Privacy policy



 

PRIVACY POLICY

FansClique —Owned and Operated by Mediagaze Limited

Company No. 16645155  |  61 Bridge Street, Kingston, HR5 3DJ, United Kingdom

  Effective: 25 Oct 2025  |  Revised: March 2026

 

1. Introduction & Who We Are

This Privacy Policy explains how Mediagaze Limited ("Mediagaze", "FansClique", "we", "us", or "our"), the company that owns and operates the FansClique platform at fansclique.com, collects, uses, stores, shares, and protects your personal information.

Mediagaze Limited is registered in England and Wales under Company No. 16645155, with its registered office at 61 Bridge Street, Kingston, HR5 3DJ, United Kingdom. We are registered with the UK Information Commissioner's Office (ICO) under registration number [INSERT ICO REGISTRATION NUMBER].

FansClique is an online subscription-based digital content platform. By creating an account, accessing our services, or interacting with the Platform in any way, you agree to the terms of this Privacy Policy.

This Policy is designed to comply with the UK General Data Protection Regulation (UK GDPR), the Data Protection Act 2018, the EU GDPR, the Nigeria Data Protection Act 2023 (NDPA) and Nigeria Data Protection Regulation (NDPR), the California Consumer Privacy Act (CCPA), and other applicable data protection laws.

 

⚠  IMPORTANT — COOKIE CONSENT: Cookies on FansClique require your active, informed consent before they are set (except strictly necessary cookies). Our cookie consent mechanism allows you to accept, reject, or customise cookie categories. The phrase 'by continuing to use the service you accept cookies' does not constitute valid consent under UK GDPR and PECR and is not used in place of this mechanism.

2. Definitions

Personal Data:  Any information that can directly or indirectly identify you, such as name, email, financial details, or device data.

Processing:  Any operation performed on Personal Data, including collection, storage, use, disclosure, or deletion.

Data Controller:  Mediagaze Limited — the entity determining the purpose and means of processing your Personal Data.

Data Processor:  Any third party processing Personal Data on our behalf.

Data Protection Officer (DPO):  The named individual appointed by Mediagaze responsible for overseeing data protection compliance. Contact: [email protected]  |  [DPO Full Name or Designee Title to be inserted].

Special Category Data:  Personal data revealing racial or ethnic origin, political opinions, religious beliefs, trade union membership, genetic/biometric data, health data, or data concerning sexual life or orientation.

3. Data We Collect

3.1 Account & Identity Data

  • Full name, username, and date of birth (for age verification);
  • Email address and contact details;
  • Password and authentication credentials;
  • Government-issued identification documents (for KYC/age verification);
  • Selfie or liveness image (used solely for age and identity verification — see Section 3.7 for biometric notice).

3.2 Payment & Financial Data

  • Bank account or payout details (for Creator payouts);
  • Billing address and transaction records;
  • Transaction amounts and timestamps.

Mediagaze does not directly store full credit/debit card numbers — these are encrypted and processed exclusively by our regulated Payment Providers.

3.3 Content Data

  • Photos, videos, and other digital files uploaded by Creators;
  • Comments, messages, captions, and metadata associated with uploads.

3.4 Technical & Device Data

  • IP address and approximate geographical location (city/country level);
  • Device type, operating system, browser type and version;
  • Log files, crash reports, and diagnostic data;
  • Cookies and similar tracking technologies (see Section 10).

3.5 Usage & Activity Data

  • Login timestamps and session duration;
  • Pages viewed, features used, and engagement patterns;
  • Referral sources and affiliate links.

3.6 Legal & Compliance Data

  • Identity documents and verification records for AML/KYC compliance;
  • Records of suspicious activity reports and policy violations;
  • Law enforcement requests and legal documentation.

3.7 Biometric Data — Special Category Notice

 

BIOMETRIC DATA NOTICE (Special Category — Article 9 UK GDPR)

Where FansClique collects selfie images or liveness verification data for age and identity verification, this constitutes biometric data and Special Category Personal Data under UK GDPR Article 9. We process this data only on the basis of your explicit consent, which is obtained separately at the point of collection. You may withdraw this consent at any time by contacting [email protected], though withdrawal may affect your ability to access Creator monetisation features. Biometric verification data is processed by our regulated third-party KYC provider under a Data Processing Agreement and is not retained beyond the verification purpose.

4. How We Use Your Data

4.1 Purposes of Processing

We process your Personal Data for the following purposes, each supported by a lawful basis under UK GDPR:

  • Account creation, authentication, and management — Contractual Necessity;
  • Enabling Creator content upload, distribution, and monetisation — Contractual Necessity;
  • Processing subscription fees, tips, and Creator payouts — Contractual Necessity;
  • Identity and age verification (KYC) — Legal Obligation + Explicit Consent (biometric);
  • AML/CTF transaction monitoring and compliance — Legal Obligation;
  • Fraud detection, abuse prevention, and platform security — Legitimate Interests;
  • Customer support and dispute resolution — Contractual Necessity / Legitimate Interests;
  • Platform performance monitoring and improvement — Legitimate Interests;
  • Marketing communications — Consent (where legally required, with opt-in).

