Fansit

Privacy Policy

URL: legal.fansit.com/privacy

Effective Date: April 16, 2026

Last Updated: April 16, 2026

This Privacy Policy explains how Persona Payments LLC, a Wyoming limited liability company doing business as "Fansit" ("Fansit," "we," "us," "our"), collects, uses, shares, and protects information about you when you use fansit.com or any related service (the "Platform").

Data controller: Persona Payments LLC, 1309 Coffeen Ave STE 1200, Sheridan, WY 82801, USA. Privacy contact: privacy@fansit.com.

1. Information We Collect

1.1. Information You Provide

  • Account information — email address, username, password (stored hashed), display name, date of birth.
  • Profile information — bio, avatar, banner image, location (Creators only), website (Creators only), and any other information you choose to add.
  • Verification information — for Creators and for Fans in jurisdictions requiring age verification: government-issued identity documents, biometric data (face match / liveness), and verification metadata. This information is collected and processed by our verification provider, Incode Technologies, Inc. ("Incode"), and shared with us only to confirm verification status.
  • Content — posts, messages, livestreams, audio, images, video, and any other content you upload or transmit.
  • Payment-method information — card number, expiration date, billing zip — collected directly by our third-party payment processors and not stored on Fansit servers. We retain only a tokenized reference and the last four digits.
  • Communications with us — emails, support tickets, and survey responses.

1.2. Information Collected Automatically

  • Device and browser data (type, OS, language, screen resolution).
  • IP address and approximate geolocation derived from it.
  • Cookies and similar technologies (see Cookie Policy).
  • Usage data — pages viewed, features used, content interacted with, session duration, error logs.

1.3. Information from Third Parties

  • Verification status and limited verification data from Incode.
  • Payment authorization, chargeback, and fraud signals from our payment processors.
  • Anti-fraud signals from third-party risk-assessment providers.
  • Where you log in via a third-party identity provider, the basic profile information that provider shares with us.

2. How We Use Your Information

We use your information to:

  • Operate, secure, and improve the Platform.
  • Verify your identity and age, comply with §2257 and similar recordkeeping laws, and prevent access by minors.
  • Process FanBuck purchases, payouts, refunds, and chargebacks.
  • Personalize your experience and surface relevant Creators or content.
  • Communicate with you about your account, transactions, and updates to our policies.
  • Detect, prevent, and respond to fraud, abuse, security incidents, and policy violations.
  • Comply with legal obligations and respond to lawful requests.
  • Establish, exercise, and defend legal claims.

Legal bases (for users in the EEA, UK, and Switzerland): performance of a contract (operating the Platform); compliance with a legal obligation (§2257, AML, age-verification laws); legitimate interests (security, fraud prevention, product improvement); and consent (where required, e.g., for non-essential cookies or marketing communications, which you may withdraw at any time).

3. Sharing Information

We do not sell your personal information. We share information only as described below.

| Recipient | Purpose | |---|---| | Identity / age-verification provider (Incode) | Confirm your age and identity. | | Third-party payment processors | Process FanBuck purchases, ACH payouts, refunds, and chargebacks. | | Cloud hosting and infrastructure providers | Host the Platform and store your data (e.g., database, file storage, CDN). | | Email and notification providers | Send transactional and account communications. | | Analytics and error-monitoring providers | Understand usage, fix bugs, prevent abuse. | | Customer-support tools | Respond to your support requests. | | Anti-fraud and content-moderation providers | Detect fraud, CSAM, illegal content, and policy violations. | | Law enforcement and regulators | When legally required, including responses to subpoenas, court orders, and reports to NCMEC and similar bodies. | | Successor in interest | In connection with a merger, acquisition, or sale of all or substantially all assets, with notice to you. |

We require all service providers to handle personal information in accordance with this Policy and applicable law.

4. International Data Transfers

Fansit is headquartered in the United States. If you access the Platform from outside the U.S., your information will be transferred to, stored, and processed in the U.S. We rely on appropriate safeguards (such as the EU Standard Contractual Clauses and the UK International Data Transfer Addendum) for transfers from the EEA and UK to the U.S.

5. Cookies & Similar Technologies

See our Cookie Policy for full details on the cookies and similar technologies we use.

6. Data Retention

We retain personal information only for as long as needed for the purposes described in this Policy, except where a longer period is required or permitted by law.

| Category | Retention | |---|---| | Account information | Duration of account + up to 24 months after closure (for fraud prevention and dispute defense) | | Verification records (§2257 / age verification) | The greater of 7 years or the period required by applicable law, even after account closure | | Transaction records | 7 years from the transaction date (tax / financial recordkeeping) | | Content (posts, PPV media, messages) | Duration of account + retention required by §2257; content purchased by Fans before account closure may remain accessible to those Fans per the Standard Fan/Creator Contract | | Server logs and usage data | Up to 18 months | | Customer-support records | Up to 3 years |

7. Your Privacy Rights

Depending on where you live, you may have the right to:

  • Access the personal information we hold about you.
  • Correct inaccurate personal information.
  • Delete your personal information (subject to legal-retention exceptions in Section 6).
  • Restrict or object to certain processing.
  • Receive a portable copy of certain information.
  • Withdraw consent (where processing is based on consent).
  • Lodge a complaint with your local data-protection authority.
  • California / CPRA: opt out of "sharing" of personal information for cross-context behavioral advertising (we do not engage in this), and limit use of sensitive personal information.

To exercise any of these rights, email privacy@fansit.com. We will respond within the timeframes required by applicable law (typically 30 days, extendable). We may need to verify your identity before responding.

8. Children

The Platform is not directed to children under 18 and we do not knowingly collect personal information from anyone under 18. If we learn we have collected personal information from a person under 18, we will delete it promptly and report any apparent CSAM to NCMEC and law enforcement.

9. Security

We use administrative, technical, and physical safeguards reasonably designed to protect your information, including encryption in transit (TLS), encryption at rest for sensitive fields, access controls, audit logging, and ongoing security monitoring. No system is perfectly secure. Notify us immediately at security@fansit.com if you believe your account has been compromised.

10. Changes

We may update this Policy from time to time. The "Last Updated" date reflects the most recent revision. Material changes will be communicated through the Platform or by email.

11. Contact

  • Privacy questions / DSAR: privacy@fansit.com
  • Data Protection Officer (EEA / UK representative): listed in our DPO appointment notice (to be added)
  • Mailing address: Persona Payments LLC, Attn: Privacy, 1309 Coffeen Ave STE 1200, Sheridan, WY 82801, USA