Coma

Privacy Policy

Document: privacy / version 2026-05-06-draft / updated 2026-05-13 17:30:07

COMA Media Server – Privacy Policy

Last Updated: 9 May 2026

This Privacy Policy explains how COMA Media Server ("COMA", "we", "our", or "us") collects, uses, stores, and protects personal information when you use our website, software, account platform, applications, and related services available through comamediaserver.com.

By using COMA Media Server, you acknowledge that your personal information will be handled as described in this Privacy Policy.

1. Who We Are

COMA Media Server is a self-hosted media server platform. The software allows users to organise, manage, and stream media from servers and devices controlled by the user.

COMA does not host, supply, or distribute user media content. Users remain responsible for the media stored, indexed, streamed, or shared through their own installations.

2. Information We May Collect

Depending on how you use COMA, we may collect the following types of information:

  • Name or account display name;
  • Email address;
  • Account login details;
  • access key and plan status;
  • Subscription or purchase status;
  • Device identifiers or installation identifiers;
  • IP address;
  • Browser and device information;
  • Server connection logs;
  • Payment transaction references;
  • Support messages and correspondence;
  • Security, diagnostic, and error logs.

We do not intentionally collect the actual media files stored on your self-hosted server unless you expressly provide files to us for support or diagnostic purposes.

3. Information Stored on Your Own Server

COMA is primarily self-hosted. Your media library, local users, watch history, server settings, metadata, thumbnails, and locally stored files may be stored on your own device, server, or storage system.

You are responsible for securing, backing up, and controlling access to your own COMA server.

We do not automatically receive a copy of your full local media library or locally stored media files.

4. plan Verification and setup

To validate plans and prevent abuse, COMA may contact our account servers periodically.

This may involve processing:

  • access key;
  • Installation ID;
  • Device fingerprint or server identifier;
  • IP address;
  • plan tier;
  • setup date;
  • plan expiry or renewal status;
  • Basic usage limits such as permitted user count.

This information is used to set up, verify, renew, suspend, revoke, or manage plans.

5. Payments

If you purchase a plan, subscription, or other paid product, payments may be processed by third-party payment providers such as Stripe, PayPal, or similar services.

We do not directly store full card numbers or full payment credentials. Payment providers may supply us with limited transaction information, such as:

  • Name;
  • Email address;
  • Billing status;
  • Transaction ID;
  • Subscription status;
  • Payment success or failure status.

Your payment provider handles your payment information under its own privacy policy and terms.

6. Email Communications

We may use your email address to send:

  • access keys;
  • Purchase confirmations;
  • Password reset messages;
  • Account verification emails;
  • Security alerts;
  • Service notices;
  • Support replies;
  • Important updates about COMA.

We may use third-party email providers to deliver these messages.

7. How We Use Your Information

We use personal information for the following purposes:

  • Providing and operating COMA services;
  • Creating and managing accounts;
  • Activating and validating plans;
  • Processing purchases and subscriptions;
  • Providing customer support;
  • Improving security and preventing fraud;
  • Diagnosing technical issues;
  • Maintaining service reliability;
  • Complying with legal obligations;
  • Enforcing our Terms and Conditions.

8. Legal Bases for Processing

Where UK GDPR or similar data protection laws apply, we process personal information on the following legal bases:

  • Contract: to provide plans, accounts, software access, and support;
  • Legitimate interests: to secure our platform, prevent fraud, and improve services;
  • Legal obligation: where we must keep records or respond to lawful requests;
  • Consent: where required for optional communications or certain cookies.

9. Cookies and Similar Technologies

Our website and online services may use cookies, local storage, session tokens, and similar technologies.

These may be used for:

  • Keeping users signed in;
  • Remembering preferences;
  • Security checks;
  • Analytics;
  • Payment and checkout functionality.

For more information, please review our Cookie Policy.

10. Server Logs and Security Data

When you access COMA services, we may automatically collect technical logs including IP address, request time, browser type, device information, error logs, authentication attempts, and security events.

This information is used to protect the platform, investigate abuse, detect unauthorised access, and maintain system reliability.

11. Sharing Your Information

We may share limited personal information with trusted third parties where necessary to operate COMA, including:

  • Payment processors;
  • Email delivery providers;
  • Hosting and infrastructure providers;
  • Analytics or monitoring providers;
  • Security and fraud prevention providers;
  • Professional advisers where necessary;
  • Law enforcement or regulators where legally required.

We do not sell your personal information.

12. User-Hosted Content

COMA does not claim ownership of user-hosted media or content.

You are responsible for ensuring that any media stored, indexed, streamed, or shared through your COMA server is lawful and that you have the necessary rights to use it.

We do not routinely inspect or monitor user-hosted media libraries.

13. Data Retention

We keep personal information only for as long as reasonably necessary for the purposes described in this Privacy Policy.

Typical retention periods may include:

  • Account records while your account remains active;
  • plan records while your plan remains active and for a reasonable period afterwards;
  • Payment and invoice records for tax and accounting purposes;
  • Security logs for a limited period to investigate abuse or incidents;
  • Support correspondence for as long as needed to resolve issues and maintain records.

14. Security

We use reasonable technical and organisational measures to protect personal information against unauthorised access, loss, misuse, alteration, or disclosure.

However, no system is completely secure. You are responsible for securing your own COMA server, passwords, devices, firewall rules, backups, and remote access configuration.

15. International Transfers

Some third-party providers may process information outside the United Kingdom or European Economic Area.

Where required, appropriate safeguards will be used, such as contractual protections or legally recognised transfer mechanisms.

16. Your Rights

Depending on your location and applicable law, you may have rights to:

  • Access your personal information;
  • Correct inaccurate information;
  • Request deletion of your information;
  • Restrict certain processing;
  • Object to certain processing;
  • Request data portability;
  • Withdraw consent where processing is based on consent;
  • Complain to a data protection authority.

To exercise your rights, contact us using the details below.

17. Children

COMA accounts, purchases, and paid services are intended for users aged 18 or over.

We do not knowingly collect personal information from children for account or purchase purposes. If you believe a child has provided personal information to us, please contact us.

18. Third-Party Links

COMA websites, applications, or emails may contain links to third-party websites or services.

We are not responsible for the privacy practices, content, or security of third-party websites.

19. Changes to This Privacy Policy

We may update this Privacy Policy periodically.

Updated versions will be published on comamediaserver.com. Continued use of COMA after changes are published indicates acceptance of the updated Privacy Policy.

20. Contact

Website: comamediaserver.com

Support Email: support@comamediaserver.com

Privacy Email: privacy@comamediaserver.com

21. Supervisory Authority

If you are in the United Kingdom and are unhappy with how your personal information is handled, you may have the right to complain to the UK Information Commissioner's Office.

We encourage you to contact us first so we can try to resolve your concern.