Privacy Policy

Privacy Policy

Last updated: 28 April 2026

1. Who are we?

Sugarfar.com is operated by Disp I/S, a partnership registered in Denmark under CVR no. 38507508, with registered address at Maglebjergvej 6, 2800 Kongens Lyngby, Denmark. Although Disp I/S is established in the European Union, we serve users in the United States and process personal information of U.S. residents in accordance with applicable U.S. federal and state privacy laws, including the California Consumer Privacy Act (CCPA) as amended by the California Privacy Rights Act (CPRA).

For data protection matters and privacy inquiries from U.S. users, please contact us at: support@sugarfar.com

2. What information do we collect?

We collect the following categories of personal information about U.S. users (using CCPA/CPRA category labels where applicable):

Information you provide to us

  • Identifiers: Email address, username and password upon registration
  • Profile data: Age, gender, U.S. city or state, profile text, interests and preferences
  • Visual data: Profile pictures and gallery images you upload
  • Electronic communications: Chat messages and images sent to other users
  • Commercial information: Subscription history; payment card details are processed directly by Stripe — we never receive or store your card details

Information we collect automatically

  • Internet activity / device data: IP address, browser type, device type and operating system
  • Usage data: Page views, clicks and interactions with the platform
  • Cookies and similar tracking technologies: See section 8 on cookies

We do not knowingly collect Social Security Numbers, government ID numbers, financial account numbers, or precise geolocation. We do not sell or share personal information for cross-context behavioral advertising as those terms are defined under the CCPA/CPRA.

3. What do we use your data for?

We process your personal information for the following business purposes:

  • Service delivery: Creating and maintaining your profile, displaying you to other users, and enabling chat
  • Security and fraud prevention: Verifying profiles, detecting and preventing abuse, fraud and fake profiles
  • Improvement: Optimizing the platform, features and user experience
  • Communication: Sending service notifications, match notifications and (with your consent) newsletters
  • Payment processing: Processing subscription payments via Stripe in U.S. dollars (USD)

Where the General Data Protection Regulation also applies (e.g. when EU/EEA processors are involved), our legal bases include performance of a contract, our legitimate interest in operating and protecting the platform, and consent where applicable.

4. Who do we share data with?

We do not sell your personal information for monetary or other valuable consideration, and we do not share personal information for cross-context behavioral advertising. We disclose personal information only to trusted service providers (sub-processors) who process data on our behalf, primarily Stripe (payments), our hosting and database providers, and our email/transactional service providers.

Because Disp I/S is established in Denmark, personal information of U.S. users may be transferred to and processed in the European Union. Such transfers are governed by Standard Contractual Clauses (SCCs) and, where applicable, the EU-U.S. Data Privacy Framework (DPF). All service providers operate under written data processing agreements requiring confidentiality, security and use of data only as instructed.

5. Security

We protect your information with the following safeguards:

  • All data transmission takes place via HTTPS (TLS encryption)
  • Passwords are hashed with industry-standard algorithms — we can never see your password
  • Payment details are handled exclusively by Stripe (PCI DSS certified) and are never stored on our servers
  • Access to personal information is restricted to authorized personnel
  • Row Level Security (RLS) ensures that users can only see data they are entitled to

6. Retention and deletion

We retain your personal information for as long as your account is active and delete it when it is no longer necessary for the purpose for which it was collected, or as required by U.S. or Danish bookkeeping law.

  • Chat images: Automatically deleted after 5 days
  • Profile data: Deleted upon deletion of your account
  • Payment history: Retained for up to 5 years for tax and bookkeeping purposes
  • Log files: Automatically deleted after 90 days

You can delete your profile at any time under "My Account". All your profile data, photos and messages will be permanently deleted.

7. Your rights (CCPA/CPRA and other state laws)

Depending on the U.S. state in which you reside, you may have some or all of the following rights:

  • Right to know: The categories of personal information we have collected about you, the sources, the purposes for collection, and the categories of recipients
  • Right to access / portability: A copy of the specific personal information we hold about you
  • Right to delete: Deletion of your personal information, subject to limited legal exceptions
  • Right to correct: Correction of inaccurate personal information
  • Right to opt-out of sale or sharing: Although we do not sell or share personal information as those terms are defined under the CCPA/CPRA, you may submit a request as a precaution
  • Right to limit use of sensitive personal information: Where applicable
  • Right to non-discrimination: We will not discriminate against you for exercising any of these rights

California residents may exercise their CCPA/CPRA rights by contacting support@sugarfar.com with the subject line "California Privacy Request". We will verify your identity using information already on your account before responding, and will respond within 45 days (extendable to 90 days for complex requests).

Residents of Colorado, Connecticut, Virginia, Utah, Texas, Oregon and other states with comprehensive privacy laws may exercise comparable rights using the same contact address. You may use an authorized agent to submit requests on your behalf.

If you believe we have processed your information in violation of applicable law, you may lodge a complaint with the U.S. Federal Trade Commission at reportfraud.ftc.gov, or, for California residents, with the California Privacy Protection Agency (CPPA) at cppa.ca.gov.

8. Cookies

Sugarfar uses cookies and similar technologies to deliver and improve the service. We distinguish between:

  • Strictly necessary cookies: Required for the platform to function (login sessions, security). These do not require consent.
  • Analytical cookies: Used to understand how visitors use the site. Subject to your consent.
  • Marketing cookies: Used to target advertisements. Subject to your consent.

You can change your cookie preferences at any time via the cookie settings in the site footer, and we honor Global Privacy Control (GPC) signals from your browser as a valid opt-out request where required by U.S. state law.

9. Children's privacy

Sugarfar is intended exclusively for adults 18 years of age or older. We do not knowingly collect personal information from children under 13 in compliance with the U.S. Children's Online Privacy Protection Act (COPPA), and we do not knowingly process personal information of any minor.

10. Changes to this policy

We may update this privacy policy from time to time. In the event of significant changes, we will inform you via email or a notice on the platform. The latest version will always be available on this page.

11. Contact

Questions about this privacy policy or U.S. privacy rights can be directed to:

Disp I/S
Maglebjergvej 6, 2800 Kongens Lyngby, Denmark
CVR: 38507508
Email: support@sugarfar.com