Privacy Policy

Privacy policy

1. Who We Are

The London Gems takes the privacy and security of your personal information very seriously. This Privacy Policy explains how we collect, use, and protect your data when you use our website or register with us.

The London Gems is the Data Controller for purposes of the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018. We are responsible for ensuring that your personal data is handled lawfully, fairly, and securely.

This Privacy Policy should be read in conjunction with our Terms and Conditions.

Note: This policy does not apply to external websites linked from our site (e.g., social media or partner platforms).

2. Data We Collect

We may collect the following types of personal data from you:

  • Full name

  • Date of birth

  • Gender

  • Contact details (e.g., email address, telephone number)

  • Identification documents (e.g., passport, national ID, driving licence)

  • Financial information (e.g., bank account, credit/debit card numbers)

  • IP address and device/browser data (automatically collected)

We do not knowingly collect data from individuals under the age of 18. Proof of age is mandatory for all applicants.

3. How We Collect Data

We collect data from you directly when:

  • You contact us through the website, email, phone, or social media

  • You register as a model or apply to work with us

  • You submit identification documents for age and eligibility checks

  • You use our services or interact with our platform

4. Age and Identity Verification

To comply with UK law and protect individuals and third parties, we require all applicants to be 18 years of age or older. We verify age and identity through:

  • Submission of government-issued identification

  • Manual or automated checks using secure third-party verification services

This information is processed strictly for compliance and eligibility purposes and stored securely.

5. How We Use Your Data

We may use your personal data for the following purposes:

  • Internal record-keeping

  • Assessing and processing model applications

  • Verifying age and eligibility to work

  • Confirming your country of residence

  • Communicating with you about your application or services

  • Processing payments (where applicable)


Legal basis for processing:

  • Contractual necessity (when you apply or register)

  • Legal obligation (e.g., age verification)

  • Legitimate interest (e.g., fraud prevention, communications)

  • Consent (where explicitly provided)

6. Who We Share Data With

We only share your data with third parties where necessary and lawful, including:

  • Our payment provider or bank – for payment processing

  • Our accountant – for financial record-keeping

  • Age verification partners – to validate age/ID documentation

All third parties are contractually bound to maintain data security and process data only on our instructions.

7. Data Security

We take reasonable and appropriate steps to protect your personal data, including:

  • Secure servers and encrypted databases

  • Access limited to authorised personnel only

  • Password-protected user access

  • External Data Privacy Officer (DPO) appointed for oversight

If you suspect misuse or unauthorised access to your data, please notify us immediately

8. Data Retention

We retain personal data only as long as necessary:

  • For the duration of the model application process or your registration with us

  • For legal, tax, or compliance reasons, if longer retention is required

  • Typically, data is deleted within 14 days of inactivity or withdrawal unless otherwise required by law

Archived data may persist securely on backup systems for legal or regulatory compliance.

9. Your Rights Under UK GDPR

You have the right to:

  • Access your personal data

  • Correct inaccurate or incomplete data

  • Request erasure of your data where appropriate

  • Object to processing based on legitimate interests

  • Restrict processing under certain conditions

  • Transfer your data to another provider (data portability)

  • Withdraw consent at any time (where applicable)

To exercise any of these rights, please email us with your request. We may need to verify your identity before responding.

Fees: Most requests are free of charge, but we may charge a reasonable fee for unfounded, repetitive, or excessive requests.

Response time: We aim to respond within 1 calendar month of your request.

10. Complaints

We are committed to protecting your data. If you believe your data has been handled improperly, please contact our Data Privacy Officer first.

If you are not satisfied with our response, you can lodge a complaint with:

Information Commissioner’s Office (ICO)

Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF

https://ico.org.uk/concerns/

0303 123 1113

11. Changes to This Privacy Policy

We may update this policy from time to time to reflect changes in law or our practices. The latest version will always be posted on our website. Your continued use of our website after any changes indicates your acceptance of those changes.

12. Contact Us

If you have any questions about this Privacy Policy or how we use your personal data, please contact us.