Privacy Policy

At Viewsy, we are committed to protecting your privacy and personal data. This Privacy Policy explains how we collect, use, store, and protect your information in accordance with the General Data Protection Regulation (GDPR) and other applicable data protection laws.

By using our services, you agree to the collection and use of information in accordance with this policy.

1. Data Controller

EMAM MEDIA LTD (trading as Viewsy) is the data controller responsible for your personal data. For any questions or concerns regarding your data, you can contact us:

• Company: EMAM MEDIA LTD
• Company Number: 11855473
• Registered Office: 20-22 Wenlock Road, London, England, N1 7GU
• Email: support@viewsy.com

2. Personal Data We Collect

We collect and process the following categories of personal data:

2.1 Account Information

• Email address
• Username
• Password (encrypted and hashed using bcrypt)
• Account status (verified/unverified)
• Verification code (temporary, for email verification)
• Google ID (if you sign up using Google OAuth)
• Password reset token (temporary, when requesting password reset)
• Admin status (whether you have admin privileges)
• Account creation and update timestamps

2.2 Wallet and Financial Information

• Wallet balance
• Wallet transaction history (amount, payment method, status, description, transaction type)
• Payment intent IDs (from payment processors)
• Transaction IDs
• Pending wallet top-up requests

Note: We do not store full credit card details. Payment processing is handled securely by PayPal, Stripe, and cryptocurrency payment processors.

2.3 Order Information

• Order UUID (unique identifier)
• Service type (e.g., followers, views, likes)
• Platform (Instagram, YouTube, TikTok)
• Category (specific service category)
• Amount/quantity ordered
• Social media link (public URL you provide)
• Order status (pending, processing, completed, failed)
• Payment method used for the order
• Charge amount
• Provider information (order ID, status, name from our service providers)
• Error information (if order fails)
• Pending orders (orders awaiting payment)
• Order creation and update timestamps

2.4 Support and Communication Data

• Support ticket subject and status
• Messages exchanged in support tickets
• Ticket creation and update timestamps

2.5 Technical and Security Data

• IP addresses (logged for security and fraud prevention)
• User agent (browser and device information)
• Action logs (login, registration, order placement, etc.)
• Session data (for maintaining your logged-in state)
• Timestamps of actions

3. How We Collect Your Data

We collect personal data through:

• Direct interactions: When you create an account, place orders, top up your wallet, or contact support
• Automated technologies: Through session cookies and server logs when you use our website (IP address, user agent, action logs)
• Third parties: Payment processors (PayPal, Stripe, cryptocurrency gateways) provide transaction confirmation data
• OAuth providers: Google (if you sign up using Google OAuth, we receive your Google ID and email)

4. Legal Basis for Processing

Under GDPR, we process your personal data based on the following legal grounds:

• Contract Performance (Art. 6(1)(b) GDPR): To provide the SMM services you ordered and manage your account
• Legitimate Interest (Art. 6(1)(f) GDPR): To improve our services, prevent fraud, and ensure platform security
• Legal Obligation (Art. 6(1)(c) GDPR): To comply with tax, accounting, and legal requirements
• Consent (Art. 6(1)(a) GDPR): For marketing communications (where applicable and with your explicit consent)

5. How We Use Your Data

We use your personal data for the following purposes:

• To create and manage your account
• To verify your email address and authenticate your identity
• To enable Google OAuth login (if you choose this option)
• To process password reset requests
• To manage your wallet balance and process top-ups
• To process and deliver your orders
• To track order status and communicate with service providers
• To process payments and prevent fraud
• To provide customer support through our ticketing system
• To send service-related notifications (order confirmations, delivery updates, verification emails)
• To log IP addresses and user actions for security and fraud prevention
• To maintain session data for keeping you logged in
• To improve our services and user experience
• To comply with legal obligations (tax, accounting, regulatory requirements)

6. Data Sharing and Disclosure

We do not sell your personal data to third parties. We may share your data with:

6.1 Service Providers

• Payment Processors: PayPal, Stripe, and cryptocurrency payment gateways
• SMM Service Providers: Third-party providers who fulfill your orders (we share order details like platform, service type, amount, and social media links)
• Hosting Providers: To store and process data securely
• Email Service Providers: To send transactional emails (verification, password reset, order updates)
• OAuth Providers: Google (if you use Google sign-in)

All service providers are contractually bound to protect your data and use it only for specified purposes.

