NTW

NeedToWatch

Politique de Confidentialité

Dernière mise à jour: 2026-06-09

NeedToWatch (“we”, “the Service”) is an AI-assisted movie and TV recommendation platform operated by Samet Kabakcı. This policy explains what personal data we collect when you use the NeedToWatch mobile app or the website at needtowatch.net, how we use it, and the choices you have.

1. Who is responsible

The data controller is Samet Kabakcı. You can reach us at [email protected] for any privacy question or to exercise the rights described below.

2. What data we collect

  • Account data — email address, display name, chosen username, language preference, and (optionally) profile photo, bio, gender, country. Collected when you sign up or update your profile.
  • Authentication data — hashed password, session tokens, device identifier used to keep you signed in. We never store your password in plain text.
  • Content you create — posts, stories, comments, replies, ratings, watchlist entries, collections, follows, blocks, reports, and the images or videos attached to posts/stories.
  • Activity data — which titles you view, swipe, like, save, search; which recommendations you accept or skip. Used by our on-device recommendation engine and stored in your account.
  • Device + technical data — IP address, user-agent, app version, OS version, push-notification token, approximate country derived from IP for regional content. Used for security, fraud prevention, and analytics.
  • OAuth identifiers — if you sign in with Google, Apple, or another supported provider, we receive the provider's user id and the email associated with that account.

We do not collect precise location, payment information, health data, or contacts.

3. How we use your data

  • Operate the Service: authenticate you, render your feed, deliver push notifications you opted in to.
  • Personalize recommendations based on your activity (this learning happens server-side using non-LLM models).
  • Show non-personalized in-house ads and, where applicable, Google AdSense ads (see §6).
  • Prevent abuse — rate limiting, spam/duplicate-account detection, takedown of reported content.
  • Improve the product through aggregated, non-identifying usage analytics.
  • Comply with legal obligations.

4. Legal basis (GDPR)

For users in the EEA / UK, we rely on (a) contract performance to provide the account-bound features you signed up for, (b) legitimate interest for security, fraud prevention, and aggregated analytics, and (c) consentfor optional features such as push notifications and personalized ad measurement.

5. AI features

Some explanatory features (e.g. “why was this recommended?”) use a third-party large-language-model provider. When you trigger such a feature, the title id and minimal context are sent to the provider. Your private profile data, watchlist, or chat history is not sent. Responses are cached server-side; the provider does not receive your account identifiers.

6. Advertising

NeedToWatch is ad-supported. We show two kinds of ads:

  • House ads — promoting our own surfaces. No third-party tracker.
  • Google AdSense — Google may use cookies or device identifiers to serve ads based on your prior interactions with this and other sites. You can manage personalized ads at adssettings.google.com. See Google's policies at policies.google.com/technologies/ads.

7. Third parties

  • TMDB (themoviedb.org) — title metadata, posters, trailers. Anonymous server-to-server requests; your identity is not shared.
  • Google AdSense — see §6.
  • Apple / Google / OAuth providers — only the minimum identifiers needed to authenticate you.
  • Cloud hosting — our servers in Europe.

8. Data retention

Account data stays as long as your account exists. You can delete your account at any time from Profile → Settings → Delete account, which removes your posts, stories, follows, watchlist, and personal identifiers within 30 days. Aggregated analytics that no longer identify you may be retained indefinitely.

9. Your rights

Depending on your jurisdiction, you have the right to access, correct, delete, export, or restrict processing of your personal data. To exercise any of these, email [email protected]. You can also lodge a complaint with your local data protection authority.

10. Children

NeedToWatch is not directed at children under 13 (or under 16 where required by local law). We do not knowingly collect personal data from children. If you believe a child has provided data to us, contact us and we will delete it.

11. International transfers

Our servers are located in Europe. If you access the Service from outside Europe, your data is transferred to and processed in the EU. By using the Service you consent to this transfer.

12. Security

We use HTTPS for all traffic, hash passwords with a modern algorithm, and apply the principle of least privilege internally. No system is perfectly secure; if you spot a vulnerability, please report it to [email protected].

13. Changes to this policy

We may update this policy as the Service evolves. Material changes will be announced in-app or by email. The “last updated” date above reflects the current revision.

14. Contact

Questions or requests: [email protected].