Your privacy, in plain words

nowyouseeme is a membership platform that helps independent Creators share content with their Members through subscriptions and tipping. This Privacy Policy explains what personal information we collect, how we use it, who we share it with, and the rights you have over it.

It applies to our mobile apps, our websites and any related services we operate (together, the "Service").

We have tried to keep this document readable. If anything is unclear, please contact us.

Who is the data controller? The controller is Now You See Me Ltd, a company registered in England and Wales under company number 17077302, with its registered office at Oak House, London, N2 8EH, United Kingdom.

EU representative. Because we offer the Service to people in the European Economic Area, we have appointed Mark Homoki as our representative in the European Union under Article 27 of the EU GDPR. You can reach our EU representative with any EU data-protection enquiry by email at mark [at] nowyouseeme.app, by post at Kossuth 78, 2120 Dunakeszi, Hungary, or by contacting us.

We collect only what we need to operate, secure and improve the Service.

Account information. Things like your name or display name, username, email address, profile photo, a short bio and any links you add. If you sign in with a third-party provider such as Apple, Google or Facebook, we receive a limited set of identifiers from that provider (typically a user ID, your email and display name).

Age confirmation. We may ask you to confirm your age to comply with the eligibility rules in our Terms of service.

Creator information. If you become a Creator, our payment processor collects the additional information needed for payouts (such as your legal name, address, tax identifier and payout details). We receive only a high-level account reference and status — we do not store your full payout or identity documents.

Content you create. Posts, comments, direct messages, reactions, livestream recordings, photos, audio, video, file attachments and any metadata or captions you add. Larger media is uploaded directly from your device to our media provider, which returns identifiers we store with the post.

Payment information. When a Member subscribes or tips, payment is handled by our payment processors. We store references such as a customer or transaction identifier and basic details (for example the last four digits and brand of a card) so we can display your billing history. We do not store full card numbers, security codes or bank account numbers.

Communications with us. Messages you send to support and any attachments you include.

Device and technical data. Information your device or browser sends automatically — for example device model, operating system, app version, language, time zone and IP address — together with diagnostic and crash data needed to keep the Service running.

Usage data. Aggregated, non-identifying events that describe how the Service is used (for example which screens are opened or how long a session lasts), collected through standard product-analytics tools.

Cookies and similar technologies. Strictly-necessary cookies (such as session, authentication and security cookies) are always set. See Cookies & tracking below for more detail.

We do not collect special-category data (such as health, religion or political opinions) on purpose. If you choose to share such information in your content, you do so on your own responsibility.

We use your information for the purposes below. For Members and Creators in the EEA and UK, the legal basis under the GDPR / UK GDPR is shown in bold at the end of each item.

• Provide and operate the Service — create your account, deliver posts, run subscriptions, and send the messages and notifications you have enabled. Performance of a contract.
• Process payments and payouts — accept Member payments, calculate Creator payouts, and handle refunds, chargebacks and payment fraud. Performance of a contract / legal obligation.
• Authenticate and secure accounts — sign-in, password resets, abuse and fraud detection. Performance of a contract / legitimate interests in keeping the Service safe.
• Send service messages — receipts, security alerts, replies to your messages and in-app notifications you have enabled. Performance of a contract; consent for push notifications.
• Improve and maintain the product — understand how features are used in aggregate, fix bugs and prevent outages. Legitimate interests in running and improving the Service.
• Comply with legal obligations — keep payment and accounting records, collect and report Creator identification and income information to tax authorities under digital-platform reporting rules (such as the EU's DAC7 directive and the UK's equivalent rules), and respond to lawful requests from courts and regulators. Legal obligation.
• Send occasional product updates to the email address on your account, where you have consented or, where local law allows it, because you are an existing customer and have not opted out. You can opt out at any time. Consent; legitimate interests where local law permits emailing existing customers.

We do not sell your personal information. We do not show third-party advertising. We do not build behavioural advertising profiles, share your data with data brokers, or use your private content to train machine-learning models.

We only share personal information with the providers and recipients listed below, under written contracts that require them to protect your data.

