GDPR
GDPR notice
This page provides additional information for users in the EEA, UK, and Switzerland about personal data rights, how to exercise them, what legal bases Pluria relies on, and how optional biometric verification consent works.
Your rights
- Access your personal data and receive information about how it is processed.
- Correct inaccurate or incomplete account data.
- Request erasure where retention is no longer justified.
- Restrict or object to certain processing in the situations GDPR allows.
- Receive a portable copy of eligible data.
- Withdraw consent where processing depends on consent.
How to exercise your rights
Many requests can be started from the app, including export, privacy controls, linked sign-in methods, and account deletion. You can also email account@pluria.org with the account identifier connected to your request and the right you want to exercise.
To protect account security, we may ask you to verify control of the account before processing a request.
Typical request categories
Access and export
Ask what personal data we hold and request a copy of eligible account data.
Deletion and restriction
Request account deletion, partial erasure, or restriction of certain processing where applicable.
Correction and objections
Ask us to correct inaccurate data, restrict certain processing, or review an objection where GDPR gives you that right.
Response times
We aim to respond to GDPR requests within one month. If a request is unusually complex, we may extend that period where GDPR allows and will let you know.
Biometric verification and consent
If you use Pluria's individual verification flow, we process a short front-camera clip, preview frame, challenge / timing telemetry, moderator decision data, and the stable install identifier used for duplicate-account controls. Where this processing depends on consent, you can withdraw that consent at any time for future processing by contacting account@pluria.org.
Withdrawal does not automatically erase records we still need for fraud prevention, dispute handling, or legal obligations, but it does trigger a review of what can be deleted, delinked, or downgraded.
Legal bases
Account and profile
Usually processed on the basis of contract because you asked us to provide account, profile, and publishing features.
Security and integrity
Usually processed on the basis of legitimate interests, including moderation, fraud prevention, diagnostics, and service protection.
Optional permissions and marketing
May depend on consent where local law or platform rules require it.
Verification and biometric review
Starts from explicit consent where offered, with later retention justified only where integrity, disputes, or legal obligations still require it.
Transfers
Some service providers may process data outside the EEA. Where required, we rely on appropriate safeguards such as Standard Contractual Clauses or equivalent legal mechanisms.