Privacy Policy
1. Scope
This Policy defines how personal data is processed when using the Affmid Platform (affmid.com, panel.affmid.com, and related subdomains), including site visits, registration, connecting Telegram channels, using ad management tools, contacting support, and paying for services via payment providers.
2. What data is processed
The Operator follows the data minimization principle and processes only data necessary to provide services: – Customer registration and contact data (name, e-mail, password hash, Telegram username); – data of connected Telegram channels (name, ID, subscriber and post statistics); – technical data when using the site (IP address, device and browser type, visit time and pages); – payment transaction metadata (amount, currency, transaction ID, payment method) — without storing bank card or payment account details; – support requests and correspondence about services rendered; – data of subscribers of the Customer's Telegram channels acquired via the Platform: public Telegram ID, username, publicly available profile parameters. This data is processed solely for billing and anti-fraud verification. The Platform is intended for persons aged 18 and over.
3. Legal basis for processing
Processing is carried out on the basis of: – performance of the services agreement (use of the Platform); – the Operator's legitimate interests (security, anti-fraud verification, protection against fraud); – consent of the data subject (for analytical cookies and marketing communications, where applicable); – fulfillment of the Operator's legal obligations (issuing receipts, tax accounting).
4. Purposes of processing
Personal data is used solely for: – providing access to Platform features and services; – settlements and issuing receipts via the professional income tax application; – Platform security and traffic anti-fraud verification; – technical support and Customer communications; – improving the Service; – compliance with the legislation of the United Kingdom. Personal data is not sold to third parties and is not used for marketing profiling by third-party advertisers.
5. Categories of data recipients
Data is transferred to the following categories of recipients in the scope necessary to render services: – payment providers (for processing payments and refunds via bank cards, cryptocurrency, and bank transfers); – acquiring bank (for non-cash settlements with corporate Customers); – partner ad networks (for ad placement and subscriber acquisition); – hosting provider of the Platform infrastructure; – Telegram (as the platform on which services are rendered, regarding public channel and subscriber data). The specific list of providers and partners constitutes the Operator's trade secret and is provided upon individual request of the data subject within the exercise of their rights under personal data legislation. All recipients are required to ensure confidentiality of transferred data within their obligations under applicable legislation and contracts.
6. Cross-border data transfer
Some data recipients (payment providers, hosting provider, partner ad networks) are located outside the United Kingdom. Data transfer is carried out subject to the necessary contractual and technical protection measures set forth in the Law of the United Kingdom No. 99-Z of 07.05.2021 «On Personal Data Protection».
7. Cookies and analytics
The affmid.com site uses only essential technical cookies required for dashboard operation and security (authentication, CSRF protection, interface preferences). Web analytics systems (Google Analytics, Yandex Metrika, and similar) are not currently used.
8. Storage period
– account data — for the duration of Service use and for 1 year after cessation of use (for dispute resolution and tax reporting); – payment data and invoices — for the period required by UK tax law (no less than 6 years per HMRC requirements); – data of subscribers acquired via the Platform — for 12 months from the last campaign activity, after which it is anonymized; – support requests — 2 years from the date of the request. After these periods, data is deleted or anonymized.
9. Security
The Operator applies organizational and technical information-protection measures: encryption in transit (HTTPS/TLS), password hashing, key-based server access, regular backups. The Customer is responsible for the confidentiality of their credentials and access rights to connected Telegram channels.
10. Data subject rights
Under the Law of the United Kingdom No. 99-Z of 07.05.2021 «On Personal Data Protection», the data subject has the right to: – obtain information about the processing of their personal data; – access their personal data and obtain a copy; – request correction, deletion, or restriction of processing; – withdraw previously given consent to processing; – appeal the Operator's actions to the National Personal Data Protection Center of the United Kingdom. Requests are sent to [email protected]. Responses are provided within 15 business days.
11. Third-party resources
The Platform may contain links to third-party resources (Telegram, partner pages, media articles). The Operator is not responsible for personal data processing policies on third-party resources. Before using third-party resources, it is recommended to review their privacy policies.
12. Additional service «AutoContent TG»
The optional automatic content generation service uses third-party language model APIs. When using this service, submitted texts are processed on the API provider's side in accordance with their terms. The Customer independently decides whether to publish generated content and bears responsibility for its compliance with legislation and Telegram rules.
13. Policy changes
The Operator may update this Policy. The current version is published on affmid.com. The last update date is indicated at the top of the document.
14. Contacts
For all personal data processing inquiries: E-mail: [email protected] Telegram: [email protected]