Privacy Notice

Last Updated: May 2, 2026
Effective Date: May 2, 2026

This Privacy Notice for Seconds Inc., doing business as Seconds ("Seconds," "we," "us," or "our"), describes how and why we collect, store, use, and share ("process") your information when you use our website at https://seconds.me, our mobile applications, and related services (collectively, the "Services").

Reading this Privacy Notice will help you understand your privacy rights and choices. If you do not agree with our policies and practices, please do not use our Services. If you have questions or concerns, please contact us at [email protected].

Summary of Key Points
Information We Collect
How We Process Your Information
Legal Bases for Processing (EEA/UK Users)
When and With Whom We Share Your Information
Cookies and Tracking Technologies
International Data Transfers
How Long We Keep Your Information
How We Keep Your Information Safe
Information from Minors
Biometric Information
Recording and Storage of Interactions
Your Privacy Rights
Controls for Do-Not-Track Features
California Privacy Rights (CCPA/CPRA)
EEA, UK, and Swiss Privacy Rights (GDPR)
Other U.S. State Privacy Rights
Updates to This Notice
Contact Us
Reviewing, Updating, or Deleting Your Information

1. Summary of Key Points

This summary highlights key points of our Privacy Notice. You can find more detail on each topic in the corresponding section below.

What information we collect: We collect information you provide (such as name, email, payment information, and identity verification data for Creators) and information collected automatically (such as IP address and device data).
How we use it: To operate the Services, process payments and payouts, prevent fraud, comply with law, and communicate with you.
Who we share it with: Payment processors, payout providers, identity verification providers, hosting and analytics providers, and where required by law.
Your rights: Depending on your location, you may have rights to access, correct, delete, or limit our use of your personal information.
Recordings: We do not record video or audio of Interactions between Users and Creators in the ordinary course. See Section 12.
How to contact us: [email protected].

2. Information We Collect

2.1 Information You Provide to Us

When you register, use, or interact with the Services, we collect information you provide directly, which may include:

Account information: Display name, legal name, username, email address, phone number, password (stored in hashed form), and contact preferences.
Profile information: Profile photos, biographical information, links, and any other content you upload to your profile.
Payment information for Users: Billing address, debit/credit card number, expiration date, and security code (CVV). Card data is collected directly by our payment processor and is not stored on our servers.
Creator payout information: For Creators, we collect information needed to process payouts and comply with tax reporting, which may include your full legal name, residential address, date of birth, government-issued identification, taxpayer identification number (such as a Social Security Number for U.S. persons or equivalent for non-U.S. persons), bank account or other payout method details, and documentation required under applicable know-your-customer ("KYC") and anti-money-laundering ("AML") laws. This information is collected and processed primarily by our payout provider (Trolley).
Communications: The content of any messages, emails, support tickets, or other communications you send to us or other Users on the Services.
Uploaded media: Photos, videos, and other media you upload to the Services.

2.2 Sensitive Information

We process the following categories of sensitive information when necessary, with your consent, or as otherwise permitted by law:

Government identifiers: For Creators only, we collect Social Security Numbers, Individual Taxpayer Identification Numbers, or equivalent foreign tax identifiers as required for tax reporting and KYC compliance.
Financial data: Bank account information for Creator payouts. Payment card information is processed by our payment processor.
Identity verification and biometric data: Government-issued identification documents (such as passport, driver's license, or national ID), selfie photographs, and biometric identifiers (including facial geometry and biometric templates) used to verify Creator identity. Biometric data is collected and processed by our identity verification provider, Yoti Ltd. ("Yoti"), which performs facial matching, liveness detection, and document authentication. We receive the verification outcome (pass, fail, or risk score) and metadata from Yoti, but we do not receive or store raw biometric templates ourselves. Yoti's processing of biometric data is governed by Yoti's own privacy notice, available at https://www.yoti.com/about/privacy/.

We use sensitive information solely for the purposes for which it was collected (such as identity verification, payout processing, fraud prevention, and tax reporting) and do not sell or share sensitive information for cross-context behavioral advertising. Biometric data is used solely for the purpose of verifying Creator identity at onboarding and is not used for any other purpose, including marketing, advertising, or training of artificial intelligence or machine learning systems.

2.3 Information Collected Automatically

When you access or use the Services, we automatically collect certain information, including:

Device data: IP address, device identifiers, device type, operating system, browser type and version, language settings, and mobile carrier information.
Usage data: Pages or screens viewed, time spent on pages, click data, search queries, referring URLs, and timestamps of access.
Log data: Server logs, error reports, and performance data.
Location data: Approximate location derived from IP address. We do not collect precise geolocation without your consent.

We collect this information through cookies, pixels, and similar tracking technologies. See Section 6 for more detail.

2.4 Information from Third Parties

We may receive information about you from third parties, including:

Payment and payout providers: Confirmation of payment, fraud signals, and chargeback information from Payment Cloud, Trolley, and similar providers.
Identity verification providers: Verification results and risk scores.
Analytics providers: Aggregated and individual usage data.
Social login providers: If you sign in using a third-party service, we may receive basic profile information from that service.

