Fend.win account recovery logoFend.win

Legal

Privacy Policy

Last updated: January 2026

1. Who we are

Fend.win ("we", "us") is an independent account-recovery service operating at fend.win. We are the data controller for personal information collected through the Service. Contact: support@fend.win.

2. What we collect

  • Case data: Account identifiers (usernames, profile URLs), original contact information (email, phone), approximate creation dates, and your description of what happened.
  • Identity verification: Government-issued photo ID, selfies for identity matching, and any platform-specific verification documents (only when required by the platform).
  • Contact details: Your name, email, phone, country, and WhatsApp number for communication during the case.
  • Payment data: Processed entirely by our payment processor (Stripe). We see only the last 4 digits and approval status — never full card numbers.
  • Site analytics: Anonymized page visits, referrers, and session IDs to improve the site. No third-party advertising cookies.

3. How we use it

  • To work your recovery case through the relevant platforms' official channels.
  • To contact you with updates, questions, and final handover.
  • To process payment and issue receipts.
  • To comply with legal obligations and protect against fraud and abuse of the Service.
  • To improve the Service in aggregate, never on the basis of identifiable case data.

4. Legal bases (GDPR)

For EU/UK clients we rely on: (a) contract performance to deliver the recovery service, (b) legitimate interest in protecting our service against fraud, (c) legal obligation for record-keeping, and (d) consent for any optional communications.

5. Who we share it with

  • The relevant platform (Meta, Google, TikTok, X, Snap, LinkedIn) — only the information needed to verify identity and recover the specific account.
  • Payment processor — Stripe, for handling fees.
  • Infrastructure providers — for hosting and email delivery.
  • Law enforcement — only where legally compelled, and we will inform you unless prohibited from doing so.

We never sell, rent, or share your data for advertising. We never share case data with anyone outside the immediate need of working your case.

6. Where we store it

Case data is stored on servers in the European Union, with daily encrypted backups. ID documents are stored separately in a more restricted environment with access limited to active case handlers.

7. How long we keep it

  • ID documents: Deleted automatically 30 days after case closure.
  • Case data: Deleted 90 days after closure unless you request earlier deletion.
  • Billing records: Retained for 7 years for tax/legal compliance, in minimised form (case ref + amount + date only).

8. Your rights

You have the right to access, correct, delete, restrict processing of, and port your personal data. You also have the right to object to processing and to lodge a complaint with your local data protection authority. To exercise any right, email support@fend.win — we respond within 30 days.

9. Security

We use TLS 1.3 in transit, AES-256 encryption at rest, principle-of-least-privilege access controls, mandatory 2FA on internal accounts, and regular third-party security review. No system is invulnerable, but we treat client data with the same seriousness we expect from the platforms we work with.

10. Cookies

We use a single first-party session cookie for site navigation and authenticated admin sessions. We do not use third-party analytics or advertising cookies.

11. Children

The Service is not directed at children under 16. We do not knowingly accept cases for minors' accounts without verified parental authorization.

12. Changes

We will notify clients of material changes by email before they take effect. Continued use of the Service after a change constitutes acceptance.

13. Contact

Privacy questions or rights requests: support@fend.win.