Legal

Privacy Policy

Last updated: 4 July 2025 · Compliant with AVG / GDPR

1. Who We Are

Rednight BV, Amsterdam, the Netherlands (KVK 95480528) is the data controller responsible for your personal data collected through the Rednight platform. Contact: our contact page.

2. What Data We Collect

Account data: email address, username, display name, hashed password, language preference.

Age verification data: confirmed during registration (boolean flag only — we do not store copies of ID documents for fans unless required by law).

Payment data: payments are processed by Segpay. We receive only transaction references — we never see or store your card number or full payment details.

Usage data: pages visited, content accessed, session tokens. Collected via server logs and session cookies.

Communications: any messages you send us via our contact form.

3. How We Use Your Data

  • To provide and operate the platform (contractual necessity)
  • To verify your age and enforce the 18+ requirement (legal obligation)
  • To process your purchases and subscriptions (contractual necessity)
  • To send important account notices such as payment receipts (contractual necessity)
  • To improve the platform and detect abuse (legitimate interest)
  • To comply with legal obligations (legal obligation)

We do not use your data for advertising profiling, sell it to third parties, or use it for automated decision-making with legal effect.

4. Data Retention

Account data is retained for as long as your account is active plus 2 years, unless a longer retention is required by law. You may request deletion at any time (see Section 7). Transactional records required for tax purposes are kept for 7 years.

5. Cookies

We use strictly necessary cookies for authentication sessions. We do not use advertising or third-party tracking cookies without your consent. See our Cookie Policy.

6. Third-Party Services

Segpay — payment processing. Subject to their own privacy policy.

Google Fonts — font loading. Google may log font request IPs. We are evaluating self-hosted alternatives.

7. Your Rights (GDPR / AVG)

Under the General Data Protection Regulation you have the right to:

  • Access — request a copy of your data
  • Rectification — correct inaccurate data
  • Erasure — request deletion of your account and data
  • Portability — receive your data in a machine-readable format
  • Objection — object to processing based on legitimate interest
  • Restriction — request we limit processing in certain circumstances

To exercise these rights, contact us. You also have the right to lodge a complaint with the Dutch Data Protection Authority (Autoriteit Persoonsgegevens — autoriteitpersoonsgegevens.nl).

8. Security

We implement industry-standard security measures including password hashing (bcrypt), HTTPS, and access controls. No transmission over the internet is 100% secure; we cannot guarantee absolute security.

9. Changes to This Policy

We may update this Privacy Policy periodically. We will notify registered users by email of material changes. Continued use of the platform constitutes acceptance of the updated policy.