaction status and limited account information from Stripe
• Social Platforms: Public profile information if you connect social accounts

3. How We Use Your Information

We use your information to:

• Provide, maintain, and improve the Service
• Process transactions and send related information
• Send administrative messages, updates, and security alerts
• Respond to your comments, questions, and support requests
• Provide analytics and insights about your profile performance
• Detect, prevent, and address fraud, abuse, and security issues
• Comply with legal obligations
• Personalize your experience and provide recommendations

4. Information Sharing

We may share your information with:

4.1 Service Providers

Third-party vendors who perform services on our behalf, including payment processing (Stripe), hosting, analytics, and customer support.

4.2 Other Users

Your public profile information (username, display name, bio, avatar, and links) is visible to anyone who visits your thotee page.

4.3 Legal Requirements

We may disclose information if required by law, court order, or government request, or if we believe disclosure is necessary to protect our rights, your safety, or the safety of others.

4.4 Business Transfers

In connection with a merger, acquisition, or sale of assets, your information may be transferred to the acquiring entity.

5. Data Retention

We retain your personal data for as long as your account is active or as needed to provide you services. We may retain certain information as required by law or for legitimate business purposes, such as resolving disputes and enforcing our agreements.

Analytics data may be retained in aggregated, anonymized form indefinitely for service improvement.

6. Data Security

We implement appropriate technical and organizational measures to protect your personal data against unauthorized access, alteration, disclosure, or destruction. However, no method of transmission over the Internet or electronic storage is 100% secure.

7. Your Rights

Depending on your location, you may have the following rights:

• Access: Request a copy of your personal data
• Correction: Request correction of inaccurate data
• Deletion: Request deletion of your personal data
• Portability: Request a copy of your data in a portable format
• Objection: Object to certain processing of your data
• Restriction: Request restriction of processing

To exercise these rights, please contact us at [email protected].

8. Cookies and Tracking

We use cookies and similar technologies to:

• Keep you logged in
• Remember your preferences
• Understand how you use the Service
• Improve our services

You can control cookies through your browser settings. Note that disabling cookies may affect the functionality of the Service.

9. International Data Transfers

Your information may be transferred to and processed in countries other than your country of residence. These countries may have different data protection laws. We take appropriate safeguards to ensure your data remains protected in accordance with this Privacy Policy.

10. Children's Privacy

The Service is not intended for users under 18 years of age. We do not knowingly collect personal information from children under 18. If we become aware that we have collected data from a child under 18, we will take steps to delete that information.

11. European Economic Area (EEA) Users - GDPR

If you are located in the European Economic Area (EEA), United Kingdom, or Switzerland, the following additional terms apply under the General Data Protection Regulation (GDPR):

11.1 Data Controller

thotee LLC is the data controller responsible for your personal data. You can contact us at [email protected].

11.2 Legal Basis for Processing

We process your personal data based on the following legal grounds:

• Contract Performance: Processing necessary to provide the Service you requested (account management, payments, core features)
• Legitimate Interests: Processing for fraud prevention, security, service improvement, and analytics, where our interests do not override your rights
• Legal Obligation: Processing required to comply with applicable laws
• Consent: Processing based on your explicit consent (e.g., marketing communications), which you may withdraw at any time

11.3 Your GDPR Rights

Under GDPR, you have the right to:

• Access: Obtain confirmation of whether we process your data and request a copy
• Rectification: Correct inaccurate or incomplete personal data
• Erasure ("Right to be Forgotten"): Request deletion of your personal data in certain circumstances
• Restriction: Request restriction of processing in certain circumstances
• Data Portability: Receive your data in a structured, machine-readable format
• Object: Object to processing based on legitimate interests or for direct marketing
• Withdraw Consent: Withdraw consent at any time where processing is based on consent
• Lodge a Complaint: File a complaint with your local data protection supervisory authority

11.4 International Data Transfers

Your data may be transferred to and processed in the United States and other countries outside the EEA. When we transfer data outside the EEA, we use appropriate safeguards including:

• Standard Contractual Clauses (SCCs) approved by the European Commission
• Transfers to countries with an adequacy decision from the European Commission
• Other lawful transfer mechanisms under GDPR

11.5 Data Retention

We retain your personal data only for as long as necessary for the purposes outlined in this policy, or as required by law. When determining retention periods, we consider the amount, nature, and sensitivity of the data, the purposes for processing, and legal requirements.

11.6 Exercising Your Rights

To exercise any of your GDPR rights, please contact us at [email protected]. We will respond to your request within 30 days. We may request verification of your identity before processing your request. These rights are free of charge, though we may charge a reasonable fee for manifestly unfounded or excessive requests.

12. California Privacy Rights (CCPA)

California residents have additional rights under the California Consumer Privacy Act (CCPA):

• Right to know what personal information is collected, used, shared, or sold
• Right to delete personal information
• Right to opt-out of the sale of personal information
• Right to non-discrimination for exercising CCPA rights

We do not sell personal information. To exercise your CCPA rights, contact us at [email protected].

13. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by posting the new policy on this page and updating the "Last updated" date. Your continued use of the Service after changes become effective constitutes acceptance of the revised policy.

14. Contact Us

If you have questions about this Privacy Policy or our data practices, please contact us at: