Aug 14, 2025

Your Rights – Global Data Rights Statement

Fantra is committed to respecting the privacy and data protection rights of all our users. We have users in different jurisdictions, and data protection laws (such as the EU’s GDPR, the UK’s Data Protection Act/UK GDPR, the California Consumer Privacy Act (CCPA) as amended by the CPRA, and Australia’s Privacy Act) grant individuals various rights over their personal data. This Global Data Rights Statement outlines those rights and how you can exercise them. We provide these rights to all users where applicable, and in many cases extend similar privileges globally even if not mandated, as part of our commitment to transparency and fairness .

Definitions

For clarity, here are key definitions related to this document.

  • Personal Information or Personal Data means information about an identifiable individual handled in line with applicable privacy laws

  • Controller means the entity that decides why and how Personal Information is processed, Processor means a service provider that processes for the Controller

  • Legal Bases means the lawful grounds for processing, including consent, contract, legal obligation, vital interests, public interest, and legitimate interests balanced against your rights

  • Data Subject Rights means rights such as access, correction, deletion, restriction, objection, and data portability, plus the right to withdraw consent where processing relies on consent

  • Identity Verification means steps we take to confirm a privacy request is from the correct person or an authorised agent

  • International Transfer means moving Personal Information to another country using safeguards such as standard contractual clauses or an adequacy decision where available

  • Response Timeframe means the standard time to respond to a privacy request, usually one month, with any extension explained where allowed by law

  • Non Discrimination means you will not be treated differently for exercising any privacy right

 

Access Rights: You have the right to access the personal data we hold about you. This means you can request a copy of the information we have collected from or about you in a portable format. For example, you can ask for a copy of your profile details, age verification status, purchase history, and any logs or content associated with your account that are considered personal data. We will provide this information to you, once we verify your identity, within the timeframe required by law (generally within 30 days for most jurisdictions, with the possibility of a lawful extension if the request is complex). For California residents, the right to access includes the right to receive information about the categories of personal information we have collected, the sources of that information, the business purpose for collection, and the categories of third parties with whom we shared it (as described in our Privacy Policy). We will provide either the specific pieces of personal data or a comprehensive report, as required.

 

Right to Rectification (Correction): If any of your personal data is inaccurate or incomplete, you have the right to request that we correct or update it. You can typically edit much of your basic information through your account settings (for example, you can change your email or update preferences). For any information that you cannot self-edit, or if you need assistance, you can contact us to request a correction. We will correct confirmed inaccuracies promptly. Under CPRA (California) and GDPR (EU/UK), this is a protected right. We may need to verify the new information or ask for documentation if it’s a sensitive change (like correcting your date of birth, which might require re-verification).

 

Right to Deletion (Erasure): You have the right to request deletion of your personal data, also known as the “right to be forgotten” under GDPR. Upon your request, we will delete the personal information we have about you, except for information we are required or permitted to retain by law. You can initiate deletion by using any available self-service account deletion feature or by contacting us. Please note, if you request deletion of certain essential data (for example, if you ask us to delete all record of your age verification or your email which is tied to your login), we may not be able to continue providing you with the Service. In such cases, we will inform you that fulfilling your deletion request will result in account termination (since we cannot lawfully or operationally operate the service without that data). You will have the choice to proceed or withdraw the request. We do not “hold your data hostage” the default is to delete if you want, but we want you to be aware of consequences like losing access to paid content or tokens if data deletion makes your account unworkable. Once we delete your data, your account will be closed, and you will lose any content or entitlements in the account (we will warn you of this). For California residents, we honour the deletion rights as provided by CCPA/CPRA, with the same exceptions (such as if the data is needed to complete a transaction, detect fraud, exercise free speech, comply with legal obligations, etc.). We will specifically let you know if any such exception applies that prevents us from deleting certain data (e.g., “We cannot delete transaction records for your purchases because financial laws require us to keep them for a certain number of years, but we will suppress them from active use.”).

 

Right to Restrict or Object to Processing: In certain jurisdictions, you have the right to object to our processing of your personal data or request that we restrict processing. For EU/UK users, if we are processing your data under a lawful basis of “legitimate interests” and you feel it impacts your rights, you can object. You can also object to processing for direct marketing at any time, though note that Fantra does not currently send marketing emails or sell user data for marketing. If you object to any processing, we will evaluate the request and stop or limit processing unless we have compelling legitimate grounds to continue (in line with GDPR Article 21). Similarly, you can request restriction of processing (a pause on processing) if you contest the data’s accuracy or lawfulness, or if you need us to preserve data for a legal claim. We will honour such requests to the extent required by law.

