The App and Sites are global, and your information will be sent to and used in the United States and the UK regardless of the country you reside in. This Policy explains how we protect your personal data when we transfer it overseas, so please read very carefully!
The App and Sites are operated by the “Bumble Group” (also referred to in this policy as “we” or “us”) which includes Bumble Holding Limited, Badoo Trading Limited and Bumble Trading LLC, all of which are controllers of personal information collected and processed through the Bumble App and Sites.
The Bumble Group has designated a Data Protection Officer and they can be reached by emailing DPO@team.bumble.com or by post at the following address: The Broadgate Tower Third Floor, 20 Primrose Street, London, United Kingdom, EC2A 2RS.
When you download the App and create an account (“Account”), we may collect certain information (“Registration Information”) about you, such as:
Once you register, you will be able to review and change this information at any time just by logging in to Bumble (other than your date of birth and location (which, if you have given Bumble access to your location in your device settings, is automatically updated based on the location of your device)). It is your responsibility to ensure that your account details are kept up to date. If your phone number changes, please ensure that you update this in your account.
The information we collect helps to enhance the App and verify our Users (robots are not welcome!). Registration Information such as your sexual preference, name and username may be visible to other Users who view your profile page.
For Users who are California residents, the data we may collect falls within the following categories of “personal information”, as defined by the California Consumer Privacy Act (CCPA):
We recommend and encourage you (and all our members) to think carefully about the information you disclose about yourself. We also do not recommend that you put email addresses, URLs, instant messaging details, phone numbers, full names or addresses, credit card details, national identity numbers, drivers’ license details and other sensitive information which is open to abuse and misuse on your profile.
When you post information about yourself or use the messaging function to communicate with other Users, the amount of personal information you share is at your own risk. Please see Section 4 below for more information on who can access what you post on Bumble.
For safety and security and to ensure you have the best possible user experience, we require Users to verify their accounts and might ask for your phone number and, in some instances, we might also ask that you carry out photo verification. We want to make sure you are not a robot! And we also want to avoid fake Bumble accounts being created which can be used for malicious activities and cybercrime – they threaten the Bumble network and spoil things for everyone. This verification might be required by us for the prevention of fraud. You can also verify your photo on a voluntary basis (to add the blue ‘verified’ badge to your profile).
If you choose to verify your profile photo, we will scan each photo that you submit. The scan may include the use of facial recognition technology so that we can compare the photo you submit to your profile photo, to help ensure that you are who you say you are. We do not add the verification photos to your profile. We retain the scans so that we can verify you in the future and for our record-keeping purposes until we no longer need them for such purposes or for three years after your last interaction with us, whichever occurs first. After the applicable retention period expires, we take commercially reasonable steps to permanently and securely delete the scans from our systems.
If you decide to purchase any of our premium services, we will process your payment information and retain this securely for the prevention of fraud and for audit/tax purposes.
Bumble uses automated decisions to prevent fraudulent payment transactions being processed as part of its anti-fraud procedures. In order to do this, our systems check payment transactions for behavior that indicates breaches of our Terms and Conditions of Use. If a transaction meets certain criteria that demonstrate that the Terms and Conditions of Use are likely to have been breached and the transaction is likely to be fraudulent, the relevant transaction may automatically be blocked. Where a transaction is blocked, the user will be notified that their transaction cannot be processed and affected Users can contact Bumble to contest the decision.
Please note that if your account is blocked for any reason, any account(s) that you have on other Bumble Group platforms/applications, such as Badoo, may also be blocked as part of our anti-spam and anti-fraud procedures.
If you have given Bumble access to your location in your device settings, when you use your cell, we will collect information about WiFi access points as well as other location information about your longitude and latitude and may save your device’s coordinates to offer certain features to you. This information helps us identify your physical location and we use it to personalize the App and make it easier for you to interact with other Users, by enabling the general locality information to be displayed to Users seeing your profile and showing you the profiles of other Users who are near you.
If you have given Bumble access to your location, but wish to turn this off, you can do so by the following methods:
We may collect information about your device when you use the App including the unique device identifier, device model, and operating system, for a number of purposes, as set out in this policy. In addition, if you permit us to do so, the App may access your device’s address book solely in order to add someone to your contacts.
