.click

Privacy Policy

Last updated: May 24, 2026

1. Who We Are

This Privacy Policy describes how r3wind ("we," "us," or "our") collects, uses, and shares information when you use r3wind at https://r3wind.click and related applications (the "Service").

For privacy questions or requests, contact us at support@r3wind.click.

2. Information We Collect

We collect information in the following categories:

Host Access Data — Information used to create, manage, recover, or access events, including email addresses, authentication credentials, session tokens, event management identifiers, and related access data.

Event and Roll Data — Event names, schedules, guest limits, filter settings, reveal settings, and related configuration information needed to operate events and shared photo rolls.

Guest Session Data — Temporary guest tokens, optional nicknames, photo counts, participation timestamps, and related session information. Guests are not required to provide email addresses or create traditional accounts to participate.

Photos and Uploads — Images captured or uploaded through the Service, associated technical metadata generated by the Service (such as upload timestamps and file information), and derived thumbnails stored on our infrastructure or cloud storage providers.

We do not use facial recognition, biometric identification, or facial template extraction technologies.

Payment Data — Only hosts may purchase paid event hosting tiers (for example, tiers above the free five-participant limit). When you select a paid tier at event creation, you are redirected to Stripe Checkout, where Stripe collects payment card and billing information. Guests do not provide payment information to us or to Stripe through the Service. We receive limited payment-related information from Stripe such as billing country, payment status, transaction identifiers, purchased tier metadata, and the last four digits of payment cards, but we do not receive or store full payment card numbers.

Technical Data — IP address, browser type, device type, operating system information, approximate region or country, referral URLs, crash logs, and similar technical logs used for security, fraud prevention, rate limiting, diagnostics, and reliability.

IP addresses may be retained temporarily for security, abuse prevention, and operational logging purposes and are not used to determine your precise location.

We do not collect contacts, precise GPS location, or invasive device fingerprinting information.

Cookies and Local Device Storage — We use cookies, local device storage, and similar technologies to maintain event access, restore sessions, remember preferences, improve reliability, and support security-related functionality.

Anti-Abuse Signals — We may use anti-abuse and bot-detection providers such as Cloudflare Turnstile. Those providers may process interaction signals and technical information under their own privacy policies.

3. How We Use Information

We use information to:

  • provide and operate the Service;
  • create and manage events and shared photo rolls;
  • authorize uploads and enforce event settings or shot limits;
  • reveal galleries when configured by hosts;
  • process host payments for paid event tiers and prevent payment fraud;
  • communicate about purchases, security issues, or support requests;
  • prevent abuse, spam, fraud, unauthorized access, and security incidents;
  • improve reliability, performance, and user experience;
  • analyze aggregate usage trends; and
  • comply with legal obligations and enforce our Terms.

4. Legal Bases (EEA/UK)

If you are located in the European Economic Area or United Kingdom, we process personal data under legal bases including:

  • performance of a contract;
  • legitimate interests, including security, fraud prevention, analytics, and service improvement;
  • consent where required by law; and
  • compliance with legal obligations.

5. How We Share Information

We share information only as reasonably necessary to operate and provide the Service.

Service Providers — We may share information with providers that support hosting, cloud storage, email delivery, analytics, payment processing, security, moderation, customer support, and infrastructure operations, subject to appropriate confidentiality and data protection obligations.

Stripe — When hosts pay for a paid event tier, checkout and payment processing are handled through Stripe Checkout and related Stripe services for billing, fraud prevention, and transaction processing.

Event Participants — Photos, nicknames, and related event content may be visible to hosts and other participants within an event according to event settings and sharing behavior.

Legal and Safety Reasons — We may disclose information if reasonably necessary to comply with applicable law or legal process; enforce our Terms or policies; investigate fraud, abuse, or security issues; or protect the rights, safety, or property of users, third parties, or the Service.

Business Transfers — Information may be transferred as part of a merger, acquisition, financing, reorganization, or sale of assets, subject to appropriate safeguards where required.

We do not sell personal information or share personal information for cross-context behavioral advertising.

6. Data Retention

We retain information for as long as reasonably necessary to operate the Service, comply with legal obligations, resolve disputes, enforce agreements, maintain security, and support backup or recovery processes.

Current retention periods are typically 90 days after an event ends, unless the host deletes the event sooner. We may adjust this period for operational, legal, or security reasons and will update this policy if material changes are made.

Event photos, guest sessions, and related event content may be deleted when a host deletes an event, when retention limits expire, or when inactive content is removed under our retention practices.

Hosts should export any content they wish to keep before deleting an event.

Deletion may not immediately remove all cached, archived, or backup copies.

7. Security

We use administrative, technical, and organizational safeguards appropriate to the nature of the information processed, including HTTPS encryption in transit, access controls, rate limiting, monitoring, and credential protection measures.

No method of electronic transmission, storage, or security protection is completely secure, and we cannot guarantee absolute security.

If we become aware of a security incident affecting personal information, we will take steps we consider appropriate under the circumstances and notify affected individuals where required by applicable law.

8. International Transfers

We may process or store information in the State of Delaware, United States and other countries where our providers or infrastructure operate.

Where required by applicable law, we use appropriate safeguards for international data transfers, including standard contractual clauses or similar approved mechanisms.

9. Your Rights and Choices

Depending on your location, you may have rights to access, correct, delete, restrict, object to, or request portability of your personal data.

Requests may be submitted to support@r3wind.click.

Guests without traditional accounts may contact us with event details and approximate participation times so we can attempt to locate relevant session data, subject to verification and technical limitations.

Because guest participation may rely on anonymous or session-based access mechanisms, we may not always be able to associate guest session data with a specific individual. Even where identification is limited, we will make reasonable good-faith efforts to address valid privacy requests where possible.

You may clear guest tokens or locally stored data through your browser or device settings.

You may also have the right to lodge a complaint with your local data protection authority.

10. Children

The Service is not directed to children under 13.

We do not knowingly collect personal information directly from children under 13. If you believe a child has provided personal information to us, contact support@r3wind.click and we will take reasonable steps to investigate and delete the information where appropriate.

11. California Privacy Notice

California residents may have additional rights under the CCPA/CPRA, including rights to know, access, delete, or correct certain personal information.

We do not sell personal information or share personal information for cross-context behavioral advertising.

California privacy requests may be submitted to support@r3wind.click.

12. Changes to This Policy

We may update this Privacy Policy from time to time.

We will post the updated version on this page and revise the "Last updated" date. Material changes may also be communicated through website notices or other reasonable means where appropriate.

Your continued use of the Service after updates become effective constitutes acceptance of the revised Privacy Policy where permitted by law.

13. Contact

Privacy inquiries and data requests:

support@r3wind.click

Website: https://r3wind.click