Privacy Policy

1. Who is responsible

The data controller is [COMPANY NAME], [ADDRESS], [COUNTRY], registration number [REGISTRATION NUMBER]. For anything related to your personal data, contact [EMAIL].

2. What we collect

3. Why we use it

We do not use your data for advertising, we do not sell it, and we do not send marketing emails.

4. What the public can see

The website only ever shows anonymous, aggregated information: how many accounts remain per country, and a feed of recent reservations showing only the country, the number of accounts and the time. Your name, email address and other personal details are never visible to anyone but us, and are shielded at the database level.

5. Who we share it with

6. How long we keep it

We keep your reservation data for as long as the release and activation process runs, plus any period required by law (for example, tax law requires us to keep payment records for several years). If your reservation is refunded or never completed, we remove or anonymise your data once those legal periods allow it.

7. Your rights

Under the GDPR you can ask us at any time to access, correct, delete or export the personal data we hold about you, or object to how we use it. Email [EMAIL] and we will respond within one month. You also have the right to lodge a complaint with the data protection authority in your country.

8. Security

Reservation data is stored in a database with row-level security, so that it is technically inaccessible from the public website. Payments run entirely through Stripe's secured environment. Access to personal data is limited to the people who need it to run the release.

9. Contact

[COMPANY NAME] · [ADDRESS] · [EMAIL]