This Privacy Policy explains how MILKIES Ltd ("MILKIES", "we", "us" or "our") collects, uses, discloses and safeguards Personal Data when you access or use the Inner Circle Partner Program platform located at https://innercircle.love (the "App") or otherwise interact with us in connection with the MILKIES unified affiliate / partner ecosystem covering the MILKIES®, DIY by MILKIES®, MOMENTS®, KeepMoments.de and MOMENTS® DIY JEWELRY KIT brands (collectively, the "Services").
MILKIES is committed to protecting your privacy and processing Personal Data in a transparent, lawful and fair manner in accordance with the UK General Data Protection Regulation ("UK GDPR"), the Data Protection Act 2018, and, where applicable, the EU GDPR (together, the "Data Protection Laws").
By creating an account, logging in via Google or Facebook, applying to the Program, or otherwise using the App, you acknowledge that you have read and understood this Privacy Policy.
MILKIES Ltd
85 Great Portland Street
London W1W 7LT, England (United Kingdom)
Registered in England & Wales – Company No. 10195739
Email: privacy@innercircle.love
Telephone: +44 (0)20 3890 7353
Category: Account & Identification Data
Types of Data:
Name
Email address
Password (hashed)
Preferred language
Time-zone
Contact telephone number
Postal/billing address
Company name
VAT/tax ID
Source: Provided by you
Category: Social Login Data
Types of Data:
Google or Facebook user ID
Verified email
Display name
Profile picture URL
OAuth token
Source: Third-party login provider (with your authorisation)
Category: Program Application Data
Types of Data:
Answers to eligibility questions
Promotional channels
Website URLs
Social-media handles
Traffic statistics
Marketing plans
Source: Provided by you
Category: Transaction & Commission Data
Types of Data:
Referral code
Click-through events
Order identifiers
Product SKUs
Gross & net sales
Commission rate
Accrued commissions
Payout history
Invoices
PayPal account ID
Bank IBAN/BIC
Payout preferences
Source: Generated by the App; provided by you; MILKIES e-commerce platforms
Category: Technical & Usage Data
Types of Data:
IP address
Device type
Operating system
Browser
Referral URL
Session timestamps
App event logs
Cookies
Facebook Pixel & Google Analytics identifiers
Source: Automated collection
Category: Communications Data
Types of Data:
Support requests
Emails
Chat messages
Feedback forms
Marketing opt-in/opt-out records
Source: Provided by you
We do not knowingly collect data from individuals under 18 years of age; the Program is strictly limited to persons aged 18+.
We process your Personal Data on one or more of the following grounds:
Contractual Necessity — to assess your application, create and administer your partner account, generate referral links, track commissions, issue invoices and process payouts (§ 6(1)(b) UK GDPR).
Legitimate Interests — to protect the integrity of our Services, prevent fraud or abuse, conduct analytics, improve the App and defend legal claims (§ 6(1)(f) UK GDPR). We balance our interests against your fundamental rights and freedoms.
Legal Obligation — to comply with tax, accounting, anti-money-laundering and other statutory duties (§ 6(1)(c) UK GDPR).
Consent — for optional marketing communications or where your jurisdiction requires consent for certain cookies (§ 6(1)(a) UK GDPR). You may withdraw consent at any time.
We use your data to:
evaluate and process partner applications;
authenticate you and manage secure log-in sessions;
generate unique partner codes, attribute referrals, and display real-time commission dashboards;
issue self-billing invoices (where applicable) and execute payouts via PayPal or bank transfer;
detect fraudulent clicks, invalid traffic or breach of Program rules;
send operational notices (e.g., sale confirmations, payout status, policy updates);
provide technical and customer support;
comply with financial, tax and bookkeeping regulations;
conduct aggregated analytics on partner performance, campaign effectiveness and App stability;
send optional promotional updates about new MILKIES products, where permitted.
We share Personal Data strictly on a need-to-know basis with:
Internal Teams — authorised staff of MILKIES Ltd and its EU/US subsidiaries involved in partner management, finance, marketing or IT.
Service Providers — vetted processors acting on our instructions: hosting & infrastructure (e.g., AWS EU-West 1), payment processors (PayPal Europe S.à r.l., UK-regulated banks), email delivery (SendGrid), analytics (Google Analytics, Meta Platforms), customer-support platforms.
Professional Advisers — auditors, accountants, lawyers or insurers bound by confidentiality.
Authorities — HM Revenue & Customs, Companies House, courts or regulators where lawfully required.
Business Transfers — in the event of a merger, acquisition or asset sale, subject to safeguards.
We never sell or rent your Personal Data.
Some service providers operate in jurisdictions that may not provide the same level of protection as the UK/EU. Where we transfer data outside the UK/EEA we rely on:
Adequacy regulations issued by the UK Government or European Commission; or
Standard Contractual Clauses and, where necessary, supplementary measures.
A copy of relevant safeguards can be requested using the contact details in § 14.
Data Category: Account & Transaction Data
Retention Period: For the life of your partner account, plus 7 years after closure to meet tax & accounting obligations.
Data Category: Technical Logs
Retention Period: 12 months from collection, unless required for security investigations.
Data Category: Marketing Consent Records
Retention Period: For as long as consent remains valid plus 3 years thereafter.
Data Category: Application Data (if rejected)
Retention Period: 24 months from decision, then securely deleted.
On request or account deletion we pseudonymise or erase data not required by law.
Subject to the Data Protection Laws, you have the right to:
Access - obtain confirmation and a copy of your Personal Data.
Rectification - correct inaccurate or incomplete data.
Erasure - request deletion where processing is no longer lawful.
Restriction - temporarily halt processing under certain conditions.
Portability - receive data you provided to us in a machine-readable format and transmit it to another controller.
Objection - object to processing based on legitimate interests or direct marketing.
Withdraw Consent - at any time, without affecting prior lawful processing.
To exercise any right, please use the in-App "Delete Account" button or email privacy@innercircle.love. We will respond within one month.
You also have the right to lodge a complaint with the UK Information Commissioner's Office (ICO) or your local supervisory authority.
The App employs first-party cookies and similar technologies to:
maintain authenticated sessions;
attribute referral clicks to partner codes;
measure aggregated traffic and improve usability;
analyse campaign performance via Facebook Pixel and Google Analytics.
Where required, we request your consent via a cookie banner. You may delete or block cookies in your browser, but certain features (e.g., referral tracking) may not function correctly.
We implement appropriate technical and organisational measures, including:
TLS 1.3 encryption in transit; AES-256 encryption at rest;
single sign-on via Google/Facebook OAuth 2.0 with short-lived tokens;
role-based access controls, two-factor authentication for staff;
ISO 27001-certified cloud infrastructure;
continuous penetration testing and vulnerability scanning;
regular data-protection impact assessments.
Referral links direct end-customers to MILKIES e-commerce domains. Those sites are governed by their own privacy policies. We are not responsible for third-party content or privacy practices.
We may update this Policy to reflect changes to our practices or legal requirements. Material changes will be notified via the App or email at least 14 days prior to taking effect. The "Last updated" date at the top indicates the current version.
Questions, requests or complaints concerning this Policy or our data-processing practices should be directed to:
Data Protection Lead – MILKIES Ltd
85 Great Portland Street, London W1W 7LT, UK
Email: privacy@innercircle.love
Last updated: June 4, 2025