6.2 Legal Requirements

We may disclose your data if required by law, court order, or to protect our legal rights and prevent fraud.

7. International Data Transfers

Your data may be transferred to and processed in countries outside the European Economic Area (EEA). When we transfer data internationally, we ensure appropriate safeguards are in place:

• Standard Contractual Clauses (SCCs) approved by the European Commission
• Adequacy decisions confirming the destination country provides adequate protection
• Binding Corporate Rules for intra-group transfers

8. Data Retention

We retain your personal data only for as long as necessary:

• Account Data: Retained while your account is active and for 30 days after account deletion
• Order History: Retained for 7 years to comply with accounting and tax obligations
• Support Communications: Retained for 3 years for quality assurance
• Technical Logs: Retained for 90 days for security purposes

After the retention period, data is securely deleted or anonymized.

9. Your Rights Under GDPR

You have the following rights regarding your personal data:

To exercise any of these rights, contact us through our support system or email support@viewsy.com. We will respond within 30 days.

10. Data Security

We implement industry-standard security measures to protect your personal data:

• SSL/TLS encryption for data transmission
• Encrypted password storage using bcrypt hashing
• Secure server infrastructure with regular security updates
• Access controls and authentication mechanisms
• Regular security audits and vulnerability assessments
• Data backup and disaster recovery procedures

While we take all reasonable precautions, no method of transmission over the internet is 100% secure. We cannot guarantee absolute security.

11. Cookies and Tracking Technologies

We use cookies to ensure the website functions properly and to improve your experience.

11.1 Essential Cookies

These cookies are necessary for the website to function and cannot be disabled:

• Session cookies for authentication
• Security cookies for fraud prevention
• Preference cookies for language and settings

11.2 Analytics and Marketing Cookies

We do not use third-party analytics or marketing cookies without your explicit consent. You can manage cookie preferences in your browser settings.

12. Children's Privacy

Our services are not intended for individuals under the age of 16. We do not knowingly collect personal data from children under 16. If you are a parent or guardian and believe your child has provided us with personal data, please contact us immediately, and we will take steps to delete such information.

13. Automated Decision-Making and Profiling

We do not use automated decision-making or profiling that produces legal effects or similarly significantly affects you. All decisions regarding your account and orders are made with human oversight.

14. Third-Party Links

Our website may contain links to third-party websites (such as social media platforms). We are not responsible for the privacy practices of these external sites. We encourage you to review their privacy policies before providing any personal data.

15. Data Breach Notification

In the unlikely event of a data breach that poses a risk to your rights and freedoms, we will notify you and the relevant supervisory authority within 72 hours of becoming aware of the breach, as required by GDPR Article 33 and 34.

16. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements. We will notify you of any material changes by:

• Posting the updated policy on our website with a new "Last Updated" date
• Sending an email notification for significant changes
• Displaying a prominent notice on our website

Your continued use of our services after changes are posted constitutes acceptance of the updated policy.

17. Contact Us

If you have any questions about this Privacy Policy or wish to exercise your GDPR rights, please contact us:

• Company: EMAM MEDIA LTD
• Company Number: 11855473
• Registered Office: 20-22 Wenlock Road, London, England, N1 7GU
• Email: support@viewsy.com
• Support System: Available through your account dashboard

We will respond to all requests within 30 days as required by GDPR.

18. Supervisory Authority

If you are located in the EU/EEA and believe we have not adequately addressed your concerns, you have the right to lodge a complaint with your local data protection supervisory authority. You can find your local authority at:

https://edpb.europa.eu/about-edpb/board/members_en