LogoGENZMODELS

Privacy Policy

GenZModels

Last updated: January 19, 2026

1. Controller & Scope

GenZModels ("we", "us") operates an EU-based creator management platform.

This Privacy Policy explains:

  • what personal data we collect
  • how and why we process it
  • what rights users have under the GDPR

This policy applies to:

  • applicants (Creators)
  • approved Creators
  • internal users (e.g. VAs, admins)
  • visitors of our website

2. Data We Collect

a) Application Data

  • name or alias
  • email address
  • phone number (e.g. WhatsApp)
  • application-related information you voluntarily provide

b) Platform & Backend Data

  • uploaded content (e.g. photos, media files)
  • profile and operational information
  • internal notes related to management and onboarding
  • timestamps and activity logs

c) Technical & Usage Data

  • log data
  • basic usage information
  • performance-related metrics (e.g. feature usage, funnel performance)

Important: All platform and backend data is stored and processed using Supabase as our backend infrastructure. We do not sell personal data and do not use invasive tracking.

3. Purpose & Legal Basis (GDPR Art. 6)

We process personal data for the following purposes:

  • Application handling & onboarding → Art. 6(1)(b) GDPR (pre-contractual measures)
  • Platform operation & internal management → Art. 6(1)(b) GDPR (contractual necessity) & Art. 6(1)(f) GDPR (legitimate interest)
  • Communication (email, WhatsApp, internal tools) → Art. 6(1)(b) & (f) GDPR
  • Security, abuse prevention, and platform analytics → Art. 6(1)(f) GDPR (legitimate interest)

4. Communication

We communicate with users via:

  • email
  • messaging services such as WhatsApp
  • internal platform communication tools

Communication is limited to:

  • applications
  • onboarding
  • operational coordination
  • management-related matters

Important: We do not send marketing newsletters or third-party advertising emails.

5. Hosting & Data Processing (Supabase)

We use Supabase to host and process platform data.

  • Data is stored on secure infrastructure
  • Appropriate technical and organizational measures are in place
  • Access is restricted to authorized personnel only
  • If data is processed outside the EU or EEA, this is done in compliance with GDPR requirements (e.g. standard contractual clauses)

6. Data Retention

We retain personal data:

  • only as long as necessary for the stated purposes
  • or as required by legal or contractual obligations

Important: Application data may be deleted if no collaboration is initiated within a reasonable timeframe.

7. Your Rights (GDPR)

Under the GDPR, you have the right to:

  • access your personal data
  • request correction or deletion
  • restrict or object to processing
  • data portability (where applicable)
  • lodge a complaint with a supervisory authority

Requests can be sent to:

8. Data Security

We implement appropriate security measures to protect personal data against:

  • unauthorized access
  • loss
  • misuse
  • unlawful processing

Important: No system is completely risk-free, but we continuously improve our safeguards.

9. Changes to This Policy

We may update this Privacy Policy to reflect:

  • legal changes
  • platform improvements
  • operational adjustments

Important: The current version is always available on our website.

10. Contact

For privacy-related questions or requests: