Privacy Policy

MegDB.Com (“we”, “our”, “the Service”) is a streaming discovery platform. This Privacy Policy describes how we collect, use and protect information in connection with your use of MegDB.Com.

Data Controller: MegDB.Com
Contact: megdb.com/contact

MegDB.Com does not have a mandatory Data Protection Officer (DPO) under GDPR Article 37 because we do not engage in large-scale systematic processing of personal data or processing of special category data. If this changes, this page will be updated immediately.

In plain terms: We do NOT require account registration, collect names or email addresses, use advertising networks, tracking pixels, fingerprinting, session recording or sell your data to anyone. We DO store some functional data locally in your browser — this never leaves your device.

When you visit MegDB.Com, our hosting infrastructure automatically logs standard technical information required for network security, abuse prevention and service maintenance:

• Your IP address (anonymised after 24 hours)
• Browser type and version
• Operating system
• Referring URL
• Pages visited and time of visit
• HTTP request / response codes

This data is not linked to any personal profile and is not used for marketing purposes.

Legal basis (GDPR Article 6(1)(f)): Legitimate interests — ensuring network and information security, preventing abuse and maintaining service integrity.

Retention: Server log data is retained for a maximum of 30 days and then automatically purged.

MegDB.Com stores the following data in your browser's localStorage only. This data never leaves your browser, is never sent to MegDB.Com servers and is under your exclusive control.

Legal basis (GDPR Article 6(1)(b)): Necessary for the performance of the service you have requested (watchlist, history features).

If you contact us via the Contact page, we may receive your name (optional), your email address (if provided) and the content of your message. This information is used solely to respond to your enquiry and is not retained for marketing.

Retention: Contact messages are retained for a maximum of 12 months.

Legal basis (GDPR Article 6(1)(f)): Legitimate interests in responding to user enquiries.

6.1 The Movie Database (TMDb)
MegDB.Com uses the TMDb API to retrieve movie and TV data. When your browser requests this data, HTTP requests are made to TMDb's servers (api.themoviedb.org, image.tmdb.org). TMDb may process your IP address as part of standard HTTP requests. TMDb is an independent data controller subject to their own Privacy Policy (themoviedb.org/privacy-policy).

6.2 YouTube / Google
When you click to play a trailer, a YouTube player is loaded on demand. At that point Google processes data in accordance with their Privacy Policy (policies.google.com/privacy). Trailers are loaded only when you explicitly click — we never preload YouTube iframes.

6.3 Hosting Infrastructure
MegDB.Com is hosted on modern cloud infrastructure. Our hosting provider may process standard request logs and operates under a Data Processing Agreement (DPA) where required by GDPR.

MegDB.Com does NOT use:

• Google Analytics, GA4 or any Google tracking product
• Facebook Pixel or Meta tracking
• Hotjar, Microsoft Clarity or any session recording tool
• AdSense, programmatic advertising or affiliate tracking pixels
• Any fingerprinting technology
• Any cross-site tracking or retargeting

If privacy-first aggregate analytics (no personal data) are introduced in the future, this Policy will be updated before implementation.

We implement appropriate technical and organisational measures:

• HTTPS encryption for all data in transit
• Server log IP addresses anonymised within 24 hours
• No persistent storage of personal data on our servers
• Regular security reviews and dependency updates

No method of internet transmission is 100 % secure. We cannot guarantee absolute security but are committed to using industry-standard protections.

MegDB.Com is not directed at children under 13. We do not knowingly collect personal information from children under 13. If you believe your child has provided personal information to us, contact us immediately and we will delete it.

Because we collect minimal personal data, international transfer issues are limited. Server log data may be processed on servers in various countries. Where transfers outside the EEA occur, appropriate safeguards are in place (Standard Contractual Clauses or adequacy decisions under GDPR Article 45).

Under the General Data Protection Regulation you have the following rights. To exercise any right, contact us at megdb.com/contact (subject line “GDPR Rights Request”).

• Article 15 — Right of Access: Receive a copy of any personal data we hold about you.
• Article 16 — Right to Rectification: Request correction of inaccurate personal data.
• Article 17 — Right to Erasure (“Right to be Forgotten”): Request deletion of your personal data.
• Article 18 — Right to Restriction: Request that we restrict processing of your data.
• Article 20 — Right to Data Portability: Receive your data in a structured, machine-readable format.
• Article 21 — Right to Object: Object to processing based on legitimate interests.
• Article 22 — Automated Decision-Making: We do not use automated profiling or decision-making.

Since we store no personal data on our servers beyond short-lived server logs, most rights are exercised through your browser's localStorage settings. Server log rights can be exercised via our Contact page.

You have the right to lodge a complaint with a Data Protection Authority (DPA) if you believe our processing does not comply with GDPR. Contact the DPA in your EU / EEA member state. A full list of EU DPAs is at: edpb.europa.eu.

California residents have the right to know what personal information is collected, to know if it is sold and to whom, to opt out of the sale of personal information, and to non-discrimination for exercising privacy rights. MegDB.Com does not sell personal information to any third party.

We may update this Privacy Policy from time to time. The “Last Updated” date at the top of this page reflects any changes. Continued use of MegDB.Com after changes constitutes acceptance of the revised Policy. Significant changes will be flagged on the What's New page.

For privacy-related enquiries: megdb.com/contact — subject line “Privacy Enquiry”.