THE SERVICE IS INTENDED SOLELY FOR USERS WHO ARE EIGHTEEN (18) YEARS OF AGE OR OLDER.
FeetMash ("we," "us," or "our") values your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website and use our services (the "Service").
By accessing or using the Service, you signify that you have read, understood, and agree to our collection, storage, use, and disclosure of your personal information as described in this Privacy Policy and our Terms of Service.
1. Information We Collect
We collect information that identifies, relates to, describes, references, is capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer or device.
A. Information You Provide to Us
Account Registration: When you register, we collect your email address and a password (which is hashed and securely stored). A username is automatically generated for you.
Creator Profile Data: If you register as a Creator, we collect additional information you choose to provide, such as your Display Name, Bio, Avatar, and Social Media Links (e.g., OnlyFans, Fansly, Instagram URLs).
Verification Data: To verify Creators, we process a generated verification code and the communication history regarding your verification status.
User Content: We collect the photos and metadata (tags) you upload to the Service.
Communications: Information you provide when you contact us via our contact forms or support emails.
B. Information Collected Automatically
Usage Data (Vercel Analytics): We use Vercel Analytics to collect information about how you access and use the Service. This includes your IP address, browser type, operating system, geolocation, session duration, and page views.
Browser Fingerprinting (Guest Users): To prevent voting manipulation and enforce limits for non-logged-in users, we use FingerprintJS. This technology generates a unique identifier based on your browser and device characteristics. This identifier is stored locally on your device and used solely for vote rate-limiting purposes.
Voting Data: We record every vote cast, including the timestamp, the photos involved, and the associated User ID or Guest Fingerprint.
2. How We Use Your Information
We use the collected information for the following purposes:
To Provide the Service: To manage your account, host your content, and display your public profile.
To Maintain the ELO System: Your votes are processed to calculate the ELO ratings of photos and generate rankings.
To Ensure Security and Fair Play: We use browser fingerprinting and IP addresses to detect bots, prevent spam, and enforce voting limits (e.g., 5 votes per 24h for guests).
To Communicate with You: To respond to your inquiries (via support@feetmash.com) or send password reset links.
To Improve the Service: We analyze aggregated usage data (via Vercel Analytics) to understand user behavior and optimize performance.
3. Cookies and Tracking Technologies
We use cookies and similar tracking technologies to track the activity on our Service and store certain information.
Essential Cookies (Supabase): We use HTTP-only cookies to maintain your authenticated session. These are necessary for the website to function if you are logged in.
Local Storage: We use your browser's Local Storage to store the feetmash_fingerprint identifier to manage guest voting limits.
Analytics: We use third-party analytics services (Vercel Analytics) that may set their own cookies/identifiers to help us analyze how the Service is used.
Note on Consent: Because we use technologies that access information on your device (fingerprinting), applicable laws (like the ePrivacy Directive in the EU) may require your consent. However, we process this data based on our legitimate interest in preventing fraud and ensuring the security of our voting system.
4. Sharing Your Information
We do not sell your personal data. We only share information in the following situations:
Service Providers: We share data with trusted third-party vendors who perform services for us:
Supabase: For database hosting, authentication, and file storage.
Vercel: For web hosting and analytics.
hCaptcha: For spam protection on forms.
Publicly Visible Information: If you are a Creator, your username, uploaded photos, bio, and social links are visible to all users of the Service.
Legal Requirements: We may disclose your information if required to do so by law or in response to valid requests by public authorities (e.g., a court or a government agency).
5. Data Retention
We retain your personal information only for as long as is necessary for the purposes set out in this Privacy Policy.
Account Data: Retained for the lifetime of your account.
Voting Data: Retained indefinitely to maintain the historical integrity of the ELO ranking system.
Guest Data: Fingerprint data in Local Storage is designed to reset after 24 hours, but the record of votes cast by that fingerprint remains in our database.
6. Security of Your Data
We implement security measures designed to protect your information, including:
Encryption: Passwords are hashed before storage.
Access Control: We use Row-Level Security (RLS) policies in our database to restrict access to user data.
Secure Communication: All data is transmitted over HTTPS.
However, no method of transmission over the Internet is 100% secure. We cannot guarantee its absolute security.
7. Your Data Protection Rights (GDPR & CCPA)
Depending on your location, you may have the following rights:
Right to Access: You have the right to request copies of your personal data.
Right to Rectification: You can request that we correct any information you believe is inaccurate.
Right to Erasure ("Right to be Forgotten"): You have the right to request that we delete your personal data.
Note: Since an automated deletion feature is currently not available in the user interface, please contact us at support@feetmash.com to request account deletion.
Right to Restrict Processing: You have the right to request that we restrict the processing of your personal data.
Our Service is strictly for users aged 18 and over. We do not knowingly collect personally identifiable information from anyone under the age of 18. If you are a parent or guardian and you are aware that your child has provided us with Personal Data, please contact us. If we become aware that we have collected Personal Data from anyone under the age of 18 without verification of parental consent, we take steps to remove that information from our servers.
9. International Data Transfers
Your information, including Personal Data, may be processed at the operating offices of our third-party providers (e.g., Supabase, Vercel) which may be located in the United States or other jurisdictions outside of your country of residence. By using the Service, you consent to this transfer.
10. Contact Us
If you have any questions about this Privacy Policy, please contact us: