This Privacy Policy explains how Redeyed.com ("Redeyed", "we", "us") collects, uses, retains, and protects personal data when you use our websites, AI creator tools, the Sentinel captcha and IP-reputation service, membership subscriptions, and the prepaid credits system. We are a self-hosted platform: we run our own infrastructure and keep third-party data sharing to a minimum. This policy is written to be GDPR and CCPA aware.
| Category | Examples |
|---|---|
| Account data | Name or handle, email address, hashed password, membership tier (Free–Monarch), credit balance, support correspondence. |
| Billing data | Subscription and purchase history, invoices, and limited payment metadata. Full card numbers are handled by our payment processor — we do not store them. |
| Usage logs | Actions taken in the app, AI generations requested, credits consumed, API calls, timestamps, and error logs. |
| IP addresses | The IP address used to access the Services and the IP addresses evaluated by Sentinel. |
| Device & telemetry (Sentinel) | Behavioral signals used for security scoring — request patterns, headers, browser/device characteristics, interaction timing, and challenge results. |
| Cookies & storage | Session and CSRF cookies, preferences, and first-party analytics identifiers. See our Cookie Policy. |
Where the GDPR applies, we rely on the following legal bases:
We self-host our core infrastructure and do not sell your personal data. We share data only with a minimal set of processors and only as needed to run the Services:
Processors are bound by contracts requiring appropriate safeguards. We do not use third-party advertising trackers.
| Data | Retention |
|---|---|
| Security logs & Sentinel signals | Approximately 90 days, after which they are deleted or aggregated/anonymized. Records tied to an active investigation may be kept longer until resolved. |
| Usage logs | Up to ~90 days in identifiable form, then aggregated. |
| Account data | Kept while your account is active, and deleted within a reasonable period after closure, subject to legal holds. |
| Billing records | Retained as long as required by tax and accounting law (typically several years). |
Depending on your location (including under GDPR and CCPA/CPRA), you may have the right to:
To exercise any right, email [email protected] or use our contact page. We may verify your identity before responding and will reply within the timeframes required by law. You also have the right to lodge a complaint with your local data protection authority.
Sentinel protects sites against automated abuse by evaluating IP addresses and behavioral telemetry and assigning a reputation score. This processing is grounded in our and our customers' legitimate interest in security and fraud prevention.
If your IP address has been flagged or blocked and you believe this is in error, you can request a review through our Sentinel appeal and recovery process. We will reassess the relevant signals and, where appropriate, restore the reputation of the address. Reputation signals are generally aged out within ~90 days, so most addresses recover automatically once abusive behavior stops.
Because we self-host, your data is processed primarily on our own infrastructure. Where data is transferred across borders (for example, when an email processor operates in another country), we rely on appropriate safeguards such as Standard Contractual Clauses or an adequacy decision.
The Services are not directed to children. You must be at least 16 years old (or older where your jurisdiction requires) to use them. We do not knowingly collect data from children under this age; if we learn we have, we will delete it.
We protect your data with encryption in transit (TLS) and at rest for sensitive fields, hashed passwords, optional two-factor authentication, scoped API keys, access controls and least-privilege practices, and ongoing monitoring. No system is perfectly secure, but we work continuously to safeguard your information and will notify affected users and regulators of qualifying breaches as required by law.
For privacy questions or to reach our data protection contact, email [email protected] or use the contact page. We may update this policy from time to time; material changes will be reflected in the "Last updated" date above.
Related policies: Terms of Service, Refund Policy, Acceptable Use Policy, and Cookie Policy.