4.2 Automated Decision-Making

FansClique uses automated tools to detect fraudulent transactions, flag prohibited content, and monitor suspicious activity patterns. These systems are regularly audited. Where automated processing produces a significant effect on you, you have the right to request human review under UK GDPR Article 22.

4.3 What We Do Not Do

  • We do not sell your Personal Data to any third party;
  • We do not use your data for unrelated advertising without your consent;
  • We do not collect sensitive data (religious beliefs, political opinions, sexual orientation) unless legally required for AML/KYC compliance.

5. Data Sharing

Mediagaze shares your Personal Data only where strictly necessary, with the following categories of recipients:

5.1 Payment Processors

Financial and transaction data is shared with regulated providers including CCbill Paxum and other licensed partners to process payments, verify financial data, and ensure AML/KYC compliance.

5.2 Identity Verification Providers

Identity documents and biometric data are shared with regulated KYC vendors to confirm user identity and age eligibility. These providers are bound by Data Processing Agreements and may only use data for verification purposes.

5.3 Cloud Hosting & Infrastructure

User data including Content is stored on secure cloud servers provided by third-party infrastructure partners (e.g., AWS, Azure, or equivalent). These providers are contractually bound to maintain confidentiality and security and are ISO 27001 certified or equivalent.

5.4 Analytics & Security

Technical and usage data is processed by analytics and fraud detection tools. These services cannot access private communications or Creator Content.

5.5 Legal & Regulatory Authorities

We may disclose Personal Data to law enforcement, tax authorities, financial regulators, or courts where legally required or permitted — only to the extent necessary and in accordance with due process.

5.6 Business Transfers

In the event of a merger, acquisition, or sale of assets, your Personal Data may be transferred to the successor entity. You will be notified in advance where legally required.

5.7 Prohibited Sharing

We will never sell, rent, or trade your Personal Data for marketing or commercial purposes. We will never share private communications without your consent, except as required by law.

6. International Data Transfers

FansClique operates globally. Your data may be transferred outside the UK, EEA, or Nigeria. We ensure all such transfers are lawful and subject to adequate safeguards:

  • Adequacy decisions: transfers to countries recognised by the UK ICO as providing adequate protection;
  • Standard Contractual Clauses (SCCs) and UK International Data Transfer Agreements (IDTAs) for transfers to non-adequate countries;
  • NDPA/NDPR compliance for Nigerian users, including Data Protection Impact Assessments for cross-border transfers;
  • Encryption in transit and at rest for all international transfers of sensitive data.

You may request details of the safeguards applied to your specific data by contacting [email protected].

7. Data Retention

Mediagaze retains Personal Data only as long as necessary for the purpose collected, legal compliance, dispute resolution, and enforcement. The following retention schedule applies:

 

Data Category

Standard Retention

Legal Basis for Retention

Account & identity data

Duration of account + 6 years post-closure

Tax, AML, fraud prevention

 

Payment & transaction records

7 years from transaction date

UK HMRC, AML Regulations 2017

 

KYC/AML verification documents

5 years post-account closure

Financial regulatory requirements

 

Creator Content

Until deleted by Creator; residual backups 90 days

Contractual; disaster recovery

 

Support correspondence

3 years from resolution

Dispute evidence; quality assurance

 

Technical logs & IP data

12 months (24 months for fraud investigations)

Security; fraud prevention

 

Biometric verification data

Deleted post-verification; max 90 days

Explicit consent; minimum necessary

 

Cookies & analytics data

Up to 24 months; then anonymised

Consent / legitimate interests

 

Marketing preferences

Until opt-out or consent withdrawal

Consent

 

8. Data Security

8.1 Technical Measures

  • TLS 1.3 encryption for all data in transit; AES-256 encryption for data at rest;
  • Network firewalls, intrusion detection and prevention systems (IDS/IPS);
  • Multi-factor authentication (MFA) for all administrative accounts;
  • Role-based access controls (RBAC) — least-privilege principle applied throughout;
  • Regular penetration testing by external security specialists;
  • Secure Development Lifecycle (SDLC) with peer review and vulnerability scanning.

8.2 Organisational Measures

  • All staff handling Personal Data undergo mandatory data protection and cybersecurity training;
  • All staff and contractors are bound by confidentiality agreements;
  • Third-party vendors undergo security and compliance assessment before onboarding;
  • A Data Protection Officer (DPO) is appointed and accessible at [email protected].

8.3 Breach Notification

In the event of a personal data breach, Mediagaze will: (a) notify the ICO within 72 hours where required; (b) notify affected users without undue delay where the breach poses a high risk to their rights and freedoms; and (c) implement remedial measures and conduct a post-incident review.

9. Children's Privacy

FansClique is strictly an adult platform. We do not knowingly collect or process personal data of any person under the age of 18. By registering, users confirm they are at least 18 years old. If we discover that we have inadvertently collected data from a person under 18, we will delete that data immediately and terminate the relevant account. Parents or guardians who believe their child has provided data to FansClique may contact [email protected] for prompt deletion.

