Privacy Policy

Global Compliance: EU GDPR, UK GDPR, EEA & EFTA regulations; U.S. State Privacy Laws – CCPA/CPRA, VCDPA, CPA, CTDPA, UCPA, ICPA, FL-DBR, TN-TIPA, OR-OPA, DE-DPA; Canada PIPEDA; Brazil LGPD; Australia Privacy Act; Singapore PDPA; Switzerland nFADP

Effective Date: 10 July 2025
Last updated: 07 July 2025

This Privacy Policy explains how your personal data are collected, processed, shared, and protected when you use the Views4You platform (“Platform”). By accessing the Platform, you acknowledge that you have read and accepted this Policy. If you do not agree, please refrain from using the Platform.

1. Who We Are

Controller Registered Address EU/UK Representative
(GDPR Art. 27)
DPO / Privacy Contact
Extlikes UK Marketing Limited Technique Building, 140 Goswell Road, London EC1V 7DY, United Kingdom EU Rep: GDPRLocal Ltd., 12 Rue de Luxembourg, 7503 Ath, Belgium privacy@views4you.com
Novence LTD Cs 48756, 58 Rue de Monceau, 75008 Paris, France UK Rep: Compliance-Works Ltd., 71-75 Shelton St, London WC2H 9JQ, UK privacy@views4you.com

Throughout this document, “Views4You,” “we” or “the Company” refers to the entities above.

2. Scope of this Policy

This Policy applies to:

  • Paid digital-promotion services (followers, views, likes, etc.)
  • Free utilities (YouTube Thumbnail Downloader, Rank Tracker, IG Story Viewer, etc.)
  • Limited daily Free Trial promotions
  • The website views4you.com, all sub-domains, APIs, and the mobile web version

Key Jurisdictions & Safeguards

Region / Country Core Legislation Safeguards Implemented
EU / EEA GDPR Lawful bases, Data-Subject Rights, SCC/DPA, EU Rep
United Kingdom UK GDPR, DPA 2018 UK Rep, IDTA-equivalent safeguards
United States (federal) FTC Act, COPPA Children’s data exclusion, UDAAP safeguards
United States (state) CCPA/CPRA, VCDPA, CPA, CTDPA, UCPA, ICPA, FL-DBR, TN-TIPA, OR-OPA, DE-DPA “Sell/Share” definition, notices, GPC signals, sensitive-data limits
Canada PIPEDA Reasonable-purpose test, express consent, access/correction
Brazil LGPD Rights, legal bases, cross-border transfers
Australia Privacy Act 1988 & APPs Notice, overseas-transfer controls
Switzerland nFADP 2023 Transparency, export controls
Singapore PDPA Purpose limitation, accountability

3. Categories of Data We Collect

Category Examples Source
Identity Data First/last name, username, country You
Contact Data E-mail, telephone, postal address, social handle You
Financial Transaction Data Order ID, payment amount, crypto wallet address Payment processors
Content Data URLs & media titles supplied for promotion You
Technical & Usage Data IP, device fingerprint, browser type, clickstream, heat-maps Automated
Cookie Data Session ID, preferences, GPC signals Cookies / trackers
Marketing Preferences Newsletter opt-in status, consents You

We do not collect special-category data (e.g., health, biometrics) and we do not knowingly process data of children under 18 years (COPPA, GDPR Art. 8).

4. Purposes & Lawful Bases

Purpose Lawful Basis (GDPR Art. 6) U.S. Processing Category
Service provision & order fulfilment Contract performance “Necessary to perform”
Payment collection & invoicing Legal obligation (tax)
Fraud prevention & security Legitimate interest “Security processing”
Product improvement & analytics Legitimate interest / Consent Not targeted advertising (data anonymised)
Marketing communications Consent (opt-in) Opt-out if considered “Sell/Share”
Non-essential cookies Consent (ePrivacy)

5. Payment Processing

  • All payments are processed by Checkout.com, Payabl, or CoinPayments (PCI-DSS v4.0 compliant).
  • We never store full card numbers.
  • For crypto payments we store only the wallet address and transaction hash.

