Privacy Policy

We built this policy to be clear and useful. It explains what we collect, why we collect it, how we protect it, and the rights you have over your information.

Last updated: November 15, 2025

1) Introduction

Your trust matters. Our IPTV platform is designed to minimize the personal data we collect and to be transparent about how it’s used. This policy applies to our websites (including https://strong8ktv.org/), web portals, apps, and related services (collectively, the “Services”). It also covers contact through WhatsApp, email, or support forms.

This document works alongside our Terms of Service. If anything here conflicts with local law that grants you stronger rights, those local rights win. We’ve included references to modern privacy frameworks so you can see how our practices align.

2) Who we are (Controller)

Strong 8K is the controller responsible for handling your personal data when you use our Services. You can contact our privacy team at privacy@strong8ktv.org. If appointed, our Data Protection Officer can be reached at dpo@strong8ktv.org. Postal address: Your Business Address, City, Country.

3) What data we collect

We aim to collect the minimum necessary for account creation, billing, support, and service quality. Depending on how you use the Services, we may collect:

  • Account & Identity: name or display name, email, country/region, and plan details. If you sign in via a third-party app store or identity provider, we receive the basics needed to link your subscription.
  • Credentials: hashed passwords, device IDs, or tokens used to authenticate your session. We never store raw payment card numbers on our servers; payments are processed by certified providers.
  • Payment & Billing: transaction confirmations, plan purchased, currency, and limited billing metadata (e.g., last 4 digits via the processor, not full PAN).
  • Device & App Info: app version, OS, device model, language, time zone, and anonymized identifiers required to maintain session integrity.
  • Usage & Diagnostic: login timestamps, error logs, crash reports, and network performance metrics (e.g., CDN selection, buffering rate) to stabilize streaming at peak times.
  • Support Content: messages or attachments you send to our support channels (WhatsApp, email, forms) and activity needed to fix issues you report.
  • Cookies & Similar Tech: session cookies to keep you logged in, remember preferences, and measure basic page performance. See “Cookies & tracking.”

We do not build profiles for advertising or sell personal data. Where an analytics tool is used, it is configured narrowly (e.g., aggregated metrics, limited retention) to avoid unnecessary tracking.

4) How we use data (purposes)

  • Provide the Services: set up your account, authenticate you, deliver playlists, and adapt quality to your device and bandwidth.
  • Customer Support: troubleshoot issues, answer questions, and apply fixes (e.g., routing changes) to reduce buffering.
  • Payments & Billing: process subscriptions, renewals, refunds/credits, detect fraud, and send service-related emails.
  • Security & Abuse Prevention: monitor for suspicious logins, credential sharing beyond plan limits, or attacks that threaten service integrity.
  • Service Quality & Research: diagnose outages, switch CDNs, and improve app performance and UX.
  • Legal & Compliance: meet tax, accounting, and regulatory obligations; respond to valid legal requests.

6) Cookies, analytics & similar technologies

Essential cookies. These are required to run the site: keeping sessions active, remembering security preferences, and enabling account pages. If you block them, some features may not work.

Performance/analytics. We may measure anonymized usage (e.g., page load times, error rates) to improve reliability and usability. Where local law treats this as non-essential, we’ll request consent or provide a way to opt out.

Do Not Track. We don’t change our behavior solely in response to “DNT” signals, but we minimize tracking by design and honor consent choices where required.

7) Sharing & service providers

We do not sell your personal information. We share data only with trusted partners who help us run the Services, each bound by contracts limiting use to our instructions:

  • Payment processors: to accept cards and other payment methods (they handle card numbers directly).
  • Infrastructure & CDN: to deliver fast, stable streaming globally.
  • Support tools: to manage tickets and provide chat/email support.
  • Security & fraud prevention: to detect abuse and protect accounts.
  • Compliance partners: for tax, accounting, and legal matters.

We may disclose information when required by law or to protect our users, our Services, or others — for example, in response to valid court orders.

