Last updated: November 3, 2025
This Privacy Policy describes how SimpBunny Media Inc. ("SimpBunny", "we", "us", or "our") collects, uses, discloses, and protects your information when you use our websites, apps, and related services (the "Platform").
Adult-only platform. SimpBunny is strictly for adults 18+ (or the age of majority where you live, whichever is higher). We do not knowingly collect personal information from minors.
By using the Platform, you agree to the practices described in this Policy and our Terms of Service. If you do not agree, do not use the Platform.
Controller: SimpBunny Media Inc.
Email (privacy): privacy@simpbunny.com
Support: support@simpbunny.com
We collect information in three ways: (A) provided by you, (B) collected automatically, and (C) received from third parties.
Account & profile: email, username, password, date of birth, country, language, profile photos, bio, interests.
Creator verification (KYC): legal name, date of birth, address, ID scans, selfies/liveness checks, tax IDs/forms, bank or payout details (processed by third‑party providers).
Transactions: subscription purchases, tips, PPV buys, refunds, chargebacks, and related metadata (handled via payment processors; we receive limited details).
Content & messages: posts, photos, videos, livestreams, comments, DMs, and any metadata you attach (e.g., captions, tags). Do not include minors or non‑consensual content.
Safety reports: abuse reports, copyright claims, consent/age-verification records, communications with Trust & Safety.
Support: messages you send to customer support.
Device & usage: IP address, device identifiers, OS, browser, app version, language, time zone, referral/UTM, session activity, and log files.
Cookies & similar tech: cookies, local storage, pixels, and SDKs to enable login, preferences, analytics, security, and (where enabled) advertising/attribution.
Approximate location: derived from IP for fraud prevention, compliance, and localization (e.g., currency).
Payment processors: status of payments, limited card/wallet metadata (we do not store full card numbers).
Verification & AML providers: pass/fail results, document verification outcomes, sanctions/PEP checks where required.
Advertising/analytics partners: aggregated insights and attribution data (if we run ads or measure installs).
Provide the Platform: create accounts, deliver feeds, host content, enable search/discovery.
Monetization features: process subscriptions, PPV, tips, bundles; manage entitlements and receipts.
Safety & moderation: verify ages/identities, review reports, detect and prevent illegal or non‑consensual content, combat spam/fraud/abuse.
Security & integrity: authentication, rate limiting, incident detection, and debugging.
Recommendations & personalization: tailor feeds, suggestions, and notifications.
Communications: send transactional emails/push (receipts, security alerts, policy updates). Marketing emails only with consent or where permitted by law.
Compliance: tax, accounting, legal obligations, law enforcement requests.
Research & improvement: analytics, A/B testing, feature development.
Legal bases (EU/UK/GDPR): performance of a contract, legitimate interests (e.g., security, service improvement), legal obligations, and consent (e.g., certain cookies/marketing).
We use:
Strictly necessary cookies (login, security, payment flow).
Preferences cookies (language, theme).
Analytics cookies/SDKs (usage metrics, performance).
Advertising/attribution (if applicable; for campaign measurement/remarketing where permitted).
Manage cookies in your browser/app settings. Where required, we present a consent banner to set non‑essential cookies only with your consent.
Payments and payouts are processed by third‑party providers (e.g., card processors, app stores, e‑wallets). We receive confirmation and limited details (e.g., last4, card type, token) but do not store full card numbers. For payouts, KYC/AML providers may collect identity and banking details; we receive status results and identifiers to administer payouts and comply with law.
To protect users and enforce our policies, we may use automated tools (including machine learning) to:
detect prohibited content (e.g., CSAM, non‑consensual content, spam);
surface suspected policy violations for human review;
personalize recommendations.
We do not make decisions with legal or similarly significant effects without human oversight. You can contact us to request human review if you believe an automated action was incorrect.
We share information with:
Service providers & processors: hosting/CDN, storage/transcoding, analytics, security, age/ID verification, payments/payouts, customer support.
Creators & transactions: when you buy or subscribe, the Creator sees what’s necessary to fulfill your purchase (e.g., that you subscribed, your username/handle, and purchase status—not full payment details).
Legal & safety: law enforcement, authorities, or rights holders where required by law or to protect anyone’s safety, rights, or property.
