PRIVACY POLICY
Last updated: April 17, 2026·GDPR Compliant
KickPulse ("we", "us") is committed to protecting your personal data. This Privacy Policy explains how we collect, use, store, and share information when you use our Service at kickpulse.dev. It also explains your rights under the General Data Protection Regulation (GDPR) and other applicable data protection law.
Data Controller
The data controller responsible for your personal data is:
For data protection enquiries, including exercising your GDPR rights, please contact us at the email above with the subject line "Data Protection Request".
Data We Collect
We collect the following categories of personal data:
Account Data
- Username
- Email address
- Hashed password (bcrypt — never stored in plaintext)
- Account creation date
- Admin/user role
Subscription & Usage Data
- Target Kick.com channel username
- Subscription package purchased
- Active viewer count setting
- Subscription start/expiry dates
- Bot activity status
Payment Data
- Payment status and amount
- Currency
- Stripe session and payment intent IDs (reference only)
- Dry-run / real payment flag
Full card details are processed exclusively by Stripe and never stored by KickPulse.
Support Data
- Support ticket content and messages
- Ticket status and timestamps
Technical Data
- IP address (for rate limiting and security)
- Browser user agent (from HTTP requests)
- Authentication tokens (JWT, stored client-side in localStorage)
Legal Basis for Processing (GDPR Art. 6)
We process your personal data on the following legal bases:
Performance of a Contract (Art. 6(1)(b))
To create your account, process payments, and deliver subscription services you have purchased.
Legitimate Interests (Art. 6(1)(f))
To maintain platform security, prevent fraud, rate-limit API requests, and improve the Service. Our legitimate interests are not overridden by your rights.
Legal Obligation (Art. 6(1)(c))
To retain payment records for tax and financial reporting purposes.
Consent (Art. 6(1)(a))
For optional cookies (analytics, marketing) — only when you have given explicit consent via the cookie banner.
How We Use Your Data
We use your personal data to:
- Create and manage your account
- Process payments and activate bot subscriptions
- Operate and manage bot instances on your behalf
- Send transactional emails (welcome, subscription confirmation, password reset, support replies)
- Respond to support tickets
- Detect and prevent fraud or abuse
- Comply with legal obligations
- Improve the Service through anonymised analytics (if consent given)
We do not use your data for automated decision-making or profiling that produces legal or significant effects.
Data Retention
We retain your data for the following periods:
Your Rights (GDPR)
Under the GDPR, you have the following rights regarding your personal data. To exercise any of these rights, please contact us at [email protected] with the subject "Data Protection Request". We will respond within 30 days.
Right of Access (Art. 15)
Request a copy of all personal data we hold about you.
Right to Rectification (Art. 16)
Request correction of inaccurate or incomplete data.
Right to Erasure (Art. 17)
Request deletion of your data ('right to be forgotten'), subject to legal retention requirements.
Right to Restriction (Art. 18)
Request that we restrict processing of your data in certain circumstances.
Right to Data Portability (Art. 20)
Receive your data in a structured, machine-readable format.
Right to Object (Art. 21)
Object to processing based on legitimate interests.
Right to Withdraw Consent (Art. 7)
Withdraw consent for cookie-based processing at any time.
Right to Lodge a Complaint
File a complaint with your national supervisory authority (e.g. UODO in Poland, ICO in the UK).
Third-Party Links & Services
The Service may contain links to third-party websites or integrate with third-party platforms (e.g. Kick.com). These third parties have their own privacy policies, and we are not responsible for their practices. We encourage you to review the privacy policies of any third-party services you interact with.
Kick.com is an independent platform. Your interactions with Kick.com are governed by Kick.com's own Terms of Service and Privacy Policy.
Security Measures
We implement appropriate technical and organisational measures to protect your personal data, including:
- Passwords stored using bcrypt hashing (never in plaintext)
- Authentication via short-lived JWT tokens (access + refresh)
- All data transmitted over HTTPS/TLS
- Rate limiting on authentication and API endpoints
- Database access restricted to application layer only
No system is 100% secure. We cannot guarantee absolute security. If you believe your account has been compromised, contact us immediately.
Children's Privacy
The Service is not directed at persons under the age of 18. We do not knowingly collect personal data from children under 18. If we become aware that we have collected personal data from a child under 18 without verifiable parental consent, we will take steps to delete that data promptly.
If you believe we have inadvertently collected data from a child, please contact us immediately.
Contact & Complaints
For any privacy-related questions, to exercise your rights, or to file a complaint, contact us:
KickPulse Data Protection Contact
[email protected]Subject: "Data Protection Request"
Response time: up to 30 days (GDPR Art. 12)
You also have the right to lodge a complaint with your national data protection supervisory authority. In the EU, a list of supervisory authorities is available at edpb.europa.eu.