BNG

Effective date: April 30, 2026 · Version 1.0 (draft)

Privacy Policy

Draft — pending final counsel review. Reflects how the platform actually handles data today. Material changes will be announced 30 days before they take effect.

B/NG is a vertical streaming platform that hosts viewer-submitted ratings, creator-submitted series, and a B2B trend intelligence product. This policy explains what we collect, why, who we share it with, and how to control it.

1. Information you provide

  • Account: email, display name, account type, password hash (bcrypt — we never store plaintext).
  • Submissions: series title, description, genre, audience rating, AI disclosure, tags, video files, thumbnails, music type, VO type, minor-talent flag.
  • Payments: handled by Stripe — we receive a payment intent ID and outcome but never see card numbers.
  • Tax: W-9 (US) or W-8BEN (international) collected before first creator payout.
  • Legal documents: VO releases, talent releases, sync licenses, DMCA records — stored encrypted in the Universal Legal Document Archive (BNG-21) with append-only audit trail.

2. Information we collect automatically

  • Watch progress (episode, position, completion).
  • BNG ratings, comments, applied tags.
  • Device/browser info via standard server logs (IP, user-agent, page).
  • Pre-roll ad impressions for the ad-supported tier (BNG-15).
  • SHA-256 of every uploaded source file for idempotent processing (BNG-33).

3. How we use it

  • Operate the platform — playback, ratings, continue-watching, recommendations.
  • Process and pay out creator earnings via Stripe Connect.
  • Run automated moderation (frame scan, content ID, rating validation) and human review.
  • Investigate abuse, account compromise, and policy violations.
  • Aggregate organic tag activity into B/NG Trends data products. Trends data is aggregated and de-identified — no individual viewer or creator is exposed in B2B output.
  • Communicate platform changes, billing events, strikes, and Founding Member updates.

4. Sharing

We share data only with:

  • Stripe — payment processing, payouts, tax forms.
  • AWS / Supabase — storage and infrastructure.
  • Moderation providers — AWS Rekognition / Google Video Intelligence for content scanning, music content ID services.
  • Union APIs — SAG-AFTRA, WGA, DGA, IATSE — only for verification status; we never store union ID numbers (BNG-16).
  • Legal authorities — when required by court order, subpoena, or applicable law.

We do not sell personal information.

5. AI training

We do not provide your content, ratings, or comments to third-party AI model providers for training purposes without an explicit, separately-signed agreement that includes compensation. Your AI/non-AI disclosure on submissions is enforced and audited.

6. Retention

  • Account data: while active + 12 months after closure for fraud and legal records.
  • Payment + tax records: 7 years (US tax requirement).
  • Legal Document Archive entries: append-only, retained per the Document Archive policy (BNG-21) — these are evidentiary and never deleted.
  • Moderation reports: 24 months minimum.
  • Server logs: 30 days unless flagged for incident review.

7. Your rights

You can: download your account data, correct inaccuracies, close your account, opt out of non-essential communications, and revoke union verification. Submit requests via the contact form with topic “privacy.” California (CCPA), EEA (GDPR), and UK residents have additional rights — note them in your request and we will route accordingly.

8. Cookies

See the Cookie Policy. We use a small set of first-party cookies for session, preferences, and analytics. We do not run third-party advertising trackers on the ad-free tier.

9. Children

B/NG is not directed to children under 13. We do not knowingly collect data from anyone under 13. If you believe we have, contact us and we will delete the account and associated records.

10. Security

Account passwords are stored as bcrypt hashes. Sessions use signed JWT cookies with HTTPS-only and SameSite=Lax. Legal documents are encrypted at rest with a separate key envelope. Payment material never touches our servers — Stripe handles cards directly. We run automated abuse detection on submissions and watch-flow.

11. Contact

Privacy questions: privacy@bng.media or /contact with topic “privacy.”

Questions about this document? Email legal@bng.media or use the contact form.