Privacy Policy

1. Who We Are (Data Controller)

Proads Solutions LTD (hereinafter referred to as 'we', 'us', or 'our'), registered in UK, is the Data Controller responsible for your personal data collected through dateoverseas.com (the 'Website').

Contact us at: privacy@dateoverseas.com
Data Protection Officer (DPO): dpo@dateoverseas.com

⚠ Note: As a company registered in the EU/UK, we are fully subject to the General Data Protection Regulation (GDPR) and UK GDPR and act as Data Controller for all personal data processed through this Website.

2. Scope of This Policy

This Privacy Policy applies to all visitors and users of dateoverseas.com and explains:

What personal data we collect and why
How we use, store, and protect your data
With whom we share your data, including our affiliate partners
Your rights under GDPR, UK GDPR, CCPA/CPRA (California), and PIPEDA/Law 25 (Canada)
How to contact us or exercise your rights

This Website operates as an affiliate marketing platform in the dating/romance category. We receive compensation when users click on links to or register with our partner services.

3. Personal Data We Collect

3.1 Data You Provide Directly (Registration Form)

When you complete a registration form on our Website, we collect:

Data Category	Examples	Purpose
Contact information	Email address	Account creation, communication
Identity data	Name (if requested)	Account creation
Date of birth	Day / Month / Year	Age verification (18+ required)
Gender	Male / Female / Other	Service personalisation
Preferences	Gender sought, relationship type	Matching and service delivery

⚠ Special Category Data (Art. 9 GDPR): Information about your gender preferences or sexual orientation constitutes sensitive personal data under GDPR Article 9. We only collect and process this data with your explicit, separate consent.

3.2 Data Collected Automatically

When you visit our Website, we automatically collect:

IP address and approximate geolocation
Device type, operating system, browser type and version
Pages visited, time spent, referring URL
Click identifiers (click IDs from advertising platforms)
Cookie and pixel data (see Section 7)

3.3 Data Collected via Third-Party Pixels and Trackers

The following third-party tools may independently collect data about your visit:

Tool	Provider	Purpose	Privacy Policy
Facebook Pixel	Meta Platforms, Inc.	Ad conversion tracking, retargeting	facebook.com/policy
Google Ads / GA4	Google LLC	Ad conversion, analytics	policies.google.com/privacy
TikTok Pixel	TikTok Ltd.	Ad conversion tracking	tiktok.com/legal/privacy-policy
Taboola	Taboola, Inc.	Ad performance tracking	taboola.com/privacy-policy
Snapchat Pixel	Snap Inc.	Ad conversion tracking, retargeting	snap.com/en-US/privacy/privacy-policy
Quora Pixel	Quora, Inc.	Conversion tracking, analytics	quora.com/about/privacy
NewsBreak Pixel	NewsBreak	Ad performance tracking, analytics	newsbreak.com/privacy

⚠ These pixels and tracking technologies will only be activated after you provide your consent via our cookie consent banner, except for strictly necessary cookies.

4. Legal Basis for Processing (GDPR Art. 6 & Art. 9)

Processing Activity	Legal Basis (GDPR)	Details
Registration form data (email, DOB, gender)	Art. 6(1)(b) — Contract	Necessary to provide the service you request
Sensitive data — preferences/orientation	Art. 9(2)(a) — Explicit Consent	Requires your separate, explicit consent
Marketing pixels (FB, Google, TikTok)	Art. 6(1)(a) — Consent	Only after cookie banner consent
Analytics and site improvement	Art. 6(1)(f) — Legitimate Interests	We have a legitimate interest in improving our service
Transfer of data to affiliate partner	Art. 6(1)(a) — Consent + Art. 6(1)(b)	Covered by your registration consent and our affiliate agreement
Fraud prevention, legal compliance	Art. 6(1)(c) — Legal Obligation	Where required by applicable law

5. How We Use Your Personal Data

We use your personal data for the following purposes:

To facilitate your registration with our affiliate partner service (where you choose to register)
To verify that you meet the minimum age requirement (18 years or older)
To personalise your experience on the Website
To transmit your registration data securely via API to our affiliate partner upon your consent
To store a record of your registration data in our secure database
To measure and optimise advertising campaign performance
To detect fraud and prevent abuse of our services
To comply with our legal obligations under applicable data protection law
To respond to your enquiries and exercise of data subject rights

6. Sharing Your Personal Data with Third Parties

6.1 Affiliate Partner (Data Transfer via API)

We may collect and process your personal data (such as name, date of birth, email, etc.) when you use, access or engage with our services. In certain cases, we cooperate with trusted third parties to facilitate the delivery of services or enhance user experience. Where necessary, we may securely share your personal data with trusted third parties as part of our operations. Any data sharing is conducted in compliance with applicable data protection laws and follows established privacy safeguards.

