Privacy

The least data, for the shortest time, with the fewest eyes on it.

A gift exchange is an intimate celebration. We designed Cuchumbo so that every piece of data we hold is strictly needed, protected at rest, and deleted as soon as the celebration ends.

A small wooden lockbox with a brass key resting on top, sitting on a linen runner beside books — quiet trust, nothing on display.

Last updated — 21 April 2026

The short version

We ask for the minimum we need to send one notification and, for organizers, to let you come back to your Cuchumbos. We never sell or share your data. The draw itself is encrypted so nobody — not the organizer, not us — can see who drew whom. Every Cuchumbo is automatically deleted about six months after its reveal date.

What we collect

Organizers give a verified email address; that email lets you sign in with a sign-in link and receive invitation receipts. Players give one contact — an email address — solely to receive the "your draw is ready" notification, plus their display name and any gift hints they choose to share with the group. Reveal date, budget and Cuchumbo name are the other fields you enter yourself. We do not collect location, device fingerprints, advertising identifiers or profiling data, and we run no third-party analytics that identify individuals.

How contact data is protected

Contact values (organizer email, player email) are stored twice: a one-way hash is used to match a return visit to your existing invitations, and an encrypted copy is kept so we can send you the notification. Neither the hash nor the encrypted copy can be read by looking at the database alone. Assignments themselves are protected by envelope encryption: a per-Cuchumbo key is sealed under a site key, and no human at Cuchumbo can read them.

How long we keep it

Each Cuchumbo — players, hints, assignments, every trace of it — is automatically deleted about six months after its reveal date. Organizer sign-in sessions last thirty days and then expire on their own. If you ask us to delete an account or a Cuchumbo sooner, we will; see your rights below.

Who sees it

Nobody outside Cuchumbo. We do not sell data, we do not share it with advertisers, we do not run third-party tracking. Our infrastructure providers (hosting, email delivery) process data on our behalf under data-processing agreements and see only what they strictly need to operate the service. Assignments are unreadable to them because of the envelope encryption.

Your rights

If you are in the EU or a comparable jurisdiction, you have the right to access the data we hold about you, to correct it, to export it, to have it erased, and to object to processing. Write to the contact below and we will respond within thirty days. You can also file a complaint with your national data protection authority.

Cookies

We use strictly necessary cookies only: a session cookie for organizers who sign in, and a cookie that remembers the language you chose. No analytics cookies, no advertising cookies, no cross-site trackers. Because nothing we set requires consent under the ePrivacy directive, we do not show a cookie banner.

Contact

Write to privacy@cuchumbo.com for any privacy question, access request, or erasure request.