Big Eye Network — Privacy Policy

Effective Date: June 2, 2026

1. Who We Are & Scope

1.1 Controller. This Privacy Policy ("Policy") is issued by Big Eye Network, LLC ("Big Eye," "we," "us," or "our"), the data controller (under GDPR/UK GDPR) and the "business" (under CCPA/CPRA) responsible for personal information collected through the Service.

1.2 The Service. "Big Eye Network" and the "Service" mean Big Eye Network's websites (including bigeyenetwork.com), web application, iOS and Android mobile applications, video players, channels, upload and creation tools, APIs, and all related services. "Content" means anything a user uploads, posts, submits, streams, comments on, messages, tags, or otherwise makes available through the Service (videos, audio, music, images, text, comments, captions, usernames, profile materials, livestreams, clips, reviews, metadata). "Upload" means to upload, post, submit, share, stream, message, tag, comment on, or otherwise make Content available through the Service. "Creator" means a user who publishes Content and/or participates in monetization. "Viewer" means a user who consumes Content and may tip or subscribe. "User" and "you" mean any person who accesses or uses the Service.

1.3 Who this covers. This Policy applies to all Users worldwide, regardless of how they access the Service — through a browser, the iOS app, the Android app, or the API — and to personal information we collect about visitors, prospective users, Creators, and Viewers.

1.4 Other policies. This Policy should be read together with our Terms of Service, Cookie Policy, and User Content Terms. Where those documents address privacy topics (e.g., creator monetization and data), this Policy governs.

2. Information We Collect

We collect information you give us, information generated by your use of the Service, and information we receive from third parties.

2(a) Account & Profile Information

When you register or update your account you may provide:

• Name (or display name / username)
• Email address and, optionally, phone number
• Date of birth (used for age verification)
• Profile photo, avatar, bio, and links
• Country/region and language preferences
• Password (stored in hashed form only)

For Creators who enroll in monetization, we also collect tax identification information (e.g., W-9 / W-8BEN form data), payout-account details, and government-issued identification documents for identity-verification purposes where required by law or payment-processor rules.

2(b) Content & Uploads

When you Upload Content to the Service we collect:

• The Content itself (video, audio, images, text, captions, tags, thumbnails)
• Metadata associated with the Content (title, description, categories, timestamps, file format, duration)
• Comments, live-chat messages, and reactions you post
• Clips, compilations, and derivative works you create on the platform

Content you make public is accessible to other Users and to search engines unless you configure it as private or restricted.

2(c) Payment & Transaction Data

Big Eye does not store full payment-card numbers, PAN data, or CVV codes. Payment processing is handled by:

• Stripe (web and API transactions) — Stripe acts as an independent data controller/processor for cardholder data. Stripe's privacy policy governs its handling of payment information.
• Apple App Store (iOS in-app purchases for tips and channel subscriptions) — Apple processes payment and may share limited transaction metadata with us.
• Google Play (Android in-app purchases for tips and channel subscriptions) — Google processes payment and may share limited transaction metadata with us.

We do receive and store:

• Transaction identifiers, amount, currency, and timestamp
• Subscription status and renewal history
• Partial card descriptor (e.g., last four digits) and billing country, as provided by the processor
• Payout records for Creators (amount, date, destination-account last four digits or routing prefix)
• Refund and dispute records

2(d) Usage, Device & Log Data

When you interact with the Service, our servers and client software automatically record:

• IP address and approximate geographic location derived from IP (see also Section 2(f))
• Device type, operating system, browser type and version, and unique device identifiers (including IDFA/IDFV on iOS and AAID on Android)
• Referring URLs and exit URLs
• Pages and screens viewed, videos watched (including watch duration, pause points, and completion rate), search queries, and interactions with features
• Error logs and crash reports
• Date and time of access

2(e) Cookies & Similar Technologies

We use cookies, pixel tags, SDKs, and similar tracking technologies as described in our Cookie Policy.

2(f) Location Data (Approximate)

We derive approximate location from your IP address (city- or region-level only) for the purposes of content localization, regulatory compliance, and fraud detection. We do not collect precise GPS-level location data unless you explicitly grant the mobile app location permission, and we will notify you clearly if and when we introduce that feature.

2(g) Communications

If you contact us by email, support ticket, or in-app messaging, we collect the content of those communications and associated metadata (e.g., your email address, timestamps). We may also collect feedback you provide in surveys or through in-app rating prompts.