Specifically, when you complete a registration form on our Website and provide your explicit consent, we transmit the following data via encrypted API to our affiliate partner:

Email address
Date of birth
Gender
Stated preferences

Our affiliate partner is registered in the EU and the USA. Transfers to the USA are governed by Standard Contractual Clauses (SCCs) approved by the European Commission, ensuring an equivalent level of protection to that required within the EEA.

Our affiliate partner acts as an independent Data Controller for data they receive and process. We encourage you to review their privacy policy directly.

6.2 Advertising and Tracking Partners

We share pseudonymous data (hashed emails, device identifiers, click data) with advertising partners (Meta, Google, TikTok, Taboola) for the purpose of ad measurement and campaign optimisation. This sharing is conditional on your cookie consent.

6.3 Internal Data Processor (Supabase)

We use Supabase as our secure database infrastructure. Registration data you submit is stored in Supabase databases. Supabase acts as our Data Processor and is bound by a Data Processing Agreement. Data is stored on servers within the EU/EEA.

6.4 We Do Not Sell Your Data

We do not sell your personal data to third parties for monetary consideration. California residents: please see Section 10 for your rights under CCPA/CPRA.

7. Cookies and Tracking Technologies

We use cookies and similar tracking technologies on our Website. A cookie is a small text file placed on your device.

Category	Description	Consent Required?
Strictly Necessary	Essential for the Website to function (session management, security)	No
Analytics	Google Analytics 4 — understand user behaviour and improve the Website	Yes
Marketing / Advertising	Facebook Pixel, TikTok Pixel, Taboola, Google Ads — ad conversion and retargeting	Yes
Affiliate Tracking	Binom tracker — internal click and conversion tracking across our campaigns	Yes

You can manage your cookie preferences at any time via our Cookie Consent Banner or through your browser settings. Withdrawing consent will not affect the lawfulness of processing carried out before withdrawal.

For a complete list of cookies used on this Website, including names, durations and providers, please refer to our Cookie Policy.

8. Data Retention

We retain your personal data only for as long as necessary for the purposes set out in this Policy, or as required by applicable law.

Data Category	Retention Period	Basis
Registration data (email, DOB, gender, preferences)	24 months from collection	Business necessity + legal compliance
Marketing pixel / cookie data	Up to 13 months	Platform standard / consent duration
Click tracking data (Binom)	24 months	Performance reporting requirements
Consent records	3 years	Legal obligation to demonstrate consent
Data subject request records	3 years	Legal obligation

⚠ Action required: We currently store registration data indefinitely. We are implementing automated deletion after 24 months. Until this is in place, you may submit a deletion request at any time as described in Section 9.

9. Your Data Subject Rights

9.1 Rights Under GDPR and UK GDPR

If you are located in the EU or UK, you have the following rights:

Right	What It Means
Right of Access (Art. 15)	Request a copy of your personal data we hold
Right to Rectification (Art. 16)	Request correction of inaccurate data
Right to Erasure (Art. 17)	Request deletion of your personal data ('right to be forgotten')
Right to Restriction (Art. 18)	Request we limit how we process your data
Right to Data Portability (Art. 20)	Receive your data in a structured, machine-readable format
Right to Object (Art. 21)	Object to processing based on legitimate interests
Right to Withdraw Consent	Withdraw consent at any time without affecting prior processing
Right to Lodge a Complaint	Complain to your national supervisory authority (e.g. ICO in UK, your national DPA in EU)

9.2 Rights Under CCPA/CPRA (California Residents)

If you are a California resident, you have the right to:

Know what personal information we collect, use, disclose and sell
Delete your personal information (subject to certain exceptions)
Opt out of the sale or sharing of your personal information
Non-discrimination for exercising your privacy rights
Correct inaccurate personal information
Limit use of sensitive personal information

To exercise these rights, see the 'Do Not Sell or Share My Personal Information' link in our website footer, or contact us directly.

