- When we say ‘we’, ‘us’ or ‘BoleynModels’ it’s because that’s who we are and we own and run the Sites.
The type of personal information we collect
- We collect certain personal information about visitors and users of our Sites.
- The most common types of information we collect include things like: user-names, member names, email addresses, IP addresses, physical addresses, ID cards, other contact info, tax identification, and payment information. Further forms you may fill out allow us to link and share information with our partner sites regarding your account.
How we collect personal information
- We collect personal information directly when you provide it to us via support contact and automatically as you navigate through the Sites.
- We collect your personal information when you provide it to us when you complete membership registration and forms that allow you to link your payment accounts.
Personal information we collect about you from others
- Although we generally collect personal information directly from you, on occasion, we also collect certain categories of personal information about you from other sources. In particular:
- financial and/or transaction details from payment providers located worldwide in order to process your payments;
- Other third party partners whereby we receive additional information about you (to the extent permitted by applicable law), such as demographic data or fraud detection information, and combine it with information we have about you. For example, fraud warnings from service providers like identity verification service. We also receive information about you as a rights holder from our third party partners.
How we use personal information
- We will use your personal information:
- To fulfil a contract, or take steps linked to a contract: in particular, in facilitating and processing transactions that take place on the Sites, like where you receive payment credit for us to pay to you.
- Where this is necessary for purposes which are in our, or third parties, legitimate interests. These interests include:
- operating the Sites;
- providing you with services described on the Sites;
- verifying your identity when you sign in to any of our Sites;
- verifying your age and tax status
- responding to support tickets, and helping facilitate the resolution of any disputes;
- updating you with operational news and information about our Sites and services e.g. to notify you about changes to our Sites, website disruptions or security updates;
- carrying out technical analysis to determine how to improve the Sites and services we provide;
- monitoring activity on the Sites, e.g. to identify potential fraudulent activity and to ensure compliance with the user terms that apply to the Sites;
- managing our relationship with you, e.g. by responding to your comments or queries submitted to us on the Sites or asking for your feedback or whether you want to participate in a survey;
- managing our legal and operational affairs (including, managing risks relating to content and fraud matters);
- training BoleynModels staff about how to best serve our contractors and affiliates;
- improving our products and services.
- providing general administrative and performance functions and activities; an
- processing your model or affiliate application to BoleynModels.
- For the purpose of responding to requests by government, a court of law, or law enforcement authorities conducting an investigation.
When we disclose your personal information
- We will disclose personal information to the following recipients:
- companies that are in the BoleynModels group which are headquartered in the US or EU;
- subcontractors and service providers who assist us in connection with the ways we use personal information (as set out above), in particular: website hosting providers which are located in the EU, US and UK; technical and customer support services which are located in Canada, Bulgaria, Romania, UK and the US; recruitment agencies which are located in Romania, US and Bulgaria; marketing and analytics services which are located in the US; security and fraud prevention services which are located in the US; payment processing services which are located worldwide; and operational tooling services which are located in the US. Noting that our subcontractors and services providers may also transfer and access such information from other countries in which they have operations.
- our professional advisers (lawyers, accountants, financial advisers etc.) which are located in the USA;
- regulators and government authorities in connection with our compliance procedures and obligations, primarily as a 10 USC 2257 keeper of records;
- a purchaser or prospective purchaser of all or part of our assets or our business, and their professional advisers, in connection with the purchase;
- a third party to respond to requests relating to a criminal investigation or alleged or suspected illegal activity;
- a third party, in order to enforce or defend our rights, or to address financial or reputational risks;
- a rights holder in relation to an allegation of intellectual property infringement or any other infringement; and
- other recipients where we are authorised or required by law to do so.
Where we transfer and/or store your personal information
- We are based in the United States so your data will be processed in the US. Some of the recipients we have described in section 10 above, and to whom we disclose your personal information, are based outside the US in places like Canada, Bulgaria, UK, and Luxembourg. We do this on the basis of your consent to this policy. In order to protect your information, we take care where possible to work with subcontractors and service providers who we believe maintain an acceptable standard of data security compliance.
How we keep your personal information secure
- We store personal information on secure servers that are managed by us and our service providers. Personal information that we store or transmit is protected by security and access controls, including username and password authentication, two-factor authentication, and data encryption where appropriate.
