Privacy Policy

Last Updated: December 3, 2025

Your privacy is important to us. This Privacy Policy explains how WhingeHub collects, uses, and protects your personal information in compliance with the General Data Protection Regulation (GDPR) and other applicable privacy laws.

1. Information We Collect

1.1 Information You Provide

Account Information: Email address, name, password (encrypted), bio, avatar, country, city, and language preferences
Content: Posts, comments, replies, reactions, and solutions you create on the platform
Communications: Messages you send through our platform or to our support team
Payment Information: Payment details processed through Stripe (we do not store full credit card numbers)

1.2 Automatically Collected Information

Usage Data: Pages visited, features used, time spent on the platform
Device Information: IP address, browser type, operating system, device identifiers
Cookies: See our Cookie Policy for details

2. How We Use Your Information

We use your information for the following purposes:

Service Provision: To operate and maintain the WhingeHub platform
Account Management: To create and manage your account, authenticate users
Communication: To send you service updates, password resets, and email verification
Personalization: To customize your experience and show relevant content
Analytics: To understand how users interact with our platform and improve our services
Security: To detect and prevent fraud, abuse, and security incidents
Legal Compliance: To comply with legal obligations and enforce our terms
Marketing: To send promotional communications (only with your consent)

3. Legal Basis for Processing (GDPR)

We process your personal data based on the following legal grounds:

Consent: You have given explicit consent for specific processing activities (e.g., marketing emails, cookies)
Contract Performance: Processing is necessary to provide our services to you
Legal Obligation: We must process your data to comply with legal requirements
Legitimate Interests: Processing is necessary for our legitimate business interests (e.g., fraud prevention, analytics)

4. Data Sharing and Disclosure

4.1 Third-Party Services

We share your information with the following third-party service providers:

AWS S3: Cloud storage for uploaded images and videos
Stripe: Payment processing for subscriptions
ElasticEmail: Email delivery service for transactional emails
MongoDB Atlas: Database hosting and management

4.2 Legal Requirements

We may disclose your information if required by law, court order, or to protect our rights and safety.

4.3 Business Transfers

In the event of a merger, acquisition, or sale of assets, your information may be transferred to the acquiring entity.

5. Your Rights Under GDPR

If you are in the European Economic Area (EEA), you have the following rights:

        Right to Access: Request a copy of your personal data
Right to Rectification: Correct inaccurate or incomplete data
Right to Erasure: Request deletion of your personal data ("right to be forgotten")
Right to Data Portability: Receive your data in a machine-readable format
Right to Restrict Processing: Limit how we use your data
Right to Object: Object to processing based on legitimate interests
Right to Withdraw Consent: Withdraw consent for data processing at any time

    

To exercise these rights, visit your Privacy Settings or contact us at the email below.

6. Data Retention

We retain your personal data for as long as necessary to provide our services and comply with legal obligations:

Account Data: Retained until you delete your account
Posts and Content: Retained until you delete them or your account
Consent Records: Retained for legal compliance (minimum 3 years)
Payment Records: Retained as required by tax and financial regulations

7. Cookies and Tracking

We use cookies and similar technologies to enhance your experience. You can manage your cookie preferences through our cookie consent banner or in your Privacy Settings.

For detailed information, please see our Cookie Policy.

8. Data Security

We implement industry-standard security measures to protect your data:

Encryption of data in transit (HTTPS/TLS)
Encrypted password storage (BCrypt)
Regular security audits and updates
Access controls and authentication
Secure cloud infrastructure (AWS, MongoDB Atlas)

However, no method of transmission over the internet is 100% secure. We cannot guarantee absolute security.

9. International Data Transfers

Your data may be transferred to and processed in countries outside your country of residence. We ensure appropriate safeguards are in place for such transfers in compliance with GDPR.

10. Children's Privacy

Our service is not intended for users under the age of 16. We do not knowingly collect personal information from children. If you believe we have collected data from a child, please contact us immediately.

11. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of significant changes by email or through a notice on our platform. The "Last Updated" date at the top indicates when the policy was last revised.

12. Contact Us

Data Controller: WhingeHub

Email: privacy@whingehub.com

Data Protection Officer: dpo@whingehub.com

For privacy-related inquiries, data access requests, or to exercise your GDPR rights, please contact us at the email addresses above.

13. Supervisory Authority

If you are in the EEA and believe we have not addressed your privacy concerns adequately, you have the right to lodge a complaint with your local data protection supervisory authority.