Privacy Policy

PodRandom is operated by [Company Name], registered in [Jurisdiction]. The data controller for the purposes of GDPR is [Company Name].

• Account info: email, username, real name (private), age confirmation, country (optional).
• Profile data: avatar, bio, interests.
• Activity: sessions hosted/guested, hours live, ratings given and received, achievements unlocked.
• Reports: reports filed by you and against you.
• Technical: IP address (used for rate limiting and abuse prevention), browser/OS, basic device info.

We do not store the contents of video, audio, or text-chat conversations. Conversations are peer-to-peer over WebRTC; the server never sees the media. Recordings, if made, are saved to the recording user's device only.

• To provide the matching service and account features
• To enforce community guidelines and apply moderation actions
• To prevent fraud and abuse
• To send transactional email (verification, password reset, billing receipts)
• To compute aggregate, non-identifying analytics

We do not sell personal data.

• Performance of contract — operating your account
• Legitimate interest — fraud prevention, abuse moderation
• Consent — email marketing (only if you opt in)
• Legal obligation — CSAM reporting, lawful access requests

• Supabase — database, authentication, realtime signaling
• Vercel — application hosting and CDN
• Cloudflare — DNS, R2 object storage, optional anti-abuse
• Metered.ca — TURN relay (used only when peer-to-peer fails)
• Resend — transactional email
• Stripe / Paddle (when subscription tier is live) — payments
• hCaptcha — bot prevention on signup

• Account data: kept until you delete your account
• Session metadata: kept for 12 months for moderation purposes
• Reports: kept for 24 months
• IP logs: kept for 90 days for abuse investigation

You have the right to:

• Access the data we hold about you
• Correct inaccurate data
• Delete your account and associated data
• Export your data (data portability)
• Object to or restrict processing
• Lodge a complaint with a data protection authority

To exercise any of these, email privacy@podrandom.com.

We use essential cookies for authentication (Supabase session) and security. We do not use advertising or tracking cookies in v1.

The Service is not intended for users under 13. Accounts found to belong to users under 13 are deleted on discovery.

As required under 18 U.S.C. § 2258A, we report suspected child sexual abuse material to the National Center for Missing & Exploited Children (NCMEC). We cooperate with law enforcement requests.

We will announce material changes to this page with an updated “Last updated” date.

Email privacy@podrandom.com.