Hawke House, Old Station Road, Loughton, Essex, IG10 4PL
© 2023
fawnstars from FDH Enterprises
We take the privacy of our visitors very seriously. We ask that you review this privacy notice carefully, as it contains important information about how we use your personal data.
Who are we?
fawnstars is a Limited Company registered in England and Wales under the name FDH Enterprises Ltd with company number 13220471 and with our registered office at Old Station Road, Loughton, Essex, IG10 4PL
Information we hold: Site visitors
As a site visitor, we collect the following information about you:
Information we hold: Site members
As a subscriber, we will collect the information as above, and we may collect some additional information which you provide us, including:
How we use your information
References in this section to a basis of processing (e.g. GDPR Art 6 (1)(a)) are references to the relevant lawful basis we use to process your data under the General Data Protection Regulation (GDPR).
Information about your device and how you use our website
We collect information about your device and how you use our website. This may take the form of our own server logs, or information passed to us by Google Analytics when you load our website.
Basis: GDPR Art. 6(1)(f) – “legitimate interests” – this information allows us to plan our business strategy.
Your IP address
We may collect your IP address when you browse and interact with our website.
Basis: GDPR Art. 6(1)(f) – “legitimate interests” – this logging information forms part of our business strategy planning and helps us maintain a secure and reliable site for our visitors and subscribers.
Your name, date of birth, and identification documents
If you provide your name, date of birth, or photo identification documents to us, we will store them securely for the purposes of verifying your identity and age.
Basis: GDPR Art. 6(1)(f) – “legitimate interests” – we ask for name and identifying documents to verify your identity and that you are of legal age to offer or receive services through our site.
Your email address
When you subscribe to our site, we collect your email address. We use this for various purposes such as: sending you updates, information, invoices and billing information, or for resetting your password.
Basis: GDPR Art. 6(1)(c) – “performance of contract” – we need to collect your email address to authenticate you as a subscriber to our site and to provide you with customer support where needed.
Basis: GDPR Art. 6(1)(f) – “legitimate interests” – this information helps us to keep in contact with you to provide you with relevant updates.
Your password
Your password is required to authenticate you as a user of our services. We will never store it on our systems in its unencrypted “plaintext” form.
Basis: GDPR Art. 6(1)(c) – “performance of contract” – we need to collect your password to authenticate you as a member of our site.
Basis: GDPR Art. 6(1)(f) – “legitimate interests” – we require members to set a password to ensure that your account information stays secure and visible only to you.
Your sexual orientation and preferences
As a Provider, you are required to submit your sexual orientation and some information about your preferences so that we can match you to the ideal partners through our service. You may also provide this information as a regular Member, if you choose to, but this is not mandatory.
Basis: GDPR Art. 6(1)(a) – “consent” – we need you to provide information that describes the partners you will be interested in connecting with through our services.
Basis: GDPR Art. 6(1)(f) – “legitimate interests” – without this information we would only be able to provide a sub-optimal experience as Members would be likely to be matched with Performers who do not match their preferences. For business strategy purposes, we would like as many users as possible to be matched to Performers or Members who meet their preferences.
Third parties
Google Analytics
We make use of Google Analytics on our site to collect data about our visitors for technical capacity planning and for business strategy planning.
The Privacy Notice for Google Analytics can be found here.
You can opt out of data processing by Google Analytics by enabling Google’s “Google Analytics Opt-out Browser Add-on” on your device.
Age verification provider YOTI
fawnstars have partnered with Yoti to provide its digital identity platform that provides a simple and secure way of proving identities, online. All of Yoti's services are certified as compliant with the ISO/IEC 27001:2013 international standard for Information Security. The certificate is valid until 29 April 2024. Each year, Yoti undergoes audits as a condition of its ISO 27001 certifications. In October 2019, Yoti was certified under the ‘Age Check Certification Scheme’. This allows us to provide Electronic Identification Verification Technology (e-IDVT) to issuers of ‘PASS’ (Proof of Age Standards Scheme) cards in the UK.
In June 2020, Yoti was awarded the Seal of Approval from the German Association for Voluntary Self-Regulation of Digital Media Service Providers (FSM) to help to provide protection of child protection online in Germany. In December 2020, the KJM (German Commission for Youth Media Protection) approved Yoti’s age verification approaches.
In the USA, Yoti complies with the HIPAA ‘Privacy Rule’ and ‘Security Rule’ for storing health data. Our first HIPAA assessment was in May 2020. We will repeat our assessment each year.
Cloudflare
We make use of Cloudflare’s services to deliver our web platform to you. Cloudflare helps protect our site’s servers against unexpected spikes in demand, and against various forms of web attack.
Cloudflare maintains some log data about events on their network. Some of this log data will include information about visitors to and/or authorized users of a customer’s domains, networks, websites, application programming interfaces (“APIs”), or application. This metadata contains extremely limited personal data, most often in the form of IP addresses. Cloudflare process this type of information on behalf of their customers in their main data center in the U.S. for a limited period of time.
Cloudflare publish detailed information about the data they have access to, and their approach to GDPR compliance on their website here.
Retention Periods
We hold on to the information we collect about you, detailed above, for as long as you have your account, or for as long as is needed to be able to provide the services to you, or (in the case of any contact you have with our customer support) for as long as is necessary to provide support-related reporting and trend analysis.
We will keep data for longer periods if reasonably necessary or required to meet legal or regulatory requirements, resolve disputes, prevent fraud and abuse, or enforce our Terms and Conditions.
Your rights
You have a number of relevant rights in respect of our processing of your personal data. The relevant rights are:
If you wish to exercise any of these rights, please customer [email protected]
You also have the right to lodge a complaint about our processing with a supervisory authority. In the case of the UK, for example, this would be the Information Commissioner’s Office.
Updates to this notice
We regularly review and may, where necessary, update this Privacy Notice from time to time. If we plan to use personal data for a new purpose, we will update this information and communicate any changes to you before starting any new processing. We will communicate any updates to this notice prominently on our website, as well as directly to previous customers by email.
Questions about privacy?
If you have questions about privacy or any of the contents of this notice, please don’t hesitate to get in touch with us!
You can email us at [email protected] or write to us at: