Privacy Policy

• We do not ask for, store, or send anything to the recipient of your link. Your crush is never in our database.
• Payments go through Polar.sh (our Merchant of Record). They store the card data, not us. We get only a confirmation that you paid.
• We auto-delete your site 30 days after publishing (or 90 if you bought the extended add-on). After expiry it stays in an internal archive for up to 60 more days, then it's permanently removed.
• We don't sell your data. We don't run third-party ad cookies.

• Account (via Supabase Auth): your email, optional name, your hashed password OR Google sign-in identifier.
• Site content you write: the crush's display name, your custom text, gif/image links you paste, colour choices, song link (if any). Stored in our database as a JSON blob attached to your account.
• Your own email for the answer notification — only ever your email, never the recipient's.
• The recipient's answer: the day, time and food they pick (no name, no email, no IP from them). Visible to you in your dashboard.
• Payments metadata from Polar: which addons you bought, amount, status, refund flag. Card numbers stay with Polar, we never see them.
• Analytics events (only if you accepted analytics cookies): page views, publishes, traffic source (tiktok/instagram/etc), country code derived from your IP. We do not store full IP addresses.
• Referral data: your unique referral code and which signups / paid purchases came from it.
• Server logs on Vercel: short-lived (~7 days) error logs that may include URLs and IDs.

• Contract (Art. 6(1)(b)): to provide the Service and your account, to deliver your link, and to email you when the recipient answers.
• Legitimate interest (Art. 6(1)(f)): to keep the Service secure, prevent abuse, and run minimal analytics on aggregated traffic.
• Consent (Art. 6(1)(a)): for any non-essential cookies (analytics opt-in via the cookie banner). You can withdraw consent at any time on the /cookies page.
• Legal obligation (Art. 6(1)(c)): tax / accounting records related to your payments are retained as required.

• We do not collect the recipient's email, name (beyond the display name you typed), or any contact info.
• The recipient's answer is stored against the site you created — it's only ever visible to you.
• If a recipient ever wants their answer removed, we honour that within 7 days — they can email support@shootyrshot.gudweb.si with the link.
• The recipient page is noindex,nofollow and link-preview previews are generic — no part of the page content leaks via OpenGraph in group chats.

• Polar.sh (Merchant of Record + checkout) — Sweden / EU.
• Supabase (database + auth) — EU region.
• Vercel (hosting + edge cache) — Frankfurt EU region by default.
• Resend (transactional email) — EU.
• Giphy / Apple iTunes / YouTube (third-party content embeds) — when you use search, the request goes through our server proxy so your IP isn't exposed to them.
• All processors have signed data-processing agreements with us under GDPR Art. 28.

Essential cookies: Supabase auth session (so you stay signed in). These are necessary and exempt from consent under GDPR / ePrivacy.

Optional: analytics events (page views, publishes) — off by default, on only if you click "accept" in the cookie banner. Read more on the cookie policy page.

Local storage: your session id, traffic source (first-touch), your referral code (?ref=), and dismissed-popup flags. These stay on your device.

• Live site: 30 days from publishing (or 90 if you bought the "extended" add-on).
• Expired site: up to 60 more days in an internal admin archive so you can renew it. After that it's permanently deleted.
• Pending-payment site: 48 hours; auto-archived afterwards with reason "ni placana".
• Payment records: kept for accounting / tax purposes as long as legally required (typically 10 years in Slovenia).
• Account: kept while active; deleted within 30 days of you closing it.

• Access (Art. 15): get a copy of your data.
• Rectification (Art. 16): fix wrong data.
• Erasure / right to be forgotten (Art. 17): we delete everything except what we have a legal duty to keep.
• Restriction (Art. 18) and objection (Art. 21): you can ask us to stop processing for specific purposes.
• Portability (Art. 20): export of your account data in a machine-readable format.
• Withdraw consent for analytics anytime on the /cookies page.
• Lodge a complaint with your data protection authority. In Slovenia: Informacijski pooblaščenec.
• To exercise any of these, email support@shootyrshot.gudweb.si. We respond within 30 days.