Privacy Policy

1. Introduction

We are committed to protecting your privacy and personal data in compliance with the Isle of Man Data Protection Act 2018, the Data Protection (Application of GDPR) Order 2018, and the Applied GDPR and LED Implementing Regulations 2018  . This policy explains what personal data we collect, how it’s used, secured, and your rights.

2. Data Controller

We allthingsadult.co.uk act as the Data Controller. You can contact our nominated Data Protection Officer (DPO) at:

​

• Email: report@allthingsadult.co.uik
  

3. Personal Data We Collect

We may collect:​

• Account data: name, email, login credentials
  
• Usage data: IP address, logs, session metadata
  
• Payment details (if applicable)
  
• Sensitive personal data: data on sex life, sexual orientation, or explicit content preferences—categorised as “special categories” and processed only under strict legal bases  .
  

4. Legal Bases for Processing

We rely on one or more of the following:​

• Consent: explicit, freely given for adult content access
  
• Contractual necessity: where user services are being provided
  
• Legitimate interests: e.g. troubleshooting, fraud prevention
  
• Explicit consent + Article 9 legal basis for special category data  .
  

5. Purposes of Processing

Your data is used for:​

• Providing and improving website services
  
• User authentication and account support
  
• Hosting user-generated content (if applicable)
  
• Legal or compliance-related purposes (e.g. age-verification, moderation)
  

6. Data Minimmisation & Retention

In line with GDPR principles, we collect only data needed for specified purposes, and retain it only as long as necessary. We routinely review retention periods and remove or anonymous data accordingly  .

7. Data Security & Transfer

We use organisational and technical controls (e.g. encryption, secure servers, access controls) to protect personal data from misuse, loss, or unauthorised access  .

We do not transfer data outside the Isle of Man or EEA unless to countries or organisations with adequate protection (e.g. EEA) or under approved safeguards  .

8. Data Subject Rights

Under the Applied GDPR, you have the right to:​

• Access and correct your data
  
• Erase or restrict processing
  
• Object to processing
  
• Data portability
  
• Withdraw consent (when consent-based)
  
• Complain to the Isle of Man Information Commissioner or Data Protection Tribunal  .
  

Where specific rights don’t apply (e.g. no automated decision-making), they may be excluded as permitted  .

9. Cookies & Tracking

If we use cookies or analytics tools, you’ll be informed via a cookie banner or notice. We explain what cookies are used, why, and how consent or opt‑out is managed.

10. Data Breach Notification

In the event of a personal data breach, we will notify the Isle of Man Information Commissioner (within 72 hours, if required) and affected users where there is a high risk to their rights and freedoms  .

11. Third‑Party Processors

We may share data with trusted third-party providers (e.g. hosting, payment gateways). All such processors are bound by Data Processing Agreements to handle data in accordance with GDPR standards and ensure adequate protection  .

12. Registering with the Commissioner

As required, we maintain an active entry in the Isle of Man’s Register of Data Controllers (updated annually and whenever details change)  .

13. Contact & Complaints

If you have questions or wish to exercise your data rights, please contact our DPO (see section 2).

If you remain dissatisfied following internal responses, you may file a complaint with the Isle of Man Information Commissioner, whose decisions can be appealed to the Data Protection Tribunal  .