← Back to home

Privacy Policy

Last Updated: April 22, 2026

This Privacy Policy explains how Cherrypop OÜ (17442185) ("Cherrypop", "Company", "we", "us", or "our"), a company incorporated under the laws of Estonia, collects, uses, and processes personal data when you access or use the Cherrypop platform (the "Platform").

We process personal data in accordance with the GDPR and other applicable data protection laws.

This Privacy Policy should be read together with our Terms of Service and other applicable policies.

1. Data Controller

The data controller responsible for your personal data is:

Cherrypop OÜ

Vesivärava tn 13, 10126, Tallinn, Estonia.

Email: support@cherrypop.io

2. Personal Data We Collect

We collect and process the following categories of personal data:

2.1 Data You Provide Directly

  • account information (e.g. email address, username)
  • communications (e.g. support requests, complaints)
  • content you upload or share on the Platform
  • identity verification data (where applicable)

2.2 Data Collected Automatically

  • IP address
  • device and browser information
  • usage data (e.g. interactions, activity on the Platform)
  • session and log data

2.3 Data from Third Parties

  • identity verification providers such as Ondato
  • analytics providers
  • payment providers (transaction-related data only)

2.4 Payment Data

Payments are processed by third-party payment providers.

Cherrypop does not store full payment card details. We may receive limited transaction-related data (such as payment status or identifiers) necessary to operate the Platform.

3. How We Use Your Data

We process personal data for the following purposes:

PurposeLegal Basis
To create and manage accountsContractual necessity
To provide and operate the PlatformContractual necessity
To facilitate transactionsContractual necessity
To verify identity and prevent fraudLegal obligation / legitimate interest
To enforce policies and ensure complianceLegitimate interest / legal obligation
To improve and develop the PlatformLegitimate interest
To respond to support and complaintsContractual necessity
To comply with legal obligationsLegal obligation

4. Cookies and Tracking

We use cookies and similar technologies to operate, secure, and improve the Platform. For more information, please refer to our Cookie Policy.

5. Data Sharing

We share personal data only where necessary and for legitimate purposes.

5.1 Service Providers (Data Processors)

We may share data with trusted third-party service providers, including:

  • payment processors (to process transactions);
  • identity verification providers such as Ondato (to verify users and prevent fraud);
  • hosting and infrastructure providers (to operate the Platform);
  • analytics providers such as Google Analytics and Mixpanel (to analyze usage and improve performance).

These providers process personal data on our behalf under contractual obligations and applicable data protection laws.

5.2 Legal and Regulatory Authorities

We may disclose personal data where required to:

  • comply with legal obligations;
  • respond to lawful requests;
  • protect our rights, users, or the public.

5.3 Business Transfers

In the event of a merger, acquisition, or sale of assets, personal data may be transferred as part of that transaction.

5.4 No Sale of Personal Data

We do not sell personal data to third parties.

6. International Data Transfers

Your personal data may be transferred to and processed outside the European Economic Area (EEA). Where this occurs, we implement appropriate safeguards, such as:

  • Standard Contractual Clauses (SCCs);
  • other lawful transfer mechanisms.

7. Data Retention

We retain personal data only for as long as necessary for the purposes described in this Policy, including:

  • while your account is active;
  • to comply with legal, regulatory, and tax obligations;
  • to resolve disputes and enforce agreements.

After this period, data is deleted or anonymised.

8. Your Rights

Under GDPR, you have the right to:

  • access your personal data;
  • correct inaccurate data;
  • request deletion of your data;
  • restrict or object to processing;
  • request data portability;
  • withdraw consent (where applicable).

To exercise your rights, contact: support@cherrypop.io

You also have the right to lodge a complaint with your local data protection authority.

9. Children

The Platform is not intended for individuals under the age of 18.

We do not knowingly collect personal data from minors. If we become aware of such data, we will take steps to delete it.

10. Security

We implement appropriate technical and organisational measures to protect personal data, including:

  • secure infrastructure and encryption;
  • access controls;
  • monitoring and security procedures.

However, no system can be guaranteed to be completely secure.

11. Third-Party Services

The Platform may contain links to third-party services. We are not responsible for their privacy practices.

12. Changes to This Policy

We may update this Privacy Policy at any time.

Continued use of the Platform constitutes acceptance of any updates.

13. Contact

Cherrypop OÜ (17442185)

Vesivärava tn 13, 10126, Tallinn, Estonia.

Email: support@cherrypop.io

Cherrypop logo

Ready to get started?

Start earning from your fans today.