Privacy Policy
Last updated: 12/06/2025
Table of Contents
1. Introduction
RedditMentions ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our service at [redditmentions.com] (the "Service").
This Privacy Policy complies with the General Data Protection Regulation (GDPR) and other applicable data protection laws.
2. Data Controller
The data controller for your personal data is:
Kakaruwai OÜ
Tööstuse 43-2,
Tallinn 10411, Harjumaa, Estonia
Email: hello@redditmentions.com
3. Information We Collect
3.1 Personal Data You Provide
- Account Information: Email address, password (encrypted), and any profile information you choose to provide
- Subscription Information: Billing details, payment information (processed securely through Stripe)
- Monitoring Preferences: Subreddits, keywords, and monitoring configurations you set up
3.2 Automatically Collected Data
- Usage Data: How you interact with our Service, features used, and time spent
- Technical Data: IP address, browser type, device information, and access times
- Log Data: Server logs, error reports, and performance metrics
3.3 Third-Party Data
- Reddit Content: We collect publicly available Reddit posts and comments that match your monitoring criteria. This data belongs to Reddit and its users.
4. Legal Basis for Processing (GDPR)
We process your personal data based on the following legal grounds:
- Contract Performance: To provide our Service and fulfill our contractual obligations
- Legitimate Interests: To improve our Service, prevent fraud, and ensure security
- Consent: Where you have explicitly consented to specific processing activities
- Legal Obligations: To comply with applicable laws and regulations
5. How We Use Your Information
We use your information to:
- Provide and maintain the RedditMentions service
- Monitor Reddit for your specified keywords and subreddits
- Send daily digest emails with relevant matches
- Process payments and manage subscriptions
- Improve our Service and develop new features
- Communicate with you about your account and our Service
- Ensure security and prevent fraud
- Comply with legal obligations
6. Data Sharing and Disclosure
6.1 Service Providers
We may share your data with trusted third-party service providers:
- Supabase: Database hosting and authentication services
- Stripe: Payment processing (they have their own privacy policy)
- Email Service Providers: To send digest emails and communications
- Hosting Providers: To maintain our infrastructure
6.2 Legal Requirements
We may disclose your information if required by law or to:
- Comply with legal processes or government requests
- Protect our rights, property, or safety
- Prevent fraud or security threats
6.3 Business Transfers
In case of merger, acquisition, or sale of assets, your information may be transferred to the new entity.
7. Data Retention
We retain your personal data for as long as necessary to:
- Provide our Service to you
- Comply with legal obligations
- Resolve disputes and enforce agreements
Specific Retention Periods:
- Account data: Until account deletion + 30 days for backup purposes
- Payment data: As required by financial regulations (typically 7 years)
- Usage logs: Up to 2 years for security and improvement purposes
- Reddit content matches: Up to 90 days in your account history
8. Your Rights Under GDPR
As a data subject, you have the following rights:
8.1 Right of Access
You can request information about the personal data we hold about you.
8.2 Right of Rectification
You can request correction of inaccurate or incomplete personal data.
8.3 Right of Erasure ("Right to be Forgotten")
You can request deletion of your personal data in certain circumstances.
8.4 Right to Restrict Processing
You can request limitation of processing of your personal data.
8.5 Right to Data Portability
You can request transfer of your data to another service provider.
8.6 Right to Object
You can object to processing based on legitimate interests.
8.7 Right to Withdraw Consent
Where processing is based on consent, you can withdraw it at any time.
8.8 Right to Lodge a Complaint
You can file a complaint with your local data protection authority.
To exercise these rights, contact us at: hello@redditmentions.com
9. Data Security
We implement appropriate technical and organizational measures to protect your personal data:
- Encryption of data in transit and at rest
- Regular security assessments and updates
- Access controls and authentication measures
- Secure payment processing through PCI-compliant providers
- Regular backups with encryption
10. International Data Transfers
Your data may be processed in countries outside the European Economic Area (EEA). When we transfer data internationally, we ensure adequate protection through:
- Adequacy decisions by the European Commission
- Standard Contractual Clauses (SCCs)
- Binding Corporate Rules or similar safeguards
12. Children's Privacy
Our Service is not intended for individuals under 16 years of age. We do not knowingly collect personal data from children under 16.
13. Changes to This Privacy Policy
We may update this Privacy Policy periodically. We will notify you of material changes by:
- Email notification to registered users
- Prominent notice on our website
- In-app notifications
Continued use of the Service after changes constitutes acceptance of the updated policy.
14. Contact Information
For privacy-related questions or to exercise your rights:
Email: hello@redditmentions.com
This Privacy Policy is effective as of 12/06/2025 and was last updated on 12/06/2025.