We may keep track of how you interact with links available on Bumble including third party services by redirecting clicks or through other means. We may share aggregate click statistics such as how many times a particular link was clicked on.
We review the content of messages sent in the App to identify topics, sentiments, and trends across our Users. We will take steps to remove personally identifying information from such messages, prior to reviewing them. We will not share the content of User messages or information we derive from them with any third party.
From time to time, we run surveys for research purposes and we may contact you to find out if you would like to take part. We may also contact you to find out if you would like to provide feedback, a testimonial or take part in marketing campaigns (for example, if you let us know that you have found a match on the App, we may contact you to ask if you would be happy to feature in advertising for Bumble). Such surveys and marketing campaigns are optional and more information will be provided at the point of contact. If you do not wish to be contacted to take part in a survey or marketing campaign, please contact our Customer Support Team via our Feedback Page.
If you contact our Customer Support team via our Feedback Page, we will receive your email address, and may track your IP address, as well as the information you send to us to help resolve your query. We will keep records of our communications with you, including any complaints that we receive from you about other Users (and from other Users about you) for 6 years after deletion of your account.
When you visit our Sites or when you use our App, we may collect personal data from you automatically by using cookies or similar technologies. A cookie is a small file that can be placed on your device or browser that allows us to recognize and remember you.
Our main goal is to ensure your experience on Bumble is an enjoyable one and you don’t end up getting stung! In order to deliver an enjoyable experience to you, we may use your Registration and other information to:
We use a combination of automated systems and a team of moderators to monitor and review accounts (including photos and any other information uploaded onto user profiles) and messages for content that indicates breaches of our Terms and Conditions of Use. If an account or message meets certain criteria that demonstrate that the Terms and Conditions of Use are likely to have been breached, the relevant account will be subject to a warning and the user’s access restricted and/or blocked. Affected Users can contact Bumble to contest the decision.
If you post anything that is inconsistent with our Terms and Conditions of Use, we reserve the right to terminate or restrict access to your Account.
Under EU and UK data protection laws, we are required to tell you our lawful basis for using your data and we have set this out in the table below. Where the legal basis is consent, you can withdraw consent at any time. Where the legal basis is legitimate interests, you have a right to object to our use of your data. We explain in the relevant sections in this Policy how you can withdraw consent or opt-out of certain data uses (where applicable).
|Purpose for which data is used||Data||Source||Legal basis|
|To provide you with the Bumble social networking service||Name, email address, date of birth, location (CCPA Categories A and B)||You provide your name, email address and date of birth to us. We obtain location data from the device that you use to access the service||Contractual necessity|
|To facilitate networking opportunities on the Bumble App||Optional information that you choose to provide in your profile, including through profile verification, or adding Bumble badges, which may include information about your sexual preferences, non-binary gender, religion, ethnic background, photos, interests, etc. (CCPA Categories B, C, H, I, J)||You provide this information to us||Contractual necessity and our legitimate interests – it is in our legitimate interests to facilitate networking opportunities in the Bumble app. For special category/sensitive personal data, we rely on your explicit consent.|
|To verify your identity and prevent fraud and to ensure the safety and security of Users||Phone number and if requested or permitted, photo provided as part of profile verification and for users based in countries where age verification is required by law: photo of Government ID + geolocation and device information (CCPA Categories A, B, C, E, F, G and H)||You provide this information to us, except for the geolocation and device information, which we obtain from the device that you use to access the service||Legitimate interests – it is in our legitimate interests to ensure that accounts are not set up fraudulently and to safeguard Users of the site|
|To take payment for premium services (not applicable for Users making payments via the Apple App Store)||Payment card details (CCPA Categories B and D)||You provide this information to us||Contractual necessity|
|To send you marketing information about our events, offers and services||Name, email address, postal address, Instagram handle and mobile phone number (CCPA Categories A and B)||You provide this information to us||Consent or legitimate interests and in accordance with the laws applying to our marketing activities. We have a legitimate interest in promoting our business and products|
|To carry out research and analysis to help us improve the App||Log and usage data, including IP address, browser type, referring domain, pages accessed, mobile carrier and search terms, images and video (CCPA Categories F and H)||You provide photos and videos to us. We obtain the log and usage information from the device that you use to access the service||Legitimate interests – it is in our interests to analyze the way in which Users are accessing and using our services so that we can further develop the App, implement security measures and improve the service|
