This is crucial for specially EU (but I believe also at least California) users.
The policy should at Least state who the data processor is, where it is sent, what is done with it, how users can retrieve and delete it.
Feel free to copy and amend one from https://www.tukutoi.com/privacy-policy/, I have worked quite a bit on that when I set it up, and believe it is quite solid. You will need to add special sections though since you are getting user data (like email etc), which in my site is not the case.
We should also have a T&C so to cover eventual misuse of the platform.
This is crucial for specially EU (but I believe also at least California) users. The policy should at Least state who the data processor is, where it is sent, what is done with it, how users can retrieve and delete it. Feel free to copy and amend one from https://www.tukutoi.com/privacy-policy/, I have worked quite a bit on that when I set it up, and believe it is quite solid. You will need to add special sections though since you are getting user data (like email etc), which in my site is not the case.
We should also have a T&C so to cover eventual misuse of the platform.