Payments

• Stripe — card processing and Creator payouts, including Apple Pay and Google Pay where supported.
• Apple — In-App Purchase processing for iOS subscriptions.

Identity and sign-in

• Apple, Google and Meta (Facebook) — third-party sign-in, where you choose to use it.

Hosting, storage and content delivery

• Cloud hosting and object-storage providers — to host the Service, store uploaded files and deliver them efficiently.
• A specialised media provider — to ingest, transcode, host and stream video and audio.

Communications

• Transactional email provider — to deliver receipts, security alerts and other service emails.
• Push notification provider — to deliver the notifications you have enabled.

Product analytics and reliability

• Product-analytics provider — to measure aggregated, non-identifying usage of features.
• Error-tracking provider — to capture diagnostic information about crashes and errors so we can fix them.

You can ask us for more detail about a specific provider at any time by contacting us.

Other recipients

• Public profile data — your username, display name, profile photo, bio, public posts and public comments are visible to anyone who visits your Creator page.
• Other users — Members and Creators see information about each other only as needed to make the Service work (e.g. a Creator can see the list and tier of their Members; a Member can see the public profile and posts of any Creator they follow).
• Professional advisers — accountants, lawyers and auditors, under confidentiality.
• Authorities — when we are required to disclose information by law, by a valid court order, or where we reasonably believe disclosure is necessary to prevent harm, fraud or abuse of the Service.
• Successors — if we are involved in a merger, acquisition or sale of assets, your information may be transferred to the successor entity, subject to the same protections.

We never sell your personal information.

Several of the providers above are based outside the United Kingdom and the European Economic Area, primarily in the United States. When we transfer personal data internationally we rely on appropriate safeguards:

• The EU Standard Contractual Clauses (Commission Implementing Decision (EU) 2021/914) for transfers from the EEA;
• The UK International Data Transfer Addendum for transfers from the United Kingdom;
• Additional technical measures such as encryption in transit and at rest.

You can request a copy of the safeguards we use for any specific transfer by contacting us.

We keep personal information only as long as we need it for the purposes described in this policy.

• Account and content — kept while your account is active, and deleted from our systems within a reasonable period after you close your account. Residual copies may remain in encrypted backups for a short additional period before being overwritten.
• Payment and accounting records — kept for as long as we are required to retain them under applicable company and tax law (typically several years).
• Creator tax-reporting records — information we must report under digital-platform reporting rules (DAC7 and the UK equivalent) is kept for as long as those rules require.
• Diagnostic and analytics data — kept for a limited period and then deleted or aggregated.
• Support correspondence — kept for a reasonable period after the last reply so we can help with follow-up questions.

When the retention period ends we either delete the data or irreversibly anonymise it.

If you are in the United Kingdom or the European Economic Area, the GDPR / UK GDPR gives you the following rights:

• Right of access — get a copy of the personal data we hold about you.
• Right to rectification — correct information that is inaccurate or incomplete.
• Right to erasure ("right to be forgotten") — ask us to delete your personal data.
• Right to restriction or objection — limit or object to certain processing activities.
• Right to data portability — receive your data in a structured, machine-readable format.
• Right to withdraw consent — for any processing based on consent (such as analytics or push notifications).
• Right to lodge a complaint with your local data protection authority — for example the UK Information Commissioner's Office (ICO) or your country's supervisory authority.

You can exercise most of these rights directly inside the app:

• Settings → Edit profile to access and correct your data.
• Settings → Notifications to manage email and push preferences.
• Settings → Delete account to permanently delete your account.

For anything else, please contact us. We will respond within the timeframe required by applicable law. Users outside the UK and EEA may have similar rights under their local law — get in touch and we will help.

You can also read our GDPR notice for more detail on legal bases and supervisory authorities.

The Service is not intended for children under 16, and in some countries the local minimum age is higher. Creators offering paid memberships must be at least 18, as set out in our Terms of service.

We do not knowingly collect personal data from anyone below the applicable minimum age. If you believe a child has created an account, please contact us and we will close the account and delete the data.

We use industry-standard measures to protect your information, including:

• Encryption in transit and at rest;
• Securely hashed and salted passwords;
• Role-based access controls and the principle of least privilege for our staff;
• Logging of administrative actions;
• Regular dependency updates and security reviews.

If a personal data breach occurs that is likely to result in a risk to your rights and freedoms, we will notify the relevant supervisory authority and affected users in line with applicable law.

If you believe you have found a security issue, please contact us — we appreciate responsible disclosure.

On our website we use a small number of cookies and similar technologies:

• Strictly-necessary cookies — required to sign you in, keep your session alive and protect against cross-site request forgery. These are always set and cannot be disabled.
• No analytics or advertising cookies — our website does not set analytics, advertising or any other non-essential cookies, which is why you do not see a cookie banner. We understand how the Service is used through aggregated, in-app product analytics instead. If we ever introduce non-essential cookies on the website, we will ask for your consent first and update this policy.
• Diagnostics and error-reporting — to detect and fix crashes and bugs, using only the technical information needed to reproduce a problem, without cookies or cross-site identifiers.

In the mobile apps we use the platform's own analytics and crash-reporting SDKs in the same privacy-preserving way. You can disable push notifications and adjust analytics preferences in your device or app settings.

We do not use third-party advertising cookies or cross-site tracking pixels.

We only send marketing emails (for example, product news or feature announcements) to addresses you have provided to us, and only where we are allowed to do so under your local law.

Every marketing email contains an unsubscribe link, and you can also turn marketing off in Settings → Notifications. Turning off marketing does not stop transactional emails such as receipts, password resets or security alerts.

A few things specific to Creators:

• Your public Creator page — username, display name, profile photo, bio, public posts and tier descriptions — is visible to anyone, including search engines.
• Your payout details are collected and stored by our payment processor under their own privacy policy. We see only a high-level account reference and status.
• We may use your data to send you Creator-specific operational messages (such as payout issues, tax-form deadlines or policy changes) which you cannot opt out of while you have an active payout account.
• The list of your Members, their tiers and your revenue figures is visible to you in your Creator dashboard. You must treat this information confidentially and only use it to operate your membership — see our Terms of service and Content guidelines.
• If you export or otherwise use information about your Members outside the platform (for example, for your own mailing list where Members have agreed), you act as an independent data controller for that use and are responsible for complying with data-protection law yourself, including having a legal basis and honouring your Members' rights.
• We are legally required to collect and report identification and income information about Creators to tax authorities under digital-platform reporting rules (the EU's DAC7 directive and the UK's equivalent). This typically includes your name, address, date of birth, tax identification number, account identifiers and the amounts paid to you.

A few things specific to Members:

• Your subscriptions and tier are visible to the Creator you support. They are not visible to other Members.
• Comments, likes and reactions you leave on public posts are public.
• Comments and messages on private (paid) posts are visible to the Creator and to other Members of the same tier.
• Your payment method is stored by our payment processor, not on our servers — we only retain a reference and basic display details such as the last four digits and brand of your card.

We do not make decisions that produce legal or similarly significant effects on you based solely on automated processing.

We do use automated tools to help detect suspicious payment activity, abuse, and content that violates our Content guidelines or the law — including scanning uploaded media and, where the law permits, private messages, for child sexual abuse material and other serious harms. If a case is flagged, a human reviews it before any restrictive action (such as account suspension) is taken, and you can ask us to review the decision by contacting us.

We may update this Privacy Policy from time to time. When we make material changes we will notify you in advance through reasonable means, such as an email to the address on your account or an in-app notice.

The "Last updated" date at the top of this page always reflects the current version. Continued use of the Service after the effective date means you accept the updated policy.

For any privacy question, request or complaint, please contact us. The controller is Now You See Me Ltd, company number 17077302, registered office: Oak House, London, N2 8EH, United Kingdom.

Our representative in the European Union under Article 27 of the EU GDPR is Mark Homoki, Kossuth 78, 2120 Dunakeszi, Hungary — reachable by email at mark [at] nowyouseeme.app or by contacting us.

You can also lodge a complaint with the UK Information Commissioner's Office at ico.org.uk or with the supervisory authority in your EEA country of residence.

See also our GDPR notice, Terms of service and Content guidelines.