|To respond to correspondence and queries that you submit to us, including social media queries||Email address and IP address, social media name, phone number (CCPA Categories B and F)||You provide your email address, social media name and phone number to us when you contact us and we obtain your IP address from the device that you use to contact us||Legitimate interests – it is in our legitimate interests to respond to your queries to ensure that we provide a good service to Users and troubleshoot problems|
|To investigate and block Users for reported infringements of our Terms and Conditions of Use||Name and user registration details, profile information, content of messages and photographs + usage and device data such as IP address and IP session information (CCPA Categories A, B, C, F, and H)||You provide your registration details, profile information, messages and photographs to us. We obtain the other information from the device that you use to access the service.||Legitimate interests - it is in our legitimate interests to prevent unauthorized behavior and to maintain the safety and integrity of our services|
|To block payment transactions as part of our anti-fraud procedures||Name, IP address, email address, mobile number, cardholder name, payments received, type of payment, user ID, country (CCPA Categories, A, B, and D)||You provide your name, email address, mobile number and card details to us. We obtain your IP address from the device that you use to contact us. We obtain your payment information from your interactions with our service||Legitimate interests – it is in our legitimate interests to prevent fraudulent transactions and to maintain the security of our services|
|To serve promo cards and advertisements on the App||Location, gender, age, and information that you have optionally provided us with via your profile (CCPA Categories A, C and G)||We obtain age, gender and profile information from you, and location data from the device that you use to access the service||Legitimate interests – it is in our legitimate interests to target advertisements so that Users see relevant advertisements and to allow us to generate income from advertising revenue|
|To serve advertisements on third party networks and measure the effectiveness of such ads||Data about your visit to our Sites or App and action taken on those (for example if you downloaded our App or created an account with Bumble), IP address (and your estimated location based on your IP address), age and gender, device ID (CCPA Categories B, C, G, F and K)||We obtain age and gender from you and we obtain other information from the device or browser that you use to access the service||Consent – as indicated by you in your Privacy Settings/Cookies Settings preferences and via your browser or device privacy preferences (where required by your device manufacturer, for example Apple devices using iOS 14.5).|
|To contact you in order to run surveys for research purposes and to obtain feedback, and to find out if you want to take part in marketing campaigns||Email address and cell phone number (CCPA Category B)||You provide this information to us||Legitimate interests – it is in our legitimate interests to carry out research so that we can further develop the app and improve the service|
|To enable video and audio call functions, and the sending of images and video||Video and audio call usage data, images and video (CCPA Categories F and H)||We obtain this information from the device that you use to access the service||Legitimate interests – it is in our legitimate interests to provide these functionalities as part of the services|
|To defend legal claims, protect legal rights and to protect people from harm||This could include any information that is relevant to the issue||This information may be obtained directly from you, from your device or from third parties, depending on the information involved||Legitimate interests – it is in our legitimate interests to protect our legal rights, defend legal claims and to protect our Users and third parties from harm|
Our policy is to not disclose your Registration Information or personal data, except in the limited circumstances described here:
|Circumstances where data may be disclosed||Disclosed data|
|Service Providers – We engage certain trusted third parties to perform functions and provide services to us. We may share your Registration Information or personal data with these third parties, but only for the purposes of performing these functions and providing such services. More information about this is available directly below.||This could include all data, including all CCPA Categories listed above|
|Moderators – To monitor activity on the App and approve content.||Name and user registration details, profile information, content of messages and photographs (CCPA Categories A, B, C, and H)|
|Payment Processing and Telecommunications Companies – To facilitate payments for our premium services.||Cardholder name, cardholder address, card number, payment amount, transaction date/time (CCPA Categories A, B, and D)|
|Law and Harm – As we mentioned in the Terms & Conditions, we think it is very important that all Users behave whilst using the App. We will cooperate with all third parties to enforce their intellectual property or other rights. We will also cooperate with law enforcement enquiries from within or outside your country of residence where we are required to by law, where there is an investigation into alleged criminal behavior or to protect the vital interests of a person. This may include preserving or disclosing any of your information, including your Registration Information, if we believe in good faith that it is necessary to comply with a law or regulation, or when we believe that disclosure is necessary to comply with a judicial proceeding, court order, or legal request; to protect the safety of any person; to address fraud, security or technical issues e.g. through anti-spam providers to protect the service from criminal activity or to protect our rights or property or those of third parties. In such cases we may raise or waive any legal objection or right available to us.||This could include any personal data that Bumble holds about you, depending on the nature of the request or the issue that we are dealing with, including all CCPA Categories listed above|
