GDPR & Your Data Rights
Last updated: June 3, 2026
This page explains how RealPartyGirls ("we", "us", "our") processes personal data in accordance with the EU General Data Protection Regulation (GDPR) and the UK GDPR. This applies to residents of the European Economic Area (EEA), the United Kingdom, and other regions with equivalent data protection laws.
For a complete description of how we collect and use data, please also read our Privacy Policy.
1. Data Controller
RealPartyGirls is the data controller for personal data processed through this website. You can contact us regarding data protection matters at:
Email: [email protected]
2. Legal Basis for Processing
We process your personal data on the following legal bases:
| Purpose | Legal Basis |
|---|---|
| Account creation & management | Performance of a contract (Art. 6(1)(b)) |
| Processing payments & subscriptions | Performance of a contract (Art. 6(1)(b)) |
| Sending transactional emails | Performance of a contract (Art. 6(1)(b)) |
| Fraud prevention & security | Legitimate interests (Art. 6(1)(f)) |
| Compliance with legal obligations | Legal obligation (Art. 6(1)(c)) |
| Usage analytics (anonymised) | Legitimate interests (Art. 6(1)(f)) |
| Marketing communications | Consent (Art. 6(1)(a)) |
3. Your Rights Under the GDPR
As a data subject in the EEA or UK, you have the following rights:
You have the right to obtain a copy of your personal data that we hold, along with information about how we process it.
You have the right to correct inaccurate personal data we hold about you, or to complete incomplete data.
You have the right to request deletion of your personal data where it is no longer necessary, where you withdraw consent, or where processing is unlawful. Some data may be retained where we have legal obligations to do so.
You have the right to request that we restrict processing of your data in certain circumstances β for example, while you contest the accuracy of data we hold.
You have the right to receive your personal data in a structured, commonly used, machine-readable format (e.g., JSON or CSV) and to transmit it to another controller where processing is based on consent or contract.
You have the right to object to processing based on legitimate interests, including profiling. We will cease processing unless we can demonstrate compelling legitimate grounds that override your interests.
You have the right not to be subject to decisions based solely on automated processing that produce legal or similarly significant effects. We do not use automated decision-making of this nature.
Where we process your data based on consent, you may withdraw that consent at any time. Withdrawal does not affect the lawfulness of processing before withdrawal.
4. How to Exercise Your Rights
To exercise any of your rights, submit a written request to:
Email: [email protected]
We will respond to your request within 30 days. We may need to verify your identity before processing the request. If we are unable to fulfil your request, we will explain why.
There is no charge for exercising your rights, unless requests are manifestly unfounded or excessive.
5. Data Transfers Outside the EEA
Some of our service providers are located outside the EEA (including the United States). Where we transfer personal data outside the EEA, we ensure appropriate safeguards are in place, such as:
- Standard Contractual Clauses (SCCs) approved by the European Commission.
- Adequacy decisions by the European Commission where applicable.
- Binding Corporate Rules where applicable.
Specifically:
- Stripe (payment processing) β complies with GDPR through Standard Contractual Clauses and participation in the EUβUS Data Privacy Framework.
6. Data Retention
We retain personal data for as long as necessary to provide our services and comply with legal obligations:
| Data Type | Retention Period |
|---|---|
| Account & profile data | Duration of account + 90 days after deletion request |
| Payment & transaction records | 7 years (financial regulation requirement) |
| Server logs & IP addresses | 90 days |
| Support communications | 3 years from last contact |
| Model application data | 2 years if not approved; indefinitely if approved |
7. Cookies & Tracking
We use only functional/session cookies necessary for the operation of the Site. We do not use advertising cookies, tracking pixels, or cross-site trackers. For full details see our Privacy Policy β Section 5.
8. Filing a Complaint
If you believe we have not handled your personal data in accordance with the GDPR, you have the right to lodge a complaint with your local data protection supervisory authority:
- EU residents: contact the supervisory authority in your EU member state. Find your authority at edpb.europa.eu.
- UK residents: contact the Information Commissioner's Office (ICO) at ico.org.uk.
We encourage you to contact us first so we can address your concerns directly before involving a supervisory authority.
9. Contact & Data Requests
For all GDPR-related enquiries, data access requests, or erasure requests:
RealPartyGirls Data Privacy
[email protected]
We aim to acknowledge all requests within 72 hours and fulfil them within 30 days.