8) International data transfers

We operate globally. When data leaves your country, we safeguard it using appropriate transfer mechanisms (e.g., Standard Contractual Clauses) and additional technical/organizational measures. We regularly assess vendor privacy/security posture and restrict access to what’s necessary.

9) Data retention

We keep your data only as long as needed for the purposes described here:

  • Account data: for the life of your subscription and a reasonable period after closure (e.g., to handle disputes or tax requirements).
  • Billing records: retained per legal/accounting rules in your region.
  • Logs/diagnostics: short retention to troubleshoot and improve reliability, unless we need longer for security or fraud prevention.
  • Support threads: retained to provide continuity and comply with legal obligations, then minimized or deleted.

10) Security

We use layered security controls: encryption in transit, hardened infrastructure, access controls with least privilege, monitoring for anomalous activity, and regular patching. No method is perfect, but we continually improve our defenses and vendor oversight.

Incident response. If we discover a breach affecting your data, we will investigate promptly and, where required, notify you and regulators without undue delay.

11) Your privacy rights (GDPR/UK GDPR)

Where the GDPR/UK GDPR applies, you may have the right to:

  • Access a copy of your personal data and obtain information about how it’s processed.
  • Request correction of inaccurate or incomplete data.
  • Request deletion (erasure) in certain circumstances.
  • Object to processing based on legitimate interests and to direct marketing.
  • Request restriction or portability of your data.
  • Withdraw consent at any time for optional processing.

You can exercise these rights by emailing privacy@strong8ktv.org. To protect your account, we may ask for verification. GDPR rights and controller duties are detailed in the regulation’s Articles and Recitals. :contentReference[oaicite:1]{index=1}

12) California residents (CCPA/CPRA)

If you’re a California resident, state law grants additional rights regarding your “personal information,” including the right to know, access, correct, delete, and opt out of certain sharing for cross-context behavioral advertising. You also have the right to non-discrimination for exercising your rights.

Do we sell or share personal information? We do not sell personal information for money. We also configure our systems to avoid “sharing” for cross-context behavioral advertising. If you believe a vendor relationship may constitute “sharing,” contact us to opt out and we’ll review and honor your request.

How to exercise California rights: email privacy@strong8ktv.org with the subject “CCPA Request,” tell us what right you wish to exercise, and provide enough information to verify your identity. Authorized agents may submit requests with proof of authorization.

Learn more about CCPA and updates under CPRA from official sources. :contentReference[oaicite:2]{index=2}

13) Children’s privacy

Our Services are not directed to children under 13, and we do not knowingly collect personal information from them. If you believe a child provided us with personal data, contact us and we will take appropriate steps (e.g., delete the data or obtain parental consent as required by law). COPPA places specific obligations on online services about children’s data; you can read more on the U.S. FTC website. :contentReference[oaicite:3]{index=3}

14) Automated decision-making

We do not make decisions that produce legal or similarly significant effects solely by automated means. We use automated systems to protect your account and improve service stability (e.g., fraud flags or CDN switching), but a human can review decisions that materially affect you on request.

15) Changes to this policy

We may update this policy to reflect new features, vendor changes, or regulations. When we post updates, we revise the “Last updated” date and, for material changes, we’ll provide a clear notice (e.g., email or in-app).

16) Contact, complaints & supervisory authorities

If you have questions or concerns about privacy, reach us anytime:

If you’re in the EEA/UK and believe we haven’t resolved your concern, you can lodge a complaint with your local supervisory authority. We’ll cooperate with authorities as required by law.

Transparency & alignment with modern privacy rules

This policy was written to align with well-known privacy frameworks. For reference, see:

  • General Data Protection Regulation (EU) 2016/679 (official text). :contentReference[oaicite:4]{index=4}
  • California Consumer Privacy Act and California Privacy Rights Act resources. :contentReference[oaicite:5]{index=5}
  • U.S. Children’s Online Privacy Protection Rule (COPPA) – FTC resources and Federal Register. :contentReference[oaicite:6]{index=6}

This page is for transparency and does not replace the official legal texts. Where local law grants you stronger, non-waivable rights, those rights prevail.

Need help? Chat