|Business Transfers – In the event that a Bumble Group entity or any of its affiliates undergoes a business transition or change of ownership, such as a merger, acquisition by another company, re-organization, or sale of all or a portion of its assets, or in the event of insolvency or administration, we may be required to disclose your personal data.||This could include all personal data that Bumble holds about you, including all CCPA Categories listed above|
|Marketing Services Providers – To help us serve marketing and advertising on third party websites and applications and measure the effectiveness of our advertising campaigns. More information on this is available below||Advertising identifier associated with your device (Device ID), estimated location (based on your IP address), age, gender and data about your visit to our Sites or App and action taken on those (for example if you downloaded our App or created an account with our App), hashed email address (for ‘custom audiences’ only) (CCPA Categories B, C, G, F and K)|
|Anti-Spam and Anti-Fraud – Your data may be shared with other Bumble Group companies, for example, to block accounts and suspected fraudulent payment transactions as part of our anti-spam and anti-fraud procedures.||Email address, phone number, IP address and IP session information, social network ID, username, user agent string, and transaction and payment data (CCPA Categories B, F and D).|
Aggregated Information – We may share aggregated information with third parties that includes your personal data (but which doesn’t identify you directly) together with other information including log data for industry analysis and demographic profiling.
Bumble does not sell your data and has not sold your personal data in the previous 12 months.
We engage certain trusted third parties to perform functions and provide services to us (“Service Providers”). The suppliers with which Bumble shares User personal data vary depending on a variety of factors, such as which of our App, Sites and services a User engages with. For example, to provide our services to Users, we typically use the following suppliers:
We carry out due diligence on all Service Providers we engage to ensure they have adequate data protection and information security measures in place and only provide them with the personal data necessary to the service they are providing. Measures are taken to ensure that the data shared is non-attributable to the greatest extent possible and our suppliers are also subject to extensive obligations under our contractual arrangements, including strict data retention limits.
We partner with providers of marketing services (such as Facebook for example) (‘Marketing Services Providers’) to help us market and advertise our App and services on third party websites and applications and measure the effectiveness of our advertising campaigns. For example:
We share a limited amount of your personal data with these Marketing Services Providers, such as:
*Hashing is a way of encrypting information by turning it into a combination of random numbers and letters - this code cannot be traced back to the email address. When hashed email addresses are sent to a Marketing Service Provider, they’re then matched against the Provider’s own existing list of their own users’ hashed information and our ads are served to those of our users who have successfully been matched with the Provider’s. Matched and unmatched hashes are then deleted by the Provider.
In some cases, these third parties will also use the data that they collect for their own purposes, for example they may aggregate your data with other data they hold and use this to inform advertising related services provided to other clients.
Where we share data with Facebook as our Marketing Service Provider (including via the Facebook “Like” function), we are Joint Data Controllers with Facebook Ireland for this processing. This arrangement means that Bumble has to provide you this notice, but you should contact Facebook if you wish to exercise your data protection rights. Further information, including how Facebook enables you to exercise your data protection rights, and subsequently processes your information as independent data controller can be found in Facebook Ireland’s Data Policy. If you want more information relating to the nature of the arrangement we have in place with Facebook, please email DPO@team.bumble.com.
This data referred to above can include actions that you take on our website such as your interactions with our Sites or other information collected from cookies or similar technologies including the Facebook pixel. This allows us to measure the effectiveness of our advertising, improve our marketing practices, and helps us deliver more relevant advertising to you and people like you (including on social media such as Facebook).
We think our Users are awesome, and we want you to share how awesome you are with the world, so we have built certain features to enable this. Our App is designed to make it easier for you to connect with other Users and to interact with them.
When using the Bumble App, you should assume that anything you post or submit on the App may be publicly-viewable and accessible, both by Users and non-users of the App. We want our Users to be careful about posting information that may eventually be made public.