6. Cookies & Tracking Technologies

Type Purpose Retention
Essential session cookies Login, cart, CSRF Deleted on browser close
Analytics cookies Site performance (Google Analytics 4) 14 months
Preference cookies Language, theme 12 months
Marketing cookies ( opt-in ) Retargeting 90 days

User choices

  • Manage preferences via the cookie banner (“Reject All / Accept All / Customise”).
  • GPC signals are honoured and trigger automatic opt-out in CA, CO, CT.

7. Data Sharing

Recipient Purpose Location / Safeguard
Group Companies (Extlikes UK, Novence) Operations UK / FR
Service Providers (hosting, CDN, analytics) Infrastructure EEA or SCC/IDTA
Payment Processors Billing US / EEA (SCC)
Authorities Tax, legal, anti-fraud Relevant jurisdiction

International transfers rely on the Standard Contractual Clauses (SCC), UK IDTA, encryption at rest, zero-trust ACLs, and documented risk assessments.

8. Retention Periods

Data Type Duration Rationale
Order / Invoice records 6 years Tax & accounting statutes
Account identity & contact Active account + 2 years Potential claims, defence
Marketing-consent logs As long as active Proof of consent
Cookie data Up to 14 months Analytics limit
Back-ups after deletion request 30-90 days Forensic back-up window

9. Data-Subject Rights

Your rights depend on your jurisdiction. They may include:

  • GDPR / UK GDPR: Access, Rectification, Erasure, Restriction, Portability, Objection, Automated-decision objection
  • CCPA/CPRA: Know, Delete, Correct, Opt-out of “Sale/Share”, Limit sensitive data, Non-discrimination
  • Other U.S. States: Similar access / delete / correct rights; opt-out of targeted ads
  • PIPEDA: Access, Correct, Complain
  • LGPD: Withdraw consent, Restrict processing, Portability
  • APAC: Access, Correct, Complain (OAIC, PDPC)

Submit requests to privacy@views4you.com (specify region & request). Identity verification is required. California residents may also use the “Do Not Sell or Share My Personal Information” link.

10. Security Measures

  • TLS 1.3 encryption in transit
  • AES-256 encryption at rest
  • Zero-day monitoring, IDS/IPS, WAF
  • Role-based access control (least-privilege)
  • Annual penetration tests & planned SOC 2 Type II certification (target 2026)

11. Children’s Privacy

The Platform is not directed to persons under 18. If we discover under-age data, we will erase it promptly (COPPA, GDPR Art. 8).

12. Third-Party Sites

The Platform may contain links to third-party sites (YouTube, Instagram, etc.). We are not responsible for their privacy practices; please review their policies separately.

13. Policy Amendments

Material changes will be announced on-site and, where feasible, via e-mail to registered users. The “Effective Date” will be updated accordingly. Continued use of the Platform constitutes acceptance of the revised Policy.

14. Contact & Complaints

Channel Details
General E-mail privacy@views4you.com
U.S. Privacy E-mail us-privacy@views4you.com
EU DPO E-mail dpo-eu@views4you.com
Postal Address Extlikes UK Marketing Limited,
Technique Building, 140 Goswell Road,
London EC1V 7DY, UK
Supervisory Authorities UK ICO, CNIL (FR), any EDPB authority, California Privacy Protection Agency (CPPA)

Important Notes

  • Opt-Out Signals: If a GPC or Sec-GPC header is detected, U.S. marketing cookies are automatically disabled.
  • Sensitive Data (CPRA § 1798.121): We do not process sensitive personal data; if processing becomes necessary, users will be offered a limitation option.
  • Do Not Track (DNT): Legacy DNT signals are no longer recognised, but GPC signals are fully respected.

This comprehensive Privacy Policy is globally compliant as of 2025. It will be updated to reflect future regional amendments (e.g., India DPDP 2025 once enacted).