2(h) Biometric & Likeness Data

Where the Service applies automated image- or audio-analysis techniques to Content (for example, to enable content search, content moderation, or accessibility features such as automated captions), certain processing may involve the extraction of facial or voice features that constitute biometric identifiers or biometric information under state law, including the Illinois Biometric Information Privacy Act (BIPA), Texas Capture or Use of Biometric Identifier Act (CUBI), Washington My Health MY Data Act, and similar statutes.

Before any such processing is deployed for Illinois (and applicable state) residents, Big Eye will implement:

• A publicly available written policy governing retention and destruction of biometric data;
• Informed, written consent from affected users;
• Prohibitions on the sale or disclosure of biometric data except as permitted by law.

Please review Section 8 (Your Rights — US States) and contact privacy@bigeyenetwork.com if you have questions about biometric data processing.

2(i) Inferences

We may derive inferences about your interests, content preferences, and engagement patterns from the data described above, and use those inferences to personalize recommendations and advertising (subject to your choices).

3. How We Use Information

We use the personal information we collect for the following purposes:

3.1 Provide & operate the Service. Create and manage your account; authenticate you; enable you to Upload, view, like, share, comment on, and interact with Content; process transactions (tips, subscriptions, payouts); deliver notifications; provide customer support; enforce our Terms of Service.

3.2 Personalize & recommend. Surface Content and Creators we think you will find relevant, based on your viewing history, stated interests, and inferred preferences. You can influence this via settings.

3.3 Monetization & payouts. Facilitate creator advertising revenue-share, viewer tips, and channel subscriptions; calculate and process payout amounts; collect and report tax-related information as required by applicable law; comply with anti-money-laundering (AML) and know-your-customer (KYC) obligations.

3.4 Safety, moderation & fraud prevention. Detect, investigate, and prevent Content that violates our Community Guidelines; detect fraudulent transactions, spam, abuse, and unauthorized access; protect the safety of minors; comply with law-enforcement requests where legally required.

3.5 Analytics & platform improvement. Understand how Users interact with the Service, measure feature performance, conduct A/B tests, fix bugs, and improve existing features and develop new ones.

3.6 AI / ML model improvement. We may use Content and interaction data to train, evaluate, and improve automated content moderation models, recommendation algorithms, and accessibility tools (e.g., automatic captioning). Where required by law, we will obtain separate consent for use of your Content or personal data for generative AI training purposes.

3.7 Communications & marketing. Send you transactional messages (receipts, security alerts, policy updates) and, where you have opted in, promotional communications about the Service. You may unsubscribe from marketing emails at any time via the link in each email or in your account settings.

3.8 Legal & compliance. Comply with legal obligations (tax reporting, DMCA notice-and-takedown, court orders, regulatory inquiries); exercise or defend legal claims; enforce our agreements.

4. Legal Bases for Processing (GDPR / UK GDPR)

If you are located in the European Economic Area ("EEA") or the United Kingdom ("UK"), we rely on the following legal bases under the GDPR and UK GDPR:

Where we rely on legitimate interests, you have the right to object (see Section 7). We have conducted balancing tests and concluded that our legitimate interests do not override your rights and freedoms in the identified activities, but we will revisit this if our processing changes materially.

5. How We Share Information

We do not sell your personal information for monetary consideration.

We do share certain personal information as described below, including in ways that may constitute "sharing" for cross-context behavioral advertising under the CCPA/CPRA (see also Section 8).

5.1 Service providers & processors. We share personal information with third-party vendors who provide services on our behalf and are contractually bound to use it only for those purposes, including:

• Cloud infrastructure and hosting (e.g., Supabase / AWS / GCP)
• Video encoding and delivery (CDN)
• Email and push-notification delivery
• Customer-support tooling
• Fraud-detection and identity-verification services
• Analytics providers
• Tax-compliance and payment-operations services

5.2 Payment processors. We share transaction data with Stripe, Apple, and Google as described in Section 2(c). These parties may act as independent data controllers for their portions of the processing.

5.3 Advertising partners. Where you have consented via our cookie/consent banner, we share device identifiers, cookie IDs, and interest segments with advertising-technology partners for the purpose of showing you personalized ads. You can withdraw consent or opt out at any time (see Section 8 and our Cookie Policy).

