FruitDramaFruitDramaBack to home

⚠️ Informative translation only. The French version of this document is the legally authoritative one. If there is any discrepancy between this translation and the French version, the French version prevails.

Privacy Policy

Last updated: May 15, 2026

1. Data Collected

When you register on FruitDrama, we collect the following data:

  • Your email address
  • A password (stored in encrypted form — we never have access to it in plain text)

Authentication on FruitDrama is done exclusively by email and password via Supabase Auth. We do not offer login via Google, Apple or any other third-party OAuth provider.

We also collect technical usage data (access logs, IP address, browser type) for security and debugging purposes.

2. How We Use Your Data

Your data is used exclusively for:

  • Creating and managing your user account
  • Authenticating you and securing your access to the platform
  • Sending you notifications relating to your subscription (renewal, expiry, invoices)
  • Processing your payments through our payment provider Whop
  • Ensuring the security and proper functioning of the service
  • Responding to your support requests

We do not use your data for unsolicited commercial prospecting. We do not sell or rent your data to third parties.

3. Storage and Security

Your data is hosted on Supabase and Railway servers, with communications encrypted by SSL/TLS protocol. Passwords are hashed with bcrypt and are never stored in plain text.

Upon deletion of your account, your personal data is deleted within a maximum of 30 days. Data required for legal obligations (accounting, billing) may be retained longer in accordance with applicable law.

4. Data Sharing

Your personal data is never sold to third parties. It may be shared only with the following technical service providers, strictly within the scope of service delivery:

  • Supabase — database hosting and authentication
  • Whop — Merchant of Record: payment processing, billing, VAT collection and subscription management. Whop directly collects your payment data (bank card, billing address) — this data does not pass through FruitDrama.
  • Railway — application infrastructure hosting
  • Kie.ai — AI-powered video and image generation (your prompts may be transmitted to this service)
  • Cloudflare, Inc. — anti-bot protection via Cloudflare Turnstile on the sign-up form. Purpose: prevent automated account creation. Legal basis: legitimate interest (GDPR Art. 6.1.f). Cloudflare does not place any third-party cookies; technical data (IP address, user-agent) is processed only during verification then discarded. Privacy policy: cloudflare.com/privacypolicy.

These providers are subject to their own privacy policies and are required to process your data confidentially.

5. Your Rights (GDPR)

In accordance with the General Data Protection Regulation (GDPR), you have the following rights over your personal data:

  • Right of access: obtain a copy of the data we hold about you.
  • Right of rectification: correct inaccurate or incomplete information.
  • Right to erasure: request the deletion of your data ("right to be forgotten").
  • Right to portability: receive your data in a structured, machine-readable format.
  • Right to object: object to the processing of your data in certain cases.

To exercise any of these rights, contact us at support@fruitdrama.io. We undertake to respond to your request within 30 days.

If you believe your rights are not being respected, you have the right to lodge a complaint with the CNIL (Commission Nationale de l'Informatique et des Libertés — the French data protection authority) at cnil.fr, or with the supervisory authority in your country of residence.

6. Cookies

FruitDrama uses two categories of cookies:

6.1 Essential cookies (always active)

Required for the service to function: authenticated Supabase session, language preference, shopping cart. These cookies cannot be disabled and do not send any data to third parties.

6.2 Marketing cookies (with consent only)

With your explicit consent, we use the following cookies:

  • Meta Pixel — Meta Platforms Ireland Ltd, Merrion Road, Dublin 4, D04X2K5, Ireland. Purpose: ad performance measurement and custom audience creation on Meta (Facebook, Instagram). Maximum duration: 90 days.
  • TikTok Pixel — TikTok Technology Ltd, 10 Earlsfort Terrace, Dublin 2, D02 T380, Ireland. Purpose: ad performance measurement on TikTok. Maximum duration: 13 months.
  • FirstPromoter (fd_ref) — FirstPromoter SRL. Purpose: affiliate referral tracking. Duration: 60 days.
  • Taap.it Radar — taap.it Inc., a Delaware (USA) company. Contact: hello@taap.it. Purpose: audience analytics and visit statistics (pageviews, outbound clicks, form submissions). Data stored: pseudonymous visitor ID in browser localStorage (__va_vid). Maximum duration: 13 months (CNIL recommendation). Non-EU transfer governed by Standard Contractual Clauses approved by the European Commission. Privacy policy: taap.it/privacy-policy.

You can withdraw your consent at any time via the "Cookies" link in the footer or in Settings > Cookies & privacy. Withdrawing consent triggers effective deletion of the deposited marketing cookies.

Legal basis: consent (Art. 6.1.a GDPR).

6.3 Meta Conversions API (server-side transmission on payment)

Upon a validated payment (subscription, monthly renewal, or credit top-up), we transmit the following information to Meta Platforms Ireland Ltd via their Conversions API:

  • Hashed email address (SHA-256 lowercase)
  • Internal user identifier (pseudonymized)
  • Hashed country code (SHA-256, ISO alpha-2)
  • Payment ID, amount, and currency
  • Meta browser identifiers _fbp and _fbc (when available at payment time)
  • IP address and user-agent captured at checkout

This transmission only occurs after your explicit consent via the cookie banner (marketing category). GDPR legal basis: article 6.1.a (consent) + article 49.1.a (cross-border transfer based on explicit consent).

You may withdraw your consent at any time via the footer ("Manage cookies"), which will immediately disable these transmissions for your future payments. Automatic subscription renewals also trigger this transmission as long as your consent remains active.

Meta uses this information to measure the effectiveness of our advertising campaigns on Instagram and Facebook. Meta privacy policy: facebook.com/policy.php.

7. Minor Users

FruitDrama is reserved for persons aged 18 and over. We do not knowingly collect personal data from minors. If you become aware that a minor has created an account on our platform, please notify us at support@fruitdrama.io so that we can take the necessary steps.

8. International Data Transfers

In the course of our business, your data may be processed in countries outside France or the European Union, in particular through our providers Supabase, Railway, Whop and Kie.ai, whose servers may be located in the United States or other third countries.

These transfers are governed by appropriate safeguards (standard contractual clauses, data processing agreements) in accordance with GDPR requirements.

9. Changes to This Policy

FruitDrama reserves the right to amend this privacy policy at any time. In the event of a significant change affecting your rights or the nature of the data collected, you will be notified by email at the address associated with your account, with reasonable advance notice before the changes take effect.

The current version is always accessible on this page with the last updated date.

10. Contact

For any questions relating to this privacy policy or to exercise your rights, contact our team:

support@fruitdrama.io

Website: fruitdrama.io

© 2026 FruitDrama. All rights reserved.

Back to home

🍪 Cookies & privacy

To measure the performance of our ads and keep FruitDrama running, we use marketing cookies (Meta, TikTok). Your data is pseudonymized and you can decline without affecting your experience. Learn more

Privacy Policy — FruitDrama