Account data: your email address, the country you registered from, the plan you chose, and a hashed password.
Service data: the channels you switch to, the duration of each viewing session, and the device type. We use this to maintain the schedule, route traffic to the nearest edge, and bill where billing depends on usage.
Payment data: handled by our payment processor (Stripe). We hold a token referencing your card; we do not hold the card itself.
We do not collect viewing data for advertising. There is no third-party advertising on Gloam.
We do not collect any data outside the player. The marketing site uses no cookies beyond the session cookie required to keep you signed in.
We do not sell, share, or rent any data to any third party. Period.
Account data is held for the lifetime of the subscription, plus thirty days after cancellation, after which it is deleted.
Service data older than ninety days is aggregated to channel-level statistics and the per-account record is deleted.
Payment tokens are deleted at cancellation.
You can export every byte of data we hold about you, in machine-readable format, from the Account · Privacy page.
You can delete your account and all associated data, immediately, from the same page. The thirty-day retention only applies to involuntary cancellations.
You can write to privacy@gloam.tv at any time. We reply within five working days.
Account and payment metadata is held in the European Union (Frankfurt) and the United States (Virginia), replicated.
Service data is held in the edge region where the channel was watched, for the ninety days described above.
We do not transfer data to jurisdictions without an adequacy decision or equivalent safeguards.
Gloam is not directed at children under thirteen. Children’s profiles within an adult account are governed by the parent account.
Substantive changes are published here, dated, and announced by email to active subscribers thirty days before they take effect.