Legal

Privacy Policy

Last updated: April 28, 2026

This Privacy Policy explains what data Reellu collects, how we use it, and what choices you have. We aim to keep things short, concrete, and free of legal filler. By using Reellu, you accept the practices described here.

1. What we collect

From every visitor

• Server logs. Standard web-server logs (IP address, user agent, request URL, timestamp). Used to operate the site, debug, and prevent abuse. Retained for up to 30 days.
• Local storage. Reellu stores your draft campaigns, account session, and UI preferences in your browser's local storage. This stays on your device.

From signed-up users

• Email address. Used to send transactional emails (verification, password reset, payout confirmations). You can change it from your profile.
• Handle and brand name. Public — shown on your profile and on any campaigns you post.
• Profile picture, cover image, bio, social links. Public if you choose to fill them in.
• Password hash. Your password is hashed in the browser before it is sent to Reellu. We never see or store your plaintext password.

From brands and clippers

• Solana wallet address. Required to deposit campaign funds and to receive payouts. Stored in your account so we can route the right money to the right wallet.
• Campaign and submission data. The campaigns you post and the clips you submit, including links, view counts, and timestamps. Most of this is public by design.

2. What lives on-chain (and is public forever)

Reellu's payment layer runs on the Solana blockchain. Anything that touches the chain is public, permanent, and outside our control:

• Your wallet address.
• Campaign creations, fundings, top-ups, payouts, and closures.
• Transaction signatures, amounts, and timestamps.

This is true of any Solana wallet, not just Reellu. If wallet-level pseudonymity matters to you, use a wallet address you have not linked to your real identity.

3. How we use data

• To run the marketplace — show you campaigns, submissions, dashboards.
• To send transactional emails (verification, password reset, payout, dispute updates).
• To detect and prevent fraud, view manipulation, and platform abuse.
• To respond when you contact support or open a dispute.
• To improve the product (e.g., understanding which campaign types perform).

We do not sell your personal data. We do not run third-party advertising or marketing tracking pixels.

4. Cookies & analytics

Reellu does not currently use third-party advertising cookies. We may use first-party storage (local storage, session cookies) for login state and UI preferences. If we add lightweight analytics in the future, we'll choose a privacy-respecting option (e.g., Plausible) and update this Policy.

5. Service providers

We rely on a small number of third parties to run the platform. They only see data necessary for their job:

• GoDaddy / cPanel — hosts the website and stored JSON files.
• Resend / ImprovMX — outbound and inbound email for info@reellu.com.
• Solana RPC providers (e.g., publicnode.com) — read public chain state. They see the wallet address you query from but not your password or email.
• Phantom (or your chosen wallet) — required to sign on-chain transactions. Reellu does not see your seed phrase or private key, ever.

6. Where data is stored

Account and campaign data is stored on Reellu's hosting (GoDaddy cPanel servers, currently in the U.S.). On-chain data is stored on the Solana blockchain, replicated globally.

7. How long we keep it

• Account, profile, and campaign metadata — for as long as your account is active, plus a reasonable backup period after deletion.
• Email logs — up to 12 months.
• Server logs — up to 30 days.
• On-chain data — permanent, by the nature of the blockchain.

8. Your rights

Depending on where you live (e.g., EU/UK GDPR, California CCPA), you may have the right to:

• Access the personal data we hold about you.
• Correct inaccurate data.
• Delete your account and the personal data we hold off-chain.
• Object to certain uses or request a copy of your data.

Email info@reellu.com with the subject "Privacy Request" and we'll respond within 30 days. We cannot delete on-chain transactions — that's a chain-level fact, not a Reellu database row.

9. Children

Reellu is for users 18 and older. We do not knowingly collect personal data from children under 13. If you believe a minor has signed up, email us and we'll remove the account.

10. Security

Passwords are hashed in your browser before transit. Email tokens are HMAC-signed and time-limited. Smart-contract code is open and auditable. That said, no system is unbreakable — keep your wallet seed phrase and password safe, and use a unique password for Reellu.

11. Changes

If we materially change this Policy, we'll announce it on the site. The "Last updated" date at the top will move.

12. Contact

Privacy questions, requests, or concerns: info@reellu.com.