Privacy Policy
Last updated: 13/02/2026
Charmbodies.com (the âSiteâ) attaches great importance to protecting its usersâ personal data. This policy has been drafted in accordance with the GDPR and the French Data Protection Act (Loi Informatique et LibertĂŠs), to the extent applicable.
1. Data Controller
- Company: Savora Technologies Ltd
- Legal form: Private limited company (Ltd)
- Registration number: HE 480390
- Registered office address: Steliou Kyriakide 6, 3080 Lemesos, Cyprus
- Email (GDPR / personal data requests): [email protected]
2. Data Collected
- Identity and account data (email, username)
- Profile and listing data (titles, descriptions, photos, videos, categories)
- Technical data (IP address, device and browser, access logs)
- Security/anti-abuse data (spam prevention, fraud, abuse, audits and checks)
- Support requests and communications (e.g., emails, forms)
- Financial data (payment/billing, only in case of payment)
- Cookies (essential, analytics, optional marketing), in accordance with the Cookie Policy
- Age-verification related data (when required): mainly a âverifiedâ status and related logs
3. Purposes of Processing
- Account and listing management
- Security, prevention of spam, fraud and abuse
- Content moderation and handling complaints/reports
- Analytics and service improvement
- Compliance with legal obligations and responses to legal requests
4. Legal Bases
- Contract
- Legitimate interest
- Consent
- Legal obligation
5. Retention Periods
- Data is kept only for as long as necessary to provide the service and for the purposes described above.
- When an account is deleted or becomes persistently inactive, data is deleted or anonymised within a reasonable period, subject to legal obligations and the needs of handling disputes/abuse.
- Billing/payment data: retained for 10 years in accordance with the law.
- Age-verification related data: limited retention; the Site mainly keeps a âverifiedâ status and related logs.
- Logs and security data: retained for a period proportionate to security needs, fraud prevention and audits.
6. Data Sharing
- Technical service providers (hosting, security, email)
- Payment service providers (only for payment processing)
- Third-party verification providers (only when required)
- Authorities (where legally required or upon a valid legal request)
Data is never sold to third parties.
7. Transfers Outside the EU
In the event of a transfer outside the EU/EEA, appropriate safeguards are implemented, including Standard Contractual Clauses (SCCs) where applicable, as well as additional measures where necessary.
8. Security Measures
- HTTPS/TLS encryption
- Password hashing
- Role-based access controls
- Monitoring, anti-abuse measures and backups
Security reporting (phishing, vulnerabilities, incident): [email protected]
9. Usersâ Rights (GDPR)
Users have the right of access, rectification, erasure, restriction, objection, portability and withdrawal of consent.
Requests: [email protected]
Response time: within a maximum of 30 days
Supervisory authority: CNIL (France) or the competent authority depending on your situation
10. Personal Data Breach Notification
In the event of a personal data breach, the Operator will notify the competent supervisory authority where required and, where applicable, within the deadlines set by the GDPR (notably 72 hours from becoming aware of the breach). Where the breach is likely to result in a high risk to individuals, the Operator will also inform the affected users without undue delay.
11. Protection of Minors
Charmbodies.com is strictly limited to users aged 18 and over. Suspicious accounts may be immediately suspended.
12. Applicable Law
This policy is governed by the law of the Republic of Cyprus, subject to any mandatory applicable provisions.