How you can access your personal information
- You can access some of the personal information that we collect about you by logging in to your account. You also have the right to make a request to access other personal information we hold about you and to request corrections of any errors in that data. You can also close the account you have with us for any of our Sites at any time. To make an access or correction request, contact our site support via normal channels.
Marketing Choices regarding your personal information
- Our mailing list will not be sold to 3rd parties or be used to advertise the products of 3rd parties to you. We try to ensure only relevant news, alerts, or personal issues that need addressed are emailed to you. You can ‘opt-out’ of such communications if you would prefer not to receive them in the future by using the “unsubscribe” facility provided in the communication itself.
- You also have choices about cookies, as described below. By modifying your browser preferences, you have the choice to accept all cookies, to be notified when a cookie is set, or to reject all cookies. If you choose to reject cookies some parts of our Sites may not work properly in your case.
Cookies (not the type you eat!) and web analytics
- When you visit our Sites, there’s certain information that’s recorded which is generally anonymous information and does not reveal your identity. If you’re logged into your account some of this information could be associated with your account. We’re talking about the following kinds of details:
- your IP address or proxy server IP address’;
- the domain name you requested;
- the name of your internet service provider is sometimes captured depending on the configuration of your ISP connection;
- the date and time of your visit to the website;
- the length of your session;
- the pages which you have accessed;
- the number of times you access our site within any month;
- the file URL you look at and information relating to it;
- the website which referred you to our Sites; and
- the operating system which your computer uses.
Information about children
- Our Sites are not suitable for children under any circumstance. At no point and under no circumstances will anyone under the age of 18 years old be allowed to create an account or utilize our services. Our site contains no pornographic material, but certain subject matter may be unsuitable to a younger audience.
Information you make public or give to others
- If you make your personal information available to other people, we can’t control or accept responsibility for the way they will use or manage that data. There are lots of ways that you can find yourself providing information to other people, like when you post a public message on a forum thread, share information via social media, or make contact with another contractor, model, or affiliate.
It is strictly against BoleynModels policy and that of our partner sites for you to share personal contact details of any kind with customers or clients. This can result in immediate termination of your account(s).
How long we keep your personal information
- We retain your personal information for as long as is necessary to provide the services to you and others, and to comply with our legal obligations. At this time it means specifically:
- Age verification documents and stage name history will be kept for a period of 3 years in accordance with 10 USC 2257. This applies only if you actually performed on a partner site while being paid by us.
- A copy of your tax documentation will be kept on file for a period of 7 years in accordance with I.R.S. policies.
- Your payment records will be kept only for the current and previous fiscal year.
If you do not work with us in any capacity, all records accompanying your application will be destroyed after 90 days. You may request an account closure and erasure before this point.
You are free to re-apply should 90 days elapse and your account is erased.
When we need to update this policy
- We will need to change this policy from time to time in order to make sure it stays up to date with the latest legal requirements and any changes to our privacy management practices.
- When we do change the policy, we’ll make sure to notify you about such changes, where required. A copy of the latest version of this policy will always be available on our site.
How you can contact us
- If you have any questions about our privacy practices or the way in which we have been managing your personal information, please contact our support at Skype: BoleynModels or firstname.lastname@example.org
If you’re a user or visitor in the European Economic Area these rights also apply to you:
- For the purposes of applicable EU data protection law (including the General Data Protection Regulation 2016/679 (the “GDPR”), we are a ‘data controller’ of your personal information.
How you can access your personal information
- You are also entitled to ask us to port your personal information (i.e. to transfer in a structured, commonly used and machine-readable format, to you), to erase it, or restrict its processing. You also have rights to object to some processing that is based on our legitimate interests, such as profiling that we perform for the purposes of direct marketing, and, where we have asked for your consent to process your data, to withdraw this consent as more fully described below.
- These rights are limited in some situations – for example, we can demonstrate that we have a legal requirement to process your personal information. In some instances, this means that we may retain some data even if you withdraw your consent.
- Where we require your personal information to comply with legal or contractual obligations, then provision of such data is mandatory: if such data is not provided, then we will not be able to manage our contractual relationship with you, or to meet obligations placed on us. In all other cases, provision of requested personal information is optional.
- If you have unresolved concerns you also have the right to complain to data protection authorities. The relevant data protection authority will be the data protection authority of the country: (i) of your habitual residence; (ii) of your place of work; or (iii) in which you consider the alleged infringement has occurred.