3. How We Process Your Information

We process your personal information for the following purposes:

To provide and operate the Services, including creating and managing your account, facilitating Interactions between Users and Creators, processing Gem purchases, and processing Creator payouts.
To process payments and payouts, including charging your payment method, paying Creator earnings, calculating taxes, and issuing tax forms.
To verify identity and prevent fraud, including detecting and preventing fraudulent transactions, chargeback abuse, account takeover, and violations of our Terms of Use.
To comply with legal obligations, including tax reporting (such as IRS Forms 1099 and 1042-S), responding to legal process, complying with KYC/AML laws, and enforcing our Terms of Use.
To communicate with you, including sending transactional notices, responding to support inquiries, and (where permitted) sending marketing and promotional communications.
To improve the Services, including analyzing usage, debugging, conducting research, and developing new features.
To protect the safety of Users, Creators, and the public, including investigating and responding to reports of harassment, abuse, or other harmful conduct.
To enforce our Terms of Use, including the right of set-off described in our Terms.

We will not process your personal information for purposes materially different from those described here without providing notice.

4. Legal Bases for Processing (EEA/UK Users)

If you are located in the European Economic Area, the United Kingdom, or Switzerland, we rely on the following legal bases under the GDPR (or the UK GDPR) to process your personal information:

Performance of a contract: When processing is necessary to provide the Services you have requested.
Legitimate interests: When processing is necessary for our legitimate interests, such as fraud prevention, security, improving the Services, and direct marketing (subject to your right to object).
Legal obligation: When processing is necessary to comply with law, including tax, AML, and KYC obligations.
Consent: When you have given us specific consent, such as for certain marketing communications or processing of sensitive data. You may withdraw consent at any time.
Vital interests: Where necessary to protect the vital interests of you or another person.

5. When and With Whom We Share Your Information

We share your personal information with the following categories of third parties:

5.1 Service Providers

We share information with third-party service providers that perform services on our behalf, including:

Payment processing: Payment Cloud and Kurv Network process User payments. They receive payment card information and transaction details.
Payout processing: Trolley (Payment Rails Inc.) processes Creator payouts. Trolley receives Creator identity, tax, and bank account information.
Hosting and infrastructure: Cloud hosting, content delivery, and database providers.
Communications: Email delivery, SMS, and customer support platforms.
Analytics: Usage analytics and product telemetry providers.
Identity verification: Yoti Ltd. ("Yoti") performs Creator identity verification, including document authentication, facial matching, and liveness detection. Yoti is the controller of the biometric data it processes for these purposes and operates under its own privacy notice.
KYC and AML compliance: Trolley and other providers may perform additional know-your-customer and anti-money-laundering screening as required by law.
Fraud prevention: Risk scoring and chargeback prevention services.

These providers process information only as necessary to provide their services to us and are bound by contractual confidentiality and data protection obligations.

5.2 Other Users and Creators

When you participate in an Interaction or otherwise communicate through the Services, certain information (such as your display name and profile photo) is visible to the other party. Creators may see basic information about Users who request Interactions. Users may see Creator profiles, including any information Creators choose to make public.

5.3 Legal and Safety Disclosures

We may disclose your information when we believe in good faith that disclosure is necessary to:

comply with a subpoena, court order, or other legal process;
enforce our Terms of Use, including investigating violations;
protect the rights, property, or safety of Seconds, our Users, Creators, or the public;
detect, prevent, or investigate fraud, security issues, or technical problems; or
respond to a government request or as otherwise required by law.

5.4 Business Transfers

If we are involved in a merger, acquisition, financing, or sale of all or a portion of our assets, your information may be transferred as part of that transaction. We will provide notice before your information becomes subject to a different privacy policy.

5.5 With Your Consent

We may share your information with other third parties when you have given us your consent to do so.

5.6 No Sale of Personal Information

We do not sell your personal information for monetary consideration. See Section 15 for additional disclosures regarding the CCPA/CPRA definition of "sale" and "sharing."

6. Cookies and Tracking Technologies

We use cookies, web beacons, pixels, local storage, and similar technologies to operate the Services, remember your preferences, analyze usage, and improve performance.

For more detail, please see our Cookie Notice at https://seconds.me/cookies.

You may control cookies through your browser settings. Disabling certain cookies may affect the functionality of the Services.

7. International Data Transfers

Our servers are located in the United States, and we may transfer, store, and process your information in the United States and other countries where we or our service providers operate. These countries may have data protection laws different from those in your country.

If you are located in the EEA, UK, or Switzerland, we rely on the following safeguards for international transfers:

the European Commission's Standard Contractual Clauses, where applicable;
the UK International Data Transfer Addendum, where applicable;
adequacy decisions issued by the European Commission, where applicable; or
your explicit consent, where appropriate.

You may request a copy of the relevant safeguards by contacting [email protected].

8. How Long We Keep Your Information

We retain your personal information only for as long as necessary to fulfill the purposes described in this Privacy Notice, unless a longer retention period is required or permitted by law. Our general retention practices are:

Account information: For the life of your account, plus a reasonable period after account closure for fraud prevention, dispute resolution, and legal compliance.
Transaction records (purchases, payouts, chargebacks): Seven (7) years from the date of the transaction, to comply with tax, accounting, and AML record-keeping requirements.
Identity verification records (Creators): Five (5) years after termination of the Creator relationship, to comply with KYC/AML obligations.
Communications and support records: Three (3) years from the date of the communication.
Marketing data: Until you unsubscribe or opt out, plus a brief period for record-keeping.
Log and usage data: Up to twelve (12) months in identifiable form, after which it may be aggregated or anonymized.

When personal information is no longer needed, we will delete it or anonymize it.

9. How We Keep Your Information Safe

We implement administrative, technical, and physical safeguards designed to protect your personal information, including encryption in transit and at rest for sensitive data, access controls, employee training, and regular security reviews. However, no method of transmission or storage is completely secure. We cannot guarantee the absolute security of your information.

If we become aware of a data breach affecting your personal information, we will notify you and applicable authorities as required by law.

10. Information from Minors

The Services are not directed to children under 18, and we do not knowingly collect personal information from anyone under 18. If we become aware that we have collected personal information from a child under 18, we will delete that information promptly. If you believe we may have collected information from a child under 18, please contact us at [email protected].

11. Biometric Information

This section describes our practices regarding biometric information, including for purposes of compliance with the Illinois Biometric Information Privacy Act ("BIPA"), the Texas Capture or Use of Biometric Identifier Act ("CUBI"), the Washington Biometric Privacy Act, and similar laws in other jurisdictions.

11.1 What Biometric Data We Process

When Creators register on the Services, we require identity verification through our third-party provider Yoti Ltd. ("Yoti"). Depending on the verification flow in use at the time of onboarding, the verification process may involve:

a photograph or scan of a government-issued identification document, from which Yoti extracts text data such as name, date of birth, and document number;
a selfie photograph or short video of the Creator, including liveness detection; and
facial matching, in which Yoti compares the selfie to the photograph on the identification document.

Where facial matching, liveness detection, or selfie capture is performed, Yoti processes these images to extract facial geometry and create a biometric template, and returns a verification outcome (pass, fail, or risk score) to Seconds along with extracted text data.

In the future, Seconds may also collect and store its own photographs of Creators (for example, profile photographs taken at onboarding) for purposes including identity verification, fraud prevention, and platform safety. Where Seconds collects such photographs and processes them to extract or compare facial geometry, this section applies to that processing.

11.2 Purpose of Collection

We collect and process biometric information for the sole purpose of verifying Creator identity at the time of onboarding. This is necessary to:

comply with applicable know-your-customer ("KYC") and anti-money-laundering ("AML") laws;
prevent fraud, identity theft, and the use of stolen identification documents;
ensure that Creators are who they claim to be before they can receive payouts; and
protect Users from impersonation and misrepresentation.

We do not use biometric data for marketing, advertising, behavioral profiling, or to train artificial intelligence or machine learning systems.

11.3 Consent

Before any biometric information is collected, Creators are presented with a clear notice describing what biometric data will be collected, who will process it, and the purposes of collection. Creators must provide affirmative written consent before the verification process begins. Creators who do not consent cannot complete onboarding and cannot offer Services on the platform.

11.4 Retention and Destruction

Where biometric processing is performed by Yoti, Yoti retains biometric templates only for as long as necessary to complete the verification, as set forth in Yoti's privacy notice. Where Seconds itself collects and stores photographs from which biometric data may be extracted, Seconds retains such photographs and any associated biometric templates only for as long as necessary to fulfill the purposes described in Section 11.2, and in no event for longer than three (3) years following the Creator's last interaction with the Services, except as required by law.

We retain the verification outcome and associated metadata (such as date of verification, document type, and verification reference number) for the duration of the Creator relationship plus five (5) years after termination, or as otherwise required by law for KYC/AML record-keeping.

We will destroy biometric information sooner upon a verified request from the Creator, except where retention is required by law or necessary to comply with our legal obligations.

11.5 Disclosure of Biometric Information

We do not sell, lease, trade, or otherwise profit from biometric information. We do not disclose biometric information to third parties except:

to Yoti, which acts as our identity verification provider;
as required by law, subpoena, or court order; or
with the Creator's express consent.

11.6 Your Rights

Creators may request information about the biometric data processed in connection with their account, request deletion (subject to applicable retention requirements), or withdraw consent (which will result in account termination if verification cannot be re-established). To exercise these rights, contact [email protected].

12. Recording and Storage of Interactions

Interactions on Seconds are transmitted via end-to-end encrypted peer-to-peer (P2P) WebRTC connections, relayed through third-party TURN infrastructure that handles only encrypted network packets. Seconds does not record, store, decrypt, or otherwise access the audio or video content of Interactions, and Seconds' infrastructure has no technical capability to do so. Interactions are transient between the participating parties and end when the connection terminates.

Because Seconds does not have access to Interaction content, we cannot retrieve, produce, or provide call audio or video in response to user reports, subpoenas, court orders, or other requests, including from law enforcement. Where required to respond to legal process or to investigate abuse, fraud, or platform safety incidents, we rely on the following information sources, each of which we may collect, retain, and provide as applicable:

metadata about Interactions, including the parties involved, start and end times, duration, Gem consumption, and technical performance data;
reports submitted by other Users or Creators regarding the Interaction;
account-level information about the parties to the Interaction;
communications sent through platform features outside of the Interaction itself; and
any recording or content voluntarily provided by a participant in the Interaction.

Users may choose to record their own participation in Interactions using third-party software or hardware, but only with the express prior consent of all participating parties to the Interaction, regardless of jurisdiction. Recording or sharing of Interactions without all-party consent is prohibited by our Terms of Use and may violate federal and state wiretap, eavesdropping, and recording-consent laws. Seconds is not a party to any recording made by Users, does not host or retain such recordings on its servers, and has no technical capability to detect or prevent third-party recording during Interactions.

Users who believe their rights have been violated through the recording or sharing of an Interaction may contact [email protected].

Seconds reports apparent child sexual abuse material to the National Center for Missing & Exploited Children (NCMEC) CyberTipline as required by 18 U.S.C. § 2258A. Seconds preserves account records in response to valid preservation requests under 18 U.S.C. § 2703(f) and produces non-content records (such as account registration information, transaction metadata, and login information) in response to valid legal process. Because the content of Interactions is end-to-end encrypted and not accessible to Seconds, Seconds cannot produce audio or video of Interactions in response to any request.

13. Your Privacy Rights

Depending on your location, you may have the following rights with respect to your personal information:

Right to access: Request a copy of the personal information we hold about you.
Right to correction: Request that we correct inaccurate or incomplete information.
Right to deletion: Request that we delete your personal information, subject to certain exceptions.
Right to restriction: Request that we limit our processing of your information in certain circumstances.
Right to portability: Request a copy of your information in a portable format.
Right to object: Object to certain processing, including processing for direct marketing.
Right to withdraw consent: Where we rely on consent, withdraw your consent at any time.
Right to non-discrimination: Not be discriminated against for exercising your rights.
Right to lodge a complaint: Lodge a complaint with a supervisory authority in your country.

To exercise these rights, please contact us at [email protected]. We will respond within the timeframes required by applicable law. We may need to verify your identity before fulfilling your request.

14. Controls for Do-Not-Track Features

Most web browsers include a Do-Not-Track ("DNT") feature. Because no uniform technology standard for recognizing DNT signals has been finalized, we do not currently respond to DNT browser signals. We do honor the Global Privacy Control ("GPC") signal where required by law, including for California residents (see Section 15).

15. California Privacy Rights (CCPA/CPRA)

This section provides additional disclosures for California residents under the California Consumer Privacy Act, as amended by the California Privacy Rights Act ("CCPA/CPRA").

14.1 Categories of Personal Information Collected

In the past 12 months, we have collected the following categories of personal information:

Category	Collected	Examples
Identifiers	Yes	Name, email, IP address, account ID
Customer records (Cal. Civ. Code § 1798.80(e))	Yes	Name, address, phone, payment method
Protected classifications	No	—
Commercial information	Yes	Purchase history, Gem balances
Biometric information	Yes (Creators only)	Facial geometry from selfie verification through Yoti, used solely for identity verification (see Section 11)
Internet activity	Yes	Browsing and usage data on our Services
Geolocation data	Limited	Approximate location from IP address
Sensory data	No	—
Professional information	Limited	Creator-related information
Education information	No	—
Inferences	Yes	Preferences and characteristics derived from usage
Sensitive personal information	Yes	Government identifiers (Creators), financial account information, account credentials

14.2 Sources, Purposes, and Disclosures

Sources of information: Directly from you, automatically through your use of the Services, and from third parties (payment processors, identity verification providers, etc.).
Business purposes: As described in Section 3.
Categories of third parties to whom we disclose information: As described in Section 5.

14.3 Sale and Sharing of Personal Information

We do not "sell" your personal information for monetary consideration. We do not "share" your personal information for cross-context behavioral advertising as those terms are defined under the CCPA/CPRA.

14.4 Your CCPA/CPRA Rights

California residents have the right to:

Know what personal information we collect, use, disclose, and sell or share;
Delete personal information we have collected (subject to exceptions);
Correct inaccurate personal information;
Limit the use and disclosure of sensitive personal information;
Opt out of the sale or sharing of personal information (not applicable, as we do not sell or share);
Not be discriminated against for exercising your rights.

To exercise these rights, contact us at [email protected]. You may also designate an authorized agent to make a request on your behalf.

We will verify your request by matching information you provide with information in our records. We will respond within 45 days, with a possible 45-day extension if reasonably necessary.

14.5 Shine the Light

California Civil Code Section 1798.83 permits California residents to request information regarding our disclosure of personal information to third parties for direct marketing purposes. To make such a request, contact us at [email protected].

16. EEA, UK, and Swiss Privacy Rights (GDPR)

If you are located in the EEA, UK, or Switzerland, you have the rights described in Section 13 under the GDPR (or UK GDPR).

You also have the right to lodge a complaint with the supervisory authority in your country of residence. A list of EU data protection authorities is available at https://edpb.europa.eu/about-edpb/about-edpb/members_en.

We have not appointed a Data Protection Officer (DPO) under Article 37 of the GDPR. For privacy-related inquiries, please contact our Privacy Contact, Francis William Franklin, at [email protected].

17. Other U.S. State Privacy Rights

Residents of certain other U.S. states (including Virginia, Colorado, Connecticut, Utah, Texas, Oregon, Montana, and others) may have additional rights under their state privacy laws, including rights to access, correct, delete, and opt out of certain processing. To exercise these rights, contact us at [email protected].

18. Updates to This Notice

We may update this Privacy Notice from time to time. The "Last Updated" date at the top of this Notice indicates when it was last revised. If we make material changes, we will provide notice by posting the updated Notice on the Services and, where required by law, by sending an email notification.

Your continued use of the Services after the effective date of the updated Notice constitutes your acceptance of the updated Notice.

19. Contact Us

If you have questions or concerns about this Privacy Notice or our privacy practices, please contact us at:

Seconds Inc.
Attn: Francis William Franklin, Privacy Contact
251 Little Falls Drive
Wilmington, DE 19808
United States
Email: [email protected]
General inquiries: [email protected]

20. Reviewing, Updating, or Deleting Your Information

You may review, update, or request deletion of your personal information by:

logging into your account and updating your settings;
contacting us at [email protected]; or
following the request process described in Sections 13, 15, or 16, as applicable to your jurisdiction.

We will respond to verified requests within the timeframes required by applicable law.

Privacy Notice

Last Updated: May 2, 2026
Effective Date: May 2, 2026

Summary of Key Points
Information We Collect
How We Process Your Information
Legal Bases for Processing (EEA/UK Users)
When and With Whom We Share Your Information
Cookies and Tracking Technologies
International Data Transfers
How Long We Keep Your Information
How We Keep Your Information Safe
Information from Minors
Biometric Information
Recording and Storage of Interactions
Your Privacy Rights
Controls for Do-Not-Track Features
California Privacy Rights (CCPA/CPRA)
EEA, UK, and Swiss Privacy Rights (GDPR)
Other U.S. State Privacy Rights
Updates to This Notice
Contact Us
Reviewing, Updating, or Deleting Your Information

1. Summary of Key Points

This summary highlights key points of our Privacy Notice. You can find more detail on each topic in the corresponding section below.

What information we collect: We collect information you provide (such as name, email, payment information, and identity verification data for Creators) and information collected automatically (such as IP address and device data).
How we use it: To operate the Services, process payments and payouts, prevent fraud, comply with law, and communicate with you.
Who we share it with: Payment processors, payout providers, identity verification providers, hosting and analytics providers, and where required by law.
Your rights: Depending on your location, you may have rights to access, correct, delete, or limit our use of your personal information.
Recordings: We do not record video or audio of Interactions between Users and Creators in the ordinary course. See Section 12.
How to contact us: [email protected].

2. Information We Collect

2.1 Information You Provide to Us

When you register, use, or interact with the Services, we collect information you provide directly, which may include:

Account information: Display name, legal name, username, email address, phone number, password (stored in hashed form), and contact preferences.
Profile information: Profile photos, biographical information, links, and any other content you upload to your profile.
Payment information for Users: Billing address, debit/credit card number, expiration date, and security code (CVV). Card data is collected directly by our payment processor and is not stored on our servers.
Creator payout information: For Creators, we collect information needed to process payouts and comply with tax reporting, which may include your full legal name, residential address, date of birth, government-issued identification, taxpayer identification number (such as a Social Security Number for U.S. persons or equivalent for non-U.S. persons), bank account or other payout method details, and documentation required under applicable know-your-customer ("KYC") and anti-money-laundering ("AML") laws. This information is collected and processed primarily by our payout provider (Trolley).
Communications: The content of any messages, emails, support tickets, or other communications you send to us or other Users on the Services.
Uploaded media: Photos, videos, and other media you upload to the Services.

2.2 Sensitive Information

We process the following categories of sensitive information when necessary, with your consent, or as otherwise permitted by law:

Government identifiers: For Creators only, we collect Social Security Numbers, Individual Taxpayer Identification Numbers, or equivalent foreign tax identifiers as required for tax reporting and KYC compliance.
Financial data: Bank account information for Creator payouts. Payment card information is processed by our payment processor.
Identity verification and biometric data: Government-issued identification documents (such as passport, driver's license, or national ID), selfie photographs, and biometric identifiers (including facial geometry and biometric templates) used to verify Creator identity. Biometric data is collected and processed by our identity verification provider, Yoti Ltd. ("Yoti"), which performs facial matching, liveness detection, and document authentication. We receive the verification outcome (pass, fail, or risk score) and metadata from Yoti, but we do not receive or store raw biometric templates ourselves. Yoti's processing of biometric data is governed by Yoti's own privacy notice, available at https://www.yoti.com/about/privacy/.

2.3 Information Collected Automatically

When you access or use the Services, we automatically collect certain information, including:

Device data: IP address, device identifiers, device type, operating system, browser type and version, language settings, and mobile carrier information.
Usage data: Pages or screens viewed, time spent on pages, click data, search queries, referring URLs, and timestamps of access.
Log data: Server logs, error reports, and performance data.
Location data: Approximate location derived from IP address. We do not collect precise geolocation without your consent.

We collect this information through cookies, pixels, and similar tracking technologies. See Section 6 for more detail.

2.4 Information from Third Parties

We may receive information about you from third parties, including:

Payment and payout providers: Confirmation of payment, fraud signals, and chargeback information from Payment Cloud, Trolley, and similar providers.
Identity verification providers: Verification results and risk scores.
Analytics providers: Aggregated and individual usage data.
Social login providers: If you sign in using a third-party service, we may receive basic profile information from that service.

3. How We Process Your Information

We process your personal information for the following purposes:

To provide and operate the Services, including creating and managing your account, facilitating Interactions between Users and Creators, processing Gem purchases, and processing Creator payouts.
To process payments and payouts, including charging your payment method, paying Creator earnings, calculating taxes, and issuing tax forms.
To verify identity and prevent fraud, including detecting and preventing fraudulent transactions, chargeback abuse, account takeover, and violations of our Terms of Use.
To comply with legal obligations, including tax reporting (such as IRS Forms 1099 and 1042-S), responding to legal process, complying with KYC/AML laws, and enforcing our Terms of Use.
To communicate with you, including sending transactional notices, responding to support inquiries, and (where permitted) sending marketing and promotional communications.
To improve the Services, including analyzing usage, debugging, conducting research, and developing new features.
To protect the safety of Users, Creators, and the public, including investigating and responding to reports of harassment, abuse, or other harmful conduct.
To enforce our Terms of Use, including the right of set-off described in our Terms.

We will not process your personal information for purposes materially different from those described here without providing notice.

4. Legal Bases for Processing (EEA/UK Users)

If you are located in the European Economic Area, the United Kingdom, or Switzerland, we rely on the following legal bases under the GDPR (or the UK GDPR) to process your personal information:

Performance of a contract: When processing is necessary to provide the Services you have requested.
Legitimate interests: When processing is necessary for our legitimate interests, such as fraud prevention, security, improving the Services, and direct marketing (subject to your right to object).
Legal obligation: When processing is necessary to comply with law, including tax, AML, and KYC obligations.
Consent: When you have given us specific consent, such as for certain marketing communications or processing of sensitive data. You may withdraw consent at any time.
Vital interests: Where necessary to protect the vital interests of you or another person.

5. When and With Whom We Share Your Information

We share your personal information with the following categories of third parties:

5.1 Service Providers

We share information with third-party service providers that perform services on our behalf, including:

Payment processing: Payment Cloud and Kurv Network process User payments. They receive payment card information and transaction details.
Payout processing: Trolley (Payment Rails Inc.) processes Creator payouts. Trolley receives Creator identity, tax, and bank account information.
Hosting and infrastructure: Cloud hosting, content delivery, and database providers.
Communications: Email delivery, SMS, and customer support platforms.
Analytics: Usage analytics and product telemetry providers.
Identity verification: Yoti Ltd. ("Yoti") performs Creator identity verification, including document authentication, facial matching, and liveness detection. Yoti is the controller of the biometric data it processes for these purposes and operates under its own privacy notice.
KYC and AML compliance: Trolley and other providers may perform additional know-your-customer and anti-money-laundering screening as required by law.
Fraud prevention: Risk scoring and chargeback prevention services.

These providers process information only as necessary to provide their services to us and are bound by contractual confidentiality and data protection obligations.

5.2 Other Users and Creators

5.3 Legal and Safety Disclosures

We may disclose your information when we believe in good faith that disclosure is necessary to:

comply with a subpoena, court order, or other legal process;
enforce our Terms of Use, including investigating violations;
protect the rights, property, or safety of Seconds, our Users, Creators, or the public;
detect, prevent, or investigate fraud, security issues, or technical problems; or
respond to a government request or as otherwise required by law.

5.4 Business Transfers

5.5 With Your Consent

We may share your information with other third parties when you have given us your consent to do so.

5.6 No Sale of Personal Information

We do not sell your personal information for monetary consideration. See Section 15 for additional disclosures regarding the CCPA/CPRA definition of "sale" and "sharing."

6. Cookies and Tracking Technologies

We use cookies, web beacons, pixels, local storage, and similar technologies to operate the Services, remember your preferences, analyze usage, and improve performance.

For more detail, please see our Cookie Notice at https://seconds.me/cookies.

You may control cookies through your browser settings. Disabling certain cookies may affect the functionality of the Services.

7. International Data Transfers

If you are located in the EEA, UK, or Switzerland, we rely on the following safeguards for international transfers:

the European Commission's Standard Contractual Clauses, where applicable;
the UK International Data Transfer Addendum, where applicable;
adequacy decisions issued by the European Commission, where applicable; or
your explicit consent, where appropriate.

You may request a copy of the relevant safeguards by contacting [email protected].

8. How Long We Keep Your Information

Account information: For the life of your account, plus a reasonable period after account closure for fraud prevention, dispute resolution, and legal compliance.
Transaction records (purchases, payouts, chargebacks): Seven (7) years from the date of the transaction, to comply with tax, accounting, and AML record-keeping requirements.
Identity verification records (Creators): Five (5) years after termination of the Creator relationship, to comply with KYC/AML obligations.
Communications and support records: Three (3) years from the date of the communication.
Marketing data: Until you unsubscribe or opt out, plus a brief period for record-keeping.
Log and usage data: Up to twelve (12) months in identifiable form, after which it may be aggregated or anonymized.

When personal information is no longer needed, we will delete it or anonymize it.

9. How We Keep Your Information Safe

If we become aware of a data breach affecting your personal information, we will notify you and applicable authorities as required by law.

10. Information from Minors

11. Biometric Information

11.1 What Biometric Data We Process

a photograph or scan of a government-issued identification document, from which Yoti extracts text data such as name, date of birth, and document number;
a selfie photograph or short video of the Creator, including liveness detection; and
facial matching, in which Yoti compares the selfie to the photograph on the identification document.

11.2 Purpose of Collection

We collect and process biometric information for the sole purpose of verifying Creator identity at the time of onboarding. This is necessary to:

comply with applicable know-your-customer ("KYC") and anti-money-laundering ("AML") laws;
prevent fraud, identity theft, and the use of stolen identification documents;
ensure that Creators are who they claim to be before they can receive payouts; and
protect Users from impersonation and misrepresentation.

We do not use biometric data for marketing, advertising, behavioral profiling, or to train artificial intelligence or machine learning systems.

11.3 Consent

11.4 Retention and Destruction

We will destroy biometric information sooner upon a verified request from the Creator, except where retention is required by law or necessary to comply with our legal obligations.

11.5 Disclosure of Biometric Information

We do not sell, lease, trade, or otherwise profit from biometric information. We do not disclose biometric information to third parties except:

to Yoti, which acts as our identity verification provider;
as required by law, subpoena, or court order; or
with the Creator's express consent.

11.6 Your Rights

12. Recording and Storage of Interactions

metadata about Interactions, including the parties involved, start and end times, duration, Gem consumption, and technical performance data;
reports submitted by other Users or Creators regarding the Interaction;
account-level information about the parties to the Interaction;
communications sent through platform features outside of the Interaction itself; and
any recording or content voluntarily provided by a participant in the Interaction.

Users who believe their rights have been violated through the recording or sharing of an Interaction may contact [email protected].

13. Your Privacy Rights

Depending on your location, you may have the following rights with respect to your personal information:

Right to access: Request a copy of the personal information we hold about you.
Right to correction: Request that we correct inaccurate or incomplete information.
Right to deletion: Request that we delete your personal information, subject to certain exceptions.
Right to restriction: Request that we limit our processing of your information in certain circumstances.
Right to portability: Request a copy of your information in a portable format.
Right to object: Object to certain processing, including processing for direct marketing.
Right to withdraw consent: Where we rely on consent, withdraw your consent at any time.
Right to non-discrimination: Not be discriminated against for exercising your rights.
Right to lodge a complaint: Lodge a complaint with a supervisory authority in your country.

To exercise these rights, please contact us at [email protected]. We will respond within the timeframes required by applicable law. We may need to verify your identity before fulfilling your request.

14. Controls for Do-Not-Track Features

15. California Privacy Rights (CCPA/CPRA)

This section provides additional disclosures for California residents under the California Consumer Privacy Act, as amended by the California Privacy Rights Act ("CCPA/CPRA").

14.1 Categories of Personal Information Collected

In the past 12 months, we have collected the following categories of personal information:

Category	Collected	Examples
Identifiers	Yes	Name, email, IP address, account ID
Customer records (Cal. Civ. Code § 1798.80(e))	Yes	Name, address, phone, payment method
Protected classifications	No	—
Commercial information	Yes	Purchase history, Gem balances
Biometric information	Yes (Creators only)	Facial geometry from selfie verification through Yoti, used solely for identity verification (see Section 11)
Internet activity	Yes	Browsing and usage data on our Services
Geolocation data	Limited	Approximate location from IP address
Sensory data	No	—
Professional information	Limited	Creator-related information
Education information	No	—
Inferences	Yes	Preferences and characteristics derived from usage
Sensitive personal information	Yes	Government identifiers (Creators), financial account information, account credentials

14.2 Sources, Purposes, and Disclosures

Sources of information: Directly from you, automatically through your use of the Services, and from third parties (payment processors, identity verification providers, etc.).
Business purposes: As described in Section 3.
Categories of third parties to whom we disclose information: As described in Section 5.

