← Back to Home

Privacy Policy

Your privacy matters. This policy explains exactly what data is collected, how it is used, and the rights you have over it.

Last updated: March 2026

At a Glance

  • Only your email, nickname, and hashed password are stored — no real names, no payment data, no location

  • Your email is never sold, shared with third parties, or used for marketing without your opt-in consent

  • Using a pseudonym and a separate email address is strongly recommended for your own safety

  • You can permanently delete your account and all associated data at any time

  • Your content belongs to you — no ownership is claimed over anything you create

  • No advertising networks, analytics trackers, or data brokers are used

1. Introduction

Kink Haus ("the Service", "I", "me") is a personal project operated by Gale Libera. This Privacy Policy describes how personal information is collected, used, and protected when you use the Service. By creating an account or using the Service, you acknowledge and agree to the practices described in this policy.

2. Information I Collect

I collect only the minimum information required to operate the Service:

  • Email address — required for account creation, identity verification, and authentication. It is never displayed publicly.

  • Nickname — a display name you choose. It is recommended to use a pseudonym that does not identify you.

  • Password — stored as a one-way cryptographic hash using industry-standard algorithms. I cannot read or recover your password.

  • User-generated content — scenes, checklists, challenge data, writing posts, and any other content you choose to save to your account.

  • Session tokens — short-lived authentication tokens issued by AWS Cognito, used solely to maintain your login session.

  • Basic server logs — request logs retained by AWS infrastructure for operational purposes (error diagnosis, abuse prevention) and not linked to individual user profiles.

3. Information I Do Not Collect

The following categories of information are not collected, stored, or processed:

  • Real names, physical addresses, phone numbers, or government-issued identification

  • Payment or financial information of any kind — no payments are required or accepted

  • Precise or approximate geolocation data

  • Device identifiers, advertising IDs, or browser fingerprints

  • Cross-site tracking data or behavioural profiles

  • Third-party social media account data

4. How I Use Your Information

Information collected is used exclusively for the following purposes:

  • Authenticating your identity when you sign in

  • Storing and retrieving the content you create within the Service

  • Sending account-related emails when you explicitly request them (e.g., password reset codes)

  • Diagnosing technical errors and maintaining service stability

  • Detecting and preventing abuse, spam, or unauthorised access

5. Cookies and Tracking

Kink Haus uses a minimal number of cookies and similar technologies:

  • Authentication cookies and tokens — strictly necessary to maintain your login session. These are set by AWS Cognito and are required for the Service to function.

  • No advertising cookies, tracking pixels, or analytics cookies are used.

  • No third-party marketing or retargeting scripts are loaded on any page.

6. Data Storage and Security

Your data is stored within AWS infrastructure. The following technical safeguards are in place:

  • Passwords are hashed using a strong one-way algorithm; plain-text passwords are never stored or logged.

  • Data at rest is stored in AWS services (DynamoDB, S3) with server-side encryption enabled.

  • Data in transit is encrypted via TLS (HTTPS) for all client-server communication.

  • Access to backend infrastructure is restricted to the operators of the Service.

  • Private content is served via time-limited signed URLs and is not directly accessible without authentication.

  • While reasonable and appropriate technical measures are taken to protect your data, no system is completely immune to security incidents. Using a pseudonym and a dedicated email address not connected to your real identity is strongly recommended.

7. Data Retention

Data is retained for as long as your account exists. Upon account deletion:

  • Your account record, profile information, and all associated user-generated content are permanently deleted.

  • Deletion is irreversible and cannot be undone.

  • Residual copies in backup systems may persist briefly before being overwritten, consistent with standard cloud infrastructure practices.

  • Server logs containing IP addresses may be retained for a limited period by the underlying cloud provider for abuse prevention purposes.

8. Your Rights

You have the following rights with respect to your personal data:

  • Right of access — you may request a summary of the personal data held about you at any time by contacting me.

  • Right to deletion — you can permanently delete your account and all associated data from the Account Settings page at any time.

  • Right to rectification — you can update your nickname and profile information at any time from Account Settings.

  • Right to data portability — you can export your checklist and challenge data at any time using the built-in export features.

  • Right to withdraw consent — where processing is based on consent, you may withdraw consent at any time.

  • For data requests that cannot be fulfilled through the interface, contact me directly at gale@kink.haus.

9. Third-Party Services

A minimal number of third-party services are used to operate the Service:

  • Amazon Web Services (AWS) — cloud compute (Lambda), database (DynamoDB), file storage (S3), authentication (Cognito), content delivery (CloudFront), and media processing (MediaConvert). AWS processes data under its own Privacy Policy and the AWS Data Processing Addendum.

  • No analytics services (e.g., Google Analytics, Mixpanel) are used.

  • No advertising networks or affiliate tracking services are used.

  • No data is sold or transferred to third parties for marketing purposes.

10. Children's Privacy

The Service is strictly for adults aged 18 and over. It is not directed at, nor intended for use by, anyone under the age of 18. I do not knowingly collect personal information from minors. If you believe a minor has provided personal information through the Service, please contact me immediately at gale@kink.haus so it can be promptly deleted.

11. Changes to This Policy

This Privacy Policy may be updated from time to time. If changes are material, the "Last Updated" date at the top of this page will be revised. Continued use of the Service after changes have been posted constitutes your acceptance of the revised policy.

If we practice consent and transparency in our personal lives, this should also be reflected in our digital lives. If you have questions, concerns, or requests relating to your privacy or this policy, please reach out at gale@kink.haus