5.4 Other Users (public Content). Content you choose to make public — including your username, profile photo, videos, comments, and public subscription counts — is visible to other Users and may be indexed by search engines. If you make Content public, we are not responsible for how others copy or use it. Configure your privacy settings to control visibility.

5.5 Legal, regulatory & safety disclosures. We may disclose personal information to courts, law-enforcement agencies, regulators, or other governmental authorities when we have a good-faith belief we are required or permitted to do so by law; to protect the safety, rights, or property of Big Eye, our Users, or the public; or to comply with a lawful legal process. Where legally permitted, we will attempt to notify affected Users before disclosure.

5.6 Business transfers. If Big Eye is involved in a merger, acquisition, asset sale, financing, or insolvency proceeding, personal information may be transferred to, or reviewed by, the acquiring or successor entity. We will post notice on the Service if such a transfer materially changes how personal information is handled.

5.7 Aggregate & de-identified data. We may share data that has been aggregated or de-identified so that it cannot reasonably identify any individual.

6. Cookies & Tracking Technologies

We use cookies, pixel tags, SDKs, and similar technologies. For a full description of each category, the specific third-party tools we use, retention periods, and your management choices, please see our [Cookie Policy](/legal/cookie-policy).

7. Your Rights & Choices — EEA & UK (GDPR / UK GDPR)

If you are in the EEA or UK, you have the following rights, which you can exercise free of charge by contacting us at privacy@bigeyenetwork.com. We will respond within 30 days (extendable to 90 days for complex requests with notice).

EU/UK Representative. Big Eye does not currently target or offer the Service to individuals located in the EEA or the United Kingdom, and has not appointed a representative under Article 27 of the GDPR or the UK GDPR. If we begin offering the Service to users in those regions, we will appoint a representative and update this Policy.

8. Your Rights & Choices — US States / CCPA-CPRA

California Residents (CCPA / CPRA)

The California Consumer Privacy Act of 2018, as amended by the California Privacy Rights Act of 2020 ("CCPA/CPRA"), grants California residents the following rights:

8.1 Right to Know. You may request that we disclose the categories and specific pieces of personal information we have collected about you, the sources, the business or commercial purposes for collection, and the categories of third parties with whom we shared it.

8.2 Right to Delete. You may request that we delete personal information we collected from you, subject to exceptions (e.g., completing transactions, legal obligations, security, free speech, research).

8.3 Right to Correct. You may request that we correct inaccurate personal information we maintain about you.

8.4 Right to Opt Out of Sale / Sharing.

• We do not sell personal information for money.
• We may share personal information (device identifiers, cookie IDs, browsing behavior) with advertising partners for cross-context behavioral advertising, which constitutes "sharing" under the CPRA.
• To opt out, click the "Do Not Sell or Share My Personal Information" link in the footer of our website, or toggle the setting in the mobile app under Settings > Privacy. We also honor the Global Privacy Control (GPC) browser signal.

8.5 Right to Limit Use of Sensitive Personal Information. We collect certain sensitive personal information (e.g., government-issued ID for Creator verification, precise geolocation if you grant permission, tax ID, and information used to characterize race or ethnicity for diversity analytics if voluntarily provided). You have the right to direct us to use such information only for the purposes permitted by the CPRA (service provision, safety, fraud prevention). To exercise this right, contact us at privacy@bigeyenetwork.com or use the in-app privacy settings.

8.6 Right to Non-Discrimination. We will not deny you goods or services, charge you a different price, provide a different quality of service, or retaliate against you for exercising your CCPA/CPRA rights.

8.7 Authorized Agents. You may designate an authorized agent to make a CCPA request on your behalf. We will verify the agent's authorization before processing the request.

8.8 Shine the Light. California Civil Code § 1798.83 ("Shine the Light") permits California residents to request information about personal information disclosed to third parties for direct-marketing purposes. Contact us at privacy@bigeyenetwork.com.

Other US State Privacy Rights

Residents of Colorado, Connecticut, Virginia, Texas, Oregon, Montana, and other states with comprehensive privacy laws have similar rights — including rights to access, delete, correct, portability, opt out of targeted advertising, and appeal a denial of a rights request. Contact privacy@bigeyenetwork.com to exercise any of these rights.

9. Children's Privacy & COPPA

9.1 Minimum age. The Service is intended for users 13 years of age or older (or the higher minimum age required by applicable local law). Users under the age of majority (18 in most jurisdictions, or the applicable local age) must have parent or legal guardian consent.