FansClique operates a zero-tolerance policy toward any Content involving persons under 18. Any such Content will be immediately removed and reported to the Internet Watch Foundation (IWF), National Crime Agency (NCA), and other relevant authorities.

10. Cookies & Tracking Technologies

10.1 How We Use Cookies

FansClique uses cookies and similar technologies (web beacons, pixels, local storage) to operate the Platform, maintain security, and improve user experience. Cookies are categorised as follows:

  • Strictly Necessary: Essential for authentication, security, and core Platform function. No consent required.
  • Performance & Analytics: Collect aggregated usage data to improve the Platform. Requires your consent.
  • Functionality: Remember your preferences (language, settings). Requires your consent.
  • Marketing: Track engagement with content and campaigns. Requires your consent.

10.2 Consent Mechanism

Upon your first visit, FansClique presents a cookie consent banner that allows you to: Accept all categories; Reject all non-essential categories; or Customise preferences by category. Your consent choices are stored and can be updated at any time via the cookie settings link in the Platform footer. Strictly necessary cookies operate without consent. All other categories require your explicit prior consent, which we collect before setting any such cookies.

10.3 Third-Party Cookies

Some cookies are set by third-party providers including Payment Providers (fraud detection), analytics services (aggregated usage statistics), and content delivery networks (CDNs). These providers are contractually bound to data protection standards.

10.4 Managing Cookies

You may block or delete cookies through your browser settings. Disabling strictly necessary cookies may impair Platform functionality. Browser-specific cookie management instructions are available through your browser's help resources.

11. Your Privacy Rights

Depending on your jurisdiction, you have the following rights regarding your Personal Data:

11.1 Rights Under UK GDPR / EU GDPR (UK and EU/EEA Users)

  • Right of Access — obtain a copy of your Personal Data and information about how it is processed;
  • Right to Rectification — correct inaccurate or incomplete data;
  • Right to Erasure (Right to be Forgotten) — request deletion, subject to legal retention requirements;
  • Right to Restrict Processing — pause processing in specified circumstances;
  • Right to Data Portability — receive your data in a structured, machine-readable format;
  • Right to Object — object to processing based on legitimate interests or direct marketing;
  • Right not to be subject to Automated Decisions — request human review of automated decisions.

11.2 Rights Under NDPA/NDPR (Nigerian Users)

Nigerian users are entitled to all rights listed above. FansClique processes Nigerian user data in compliance with the Nigeria Data Protection Act 2023 and NDPR. Complaints may be escalated to the Nigeria Data Protection Commission (NDPC) at ndpc.gov.ng.

11.3 Rights Under CCPA (California Residents)

  • Right to Know — categories of data collected, sources, purposes, and third-party disclosures;
  • Right to Delete — request deletion of personal information subject to legal exceptions;
  • Right to Opt-Out of Sale — FansClique does not sell personal data. If this changes, an opt-out mechanism will be provided;
  • Right to Non-Discrimination — no adverse treatment for exercising privacy rights.

11.4 How to Exercise Your Rights

Submit a Data Subject Access Request (DSAR) or rights request to [email protected]. Include proof of identity. We will acknowledge within 7 days and respond in full within 30 days (extendable to 90 days for complex requests, with prior notification). Requests are free of charge unless manifestly unfounded, repetitive, or excessive.

12. NDPR-Specific Obligations

For users in Nigeria, Mediagaze Limited additionally commits to the following:

  • Data Protection Compliance Organisation (DPCO): Mediagaze appoints a DPCO or equivalent Data Protection Officer in compliance with NDPR requirements. Contact: [email protected].
  • Annual Data Protection Audit: Where FansClique processes the personal data of more than 1,000 Nigerian data subjects per quarter, Mediagaze will conduct and file an annual Data Protection Audit with the NDPC as required.
  • Cross-Border Transfer Documentation: All transfers of Nigerian user data outside Nigeria are documented in a Data Protection Impact Assessment (DPIA) and supported by appropriate contractual safeguards.
  • Breach Notification: Data breaches affecting Nigerian users will be reported to the NDPC within the timeframe required by the NDPA 2023.

13. Policy Updates

Mediagaze may update this Privacy Policy to reflect changes in law, technology, or our data practices. Where changes are material, we will notify registered users by email or prominent in-Platform notice before the changes take effect. Continued use of FansClique after the effective date constitutes acceptance. Archived versions of this Policy are available on request from [email protected].

14. Contact & Regulatory Escalation

Data Protection Officer:  [email protected] — [DPO Name/Designee to be inserted]

General Privacy:  [email protected]

UK Regulator (ICO):  ico.org.uk / 0303 123 1113

EU Regulator:  edpb.europa.eu/about-edpb/board/members_en

Nigeria Regulator (NDPC):  ndpc.gov.ng

California (Attorney General):  oag.ca.gov

Postal Address:  Mediagaze Limited, 61 Bridge Street, Kingston, HR5 3DJ, United Kingdom