Corporate events: business transfers (merger, acquisition, financing, sale of assets) subject to this Policy’s protections.
We do not sell your personal information for money. Where "sale" or "sharing" has a broader meaning (e.g., under CCPA), see Section 12.
We may process your information in countries outside your own. Where required (e.g., EU/UK), we use appropriate safeguards such as Standard Contractual Clauses and implement additional technical/organizational measures.
We keep information only as long as necessary for the purposes described in this Policy, including to comply with legal obligations (e.g., financial, tax, and trust & safety recordkeeping). Typical retention examples:
Account data: for the life of the account and a reasonable period after closure for fraud prevention and legal obligations.
Transaction records: kept for statutory periods (e.g., 7+ years in many jurisdictions).
Moderation logs: retained as needed to enforce policies and comply with law.
Backups: time‑limited and rotated.
Depending on where you live, you may have rights to:
access and obtain a copy of your data;
correct inaccuracies;
delete your data (subject to legal exceptions);
restrict or object to processing;
withdraw consent (where processing is based on consent);
data portability;
lodge a complaint with a data protection authority.
How to exercise: Email privacy@simpbunny.com from your account email and specify your request. We’ll verify your identity and respond within the time required by law. Creators/Fans may also use in‑product tools (e.g., download data, delete account) where available.
SimpBunny is for adults 18+ only. We prohibit content involving minors or young-looking persons. If you believe a minor’s information is on our Platform, contact safety@simpbunny.com or privacy@simpbunny.com immediately. We will investigate and, where applicable, report to the appropriate authorities.
Categories collected: identifiers (e.g., email, IP), commercial information (purchases), internet activity (logs), geolocation (approximate), user-generated content, inferences (for personalization), and sensitive data for KYC (Creators only).
Sources: directly from you, your device, service providers, and partners.
Purposes: as listed in Section 3.
Disclosures: to service providers, processors, and as legally required.
Sale/Sharing: We do not sell personal information for money. If we use advertising/analytics that qualifies as "sharing" under CPRA, you can opt out via Do Not Sell/Share controls where available and by adjusting cookie settings.
Rights: access, delete, correct, opt out of sale/sharing, limit use of sensitive data (where applicable), and non‑discrimination for exercising rights.
Verification & agents: We verify requests and honor authorized agent submissions as required by law.
Your personal information is handled in accordance with PIPEDA and applicable provincial privacy laws. You have rights to access and correct your information. Contact privacy@simpbunny.com to make a request or complaint. Our servers and service providers may be outside Canada; by using the Platform you consent to cross‑border processing.
We use technical and organizational measures to protect your information (e.g., encryption in transit, access controls, least‑privilege, monitoring, secure development practices). No system is 100% secure. Report suspected vulnerabilities to security@simpbunny.com.
The Platform may link to third‑party websites or include third‑party SDKs. Their privacy practices are governed by their own policies. Review them carefully.
Content you post (including profile info) may be visible to others according to your settings. Private DMs are not public but may be accessible to us for safety, legal, or operational reasons and to investigate policy violations.
We may preserve and disclose information to comply with lawful requests (e.g., subpoenas, court orders) and to protect anyone’s safety, rights, or property. We assess requests for adequacy and legality.
We may update this Policy from time to time. Material changes will be notified via the Platform or email. Your continued use after the "Last updated" date means you accept the revised Policy.
For questions or to exercise your rights: privacy@simpbunny.com
For security reports: security@simpbunny.com
For support: support@simpbunny.com
A. Cookie list (example placeholders)
sb_session — session authentication (strictly necessary)
sb_csrf — security token (strictly necessary)
sb_prefs — language/theme (preferences)
sb_analytics_* — first‑party analytics (analytics)
third‑party analytics/attribution cookies where applicable (analytics/advertising)
B. Processors & sub‑processors (examples; update with your stack)
Hosting/CDN & media processing
Payment processors/payout providers
Identity verification (KYC/AML)
Fraud prevention & security
Email/push delivery
Analytics/attribution
Legal notice: This template is provided for your convenience and does not constitute legal advice. Please consult a qualified lawyer to adapt it to your operations, jurisdictions, and vendor stack.
