Draft for lawyer review. The technical facts here (what data is processed, by
whom, for what) are accurate to how the system actually works. The fields marked
«FILL» need your company details; the ones marked «LAWYER» need legal sign-off
before publishing. Do not launch to the public on this until a UK-GDPR solicitor has
reviewed it.
Version: v0.3 · Effective: «FILL: date»
Who we are: «FILL: legal/trading name», «FILL: registered address», «FILL: country» · Contact: privacy@tacatech.net
Taca is an assistant and CRM for Fanvue creators. This explains what personal data we
handle and why. For your fans' data specifically you are the "controller" and we are
your "processor" — covered in the DPA. Taca is not affiliated with Fanvue.
About you (the creator):
Taca account tied to it, your plan and billing status.
encrypted at rest (AES-256-GCM). We never see your Fanvue password.
never see, receive or store your card details. We only read from Fanvue *which plan
you are on*, so we know which features to unlock.
Facial and biometric images — we do not collect them:
photographs of your face or body. We hold **no special-category (Article 9) biometric
data** about you.
policy will be updated before the feature is switched on.
What we read for you (via Fanvue, with your approved permissions read:self,
read:chat, write:chat, read:creator, read:fan, read:insights, read:media):
your fans; you are their controller and we process them for you (see the DPA).
To run the app, draft your replies, screen every message for safety/compliance, run any
automation you switch on, support you, and meet legal duties. Lawful bases: contract
(running the service), legitimate interests (security, prevention of abuse,
improvement), and legal obligation (safety screening, record-keeping).
We share data only with the providers needed to run Taca. This table is accurate to
the current system — update it whenever a provider is added or swapped.
| Service | Used for | Data it may see | Region |
|---|---|---|---|
| Fanvue | Your account, inbox, fans, media, earnings. Also takes all payments — see below. | Everything you connect via OAuth | «LAWYER: confirm» |
| Venice AI | Writing chat drafts and captions | Fan message text, persona settings, vault image (for captions) | US |
| OpenRouter (optional backup only) | Chat drafts, only if Venice is unavailable. Routed to an uncensored open-weight model. | Fan message text, persona settings | US |
| App host — «FILL: Fly.io / Hetzner / etc.» | Running the app + database | Everything stored by the app | «FILL: region» |
We do not take payments. Taca is a Fanvue App: your subscription is bought and
managed inside Fanvue, and we never see, receive or store your card details. There is
no third-party payment processor in this product.
Providers we deliberately do NOT use: OpenAI, Anthropic and Google. Their usage
policies prohibit sexually explicit content, which is a core part of what this tool
helps you write — so your conversations are never sent to them.
Image generation is switched off and no image-generation provider is in use. No GPU
host processes your data, and we do not currently collect or store face images. If that
changes, this policy will be updated before the feature is enabled, and you will be
told.
«LAWYER: link each provider's privacy policy + DPA, and confirm the transfer mechanism
for every US processor (UK IDTA / SCCs).»
To draft a reply, your fan's message text and your persona settings are sent to the AI
provider, which returns the draft text. To caption a vault image you ask us to caption,
that image is sent to the vision provider. **We do not train any model on your or your
fans' data.**
Taca is built to disclose AI honestly: if a fan asks whether they're talking to an
AI, the assistant tells the truth and never claims to be human. If Fanvue requires an
AI-Creator designation on your profile for the way you use Taca, carrying that
designation is your responsibility.
We keep data while your account is active. You can:
personas, vault records, fan notes and audit log from the database and from disk.
«FILL: backup retention window, e.g. "backups are purged within 30 days".»
Tokens encrypted at rest (AES-256-GCM, key separate from the session secret); passwords
hashed (bcrypt); least-privilege Fanvue permissions; HTTPS enforced in production;
security headers + CSP; brute-force throttling; session regeneration on login; an audit
log of every AI action. No system is perfectly secure; we will report a serious breach as
the law requires.
Access, rectify, erase, restrict, port, or object — and withdraw consent (including for
the facial-image processing, which stops generation/training). Use the in-app export and
delete tools, or email privacy@tacatech.net. You can complain to the ICO
(ico.org.uk).
Several sub-processors are outside the UK/EEA (US, per the table). «LAWYER: state the
safeguard for each — UK IDTA / EU SCCs — before publishing.» Hosting the app and the GPU
in the UK/EU is strongly recommended to minimise this.
Because this product processes special-category facial data at scale, a **Data Protection
Impact Assessment** should be completed before public launch. «LAWYER: complete DPIA.»
Adults only — you, and every subject of any uploaded image, must be 18+.
We'll update this page and its date when things change, and flag big changes in-app.
Questions: privacy@tacatech.net.