9.2 No knowing collection from under-13s. We do not knowingly collect personal information from children under 13 in the United States, or from children below the applicable digital-consent age in other jurisdictions (16 in most EEA member states unless the member state has set a lower age down to 13, and 13 in the UK). We do not allow users under 13 to register for an account.

9.3 Age-gating. We ask for date of birth during registration. If the date of birth provided indicates the user is under 13 (U.S.) or below the applicable local age, we block registration and do not retain the information provided during that flow beyond what is necessary to prevent re-registration.

9.4 Parental consent. If we discover or are notified that we have collected personal information from a child under 13 without verifiable parental consent, we will promptly delete that information. If you believe your child has provided us with personal information, please contact us at privacy@bigeyenetwork.com. We will respond within 48 hours.

9.5 Child-directed content. If a Creator designates Content as intended for a child audience, we apply additional protections consistent with the Children's Online Privacy Protection Act and FTC guidance, including restrictions on behavioral advertising targeting audiences of that Content.

9.6 GDPR / UK GDPR — children. For users in the EEA or UK, processing of a child's personal data for information-society services requires parental consent below the applicable age-of-digital-consent threshold. We rely on date-of-birth age-gating and, where necessary, implement additional consent mechanisms.

10. Data Retention

We retain personal information for as long as necessary to:

• Maintain your account and provide the Service;
• Fulfill the purposes for which it was collected;
• Comply with legal obligations (e.g., tax records, which we retain for [7 years or as required by law]);
• Resolve disputes and enforce our agreements.

After the applicable retention period expires, we delete or anonymize personal information unless a legal hold is in place.

11. Data Security

We implement technical and organizational measures designed to protect personal information from unauthorized access, disclosure, alteration, and destruction, including:

• Encryption in transit (TLS 1.2+) and at rest
• Role-based access controls and principle of least privilege
• Regular vulnerability assessments and penetration testing
• Incident-response and breach-notification procedures (72-hour GDPR notification window; state-law timelines as applicable)
• Vendor security reviews for third-party service providers

No security measure is perfect. If you believe your account has been compromised, contact support@bigeyenetwork.com immediately.

12. International Data Transfers

Big Eye Network, LLC is based in the United States. If you access the Service from outside the United States, your personal information will be transferred to and processed in the United States, which may have different data-protection standards than your country of residence.

12.1 EEA & UK transfers. For transfers of personal information from the EEA and UK to the United States (and other third countries without an adequacy decision), we rely on:

• Standard Contractual Clauses (SCCs) adopted by the European Commission (Module 2: controller-to-processor, and Module 1: controller-to-controller where applicable);
• The UK IDTA (International Data Transfer Agreement) or UK Addendum to the EU SCCs for UK-originating transfers;
• An adequacy decision where available.

12.2 Other international transfers. We comply with applicable data-transfer requirements in other jurisdictions, including Canada (PIPEDA / Quebec Law 25), Brazil (LGPD), and others.

13. Third-Party Links & Services

The Service may contain links to third-party websites, apps, or services (including social-media share buttons, embedded players, and advertiser landing pages). This Policy does not govern those third parties. We encourage you to review the privacy policies of any third-party services you access through the Service.

14. Changes to This Policy

We may update this Policy from time to time. When we do, we will:

• Update the "Effective Date" at the top of the Policy;
• Post the revised Policy on the Service;
• For material changes, provide in-app notification or email notice to registered Users at least [30 days] before the changes take effect (EEA/UK: renewed consent where required).

Continued use of the Service after the effective date of a revised Policy constitutes acceptance of the changes.

15. Contact & Data Protection

Privacy requests and data-subject rights: privacy@bigeyenetwork.com

General / legal notices: legal@bigeyenetwork.com 2875 S Ocean Blvd, #200-57, Palm Beach, FL 33480

EU/UK Data Protection Representative (Art. 27 GDPR / UK GDPR): Not currently designated. Big Eye does not presently offer the Service to EEA/UK users; if that changes, we will appoint a representative under Art. 27 GDPR / UK GDPR and list their name, address, and contact email here.

Data Protection Officer (DPO):

For California residents exercising CCPA/CPRA rights, you may also use the above email address. We will respond to verifiable consumer requests within 45 days (extendable to 90 days with notice).

Big Eye Network, LLC — bigeyenetwork.com © Big Eye Network, LLC. All rights reserved.