9.3 Rights Under PIPEDA and Quebec Law 25 (Canadian Residents)

If you are a Canadian resident, you have the right to:

Access your personal information and request corrections
Withdraw consent to processing (subject to legal and contractual limitations)
Be informed of how your data is used and to whom it is disclosed
Lodge a complaint with the Office of the Privacy Commissioner of Canada (OPC)

9.4 How to Exercise Your Rights

You may exercise any of the above rights by:

Submitting a request via the form on our website: dateoverseas.com/pages/contact-us
Sending an email to: privacy@dateoverseas.com

We will respond to all requests within 30 days (GDPR / UK GDPR / CCPA) or 30 business days (PIPEDA). We may need to verify your identity before processing your request.

If you submitted a registration that was forwarded to our affiliate partner via API, we will coordinate with our partner to process your deletion or access request on their systems as well.

10. How We Obtain Your Consent

10.1 Cookie Consent

Upon your first visit to our Website, you will be shown a cookie consent banner allowing you to accept, decline or customise your preferences for non-essential cookies. Marketing and analytics pixels are not activated until consent is granted.

10.2 Registration Form Consent

At the final step of our registration form, you are required to provide explicit consent via clearly labelled checkboxes:

Consent to our Privacy Policy and Terms & Conditions, and processing of your personal data
Explicit consent to the transfer of your personal data to our affiliate partner for the purpose of creating an account with their service
Explicit consent to the processing of sensitive personal data (gender preferences) under Art. 9 GDPR
Optional consent to receive marketing communications from us

Each consent is separate and granular. Consent for sensitive data and partner transfer is mandatory to complete registration (as these are necessary for the service). Marketing consent is optional.

ℹ We maintain timestamped records of all consents collected (Consent ID, timestamp, checkbox state, IP address).

11. International Data Transfers

Our affiliate partner operates entities in both the EU/EEA and the United States. When your registration data is transmitted to their US entity, this constitutes a transfer of personal data outside the EEA.

We ensure that any such transfer is protected by appropriate safeguards, specifically:

Standard Contractual Clauses (SCCs) — EU Commission Decision 2021/914, which impose data protection obligations on the recipient equivalent to GDPR requirements
Transfer Impact Assessments (TIAs) are conducted where required

For transfers within the EU/EEA (to our partner's EU entity), no additional transfer mechanism is required as GDPR applies directly.

12. Data Security

We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, disclosure, alteration or destruction. These measures include:

Encrypted data transmission (TLS/HTTPS) for all API calls and website traffic
Access controls and authentication requirements for our database (Supabase)
Regular security assessments of our infrastructure
Data minimisation — we only collect what is necessary for the stated purpose

In the event of a personal data breach that is likely to result in a risk to your rights and freedoms, we will notify the relevant supervisory authority within 72 hours and inform affected individuals without undue delay, as required by GDPR Article 33–34.

13. Minimum Age / Children's Privacy

Our Website and services are strictly intended for adults aged 18 years or older. We do not knowingly collect personal data from individuals under the age of 18.

Our registration form includes a date of birth field to verify user age. If we become aware that we have inadvertently collected data from a person under 18, we will delete such data immediately.

If you believe a minor has submitted data through our Website, please contact us at privacy@dateoverseas.com.

14. Affiliate Marketing Disclosure

dateoverseas.com is an affiliate marketing website. We earn a commission or fee when users click on links to or register with partner services featured on our Website. The presence of an affiliate link does not influence our editorial content, but you should be aware of this commercial relationship.

Not all products or services reviewed on this Website are ones for which we have an affiliate relationship. Where a commercial relationship exists, this is disclosed.

15. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technologies or legal requirements. We will notify you of material changes by:

Posting the updated policy on this page with a revised 'Last Updated' date
Where required by law or where changes materially affect your rights, by direct notification (e.g. email or on-site notice)

Your continued use of the Website after changes are posted constitutes your acceptance of the updated policy, to the extent permitted by applicable law.

16. Contact Us

For any questions, concerns or requests relating to this Privacy Policy or our data processing practices, please contact:

Proads Solutions LTD

Email (general privacy): privacy@dateoverseas.com
Email (DPO): dpo@dateoverseas.com
Data deletion / access requests: dateoverseas.com/pages/contact-us
Registered address: Unit B, First Floor Broad Oak Farm Business Park, Redbrook Maelor, Whitchurch, United Kingdom, SY13 3AQ

If you are not satisfied with our response, you have the right to lodge a complaint with your local data protection supervisory authority:

EU: Your national Data Protection Authority (list at edpb.europa.eu)
UK: Information Commissioner's Office (ICO) — ico.org.uk
California: California Privacy Protection Agency — cppa.ca.gov
Canada: Office of the Privacy Commissioner — priv.gc.ca

Country/region