Bumble added disclosure language describing BeePitched, a new feature that allows users and non-users to create and share personalized 'Pitches' about others. The updated privacy policy now states that BeePitched processes names, phone numbers, photos, pitch content, reports, and related technical information from pitch creators, contributors, subjects, and devices. This information is used to operate the feature, moderate content, investigate reports, and prevent misuse, with access restricted to pitch subjects, invited contributors, authorized Bumble personnel, and service providers.
Bumble's updated privacy policy discloses that the new BeePitched feature processes personal data including names, phone numbers, photos, and pitch content from users and non-users. According to the policy, this information is used to operate the feature, moderate content, investigate reports, and prevent misuse. Access to pitches is limited to pitch subjects, invited contributors, authorized Bumble personnel, and service providers. The disclosure establishes what data the feature collects and how it is used, but does not describe user controls or settings for opting out of being featured in a pitch.
The updated terms establish that BeePitched processes personal data from users and non-users, including names, phone numbers, and photos, in a feature that enables shared profiles about individuals. The disclosure describes what data is collected and how it is used, which addresses transparency requirements under privacy frameworks like GDPR and CCPA. However, the disclosure does not explicitly describe consent mechanisms, user rights, or controls to opt out of being featured, which may create compliance gaps depending on jurisdiction.
→ Personal information including names, phone numbers, and photos may be processed and shared through the BeePitched feature according to the terms stated in the updated privacy policy.
→ Individuals featured in pitches, including those without Bumble accounts, are subject to the data processing and access restrictions described in the policy.
ConductAtlas has recorded 3 material changes to this document over 69 days of monitoring (since March 2026). An additional minor or cosmetic changes were excluded.
Across all monitored documents, Bumble has made 4 significant changes.
2 of Bumble's significant changes have been classified as negative for consumers.
Privacy policy now discloses that BeePitched processes names, phone numbers, photos, pitch content, and related technical data from users and non-users for operation, moderation, investigation, and misuse prevention.
Access to pitches is limited to pitch subjects, invited contributors, authorized Bumble personnel, and service providers.
This change record describes what was added, removed, or modified in the document. Analysis reflects what the updated agreement states or permits. It does not constitute a legal determination about enforceability. Applicability may vary by jurisdiction. Methodology
Bumble added privacy policy language disclosing BeePitched, a new feature enabling user-generated and user-shared profiles (called 'Pitches') about individuals, including non-Bumble account holders. The disclosure describes data types (names, phone numbers, photos, pitch content, reports, technical information), processing purposes (operation, moderation, investigation, misuse prevention, legal compliance, access restriction), and access limitations (pitch subject, invited contributors, authorized personnel, service providers). From a compliance standpoint, this disclosure addresses GDPR Article 13/14 and CCPA transparency requirements by describing what personal data the feature processes and how. The disclosure does not describe consent mechanisms, user rights to access or delete pitch data, or controls for individuals featured in pitches. Organizations using Bumble as a vendor may need to assess whether this feature introduces new personal data processing that affects their own privacy notices, vendor assessment, and data processing agreements.
GDPR (Articles 13, 14, 6 lawful basis for processing non-account-holder data), CCPA (disclosure of personal information collection and use), state privacy laws with similar transparency requirements
Full compliance analysis
Obligation analysis, escalation trigger, board language, and recommended action.
Monitor: regulatory citations + obligations. Compliance: full compliance memo.
ConductAtlas provides verified policy intelligence sourced directly from platform documents. All analysis is intended to support, not replace, legal and compliance review. Record CA-C-002480.
New explicit provision disclosing that message and communication content is collected and processed, a significant privacy consideration for dating app users.
New provision explicitly stating policy change procedures and notification methods, establishing transparency around future policy modifications.
Removal of explicit provision on law enforcement disclosure practices could indicate either integration into broader data sharing sections or reduced transparency on government data requests.
Removal of dedicated data retention provision eliminates explicit user visibility into how long personal information is maintained, a key privacy protection.
Removal of corporate transaction disclosure eliminates transparency on data handling during mergers, acquisitions, or asset sales, reducing user control notification.
Previous version had no excerpt; current version now provides specific detail that biometric data is collected for ID verification purposes.
Severity downgraded from 'high' to 'medium' and provision renamed from 'Precise Geolocation Data Collection' to 'Geolocation Data Collection,' suggesting reduced emphasis on precision tracking.
Provision renamed from 'Algorithmic Profiling and Automated Matching' with added section reference 'Our Use of Algorithms' providing more specific policy documentation.
Severity downgraded from 'high' to 'medium' and reframed from 'Third-Party Advertising Data Sharing' to 'Third-Party Data Sharing with Service Providers,' narrowing scope from advertising to service assistance.
Previous version had no excerpt; current version provides section reference with explicit focus on handling and storage procedures.
Provision renamed from 'User Rights Framework (GDPR and US State Laws)' to 'User Rights Under GDPR and CCPA' with detailed enumeration of specific rights now included.
Previous version 'Sensitive Category Data Processing (Sexual Orientation, Health)' now consolidated as 'Special Category and Sensitive Data Processing' with explicit GDPR controller designation but without specific examples of sensitive categories.
Cross-platform context
See how other platforms handle similar provisions across the ConductAtlas archive.
See the full side-by-side comparison of every sentence added, removed, and modified.
🔒 Full diff — MonitorBumble updated its Terms and Conditions on May 19, 2026 to clarify account deletion procedures, expand the scope of content …
Bumble removed a reference to UK servers from its privacy policy on April 19, 2026. The policy previously stated the …
Bumble removed the UK from its list of server locations in its privacy policy. The updated language now states the …
We read the privacy policies and terms of service of 38 AI platforms. Here is what they say about training, retention, arbitration, and lia…
Get alerted when this policy changes again — including what changed and why it matters.
Prefer a weekly summary instead?
Get the biggest policy changes across 320+ platforms every Sunday.