Privacy Policy

We use your information for the following purposes:

• Platform operation: Creating and managing accounts, displaying profiles, facilitating connections, processing bookings, and delivering all platform features
• Identity verification: Confirming Social Ambassadors are real, eligible adults through our review process and Stripe Identity
• Payment processing: Handling deposits, platform fees, refunds, and payouts through Stripe
• Safety and enforcement: Detecting fraud and abuse, investigating reports, moderating content, enforcing our Terms of Service and Community Guidelines, and cooperating with law enforcement where required
• Communications: Sending account confirmations, booking notifications, safety alerts, platform updates, transactional email, and support responses
• SMS notifications: Sending account verification codes and platform notifications via Twilio, where you have provided a phone number and consented to SMS
• Platform improvement: Analyzing usage patterns, diagnosing technical issues, testing new features, and developing improvements based on aggregated and anonymized data
• Legal compliance: Maintaining records as required by applicable law, responding to lawful legal processes, subpoenas, or government requests, and fulfilling regulatory obligations

We do not use your personal information for targeted advertising, behavioral profiling for commercial sale, or any purpose outside of operating and improving the platform. We do not sell your data. Period.

We work with the following third-party service providers who may process personal data on our behalf in order to operate the platform. Each is authorized to use your information only as necessary to perform services for us, and each is bound by data processing obligations consistent with applicable law:

We evaluate all service providers for their data protection practices and contractual commitments before engaging them. We do not engage service providers who use your data for their own advertising or commercial purposes.

Profile photos, gig images, business listing photos, and any other media files you upload to Social Additions are stored on our servers (hosted by Hetzner) and served publicly (for Social Ambassador profiles and business listings) or to eligible members (for gig listings). By uploading any image or media file, you confirm that you own or have all necessary rights to that content and that it complies with our Photo Standards (Terms of Service, Section 7C).

Uploaded images may be automatically compressed or resized for performance optimization. We do not alter the content or meaning of photos. When you delete your account or request media removal, photos are removed from our active storage within a commercially reasonable timeframe. Third-party caches, CDN edge nodes, or search engine indexes may retain copies of publicly accessible content beyond that window, which is outside our control.

We do not perform facial recognition, biometric analysis, or any automated identity inference on uploaded photos.

We implement the following security measures to protect your data:

• TLS/HTTPS encryption on all pages, API endpoints, and data transmissions — all data in transit is encrypted
• Bcrypt password hashing — passwords are stored as one-way cryptographic hashes; we cannot retrieve your plaintext password
• Role-based access controls — only authorized personnel with a legitimate business need can access user data; access is logged
• Stripe for payment data — card data is processed and stored by Stripe under PCI-DSS standards; full card data never passes through Social Additions' servers
• CSRF protection on all forms and authenticated requests
• Server security and monitoring — regular infrastructure security reviews, access logging, and monitoring for anomalous activity

No security system is impenetrable. We do our best to protect your data, but we cannot guarantee absolute security against all threats, including sophisticated cyberattacks. If you believe your account has been compromised, contact us immediately at support@socialadditions.com. If we become aware of a data breach that materially affects your personal information, we will notify you as required by applicable law.

Active accounts: Data is retained for as long as your account is active, and for a reasonable period after closure to support safety, fraud prevention, legal obligations, and dispute resolution.

Account deletion requests: You may request account deletion at any time by emailing support@socialadditions.com with "Account Deletion Request" in the subject line. When your account is deleted:

• Your profile is removed from public view immediately
• Personal data is deleted from active systems within a commercially reasonable timeframe
• Uploaded photos and media files are removed within a commercially reasonable timeframe
• Platform messages may be retained in suppressed form for legal, safety, and fraud prevention purposes
• Data required by law to be retained — including tax records, payment logs, and records relevant to ongoing legal proceedings — will be kept for the legally required period
• Anonymized or aggregated data that cannot identify you may be retained indefinitely for analytics and platform improvement
• Reviews you wrote may persist in anonymized form with your identity removed

Banned accounts: Data associated with permanently banned accounts may be retained indefinitely for fraud prevention, safety, ban evasion detection, and legal compliance purposes.

Inactive accounts: Accounts with no login activity for 24 consecutive months may be flagged for closure. We will send notice to the email address on file before taking any action.

We use cookies and similar browser technologies for the following purposes:

• Essential session cookies: Login session tokens, CSRF security tokens — these are required for the site to function and cannot be disabled
• Preference cookies: Storing your settings and display preferences across visits
• Analytics cookies: Anonymized, aggregated usage data collected via Google Analytics to help us understand how users interact with the platform and identify improvements. IP addresses are anonymized before being sent to Google Analytics.

