Privacy Policy

Effective Date: 01.07.2025

1. Introduction

Got Barreled LLC (“Got Barreled,” “we,” “our,” or “the Platform”) values your privacy. This Privacy Policy explains how we collect, use, share, and protect information when you access or use our website, marketplace, private session booking system, and related services (collectively, the “Services”).

Questions or requests? Email us at contact@gotbarreled.com.

2. Information We Collect

We collect information (a) you provide, (b) automatically when you use the Services, and (c) from third parties that help us operate the Services (like payment processors).

• Account Information: Name, email, profile details, and account preferences.
• Booking Information: When using private session bookings, we collect details needed to create and manage bookings (e.g., selected package, requested date/time, location information you submit, timezone, booking status history, rescheduling requests/responses, delivery/approval actions, and dispute details you provide).
• Contact Information for Bookings: Contact details used to coordinate a booking (e.g., email and/or phone). This can include guest contact info provided at checkout.
• Seller/Photographer Payout Information: To facilitate payouts to Photographers, we may collect necessary financial details (e.g., bank account details, Wise account details, or e-wallet details such as phone number, name, and country). We apply access controls and security measures designed to protect this information.
• Buyer/Customer Payment Information: Payments are processed via our third-party payment processor (e.g., Stripe). We do not store full credit card details on our servers.
• Transaction Data: Purchases, sales, booking payments (including authorization/capture states), refunds/chargebacks, pricing, and payout history.
• Content & Metadata: Media you upload or purchase (photos/videos) and related metadata (e.g., timestamps, file information, and internal identifiers).
• Technical Data: IP address, device information, browser type, log data, and diagnostics collected to keep the Services secure and functioning.
• Cookies & Analytics: Information collected through cookies and similar technologies for core functionality, security, and (where enabled) analytics/measurement.
• Hosting Location: Our servers are currently hosted on AWS in eu-central-1 (Frankfurt, Germany). We may use additional regions/providers over time.

3. How We Use Your Information

• Provide and operate the Services: Create and manage accounts, enable marketplace purchases, operate bookings (including approvals, delivery workflows, and disputes), and provide support.
• Payments & payouts: Facilitate payments via Stripe and process payouts using supported payout methods/providers (including third parties where applicable).
• Service communications: Send receipts, booking updates, delivery and status notifications, and important service or security messages.
• Fraud prevention & security: Detect and prevent misuse, spam, fraud, chargeback abuse, and unauthorized access.
• Improve the Services: Debugging, performance monitoring, analytics/measurement (where enabled), and improving features and user experience.
• Legal & compliance: Comply with legal obligations, enforce our Terms of Use, and respond to lawful requests and disputes.
• Marketing (where permitted): Send promotional communications. You can opt out of marketing emails at any time (service/transactional messages may still be sent).

4. How We Share Your Information

• Service Providers: We share information with vendors that help us operate the Services, such as payment processing (Stripe), email delivery and messaging (MailerLite, AWS SES), hosting/storage (e.g., AWS), analytics/measurement tools (if used), and payout providers (e.g., Wise where applicable). We share only what is necessary for them to perform their functions.
• Between Customers and Photographers (Bookings): To coordinate and fulfill a booking, Customers and Photographers may be able to see each other’s necessary contact and session details. This may include name, email address, phone number, and booking details (e.g., date/time/location) so the session can occur and media can be delivered.
• Legal Compliance: We may disclose information if required by law, court order, or lawful government request, or to protect rights, safety, and security.
• Business Transfers: In case of a merger, acquisition, restructuring, or asset sale, information may be transferred as part of that transaction, subject to reasonable protections.

California (CPRA): We do not sell or share personal information as defined by the CPRA.

We never sell your personal data to third parties.

5. Cookies & Tracking

We use cookies and similar technologies to provide core functionality (such as login and security), remember preferences, and help us understand how the Services are used. Where required by law, we will request consent before using non-essential cookies. You can control cookies through your browser settings, but disabling cookies may impact certain features.

6. Data Retention & Deletion

Account data: We keep your account information until you request deletion, unless we need to retain certain data for legal, security, fraud-prevention, or dispute-resolution purposes.

Transaction and booking records: We may retain transaction, booking, payout, refund/chargeback, and audit records for as long as needed to comply with legal/accounting obligations, prevent fraud, resolve disputes, and enforce our Terms.

When you request deletion, we take reasonable steps to delete or anonymize personal information, except where retention is required or permitted by law.

7. Your Rights

Depending on your jurisdiction (for example, GDPR/UK GDPR or certain US state laws), you may have the right to:

• Access and obtain a copy of your information.
• Request correction or deletion of your information.
• Object to or restrict certain processing.
• Withdraw consent (where processing is based on consent).
• Request data portability (where applicable).

To exercise these rights, contact us at contact@gotbarreled.com. We may need to verify your identity before fulfilling a request.

In some jurisdictions (e.g., EU/UK), you may also have the right to lodge a complaint with your local data protection authority.

8. Children’s Privacy

The Services are not intended for children under 13, and we do not knowingly collect personal information from children under 13. If we learn we have collected such information, we will take steps to delete it. Parents/guardians who believe a child has used the Services should contact us immediately.

9. Data Security

We implement reasonable technical and organizational measures designed to protect personal information, such as access controls, least-privilege permissions, monitoring/logging, and security practices appropriate to the sensitivity of the data.

However, no system is 100% secure. We cannot guarantee absolute security of information.

10. International Data Transfers

Your information may be transferred to, stored, and processed in countries other than your country of residence, including where our service providers operate. Our primary hosting is currently in Germany (AWS eu-central-1, Frankfurt). Where required by law, we use appropriate safeguards designed to protect personal information when it is transferred internationally.

11. Third-Party Services

Our Services rely on third-party providers (for example: Stripe, AWS, MailerLite, AWS SES, and payout providers such as Wise where applicable). Their processing of personal information is governed by their own privacy policies and terms. We are not responsible for their privacy practices.

12. Changes to this Policy

We may update this Privacy Policy from time to time. We will post the updated version on this page and update the Effective Date. Continued use of the Services after changes become effective indicates acceptance, to the extent permitted by law.

13. Contact Us

For questions, data requests, or privacy concerns, contact us at: contact@gotbarreled.com.