Privacy Policy
Last updated: December 2025
What we collect
If you create an account: your name, email address, and password (hashed — see below). Optionally, a profile photo, birthday, and gift preferences you choose to add.
If you use a group: the group's name, its members, wish list items, presents, and messages posted to the group.
If you run a Secret Santa draw — with or without an account: the name and email address of each participant you enter, so we can email them their pick. People you add this way haven't created an account and haven't interacted with us directly; we process their details only to deliver the exchange you set up, and only for as long as described below.
Why we process it, and on what basis
- To provide the service (necessary to perform our contract with you) — running draws, delivering picks by email, hosting group wish lists, letting you sign in.
- To deliver Secret Santa draws to participants you enter (our legitimate interest in making the exchange work, balanced against minimal, purpose-limited use of their contact details — see retention below).
- Product updates and tips by email — only with your explicit, opt-in consent, given separately from creating an account. You can withdraw it anytime from your account settings or the unsubscribe link in any such email.
Passwords
Passwords are hashed using bcrypt and are never stored in plain text. We cannot recover your password — only reset it.
Cookies
We use a single, strictly necessary session cookie to keep you signed in. We don't use analytics, advertising, or third-party tracking cookies of any kind, so there's nothing beyond this to ask your consent for.
Who else sees your data
We use third-party service providers to run the platform: cloud hosting (Amazon Web Services) and an email delivery provider to send draw and account emails. They process data only on our instructions and only to provide these services. Our hosting infrastructure is located in the United States; where this involves transferring personal data from the UK/EEA, we rely on our provider's standard contractual safeguards for that transfer. We do not sell your data or share it with third parties for their own marketing purposes.
Data retention
- Account data is kept until you delete your account.
- Draws and participant details from a no-account (anonymous) Secret Santa draw are kept for one year — long enough to resend a pick if someone loses their email — then automatically deleted.
- If you delete your account, draws you organized are kept (so other participants' history isn't erased), but your own name and email are removed from them.
Your rights
Depending on where you live, you may have the right to access, correct, delete, restrict, or receive a copy of your personal data, and to object to or withdraw consent for certain processing. For account holders:
- Access & portability — download a full copy of your data anytime from your account settings.
- Correction — update your name, email, or photo directly in your account settings.
- Erasure — permanently delete your account and associated data from your account settings.
- Objection / withdrawing consent — unsubscribe from emails anytime, or contact us below.
If you were added to a draw by someone else and don't have an account, contact us below and we'll act on your request. You also have the right to lodge a complaint with your local data protection authority.
Children
This service is not directed at children under 16, and we do not knowingly collect personal data from them.
Contact
For data requests or privacy questions, contact us at privacy@secretsantagenerator.com.