We do not use: retargeting pixels, cross-site tracking cookies, behavioral advertising cookies, third-party advertising networks, or any tracking technology designed to follow you across the web.

Do Not Track (DNT): We respect browser DNT signals. When a DNT signal is detected, we disable non-essential analytics cookies. Essential session cookies are not affected by DNT, as they are strictly necessary for platform functionality.

Most browsers allow you to control or disable cookies through browser settings. Disabling essential cookies may cause significant platform functionality to break.

Depending on your jurisdiction, you may have the following rights regarding your personal information. We honor these rights for all users regardless of location:

• Right to access: Request a copy of the personal information we hold about you
• Right to correction: Request correction of inaccurate or incomplete information
• Right to deletion: Request deletion of your account and personal data, subject to legal retention obligations
• Right to data portability: Request your personal data in a structured, portable, machine-readable format
• Right to object: Object to specific types of processing of your personal data
• Right to restrict processing: Request that we limit processing of your data in certain circumstances
• Right to opt out of non-essential communications: Unsubscribe from marketing emails at any time. Transactional and safety emails cannot be opted out of while your account is active.

California residents — CCPA/CPRA rights: If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA) and the California Privacy Rights Act (CPRA):

• The right to know what categories and specific pieces of personal information we collect, use, share, and disclose
• The right to delete personal information we have collected from you (subject to exceptions for legal compliance, security, and fraud prevention)
• The right to correct inaccurate personal information
• The right to opt out of the sale or sharing of personal information — we do not sell or share personal information for advertising purposes
• The right to limit use of sensitive personal information
• The right to non-discrimination for exercising any of these CCPA/CPRA rights

To exercise any of these rights, email info@socialadditions.com with "Privacy Rights Request" in the subject line. We will verify your identity and respond within the timeframe required by applicable law. We will not discriminate against you for exercising your privacy rights.

By creating an account or submitting an application on Social Additions, you agree to receive transactional communications from Social Additions, including account confirmations, booking notifications, platform alerts, and safety messages. These communications are necessary to operate the platform and cannot be opted out of while your account remains active.

SMS / text messages: By providing a mobile phone number and confirming your account, you consent to receive SMS messages from Social Additions related to your account, including verification codes, booking notifications, and important platform alerts. SMS messages are delivered via Twilio. Standard message and data rates may apply based on your carrier plan. You may opt out of non-essential SMS notifications at any time by texting STOP to the number you received the message from, or by updating your notification preferences in your account settings. Opting out of non-essential SMS does not affect account security messages or legally required notifications.

Email communications: By registering, you consent to receiving emails related to your account, bookings, and important platform updates. You may unsubscribe from non-essential marketing emails at any time using the unsubscribe link in any such email. Transactional emails (booking confirmations, account notifications, security alerts) and safety-related communications are not subject to the marketing unsubscribe option and will continue while your account is active.

We do not sell, rent, or share your phone number or email address with third parties for their own marketing purposes.

Social Additions is an adults-only platform. You must be at least 21 years old to create an account or use any feature of the platform. We do not knowingly collect, solicit, or process personal information from anyone under the age of 21.

If we discover or are made aware that we have received information from a person under 21, we will delete that information and terminate the associated account immediately. If you believe a minor has created an account on our platform, please notify us at flag@socialadditions.com immediately.

Social Additions is not directed to children under 13 and does not knowingly collect information from children under 13 within the scope of COPPA.

Social Additions is a Texas limited liability company based in the United States. Our primary server infrastructure is hosted by Hetzner in Germany and Finland (European Union). Some of our service providers — including Stripe and Twilio — process data in the United States.

If you access the platform from outside the United States, be aware that your personal information may be transferred to, processed in, and stored in the United States and other countries where our service providers operate. These countries may have data protection laws that differ from those in your country of residence.

By using Social Additions, you consent to the international transfer, processing, and storage of your personal information as described in this policy. We take reasonable steps to ensure that transfers of personal data are carried out in accordance with applicable law and that appropriate safeguards are in place.

Social Additions may update, modify, or replace this Privacy Policy at any time, in its sole discretion, for any reason, with or without prior notice. When we make material changes, we will update the "Last Updated" date at the top of this page. Changes become effective when posted on the platform unless a later effective date is stated. Your continued use of Social Additions after an updated policy is posted means you acknowledge and accept the revised policy. If you do not agree with an updated policy, you must stop using the platform and may close your account.

For privacy questions, data rights requests, or DMCA notices, contact us at:

MCC Network LLC
dba Social Additions
Austin, Texas
info@socialadditions.com

Please include "Privacy Request" in your subject line for data rights requests to ensure timely processing.