What are the institutional and regulatory implications of this document?

This policy engages GDPR (EU and UK), CCPA/CPRA (California), and emerging US state privacy laws, with Bumble acting as data controller under GDPR Article 13/14 obligations. The collection and processing of special category data — including biometric identifiers, sexual orientation, and health information — triggers heightened obligations under GDPR Article 9 and equivalent state law provisions, requiring explicit consent and robust data protection impact assessments. Compliance teams should sc…

How does Bumble's Bumble Privacy Policy affect users?

Bumble collects a wide range of sensitive personal data including biometric identifiers, precise geolocation, sexual orientation, religious beliefs, and private messages, which are used for matching algorithms, content moderation, and advertising purposes. Your data may be shared with third-party advertisers and service providers, and transferred to the United States and other countries with potentially different privacy protections. You can request access to, correction of, or deletion of your…

How often is Bumble's Bumble Privacy Policy updated?

ConductAtlas monitors this document daily and captures every version with cryptographic hashing and timestamp verification. Update frequency varies — see the change timeline on this page for complete version history.

Can I get alerted when Bumble updates this document?

Yes. Watcher subscribers ($9.99/month) can add Bumble to their watchlist and receive same-day email alerts whenever this document or any other Bumble document changes.

Bumble Privacy Policy — Bumble

10 Total

5 High severity

4 Medium severity

1 Low severity

Summary

Bumble's privacy policy explains what personal information the app collects about you — including your location, photos, messages, and even biometric data if you verify your profile — and how it uses and shares that data. Bumble shares your information with third-party partners for advertising and service delivery, and may transfer your data internationally. You have rights to access, correct, delete, or export your data, and California residents have additional rights under state law.

Technical Summary

The Bumble Group Privacy Policy governs the collection, use, disclosure, and storage of personal information by Badoo Trading Limited and Bumble Trading LLC across the Bumble mobile application, desktop platform, and associated websites. The policy establishes Bumble as the GDPR data controller and sets out lawful bases for processing, including consent, legitimate interests, and contractual necessity. Notable provisions include the collection of biometric data for profile verification, use of automated matching algorithms and profiling, cross-border data transfers to the United States and other jurisdictions, sharing with third-party service providers and advertising partners, and comprehensive user rights frameworks for GDPR, CCPA/CPRA (California), and US state-level privacy laws. The policy also addresses sensitive data categories including sexual orientation, religious beliefs, and health information, and provides specific retention and deletion obligations.

Evidence Provenance

Captured April 19, 2026 06:18 UTC

Document ID CA-D-000226

Version ID CA-V-000757

Source URL https://bumble.com/en-us/privacy

Wayback Machine View archived versions →

SHA-256 6f0f969fe2657ab71d0bb04727d9c301748e682550c6cd065a20d4d2949b5325

✓ Snapshot stored ✓ Text extracted ✓ Change verified ✓ Cryptographically signed

Institutional Analysis

🔒 Institutional analysis locked

Regulatory exposure by statute, material risk assessment, vendor due diligence action items, and enforcement precedent. Available on Professional.

Upgrade to Professional — $149/mo

Change Timeline

March 21, 2026 — Document updated medium

Bumble updated their privacy policy on March 21, 2026 to remove the United Kingdom (UK) from the list of countries where their servers are located. The policy previously stated servers were in the US, UK, and the EU; it now only mentions the US and the EU. This matters because it may affect where UK users' data is physically stored and processed.

· 1 modified
View diff → View full record →
5dd453ab…
March 19, 2026 — Initial capture

Initial snapshot — monitoring begins

013fa835…

View full version history (0 captures) →

Analyzed Changes

1 change analyzed since monitoring began.

Updated March 21, 2026

medium

What changed Bumble updated their Bumble Privacy Policy on March 21, 2026. Change detected: 1 sentence(s) modified. Document contained 891 sentences after update.

Consumer impact Bumble has removed the UK from its stated list of server locations, meaning the policy no longer explicitly confirms that user data is stored on UK-based servers. For UK users, this could mean their data is now routed only through US or EU infrastructure, which may have implications for how UK data protection law applies to their information. You can review Bumble's privacy policy directly and contact their data protection officer if you have concerns about where your personal data is being processed.

Why it matters UK users can no longer rely on Bumble's privacy policy to confirm their data is stored domestically, which may have implications for how UK data protection law protects their information. This change could signal a shift in Bumble's data infrastructure that affects the legal basis for cross-border data transfers.

Recent Clause-Level Changes Mar 21, 2026

10 provisions unchanged.

View full change record →

High Severity — 5 provisions

Biometric Data Collection

Bumble collects biometric information — such as facial recognition data — when you use their profile verification or ID verification features to confirm your identity.

Added March 24, 2026
Sensitive Personal Data Processing

Bumble collects and processes sensitive categories of personal data including your sexual orientation, religious beliefs, political views, ethnicity, and health information that you voluntarily provide on your profile.

Added March 24, 2026
Third-Party Advertising Data Sharing

Bumble shares your personal information with third-party advertising and analytics partners to serve you targeted ads and measure marketing effectiveness.

Added March 24, 2026
Geolocation Data Collection

Bumble collects your precise location data when you use the app to help show you matches nearby, and this data is stored and processed as part of your profile.

Added March 24, 2026
California Residents — CCPA/CPRA Rights

California residents have specific rights under CCPA/CPRA, including the right to know what data is collected, the right to delete it, the right to opt out of the sale or sharing of personal information, and the right to non-discrimination for exercising these rights.

Added March 24, 2026

Medium Severity — 4 provisions

Automated Profiling and Matching Algorithms

Bumble uses automated algorithms to analyse your profile, behaviour, and preferences to determine who you are shown and matched with, which constitutes automated decision-making and profiling.

Added March 24, 2026
International Data Transfers

Bumble may transfer your personal information to the United States and other countries outside your home country, which may have different (and potentially weaker) privacy protections.

Added March 24, 2026
User Data Rights (GDPR & CCPA)

You have the right to access, correct, delete, or export your personal data, and to object to or restrict certain types of processing, with additional rights for California residents under CCPA/CPRA.

Added March 24, 2026
Data Retention Policy

Bumble keeps your personal information only as long as necessary for the purposes it was collected, but the specific retention periods vary by data type and applicable law.

Added March 24, 2026

Low Severity — 1 provision

Policy Change Notification

Bumble reserves the right to update this privacy policy at any time, and will notify users of material changes by email or in-app notice, with the latest version always controlling.

Added March 24, 2026

Cross-platform context

See how other platforms handle Biometric Data Collection and similar clauses.

Compare across platforms →