 

Data Portability: You may have the right to data portability, which allows you to obtain some of your personal data in a structured, commonly used, machine-readable format so you can transfer it to another service. For example, you could request an export of the content you have created or your profile information in JSON or CSV format. Where feasible and required (GDPR, CCPA to some extent), we will provide this as part of an access request or separately if specifically requested. We aim to make it easy for you to get your data out of Fantra should you ever want to.

 

California “Do Not Sell or Share” Rights: Fantra does not sell your personal data to third parties, and we do not share it for cross-context behavioural advertising purposes. We have a strict policy against monetising user data in that way. Therefore, under CCPA/CPRA, there is no need for you to submit a “Do Not Sell or Share My Info” request – by design, we treat all users as if such a request has been made and honoured from the start. If this policy ever changes, we will update our Privacy Policy and provide a means to opt-out, but our intent is to never sell personal information. Additionally, CPRA provides California consumers the right to limit the use of “sensitive personal information.” The sensitive data we collect (such as a government ID for verification, or perhaps data about sexual preferences inferred from your use of an adult content platform) is only used for providing the service and compliance, not for any secondary purposes. We do not use sensitive data for profiling or advertising. If you have concerns, you may contact us to discuss limiting certain data, but generally we already limit use to the necessary scope (e.g., ID is only used to verify age, then not used further).

 

Non-Discrimination: We will never discriminate against you for exercising any of these rights. That means we won’t deny you the service, charge you different fees, or provide a lesser experience just because you made a privacy rights request. (The only scenario of service impact is if deletion of data makes it impossible for us to continue providing it, as discussed, which is a consequence of you no longer wanting to share that data, not a retaliatory action from us.)

 

Exercising Your Rights: To exercise any of your data rights, please contact us through any of these channels:

  • Email: You may email our Data Protection Officer (DPO) and Privacy Team at admin@fantra.ai with your request. Please include the phrase “Data Rights Request” in the subject line and let us know what you are requesting (access, deletion, correction, etc.).

  • In-App/Website Forms: Where available, you can use the Privacy settings or request forms provided in your account dashboard. We may roll out automated tools to download your data or delete your account in the future for convenience.

  • Identity Verification: When you make a request, we may need to verify your identity to ensure we don’t give your data to an unauthorised person or delete the wrong account. We will ask you to confirm information that only the real account holder would know (for example, verify control of the email associated with the account, or provide a recent transaction ID, etc.). We may use a secure identity verification service if needed. For agents authorised to act on behalf of someone (like an attorney or a person holding power of attorney), we will require proof of authorisation.

 

Once your request is verified, we will respond as quickly as possible. Our goal is to handle requests within 30 days, but some requests (especially access requests that involve extensive data retrieval) might take up to 45 days or more. If we need an extension, we will let you know within the initial 30 days. Responses will generally be provided free of charge, unless a request is manifestly unfounded or excessive (in which case we may charge a reasonable fee or decline the request per applicable law, but we will explain why).

 

Additional Rights and Information: Depending on your location, you may have additional rights. For instance, EU and UK users have the right not to be subject to a decision based solely on automated processing that significantly affects them – Fantra does not make any such decisions (no automated profiling with legal or similar significant effect occurs; all content generation is user-initiated). Australian users have rights under the Australian Privacy Principles, including the right to anonymity/pseudonymity (you may generally use Fantra under a pseudonym except where age or payment info is required) and the right to make a complaint to the Office of the Australian Information Commissioner (OAIC) if you believe we’ve breached the Australian Privacy Act. EU and UK users likewise can lodge a complaint with their supervisory authority (such as the UK ICO, or a GDPR national authority in the EU) if they have concerns about our data practices. We encourage you to contact us first, as we are confident we can address your concerns directly.

 

We honour all valid and lawful requests in accordance with applicable data protection laws . Our Privacy Policy provides further details on our practices and your rights. This Global Data Rights Statement is intended to be consistent with those documents and applicable law. In case of any doubt or conflict, the stricter provision or the provision offering greater privacy protection to the user will prevail.

 

If you have any questions about your privacy rights or how to exercise them, please do not hesitate to reach out to us at admin@fantra.ai. We are here to help and committed to ensuring you are in control of your personal information on Fantra.

 

‹ Cookie policy