Please be careful about posting sensitive details about yourself on your profile such as your religious denomination and health details. You may also choose to add sensitive information about yourself when you add certain Bumble badges to your profile, such as your religion and political leanings. While you may voluntarily provide this information to us when you create your profile, including your sexual preferences, there is no requirement to do so. Please remember that photographs that you post on Bumble may reveal information about yourself as well. Where you do upload and choose to tell us sensitive information about yourself, including through the addition of badges to your profile, you are explicitly consenting to our processing of this information and making it public to other Users.
Please also note that in certain countries (currently, South Korea only), Users are provided with functionality enabling them to download a copy of their conversation history (as this is required by local laws) and that Bumble has no control over how users may then publish or use that information.
If you log in to or access the App through your Facebook account or another third-party account on a device which you share with others, remember to log out of the App and the relevant third-party account when you leave the device in order to prevent other users from accessing your Bumble account.
Although we want as many people as possible to enjoy our creation, you have to be at least 18 years old to use the App - sorry kids, we know Bumble is cool, but you’ll have to come back when you’re old enough!
Bumble does not knowingly collect any information about or market to children, minors or anyone under the age of 18. If you are less than 18 years old, we request that you do not submit information to us. If we become aware that a child, minor or anyone under the age of 18 has registered with us and provided us with personal information, we will take steps to terminate that person’s registration.
Here at Bumble, we pride ourselves on taking all appropriate security measures to help protect your information against loss, misuse and unauthorized access, or disclosure. We use reasonable security measures to safeguard the confidentiality of your personal information such as secured servers using firewalls.
Unfortunately, no website or Internet transmission is ever completely 100% secure and even we cannot guarantee that unauthorized access, hacking, data loss or other breaches will never occur, but here are some handy tips to help keep your data secure:
If you ever think someone has had access to your password or Account, please follow the steps set out here. We cannot guarantee the security of your personal data while it is being transmitted to our site and any transmission is at your own risk.
When you sign in to our App using your Facebook account, you give permission to Facebook to share with us your name and profile picture. Unless you opt-out, you also give permission to Facebook to share with us your email address (if there is one associated with your Facebook account), date of birth, profile photos, gender, Page likes and current town/city.
If you register or sign in with your Apple ID, you give Apple permission to share your Apple login, a name (that can be edited by you) and an email (you can choose to hide your email and Apple will create a random email address so your personal email can stay private). This email address will be linked to your Bumble account and will be used to retrieve your Bumble account.
We will then use this personal data to form your Bumble account. If you remove the Bumble app from your Facebook settings, or from your Apple ID, we will no longer have access to this data. However, we will still have the personal data that we received when you first set up your Bumble account using your Facebook or Apple ID (you must delete your Bumble account entirely for us to no longer have access to this data).
You may link your Bumble account with your Instagram, Facebook or Spotify accounts. This allows you to share some information from those accounts directly to your Bumble account (for example, Instagram photos, or your top Spotify artists).
We only receive the limited information that Instagram or Spotify permits to be transferred (as detailed by Instagram/Facebook/Spotify and agreed by you when you first connect your account from such platforms with your Bumble account).
If you no longer want to link your Bumble account to your Instagram, Facebook or Spotify account, please visit the settings in your Instagram, Facebook or Spotify account and follow the instructions to remove the Bumble app access permissions. Please note that any information already added to your Bumble account from those platforms will not be deleted unless you delete it within your Bumble account as well.
If you use BFF, you can populate your profile with certain information (like your beliefs and political leanings). You can provide this information as part of your profile, but there’s no obligation to do so.
Our legal justifications for processing your personal data in BFF are listed below:
If you use BFF, we may use your activity, life and interests information to recommend friends and content.
In BFF, we provide opportunities to join groups built around locations or topics. We’ll recommend groups you can join based on your location, activity, life and interests information.
BFF members will not be able to see chat discussions until they join the specific chat and when they join, they’ll see the full message history.
Remember that certain areas of BFF are public spaces that are freely open to everyone on BFF. Your activity and anything you post in these spaces can be seen by everyone on Bumble BFF.