14.3 Sale and Sharing of Personal Information

14.4 Your CCPA/CPRA Rights

California residents have the right to:

Know what personal information we collect, use, disclose, and sell or share;
Delete personal information we have collected (subject to exceptions);
Correct inaccurate personal information;
Limit the use and disclosure of sensitive personal information;
Opt out of the sale or sharing of personal information (not applicable, as we do not sell or share);
Not be discriminated against for exercising your rights.

To exercise these rights, contact us at [email protected]. You may also designate an authorized agent to make a request on your behalf.

We will verify your request by matching information you provide with information in our records. We will respond within 45 days, with a possible 45-day extension if reasonably necessary.

14.5 Shine the Light

16. EEA, UK, and Swiss Privacy Rights (GDPR)

If you are located in the EEA, UK, or Switzerland, you have the rights described in Section 13 under the GDPR (or UK GDPR).

We have not appointed a Data Protection Officer (DPO) under Article 37 of the GDPR. For privacy-related inquiries, please contact our Privacy Contact, Francis William Franklin, at [email protected].

17. Other U.S. State Privacy Rights

18. Updates to This Notice

Your continued use of the Services after the effective date of the updated Notice constitutes your acceptance of the updated Notice.

19. Contact Us

If you have questions or concerns about this Privacy Notice or our privacy practices, please contact us at:

Seconds Inc.
Attn: Francis William Franklin, Privacy Contact
251 Little Falls Drive
Wilmington, DE 19808
United States
Email: [email protected]
General inquiries: [email protected]

20. Reviewing, Updating, or Deleting Your Information

You may review, update, or request deletion of your personal information by:

logging into your account and updating your settings;
contacting us at [email protected]; or
following the request process described in Sections 13, 15, or 16, as applicable to your jurisdiction.

We will respond to verified requests within the timeframes required by applicable law.

Privacy Notice

Table of Contents

1. Summary of Key Points

2. Information We Collect

2.1 Information You Provide to Us

2.2 Sensitive Information

2.3 Information Collected Automatically

2.4 Information from Third Parties

3. How We Process Your Information

4. Legal Bases for Processing (EEA/UK Users)

5. When and With Whom We Share Your Information

5.1 Service Providers

5.2 Other Users and Creators

5.3 Legal and Safety Disclosures

5.4 Business Transfers

5.5 With Your Consent

5.6 No Sale of Personal Information

6. Cookies and Tracking Technologies

7. International Data Transfers

8. How Long We Keep Your Information

9. How We Keep Your Information Safe

10. Information from Minors

11. Biometric Information

11.1 What Biometric Data We Process

11.2 Purpose of Collection

11.3 Consent

11.4 Retention and Destruction

11.5 Disclosure of Biometric Information

11.6 Your Rights

12. Recording and Storage of Interactions

13. Your Privacy Rights

14. Controls for Do-Not-Track Features

15. California Privacy Rights (CCPA/CPRA)

14.1 Categories of Personal Information Collected

14.2 Sources, Purposes, and Disclosures

14.3 Sale and Sharing of Personal Information

14.4 Your CCPA/CPRA Rights

14.5 Shine the Light

16. EEA, UK, and Swiss Privacy Rights (GDPR)

17. Other U.S. State Privacy Rights

18. Updates to This Notice

19. Contact Us

20. Reviewing, Updating, or Deleting Your Information

Privacy Notice

Table of Contents

1. Summary of Key Points

2. Information We Collect

2.1 Information You Provide to Us

2.2 Sensitive Information

2.3 Information Collected Automatically

2.4 Information from Third Parties

3. How We Process Your Information

4. Legal Bases for Processing (EEA/UK Users)

5. When and With Whom We Share Your Information

5.1 Service Providers

5.2 Other Users and Creators

5.3 Legal and Safety Disclosures

5.4 Business Transfers

5.5 With Your Consent

5.6 No Sale of Personal Information

6. Cookies and Tracking Technologies

7. International Data Transfers

8. How Long We Keep Your Information

9. How We Keep Your Information Safe

10. Information from Minors

11. Biometric Information

11.1 What Biometric Data We Process

11.2 Purpose of Collection

11.3 Consent

11.4 Retention and Destruction

11.5 Disclosure of Biometric Information

11.6 Your Rights

12. Recording and Storage of Interactions

13. Your Privacy Rights

14. Controls for Do-Not-Track Features

15. California Privacy Rights (CCPA/CPRA)

14.1 Categories of Personal Information Collected

14.2 Sources, Purposes, and Disclosures

14.3 Sale and Sharing of Personal Information

14.4 Your CCPA/CPRA Rights