The short version: We collect information to operate the Platform. We don't sell your personal data to third parties. We use industry-standard security measures to protect your information.
1. Who We Are
AllFans Platform ("AllFans", "we", "us", or "our") operates the website at allfansplatform.com. We are the data controller for personal information collected through the Platform. For questions about this policy, contact us through our support page.
2. Information We Collect
2.1 Information You Provide
- Account information: name, email address, username, password, date of birth, and profile details
- Creator information: bank account and payment details for payouts, tax identification information, government-issued ID for identity verification
- Payment information: credit/debit card details (processed and stored by our payment processor — we do not store full card numbers)
- Communications: messages you send to other users or to our support team
- Content: photos, videos, text, and other content you upload to the Platform
2.2 Information Collected Automatically
- Usage data: pages visited, features used, time spent, search queries, and click patterns
- Device information: IP address, browser type and version, operating system, device identifiers
- Cookies and similar technologies: see our Cookie Policy for details
- Log data: server logs including access times, referring URLs, and error reports
2.3 Information From Third Parties
We may receive information about you from payment processors, identity verification services, and fraud prevention providers where necessary to operate the Platform.
3. How We Use Your Information
We use your information to:
- Create and manage your account and provide Platform services
- Process payments and send payouts to Creators
- Verify your identity and age where required
- Send transactional emails (receipts, subscription confirmations, security alerts)
- Send Platform updates and marketing communications (you may opt out at any time)
- Detect, investigate, and prevent fraud, abuse, and violations of our Terms
- Comply with legal obligations
- Improve and develop our Platform and services
- Provide customer support
4. Legal Basis for Processing (GDPR)
If you are located in the European Economic Area, we process your personal data under the following legal bases:
- Contract performance: to provide the services you have requested
- Legitimate interests: to prevent fraud, improve our services, and send direct marketing
- Legal obligation: to comply with applicable laws
- Consent: where you have given explicit consent (e.g. for certain marketing communications)
5. How We Share Your Information
We do not sell your personal information. We share information only in the following circumstances:
- Service providers: trusted third parties who assist us in operating the Platform (payment processors, cloud hosting providers, email delivery services, analytics providers). These parties are bound by data processing agreements.
- Between users: your username and public profile information are visible to other users. Content you post is visible to your subscribers.
- Legal requirements: where required by law, court order, or government authority
- Business transfers: in connection with a merger, acquisition, or sale of assets, subject to confidentiality obligations
- With your consent: in any other circumstance where you have given explicit consent
6. Data Retention
We retain your information for as long as your account is active or as needed to provide services. After account deletion, we retain certain information for up to 7 years where required by law (e.g. financial records) and for shorter periods for other data. Content you have deleted may remain in our backup systems for up to 90 days before permanent deletion.
7. Your Rights
Depending on your location, you may have the following rights regarding your personal data:
- Access: request a copy of the personal data we hold about you
- Rectification: request correction of inaccurate or incomplete data
- Erasure: request deletion of your personal data in certain circumstances
- Restriction: request that we limit how we use your data
- Portability: receive your data in a structured, machine-readable format
- Objection: object to processing based on legitimate interests
- Withdrawal of consent: withdraw consent at any time where processing is based on consent
To exercise any of these rights, please contact our support team. We will respond within 30 days.
8. Security
We implement industry-standard security measures including encryption in transit (TLS), encryption at rest, access controls, regular security audits, and two-factor authentication options. However, no system is completely secure, and we cannot guarantee absolute security.
9. International Transfers
We operate primarily in the United States. If you are located outside the US, your information will be transferred to and processed in the US. We use appropriate safeguards (including Standard Contractual Clauses for EEA users) for such transfers.
10. Children's Privacy
The Platform is strictly for users aged 18 and over. We do not knowingly collect personal information from anyone under 18. If we learn that we have collected information from a person under 18, we will delete it immediately. If you believe a minor has provided us with personal information, please contact us immediately.
11. Cookies
We use cookies and similar tracking technologies. For full details, please read our Cookie Policy.
12. Changes to This Policy
We may update this Privacy Policy periodically. We will notify you of material changes by email or by posting a prominent notice on the Platform. Your continued use of the Platform after changes take effect constitutes acceptance of the revised policy.
13. Contact Us
If you have questions or concerns about this Privacy Policy or our data practices, please contact our support team. For GDPR-related enquiries from EEA residents, you also have the right to lodge a complaint with your local data protection authority.