PRIVACY POLICY Effective Date: November 05, 2025 This Privacy Policy explains how TentacionesVIPLA (“Tentaciones,” “we,” “us,” or “our”) collects, uses, discloses, and protects personal information in connection with our private, members‑only website and in‑person events in Los Angeles, California. This Policy is written to comply with the California Consumer Privacy Act (CCPA), as amended by the California Privacy Rights Act (CPRA), and California’s Online Privacy Protection Act (CalOPPA).

1. WHO WE ARE TentacionesVIPLA operates a private, 21+ members‑only adult social club and an associated website (www.TentacionesLA.com). We are a BYOB venue and do not sell alcohol. We do not admit anyone under 21 for any reason.
2. WHAT WE COLLECT

• A. Identifiers and contact information: name, username, email, phone number, profile photo(s), age confirmation (21+), government ID verification status (pass/fail only), and membership plan details.
• B. Commercial and transactional data: membership purchases, renewals, event tickets, Stripe payment IDs (no full card numbers are stored by Tentaciones), refunds/chargeback records.
• C. Internet/network activity: device type, IP address, browser/OS info, and basic site activity logs (for security and fraud prevention). We do not use third‑party analytics or ad pixels.
• D. Visual/audio data: CCTV footage at the venue (interior and exterior common areas) and curated photo‑booth images or club‑produced event media.
• E. Inferences: basic preference tags you provide in your profile (e.g., favorite music). We do not collect or store health, STI, or sexual‑preference questionnaires.
• F. Sensitive information: age‑verification results and government‑ID attributes (where applicable). We do not collect social security numbers.

Sources: information you provide; automated security logs; payment confirmations from Stripe; email communications via Nodemailer; venue CCTV; photo‑booth uploads you initiate.

3. HOW WE USE INFORMATION

• Create and manage member accounts and verify age eligibility (21+).
• Process memberships and event tickets via Stripe.
• Operate a safe, respectful club environment, including enforcing Community Rules.
• Provide transactional emails (e.g., membership confirmations) via Nodemailer.
• Maintain site security, prevent fraud, and investigate potential violations.
• Comply with legal obligations.

4. WHAT WE DO NOT DO

• We do not sell or “share” personal information as defined by CPRA (no cross‑context behavioral advertising; no data brokerage).
• We do not permit third‑party ad cookies or pixels.
• We do not collect or store full payment card details (Stripe is the processor of record).

5. DISCLOSURES TO SERVICE PROVIDERS We disclose personal information to service providers under written contracts that restrict use to our business purposes:

• Stripe, Inc. (payments, fraud prevention)
• Nodemailer or equivalent mail transport (transactional emails)
• Hosting: Hostinger VPS (U.S.) for site, database, and media storage

We may disclose information if required by law, subpoena, or to protect the safety of members and staff.

6. RETENTION

• Member account data: retained while your account is active and for 2 years after closure (or longer if required to resolve disputes, chargebacks, or legal obligations).
• Transaction records: 4 years from the transaction date (accounting and fraud purposes).
• CCTV footage: stored locally for 3 days, then overwritten.
• Club‑produced media: retained while displayed on our member platform or until removed per Club policy.

We apply data‑minimization and access‑control practices.

7. YOUR CALIFORNIA PRIVACY RIGHTS Subject to exceptions, California residents may:

• Request to know/access the categories and specific pieces of personal information we collected about you;
• Request correction of inaccurate personal information;
• Request deletion of personal information;
• Receive information about our disclosures to service providers; and
• Be free from discrimination for exercising privacy rights.

How to submit a request: email privacy requests to info@tentacionesla.com. We will verify your identity and respond within the time required by law. “Do Not Sell or Share My Personal Information”: Tentaciones does not sell or share personal information as defined by CPRA. If our practices change, we will update this Policy and provide a Do Not Sell/Share link.

8. COOKIES AND ONLINE TRACKING We use only limited, first‑party cookies necessary to operate the site (e.g., session/security). If preference, analytics, or marketing cookies are added in the future, our Cookie Policy and banner will allow you to accept, reject, or manage preferences.

9. CHILDREN AND MINORS Our services are strictly for adults 21+. We do not knowingly collect any information from anyone under 21, online or offline.

10. SECURITY We use reasonable administrative, technical, and physical safeguards (role‑based access, encrypted transport, network and host controls). No method of transmission or storage is 100% secure.

11. CROSS‑BORDER We host in the United States. If you access the site from outside the U.S., you consent to U.S. processing and storage.

12. DISPUTE RESOLUTION; ARBITRATION NOTICE Any dispute arising from or related to this Policy shall be resolved exclusively by binding arbitration administered by JAMS or AAA in Los Angeles County, California, before a single arbitrator, under their applicable rules. Small‑claims actions are expressly waived. You and Tentaciones waive class actions and agree to bring claims only in your individual capacities. Each party shall bear fees consistent with California law (including Cal. Code Civ. Proc. §1284.3 as applicable). Governing law is California, without regard to conflicts rules.

13. CHANGES TO THIS POLICY We may update this Policy from time to time. The effective date appears at the top. If changes materially affect your rights, we will provide notice through the site or by email.

14. CONTACT US Email: info@tentacionesla.com