← Back to OnlyFunds

DRAFT — Pending review and approval by legal counsel.

Privacy Policy

Effective date: [Insert effective date]
Last updated: [Insert update date]

1. Introduction

OnlyFunds, [Insert legal entity name] ("OnlyFunds", "we", "us", or "our") respects your privacy. This Privacy Policy describes the information we collect through the OnlyFunds website, the OF Creator Tools browser extension, the Auto Chatter service, the Fully Managed and Self Managed service tiers, the OnlyFunds content libraries, and any related software, native messaging hosts, applications, or APIs (collectively, the "Services"); how we use that information; who we share it with; and the choices and rights you have regarding your information.

This Policy is incorporated into our Terms of Service. EU/UK/Swiss residents should also review the GDPR Notice. California residents should review Section 13 (CCPA/CPRA Disclosures).

2. Who We Are & How to Contact Us

The data controller for personal information collected through the Services is OnlyFunds, [Insert legal entity name], with a place of business at [Insert mailing address]. You can reach us at privacy@onlyfunds.com for any privacy-related question, request, or complaint.

3. Information We Collect

We collect the following categories of personal information:

3.1 Information you provide directly

  • Account & billing identifiers — billing email address, license key, and the OnlyFans username/handle bound to your subscription.
  • Payment data — handled by our payment processor (Stripe). OnlyFunds receives a token, the last four digits of your card, expiration date, brand, country, and the billing zip/postal code; full card numbers are not stored on OnlyFunds servers.
  • Application & onboarding information — for Fully Managed engagements, the information you submit on our application forms or in onboarding interviews, including legal name, jurisdiction, content focus, and account access details required to deliver the service.
  • Communications — the contents of emails, support tickets, or other messages you send us.
  • Marketing opt-ins — your preferences for any optional newsletter or marketing communications.

3.2 Information collected automatically

  • Usage telemetry — feature usage events, error reports, browser/extension version, OS, and other diagnostic data used to maintain and improve the Services.
  • Device & log data — IP address, user agent, language, timestamps, and request metadata generated when you interact with our website or APIs.
  • Cookies and similar technologies — see Section 9.

3.3 Information generated by your use of the Services

  • Earnings snapshot — to compute your performance-linked rate, the OF Creator Tools Extension reads the last-30-day earnings figure from your OnlyFans Statistics dashboard on your device and transmits the resulting numeric figure (and a hash of the source URL) to OnlyFunds. We do not capture your fan messages, payouts, tax forms, or any subscriber identities through this process.
  • Auto Chatter conversation data — when Auto Chatter is enabled, the prompts, replies, and pipeline metadata processed by Auto Chatter are stored to operate the service, supervise quality, and (where you have not opted out) to improve our models.
  • Fully Managed operational data — for Fully Managed customers, the actions taken by our team and Automated System on your bound OnlyFans page, including scheduling timestamps, campaign metadata, and aggregate performance metrics.

3.4 Information from third parties

  • Payment processor — Stripe provides us with payment status, fraud signals, and dispute notifications.
  • Public OnlyFans page metadata — public information visible on a creator's OnlyFans page (display name, bio, post counts) when needed to verify a binding.

4. How We Use Information

We use personal information to:

  • provide, maintain, secure, and improve the Services;
  • create and administer your account, validate your license, and bind it to a specific OnlyFans page;
  • process payments, calculate performance-linked fees, send invoices and receipts;
  • train and supervise the Auto Chatter and Automated System (subject to your opt-out for model training);
  • respond to support inquiries and operational requests;
  • detect, investigate, and prevent fraud, abuse, security incidents, and policy violations;
  • comply with legal obligations and enforce our Terms;
  • send service-related communications (billing receipts, security notices, material changes to terms);
  • with your consent, send optional marketing communications;
  • aggregate or de-identify data for analytics, benchmarking, and product development.

5. What We Do NOT Do

  • We do not sell your personal information.
  • We do not access, store, or transmit your OnlyFans login password — it never leaves your machine for Self Managed use.
  • We do not read or process your fan messages or vault content for any purpose other than the automation features you have enabled.
  • We do not target advertising based on your sensitive personal data.

6. How We Share Information

We share personal information only with:

  • Service providers and processors who help us operate the Services under written data-processing agreements, including: Stripe (payments); our hosting and database providers; transactional email providers; error-tracking and observability providers; and AI/LLM providers used by Auto Chatter. A list of current sub-processors is available on request.
  • Professional advisors — accountants, auditors, lawyers, insurers, and bankers, where reasonably necessary.
  • Authorities — where we believe in good faith that disclosure is required by law, lawful process, or to protect the rights, property, or safety of OnlyFunds, our customers, or any third party.
  • Corporate transactions — in connection with a merger, acquisition, financing, reorganization, sale of assets, bankruptcy, or similar event, subject to customary confidentiality protections.
  • With your consent — for any other disclosure not described above.

