Privacy Policy
Discretion is part of the product. This policy explains what personal data we collect, why, and the rights you have over it under UK data protection law.
1. Who we are
Northern Men ("we", "us", "our") operates the website at northernmen.com, an advertising directory for independent adults across the North of England. For the personal data described here, Northern Men is the data controller. This policy explains how we handle your data in line with the UK GDPR and the Data Protection Act 2018.
2. What we collect
Depending on how you use the site, we may collect:
- Account details — name, email address, username, password, city and the profile information you provide (bio, rates, availability, preferences);
- ID and verification documents — the identity and age documents, and any verification photos, you submit so we can confirm you are 18 or over and who you say you are;
- Photos you upload for your profile;
- Optional STI test results — only if you choose to share them to earn the optional "Tested member" badge;
- Enquiry, message and review content — anything you send through the contact form, an advertiser enquiry, a review, by email, or in support conversations, including your name and email where you give them;
- Payment information — handled by our payment processor; we receive confirmation and billing records, not your full card number; and
- Usage, device and log data — your IP address; browser, device and platform type; internet service provider (ISP); date and time stamps; the pages you view and similar analytics; and the server log files our systems record automatically, collected through cookies and similar technologies.
3. Lawful bases
We rely on the following lawful bases under UK GDPR:
- Contract — to create and run your account, provide the advertising service and take payment;
- Legal obligation — to verify age, keep records, and comply with the law;
- Legitimate interests — to keep the platform safe, secure and trusted, prevent fraud and misuse, and improve the service (balanced against your rights); and
- Consent — for optional things such as sharing STI test results, non-essential cookies and any marketing. You can withdraw consent at any time.
Where we process special-category data (see below), we additionally rely on your explicit consent and/or the substantial public interest and legal claims conditions in the Data Protection Act 2018.
4. How we use your data
- to set up, verify, run and secure your profile and account;
- to display the profile content you choose to publish, and to award verification and (if you opt in) "Tested member" badges;
- to take payment and keep billing and tax records;
- to respond to your messages and provide support;
- to detect, prevent and investigate fraud, abuse and breaches of our terms; and
- to understand how the site is used and improve it.
5. Special-category data
Some of what we handle is sensitive. Your ID documents and any STI test results you choose to share are treated as special-category data and given extra protection. Specifically:
- they are kept private and secured, with access limited to the few staff who need it for verification;
- we minimise what we keep — for the "Tested member" badge we display only your status and the date of your last test, and never the underlying results or any other medical detail;
- they are never shown publicly beyond the verified and (optional) tested badges, and never sold; and
- sharing STI results is entirely optional and never a condition of listing.
6. Sharing your data
We do not sell your personal data, and we do not share it except:
- with processors who act on our instructions — for example hosting, payment processing, email delivery and analytics providers — under contracts that require them to protect it;
- with your consent;
- where there are reasonable grounds to believe disclosure is necessary to prevent harm to a person;
- where we are required to by law, or to establish, exercise or defend a legal claim; and
- with a successor in the event of a business sale or reorganisation, subject to this policy.
Where a processor is outside the UK, we put appropriate safeguards in place (such as UK-approved standard contractual clauses).
7. Retention
We keep personal data only as long as we need it. Profile and account data is kept while your account is active and for a reasonable period afterwards. Verification documents are kept only as long as needed to evidence that checks were carried out, and then deleted or securely destroyed. Billing records are kept as long as tax and accounting law requires. When data is no longer needed, we delete or anonymise it.
8. Security
We use appropriate technical and organisational measures — including encryption in transit, access controls and restricted internal access to sensitive documents — to protect your data. No online service can be completely secure, but we work to keep the risk low and to respond quickly if something goes wrong.
9. Cookies
We use essential cookies to run the site and, with your consent, cookies for analytics and preferences. We use a mix of session cookies, which are deleted when you close your browser, and persistent cookies, which stay on your device for a set period. Analytics data from cookies is used only in aggregate to understand how the site is used, not to build a profile of you as an individual.
You can control or disable non-essential cookies through our cookie settings and through your browser settings, though some parts of the site may not work properly if you block them. For full detail see our cookie policy.
10. Links to other websites
Our site may contain links to third-party websites. We do not control those sites and are not responsible for their content or their privacy practices. When you follow a link elsewhere, we encourage you to read that site's own privacy policy.
11. Your rights
Under UK GDPR you have the right to:
- access a copy of the data we hold about you;
- rectify data that is inaccurate or incomplete;
- erase your data ("right to be forgotten") where it applies;
- restrict or object to certain processing;
- data portability — receive your data in a portable format; and
- withdraw consent at any time where we rely on it.
To exercise any of these, email awecacct1@gmail.com. Exercising your rights — including asking for a copy of your data — is free of charge, and we will respond within the time limits set by law (usually one month).
12. Complaints
If you have a concern we would like the chance to put it right, so please contact us first. You also have the right to complain to the UK's data protection regulator, the Information Commissioner's Office (ICO), at ico.org.uk.
13. Contact
For any privacy question or request, contact us at awecacct1@gmail.com or via our contact page.
Last updated 2026 (DRAFT)