Privacy Policy
How LuxChat Talent Management collects, uses, stores and protects your personal data. We take this seriously — both because UK law requires it and because the trust of our creators is the foundation of the business.
This is a template. Replace bracketed placeholders [like this] with your actual company details before you go live. For full legal compliance, we strongly recommend having a UK solicitor review this policy before publishing — privacy law has specific requirements and getting it wrong creates real liability.
1. Who we are
LuxChat Talent Management ("LuxChat", "we", "us", "our") is a UK-based talent management agency operating at luxchatmgmt.com. For the purposes of UK GDPR and the Data Protection Act 2018, LuxChat is the data controller of personal information collected through this website and our services.
Contact: kieran@luxchatmgmt.com
Registered address: 3rd Floor, 86-90 Paul Street, London, England, EC2A 4NE, United Kingdom
2. The data we collect
2.1 Information you give us directly
- Name and contact details (email, phone) when you submit our application form
- OnlyFans handle and current monthly revenue (rough figures) when you apply
- Any messages you send us via email or the contact form
- Information shared during onboarding calls (recorded only with your consent)
2.2 Information collected automatically
- IP address, browser type, operating system, referring URL
- Pages visited, time spent on each page, bounce rate
- Cookies and similar technologies (see section 6)
2.3 Information from third parties
- Public information from your social media or OnlyFans profile if relevant to your application
- Analytics data from Google Analytics, Meta Pixel and similar services we use
3. How we use your data
- To respond to your application — review your submission, schedule a discovery call, decide whether to move forward.
- To deliver our services — chatting, growth marketing, content strategy and account management for creators we sign.
- To communicate — answer your questions, send service updates, share invoices and reports.
- To improve our website — measure traffic, understand which content is useful, fix problems.
- For marketing — only with your consent. You can unsubscribe at any time.
- To comply with legal obligations — including HMRC tax records, AML checks, and platform terms of service.
4. Lawful basis for processing
Under UK GDPR we process your data on one or more of these lawful bases:
- Consent — for marketing emails and optional analytics cookies.
- Contract — to deliver agreed services to creators on our roster.
- Legitimate interest — to operate the website, respond to enquiries, and improve our services.
- Legal obligation — to keep accounting records, comply with tax law, etc.
5. Who we share your data with
We do not sell your personal data. We share it only when necessary, with:
- Service providers we use to run the business (hosting, analytics, email, payment processing) — bound by contract to protect your data.
- UK accountants and tax advisors, where legally required.
- Law enforcement, where compelled by valid UK legal process.
6. Cookies
We use cookies and similar technologies to:
- Make the website function (essential cookies — always on)
- Measure traffic and usage (analytics cookies — only with consent)
- Show relevant ads and remarketing (marketing cookies — only with consent)
You can manage cookie preferences in your browser settings or via the consent banner shown on first visit. Disabling cookies may affect website functionality.
7. International data transfers
Some of our service providers (e.g. analytics tools) may process data outside the UK. Where this happens, we use UK GDPR-compliant transfer mechanisms (Standard Contractual Clauses or adequacy decisions) to ensure your data is protected.
8. How long we keep your data
- Application data — 12 months after your last contact, then deleted.
- Active client data — for the duration of our agreement plus 7 years (HMRC requirement).
- Marketing email list — until you unsubscribe.
- Website analytics — anonymised after 14 months.
9. Your rights under UK GDPR
You have the right to:
- Access the personal data we hold about you
- Correct inaccurate or incomplete data
- Request deletion ("right to be forgotten") in most circumstances
- Object to processing based on legitimate interest
- Withdraw consent at any time (without affecting prior processing)
- Data portability — receive your data in a machine-readable format
- Lodge a complaint with the Information Commissioner's Office (ICO)
To exercise any of these rights, email kieran@luxchatmgmt.com. We respond within 30 days.
10. Security
We use industry-standard technical and organisational measures to protect your data, including encrypted storage, access controls, two-factor authentication on internal systems, and regular security reviews. No system is 100% secure; if a breach affects you, we will notify you within 72 hours as required by UK GDPR.
11. Children
Our services are for adults aged 18+. We do not knowingly collect personal data from anyone under 18. If you believe we have, please contact us immediately and we will delete it.
12. Changes to this policy
We may update this Privacy Policy from time to time. The "Last updated" date at the top reflects the most recent change. Material changes will be communicated by email to active clients.
← Back to LuxChat MGMT · Terms of Service