1. Information We Collect

1.1. Contact & Subscription Data

If you subscribe to updates or contact us, we collect the email address and name you provide. This information is stored either directly on our server or with an email service provider used solely to deliver requested communications. When a third-party provider is used, their privacy policy applies in addition to this one.

Retention: Until you unsubscribe or request deletion. All emails include an unsubscribe link; you can also write privacy@cnhalden.com.

1.1a. Author Mailing List

If you voluntarily join the “Calder’s list” form on the Subscribe page, your email address is stored securely on our server (not shared with third parties) and used only to send occasional author updates, release news, or event information. Each message includes a one-click unsubscribe link, and you may also request removal at any time by emailing privacy@cnhalden.com. No other personal data is collected, and the list is never sold, rented, or cross-referenced with any other database.

1.1b. Restricted Access (Porn with Plot)

When you request access to the Porn with Plot section, we collect your email address for the limited purpose of delivering a private access link and managing unsubscribe requests.

We generate a unique access token associated with your request. For security, access tokens are stored only in hashed form. Raw access tokens are never stored server-side.

Purpose: deliver access links, validate access to restricted pages, and honor unsubscribe requests.

Retention: Access-related email records are retained until you unsubscribe or request deletion. Token hashes may persist for access validation until unsubscribed or manually purged.

We do not use access-request emails for marketing, newsletters, or promotional messaging.

1.2. Usage & Server Logs

Our hosting provider logs standard connection data (e.g., IP address, date/time, page requested, user agent). We use logs for troubleshooting, security, and abuse prevention.

Retention: Up to ninety (90) days depending on hosting provider configuration or unless longer retention is legally required.

1.2a. Contact Form Logging

When you send a message via the on-site contact form, we temporarily log limited metadata to verify delivery and mitigate spam or abuse.

Data Collected: sender email address, IP address, timestamp, and message subject line.

Purpose: spam mitigation, abuse investigation, successful delivery.

Retention: up to ninety (90) days, then automatic deletion. You may request earlier deletion by emailing privacy@cnhalden.com.

1.2b. Restricted Section Entry Logs (Doors Opened)

When you enter interactive content within the restricted Porn with Plot area (including Doors Opened), we record a limited security log of the entry event to help investigate abuse reports, enforce access controls, and defend against unauthorized access claims.

Data Collected: a non-reversible hashed fingerprint of your IP address (HMAC), a hashed user-agent fingerprint, a timestamp (UTC), and an internal request/correlation ID.

What we do not store: we do not store your raw IP address in our application logs for these entries, and we do not store the content you read or the choices you make.

Purpose: security, abuse prevention, and compliance verification for restricted access.

Retention: up to thirty (30) days, then automatically deleted.

1.3. Third-Party Services

We may enable third-party services (e.g., analytics, embeds, payment processors). Those services may collect data under their own policies. We’ll identify any material processors here if/when active and update this Policy upon material changes.

1.3a. Google reCAPTCHA (Security & Spam Protection)

The Site uses Google reCAPTCHA to protect forms from automated abuse. reCAPTCHA analyzes technical data (IP, browser traits, cookies, interaction patterns) to determine whether a visitor is human. Data is sent to Google LLC and used solely for security. See Google’s Privacy Policy and Terms. We do not use reCAPTCHA data for advertising, profiling, or analytics. Google may process data in accordance with its policies; we receive only the risk score/result.

2. How We Use Information

2.1. Operate and maintain the Site.

2.2. Respond to correspondence and send updates you opt into.

2.3. Detect and respond to abuse, security incidents, and Terms of Use violations (including via reCAPTCHA).

2.4. Comply with legal obligations (lawful requests, court orders, and DMCA processes).

2.5. Deliver and validate access to intentionally restricted sections of the Site.

3. Legal Bases (where applicable)

3.1. EEA/UK: (a) consent for cookies where required; (b) legitimate interests in securing and operating the Site (e.g., logs, access control); (c) contract where you subscribe or purchase.

3.2. California: See the California Notice below. We do not sell or share personal information as defined by the CPRA.

4. Sharing & Disclosure

4.1. We do not sell personal data. We disclose personal data only to: (a) service providers acting on our behalf (email, hosting, payments); (b) comply with legal obligations; (c) respond to rights claims; (d) protect the rights, property, or safety of EchoFyre Media, LLC and users.

4.2. We require service providers to safeguard data consistent with this Policy.

5. Data Retention & Deletion

5.1. Server logs: retained up to 90 days for security/abuse review.

5.2. Subscriber emails: retained until you unsubscribe or request deletion.

5.3. Deletion Requests: Email privacy@cnhalden.com with subject “Delete My Data.” We will verify requests reasonably and complete deletion within thirty (30) days where feasible, except where retention is required by law.

5.4. Restricted entry security logs (hashed): retained up to 30 days.

6. Security

We use industry-standard measures (HTTPS/TLS, secure hosting, limited access). No system is perfect; if a breach occurs, we will notify affected users and authorities as required by law.

7. Children & Minors

The Site is not intended for children under 18. We do not knowingly collect personal information from minors. If you believe we have inadvertently collected a minor’s data, contact us and we will promptly delete it.

8. Cookies & Controls

Necessary: Functional and security cookies set by services like reCAPTCHA may be required to protect forms against abuse.

Age-Verification Cookies (Adult Sections): We use functional, non-tracking cookies to remember your confirmation that you are 18+ for specific adult sections of the Site. These cookies store no personal information, perform no tracking, and expire automatically:

• Calder Shorts: “shorts_age_ok” (functional; used only to remember 18+ confirmation for Shorts).
• Slash Fiction: “cnh_slash18” (functional; used only to remember 18+ confirmation for Slash; scoped to the /slash directory).

Optional: If we add analytics or embeds, third-party cookies may be used; refer to the vendor’s policy.

Managing Cookies: Most browsers let you refuse or delete cookies. You may also clear adult-section access cookies using the Site’s Manage page (device-specific).

Access Cookie (Porn with Plot): When you access Porn with Plot using a private link, a functional cookie may be set to remember that you have passed the access gate. This cookie may store an access token and is used only for access control. It is not used for analytics or advertising, does not enable cross-site tracking, and is not shared with third parties. It expires automatically (typically within 90 days) unless you unsubscribe or request deletion.

9. Your Rights

Access — request a copy of your personal data we hold.

Correction — request corrections to inaccurate data.

Deletion — request deletion as described above.

Object/Restrict — where applicable, ask us to stop certain processing.

Portability — where applicable, request a structured export.

To exercise rights, email privacy@cnhalden.com. We typically respond within thirty (30) days.

10. International Transfers

The Site is hosted in the United States. If you are outside the U.S., by using the Site you consent to the transfer of your data to the United States and other jurisdictions.

11. California Privacy Notice (CCPA/CPRA)

California residents have the right to know categories of information collected, sources, purposes, and categories of third parties with whom information is shared, and the right to request deletion or opt out of sale or sharing. We do not sell or share personal information as defined by the CPRA. To submit a request, email privacy@cnhalden.com. We will verify requests as required.

12. Changes to This Policy

We may update this Policy. The updated policy will be posted at https://cnhalden.com/legal/privacy.html with a new effective date. Continued access after posting constitutes acceptance.

13. Contact & Grievances

Privacy inquiries or grievances: privacy@cnhalden.com

If you remain unsatisfied, you may lodge a complaint with the applicable supervisory authority in your jurisdiction.