For Users who are California residents, you have the following rights (in addition to those listed at section 10 below) under the California Consumer Privacy Act, and you have the right to be free from unlawful discrimination for exercising your rights under the Act:
California’s “Shine the Light” law, Civil Code section 1798.83, requires certain businesses to respond to requests from California customers asking about the businesses’ practices related to disclosing personal information to third parties for the third parties’ direct marketing purposes. If you wish to find out about any rights you may have under California Civil Code section 1798.83, you can write to us at firstname.lastname@example.org.
From time to time, as part of a joint promotion with a third party, we may, if you participate in such promotion, disclose your contact information to the third party to allow them to market their products or services to you. Where this is a condition for participation in a promotion, we will always let you know before when you enter the promotion. Please follow the instructions provided to you by third parties to unsubscribe from their messages.
In addition, under California law, operators of online services are required to disclose how they respond to “do not track” signals or other similar mechanisms that provide consumers the ability to exercise choice regarding the collection of personal information of a consumer over time and across third party online services, to the extent the operator engages in that collection. At this time, we do not track our Users’ personal information over time and across third-party online services. This law also requires operators of online services to disclose whether third parties may collect personal information about their users’ online activities over time and across different online services when the users use the operator’s service. We do not knowingly permit third parties to collect personal information about an individual User’s online activities over time and across different online services when using the App.
Privacy laws applicable in your country may give you the following rights:
The particular rights which are applicable to you (which might include other rights not listed above) may vary depending on your country. You should make yourself aware of the rights you have under applicable privacy laws in your country.
If you want to exercise any of your rights listed above please visit our Feedback Page or email our Data Protection Officer at DPO@team.bumble.com. You can also contact us by post at the following address: The Broadgate Tower Third Floor, 20 Primrose Street, London, United Kingdom, EC2A 2RS. For your protection and the protection of all of our Users, we may need to request specific information from you to help us confirm your identity before we can answer the above requests.
If you have a concern about how we have processed your request or your personal data, you should contact us in the first instance via the contact details listed above.
If you feel we have not resolved your concern, you have the right to make a complaint at any time to the Information Commissioner’s Office (ICO), the UK supervisory authority for data protection issues (www.ico.org.uk). If you live in a country or territory located in the European Union (EU) or European Economic Area (EEA), you may also get in touch with your local Data Protection Regulator. If you live in a country outside the EU, you may have the right to lodge a complaint with your local privacy or data protection regulator.
Pursuant to Article 27 of the General Data Protection Regulation (GDPR), Bumble has appointed Borlux Ltd as its GDPR representative in the EU. If you usually reside in an EU Member State you can contact Borlux Ltd regarding matters pertaining to the GDPR by:
Using the online request form at https://services.nathantrust.com/privacycontact
Postal address: 1st Floor, 6 Lapps Quay, Cork, Ireland
We want you to be able to access Bumble wherever you happen to be in the world. To enable us to provide that service, we operate a global network of servers including in the US, UK, EU, and (for Users located in Russia) Russia. The hardware is located in third-party data centres but is owned by the Bumble Group. Data collected by Advertising Partners and other Service Providers may also be held outside the UK and the European Economic Area. We ensure that the data is adequately protected by ensuring that valid, legal mechanisms are in place such as: EU approved model clauses (which can be found here), and implementing robust contractual standards. If you want more information relating to the nature of the safeguards we have in place, please email DPO@team.bumble.com.
We keep your personal information only as long as we need it for the legal basis relied upon (as set out in Section 2 above) and as permitted by applicable law. Please see “Profile Verification Information (Including Biometric Information)” in Section 1, above, to learn about our retention policy with respect to biometric information.
When you delete your Account, or it is deactivated by us, we make sure it is no longer viewable in the App. For up to 28 days, it is still possible to restore your Account if it was accidentally deleted or wrongfully deactivated. After 28 days, we begin the process of deleting your personal information from our systems, unless:
Warning: Even after you remove information from your profile or delete your Account, copies of that information may still be viewable and/or accessed to the extent such information has been previously shared with others, or copied or stored by others. We cannot control this, nor do we accept any liability for this. If you have given third party applications or websites access to your personal information, they may retain such information to the extent permitted under their terms of service or privacy policies.
Thanks for reading, we hope we didn’t drone on for too long!