STRYK
Post

Privacy Policy

Last updated: March 19, 2026

1. Information We Collect

Account Information: When you create an account, we collect your name, email address, username, and profile photo.

Payment Information: Payment details are processed and stored by our payment provider (Stripe). STRYK does not store full credit card numbers or banking details on our servers.

Usage Data: We collect information about how you use STRYK, including pages visited, Stryks viewed, searches performed, and interactions (likes, comments, bids).

Device Information: Browser type, operating system, IP address, device identifiers, and screen resolution.

Location Data: If you enable location features or provide a location for a Stryk, we collect and display that information. We do not track your location in the background.

User-Generated Content: Photos, videos, and text submitted as proof of Stryk completion. This may include images of faces, voices, and environments. We do not use biometric data for identification purposes.

2. How We Use Your Information

  • To provide and operate the STRYK platform
  • To process payments, escrow transactions, and payouts
  • To send notifications about your Stryks, bids, negotiations, and payments
  • To enforce our Terms of Service and moderate content
  • To detect and prevent fraud, abuse, and violations
  • To improve the platform and develop new features
  • To display leaderboards, trending content, and user reputation
  • To comply with legal obligations, including tax reporting

3. Information Sharing

We do not sell your personal information. We share data only with:

  • Other Users: Your username, display name, reputation score, completion stats, and public profile info are visible to other users. Proof submissions are visible to the poster and may be displayed publicly on completed Stryks.
  • Payment Processors: Stripe processes your payment and payout information.
  • Law Enforcement: When required by law, subpoena, or court order, or when we believe disclosure is necessary to protect user safety or prevent illegal activity.
  • Service Providers: Hosting (Vercel, Supabase), analytics, and moderation services that help us operate. These providers are contractually obligated to protect your data.
  • Business Transfers: In the event of a merger, acquisition, or sale of assets, user data may be transferred to the successor entity.

4. Data Retention

  • Account data is retained as long as your account is active.
  • Transaction records are kept for 7 years for legal and tax compliance.
  • Proof submissions (photos/videos) are retained for the duration of the Stryk and any associated dispute resolution. When you delete your account, proof submissions associated with your profile will be removed from our active systems.
  • You may request deletion of your account and personal data at any time (see Section 5).

5. Your Rights

Depending on your jurisdiction, you may have the following rights:

  • Access: Request a copy of your personal data
  • Correction: Update inaccurate information
  • Deletion: Request deletion of your account and data ("right to be forgotten")
  • Portability: Export your data in a standard machine-readable format
  • Opt-out: Unsubscribe from marketing communications at any time
  • Do Not Sell: We do not sell personal information. California residents may exercise their CCPA rights by contacting us.

To exercise any of these rights, email privacy@strykme.com. We aim to respond to requests as promptly as practicable. Response timelines may vary depending on the nature and complexity of your request and applicable legal requirements.

6. Cookies & Tracking

  • Essential Cookies: Required for authentication, session management, and escrow security. Cannot be disabled.
  • Analytics: We may use privacy-respecting analytics to understand platform usage patterns. No personally identifiable information is shared with analytics providers.
  • No Third-Party Ad Trackers: STRYK does not use third-party advertising trackers or sell data to advertisers.

7. Security

  • All data in transit is encrypted with TLS/SSL.
  • Data at rest is encrypted in our database (Supabase with row-level security).
  • Payment data is handled exclusively by PCI-DSS compliant processors (Stripe).
  • We conduct regular security reviews and vulnerability assessments.
  • In the event of a data breach involving personal data, we will notify affected users and applicable regulatory authorities as required by law. Notification timelines and requirements vary by jurisdiction and depend on the nature and risk level of the breach.

8. Children's Privacy

STRYK is not intended for users under 18. We do not knowingly collect information from minors. If we discover a minor's account, it will be terminated immediately and all associated data will be deleted. If you believe a minor is using STRYK, please report it to safety@strykme.com.

9. International Users

STRYK is operated from the United States. If you access the Platform from outside the US, you consent to the transfer and processing of your data in the United States. We comply with applicable data protection laws, including GDPR for EU/EEA users.

10. Changes to This Policy

We may update this policy periodically. Material changes will be communicated via email or in-app notification at least 30 days before taking effect. Continued use after changes constitutes acceptance.

11. Contact

Privacy questions? Contact our Data Protection team:

privacy@strykme.com

STRYK Inc. — Delaware, USA