7. Data Retention

We retain personal information for as long as your account is active and for a reasonable period afterward to comply with legal, tax, accounting, audit, fraud-prevention, and dispute-resolution obligations. Specific retention periods:

  • Account & billing records — at least seven (7) years after termination, or longer where required by tax law.
  • Auto Chatter logs — up to ninety (90) days for operational logs; aggregated, de-identified statistics may be retained indefinitely.
  • Earnings snapshots — for the duration of the active subscription plus thirty-six (36) months for billing-dispute resolution.
  • Support communications — up to thirty-six (36) months.

Once retention ends, we delete or de-identify the data.

8. Data Security

We implement and maintain technical and organizational measures designed to protect personal information against unauthorized access, loss, alteration, or destruction. These measures include encryption in transit (TLS 1.2+), encryption at rest for sensitive fields, role-based access control, audit logging, regular dependency review, and background checks for personnel with access to customer accounts. No system is perfectly secure; we cannot guarantee absolute security.

9. Cookies & Similar Technologies

The OnlyFunds website uses a small number of strictly necessary cookies to maintain your session and security state, and minimal first-party analytics cookies to understand aggregate site usage. The OF Creator Tools Extension uses local browser storage on your device to hold your settings and license key. We do not use third-party advertising or cross-site tracking pixels.

You can configure your browser to block or delete cookies; doing so may affect how the Services function.

10. International Transfers

OnlyFunds is operated from the United States. If you access the Services from outside the United States, you understand that your information will be transferred to and processed in the United States and other countries where we or our service providers maintain facilities. For transfers of personal data from the EEA, UK, or Switzerland, we rely on appropriate safeguards, including the European Commission's Standard Contractual Clauses (SCCs) and the UK International Data Transfer Addendum, supplemented by additional measures where required. See our GDPR Notice for details.

11. Your Choices & Rights

Subject to applicable law, you have the right to:

  • access the personal information we hold about you;
  • correct inaccurate or incomplete data;
  • request deletion of your data;
  • object to or restrict certain processing;
  • request data portability;
  • opt out of optional marketing communications at any time;
  • opt out of having your Auto Chatter data used to improve our models;
  • withdraw consent where processing is based on consent (without affecting processing already carried out);
  • lodge a complaint with your local data-protection authority.

To exercise any of these rights, email privacy@onlyfunds.com from the address associated with your account. We respond within thirty (30) days, extendable by an additional two months for complex requests, and we will not discriminate against you for exercising your rights.

12. Children's Privacy

The Services are intended exclusively for adults aged eighteen (18) or older. We do not knowingly collect personal information from anyone under 18. If we learn that we have collected such information, we will delete it. If you believe we may have inadvertently collected information from a minor, contact us at privacy@onlyfunds.com.

13. CCPA/CPRA Disclosures (California Residents)

If you are a California resident, the California Consumer Privacy Act, as amended by the California Privacy Rights Act ("CCPA/CPRA"), gives you specific rights regarding your personal information.

13.1 Categories of personal information

In the preceding twelve (12) months we have collected the following categories of personal information described in Cal. Civ. Code § 1798.140: identifiers; commercial information; internet or other electronic network activity information; geolocation data (approximate, derived from IP); professional information; and inferences drawn from the foregoing. The sources, business purposes, and recipients for each category are described in Sections 3, 4, and 6 above.

13.2 Sales & sharing

OnlyFunds does not "sell" personal information for monetary consideration as that term is defined under the CCPA/CPRA, and we do not "share" personal information for cross-context behavioral advertising.

13.3 Your California rights

  • Right to know the categories and specific pieces of personal information collected.
  • Right to delete personal information, subject to exceptions.
  • Right to correct inaccurate personal information.
  • Right to limit the use and disclosure of sensitive personal information.
  • Right to opt out of the sale or sharing of personal information (we do neither, but you may still submit a request).
  • Right to non-discrimination for exercising your rights.

13.4 Submitting a request

California consumers may submit requests by emailing privacy@onlyfunds.com. We will verify your request using identifiers tied to your account. You may use an authorized agent; we will require proof of authorization.

14. Third-Party Links & Services

The Services may link to or interoperate with third-party services, including OnlyFans, Stripe, browser extension stores, and AI providers. This Policy does not apply to those third parties, each of which has its own privacy practices. We encourage you to review them.

15. Changes to This Policy

We may update this Policy from time to time. The "Last updated" date above reflects the most recent revision. Material changes will be communicated through the Services or by email. Continued use of the Services after changes become effective constitutes acceptance of the updated Policy.

16. Contact

OnlyFunds, [Insert legal entity name]
[Insert mailing address]
Privacy: privacy@onlyfunds.com
Legal: legal@onlyfunds.com
General: contact@onlyfunds.com