Bumble transfers personal data internationally, including to the United States, relying on mechanisms such as Standard Contractual Clauses to legitimise those transfers for EU and UK users.
When your data is transferred outside the EU or UK, it may be subject to weaker privacy protections in the destination country, and the legal mechanisms relied upon have faced scrutiny in European courts.
Post-Schrems II, EU-to-US data transfers must rely on valid transfer mechanisms such as Standard Contractual Clauses supplemented by Transfer Impact Assessments; compliance teams should verify Bumble's SCCs are the updated 2021 versions and that TIAs are documented, particularly given the sensitivity of data processed.
Compliance intelligence locked
Regulatory citations, enforcement risk, and due diligence action items.
Watcher: regulatory citations. Professional: full compliance memo.
Bumble collects a wide range of sensitive personal data including precise geolocation, biometric information, sexual orientation, and private messages, and uses this data for algorithmic matching and targeted advertising. Your data may be shared with third-party service providers, advertising partners, and disclosed to law enforcement or in the event of a corporate transaction such as a merger or acquisition. You can request access to, correction of, or deletion of your personal data by contacting Bumble through the in-app settings or via their privacy request portal.