privacy
Privacy Policy
The short version: we use your data to run the store and get your files to you. We don't sell it, track you for ads, or do anything with it that would surprise you.
Who we are
Diorr FM is operated by Nathan (Nathandiorr), a sole proprietor. For privacy purposes, Nathan is the data controller.
Contact: nathandiorrbusiness@gmail.com
What we collect
Email address: when you subscribe to broadcasts, enter the exit-intent modal, or buy a beat.
Name: when you check out. Stripe passes this to us for order records.
Payment details: your card information goes directly to Stripe. We never see it, store it, or touch it.
IP address: logged by Cloudflare and Neon for security and abuse prevention.
Browse activity: limited to anti-abuse measures. No analytics dashboards. No heatmaps. We're not watching which beats you preview.
Why we collect it (legal bases)
For EU/UK residents, we process your data under the following legal bases:
- Contract performance (Art. 6(1)(b) GDPR): your name and email are needed to complete your purchase, deliver your license files, and send your receipt.
- Legitimate interest (Art. 6(1)(f) GDPR): IP address logging for security and abuse prevention.
- Legal obligation (Art. 6(1)(c) GDPR): order records kept for 7 years for tax and accounting purposes.
- Consent (Art. 6(1)(a) GDPR): marketing emails. You can withdraw consent at any time by unsubscribing.
Cookies
One cookie: ei_seen.
It tells the site you've already seen the exit-intent discount modal so it doesn't show again for 30 days. That's all it does. No tracking. No ad targeting. It's strictly necessary under GDPR, so there's no consent banner, but you deserve to know it exists.
This site does not respond to browser Do Not Track signals. There are no third-party tracking scripts on the site to track anyway.
Who we share your data with
We work with these services to run the store:
- Stripe: to process your payment
- Cloudflare: to host the site and protect against abuse
- Neon: to store your orders and license records
- Dropbox: to deliver your license PDF after purchase
- Kit (ConvertKit): to send you email broadcasts you've subscribed to
- Resend: to send transactional emails: receipts and delivery notifications
Each of these providers may use their own sub-processors. We rely on them to handle data appropriately under their own terms and applicable law.
International data transfers
If you're in the EU or UK, your data may be transferred to and processed in the United States. Our sub-processors (Stripe, Cloudflare, Kit, Resend, Neon, Dropbox) each have mechanisms in place for lawful international transfers. We rely on those mechanisms.
What we don't do
We don't sell your data. We don't run Meta or Google retargeting pixels. We don't build ad profiles. There is no third-party analytics tool on the site.
Your rights
For everyone:
- You can ask what we have on you.
- You can ask us to delete it. Email us and we'll respond within 30 days.
- Every marketing email has an unsubscribe link. One click removes you from the list.
- You can object to how we process your data.
California residents (CCPA/CPRA):
The CCPA may apply to you. You have the right to know what personal information we've collected and whether we've sold it. We don't sell personal information. If you'd like to exercise any CCPA rights, email us at the address below.
EU/UK residents (GDPR/UK GDPR):
In addition to the above, you have the right to:
- Access your personal data
- Correct inaccurate data
- Request erasure
- Restrict or object to processing
- Data portability
- Lodge a complaint with your local data protection authority (for EU residents, find yours at edpb.europa.eu; for UK residents, the ICO at ico.org.uk)
We don't have a Data Protection Officer, as a sole proprietor below EU thresholds, one isn't required.
Children
This site is not directed at children under 13. We don't knowingly collect personal information from anyone under 13. If you believe a minor has submitted personal data to us, contact us and we'll delete it.
How long we keep things
- Email list: until you unsubscribe
- Order records: 7 years (tax, accounting, and license dispute defense)
- Exit-intent discount codes: 30 days from issue, then auto-expired
- IP and security logs: retained by Cloudflare and Neon per their own retention policies
Contact us
Email nathandiorrbusiness@gmail.com with the subject line Privacy Request: [type] (data export, deletion request, questions). That subject line gets it prioritized.
Changes
We'll update this page if our practices change. The date below shows the last revision.
Last updated: 2026-05-25