Privacy Policy
Last updated: April 16, 2026 · Effective: April 23, 2026
This Privacy Policy describes how Malientu Media LLC ("Malientu", "we", "our" or "us") collects, uses, shares and protects personal information when you visit malientu.com, use our mobile application, or otherwise interact with our analog video archive (collectively, the "Service"). By accessing the Service, you acknowledge that you have read and understood this Policy.
Who we are
Malientu Media LLC is a California limited liability company registered with the California Secretary of State under Entity No. 9372856, with its principal place of business at 225 S Lake Avenue, Suite 300, Pasadena, CA 91101, United States. For the purposes of the EU/UK GDPR, Malientu Media LLC acts as the data controller of the personal data processed via the Service, unless expressly stated otherwise.
What we collect
We only collect what we genuinely need to run the archive. The categories below describe the information we process:
- Account data: email address, display name, password (hashed), language and country preference, and — if you submit tapes for preservation — a contact name and postal address for return of original media.
- Profile data: optional avatar, bio, saved programs, watch history and comments.
- Contribution data: metadata you attach to tapes you submit (format, year, subject, source provenance, ownership declaration).
- Usage data: which programs you watch, how long you watch them, where you stopped and what you searched for. This helps us decide which tapes to digitise next.
- Device and log data: IP address, browser type and version, operating system, device identifiers, referring URL, timestamps and crash reports.
- Approximate location: derived from your IP address at the country/region level. We do not request precise GPS coordinates.
- Communications: messages you send to our support address, survey responses and similar correspondence.
We do not collect payment card data from visitors — watching on Malientu is free and there is no paid subscription, revenue share or advertising network.
How we use your information
We use personal information for the following purposes:
- To operate, maintain and secure the archive, including authentication, abuse prevention and debugging.
- To personalise the program guide, recommendations and search results.
- To communicate with you about updates, security notices, policy changes and optional archive news.
- To verify contributor identities and enforce the Terms of Service.
- To comply with legal obligations, respond to lawful requests and protect the rights and safety of our users, our staff and the public.
- To generate aggregated, non-identifiable analytics about how the archive is used.
Legal bases (EEA/UK users)
Where the EU/UK GDPR applies we rely on the following legal bases:
| Processing | Legal basis |
|---|---|
| Providing the Service, account administration | Contractual necessity (Art. 6(1)(b)) |
| Security, fraud prevention, debugging | Legitimate interests (Art. 6(1)(f)) |
| Personalised recommendations, optional analytics | Consent (Art. 6(1)(a)) where required |
| Archive newsletter and updates | Consent, withdrawable at any time |
| Legal and regulatory compliance | Legal obligation (Art. 6(1)(c)) |
Sharing of information
We do not sell personal data. We share information only in the following circumstances:
- Service providers who process data on our behalf under strict contractual controls — hosting (Amazon Web Services US-West-2 and EU-Frankfurt), content delivery (Cloudflare, Inc.), transactional email (Postmark), error tracking (Sentry) and customer support (Front App, Inc.).
- Other users, but only for information you have made public, such as your display name, avatar, public comments and contributor credits on a tape.
- Authorities, when we are legally required to do so or to protect the rights, property or safety of Malientu, its users or the public.
- In a corporate transaction, such as a merger, acquisition or sale of assets, subject to appropriate confidentiality protections and notice where required.
International data transfers
Malientu is headquartered in the United States and our primary servers are located in the US and the European Union. When personal data leaves the EEA or the UK, we rely on Standard Contractual Clauses (SCCs), the UK International Data Transfer Addendum and, where applicable, adequacy decisions. A copy of the relevant transfer mechanism is available on request from privacy@malientu.com.
Retention
We keep personal data only as long as needed for the purposes described in this Policy. Account data is retained for as long as you keep your account plus up to 90 days for backups. Usage logs are retained for a maximum of 14 months. Trust & safety records (such as strikes for policy violations) may be kept for up to 36 months. Tape provenance metadata is retained indefinitely as part of the archival record.
Your rights
Depending on where you live you may have the right to: access your personal data; correct inaccurate data; delete data; restrict or object to processing; port your data; and withdraw consent at any time. California residents additionally have the rights described in the CCPA/CPRA, including the right to know, delete, correct and limit the use of sensitive personal information, and the right not to be discriminated against for exercising those rights.
To exercise any of these rights please write to privacy@malientu.com or use the forms on our data deletion page. We will respond within 30 days (45 days for California residents where permitted).
Children
The Service is not directed to children under the age of 13 (or under 16 in the EEA and the UK). We do not knowingly collect personal data from such children. If you believe a child has provided us with information please contact us and we will delete the data.
Security
We apply industry-standard technical and organisational measures: TLS 1.3 in transit, AES-256 at rest, role-based access control, single sign-on for staff, mandatory two-factor authentication, regular penetration testing and annual SOC 2 Type II audits. No system is perfectly secure — if we detect a breach that affects you we will notify you in line with applicable law.
Third-party services
The Service may contain links to third-party websites (for example, a contributor's personal website linked from a program credit). We are not responsible for the practices of those third parties and recommend you read their own privacy notices.
Changes to this Policy
We may update this Policy from time to time. Material changes will be announced on this page with a new effective date and, where appropriate, via email. Your continued use of the Service after the update constitutes acceptance of the new Policy.
Contact
Data Protection Officer — Malientu Media LLC
225 S Lake Avenue, Suite 300, Pasadena, CA 91101, United States
Email: privacy@malientu.com
EU representative (Art. 27 GDPR): Signal EU Data Representation B.V., Rokin 92, 1012 KZ Amsterdam, Netherlands.