mm-logo

same issue/

Privacy Policy

Last Updated: February 2026

Table of Contents

1. Introduction

Drags To Riches ("we," "us," "our," or "Company") operates the drags2riches.show website (the "Site"). This Privacy Policy explains how we collect, use, disclose, and otherwise process personal information in connection with our Site and services.

We are committed to protecting your privacy and ensuring you have a positive experience on our website. Please read this Privacy Policy carefully to understand our practices regarding your personal data.

2. Data We Collect

Information You Provide Directly

  • Contact Form Data: Name, email address, and message content.
  • Account Information: Profile details, email, and secure credentials.
  • Ticket Purchase Information: Billing details and order history (payment processing handled securely by Stripe).
  • Mailing List Subscription: Name and email for show updates.
  • Social Media Content: Images, videos, captions, and hashtags uploaded through our admin panel for social media posting.

Information Collected Automatically

When you visit our Site, we automatically collect certain technical information:

  • Device & Browser Data: IP address, browser type, operating system, and device type.
  • Usage Data: Pages visited, time of visit, and referral source.
  • Interaction Data: Specific actions such as clicking "Tickets & Info" buttons.

Third-Party OAuth Tokens

When connecting social media accounts for automated posting, we store:

  • OAuth Access Tokens: Encrypted authentication tokens from Facebook, Instagram, and TikTok to enable automated posting on your behalf.
  • Account Information: Social media account names and platform identifiers.
  • Token Expiry Data: Token validity periods for automatic renewal.

3. How We Use Your Data

We use the information we collect for the following purposes:

  • Communication: Responding to inquiries and providing customer support.
  • Transaction Processing: Fulfilling ticket orders and confirmation.
  • Analytics: Improving website performance and show offerings.
  • Marketing: Show updates (only with explicit opt-in).
  • Security: Fraud prevention and user protection.
  • Social Media Management: Automated posting of promotional content to Instagram, Facebook, and TikTok on your behalf.
  • Performance Analytics: Tracking social media post performance (views, likes, comments, shares) to improve content strategy.

4. Data Storage & Security

Storage & Location

Your personal information is stored on secure servers. We implement industry-standard technical measures to protect your data.

Data Retention

  • Transactional Data: Retained for 7 years for financial/legal record-keeping.
  • Analytics Data: Aggregate data is retained for up to 2 years.
  • Marketing Data: Retained until you unsubscribe.
  • Social Media Content: Uploaded images/videos are retained until manually deleted by administrators. OAuth tokens are retained while accounts remain connected.

Security Measures

  • Encryption: All OAuth tokens and sensitive data are encrypted at rest.
  • Access Control: Only authorized administrators can access social media management features.
  • HTTPS: All data transmission is encrypted using SSL/TLS.
  • Token Security: Social media access tokens are automatically refreshed and never exposed in logs or user interfaces.

5. Messaging System

Our messaging system securely stores your inquiries. Only authorized administrators can access these messages. Internal notes are not visible to customers.

6. Social Media Automation

We operate a social media management system that automates posting to our official social media accounts. This system processes the following data:

Content Processing

  • Media Upload: Images and videos uploaded through our admin panel are stored on our secure servers and processed for optimal posting to Instagram, Facebook, and TikTok.
  • Video Processing: Uploaded videos may be automatically compressed and optimized to meet platform requirements.
  • Captions & Hashtags: Text content, captions, and hashtags are stored and scheduled for automated posting.

Third-Party Platform Integration

Our system connects to third-party social media platforms via OAuth authentication:

  • Facebook & Instagram: We use Facebook Graph API to post content to our business pages and Instagram business accounts. Access tokens are securely stored and automatically refreshed.
  • TikTok: We use TikTok Content Posting API to publish video content to our official TikTok account.
  • Data Sharing: When content is posted, it is transmitted to these platforms according to their respective privacy policies. We do not control how these platforms process your data once posted.

Analytics Collection

We collect performance metrics from social media platforms including:

  • Engagement Metrics: Views, likes, comments, shares, and click-through rates on posts.
  • Audience Data: Aggregated demographic information (age ranges, locations) from platform analytics.
  • Performance Trends: Historical data to optimize posting schedules and content strategy.
  • Data Use: This data is used solely to improve our marketing effectiveness and is not sold or shared with third parties.

Automated Scheduling

  • Scheduled Posts: Content may be scheduled for automatic posting at predetermined times via automated cron jobs.
  • Approval Workflow: All content undergoes an internal approval process before being scheduled for posting.
  • Post History: A complete log of all posted content, including timestamps and platform status, is retained for analytics purposes.

User Rights Regarding Social Media

Please note:

  • This system is for our internal use only to manage our official social media accounts.
  • We do not post to or access personal social media accounts of website visitors or customers.
  • If you interact with our posts on social media platforms, your data is governed by those platforms' privacy policies, not ours.
  • You may request deletion of any personal data (such as tagged photos) from our social media posts by contacting us.

7. Cookies

We use cookies to maintain your session and remember your preferences. You can manage cookie settings in your browser.

8. Analytics & Tracking

We use three methods to understand visitor interaction:

  • Internal Analytics: A proprietary system to log page views, browser types, and button interactions. This data stays on our secure servers.
  • Google Analytics: Broader insights into site traffic via Google's platform.
  • Social Media Analytics: Performance data collected from Facebook, Instagram, and TikTok APIs to measure the effectiveness of our promotional content.

9. Third-Party Services

We use the following third-party services to operate our website and marketing activities:

  • Stripe: Payment processing (secure, encrypted). Your payment information is processed directly by Stripe and never stored on our servers.
  • SMTP Services: Secure email delivery for order confirmations, password resets, and notifications.
  • Facebook Graph API: Used to post content to our Facebook Page and Instagram Business account. Subject to Facebook Privacy Policy.
  • Instagram API: Used to post content and stories to our Instagram Business account. Subject to Instagram Privacy Policy.
  • TikTok Content Posting API: Used to publish video content to our TikTok account. Subject to TikTok Privacy Policy.
  • Google Analytics: Website traffic analysis. Subject to Google Privacy Policy.

Note: These third-party services have their own privacy policies and terms of service. We recommend reviewing them to understand how your data may be processed by these platforms.

10. Your Rights

Under GDPR/UK GDPR, you have the following rights regarding your personal data:

  • Right to Access: Request a copy of the personal data we hold about you.
  • Right to Rectification: Request correction of inaccurate or incomplete data.
  • Right to Erasure: Request deletion of your personal data (subject to legal retention requirements).
  • Right to Restriction: Request that we limit the processing of your data.
  • Right to Data Portability: Request a copy of your data in a machine-readable format.
  • Right to Object: Object to processing of your data for direct marketing purposes.
  • Right to Withdraw Consent: Withdraw consent for data processing at any time (where consent was the legal basis).

To exercise any of these rights, please contact us using the details in section 11 below.

Social Media Content: If you wish to remove personal data (such as photos or tags) from content we've posted on social media platforms, contact us and we will process your request promptly.

11. Contact Us

For any privacy-related concerns, including questions about our social media automation system, please reach out:

Email: info@drags2riches.show

Phone: +44 749 318 5518

Form: Online Contact Form

Back to Contact Back to Home