Privacy Policy

Last updated: June 20, 2026

This Privacy Policy explains how Voluptuary Media, LLC dba Wanna Peek ("we", "us") collects, uses, and shares information when you visit or subscribe to Wanna Peek? (the "Service"). By using the Service you agree to this policy. Some sections apply specifically to residents of the European Economic Area (covered by the GDPR) and to California residents.

Information We Collect

We deliberately keep the personal data we hold to a minimum. Depending on how you use the Service, this may include:

• Log data — like most websites, our servers automatically record your IP address, browser type and version, the pages you visit, dates and times, and the referring page. This is captured even if you never register, and is used for security, fraud prevention, support, and understanding how the Service is used. Log data is retained for a limited period unless a longer period is required by law.
• Account data — your email address and an encrypted password so you can log in, plus your preferences and activity within the Service (such as deliveries, unlocks, favorites, and ratings).
• Transaction data — when you subscribe, our third-party payment processor collects the billing details needed to process payment (name, billing address, card or bank details, etc.). We do not store your card or bank numbers. We receive limited confirmation data needed to maintain your membership.
• Contact submissions — if you contact us or submit a report, we collect what you provide (such as email and message) plus your IP address, used to respond and to investigate the issue.
• Age-verification data — where required, an independent verification provider processes the information needed to confirm you are of legal age. We aim to receive only a pass/fail result, not your underlying documents.

How We Use Information

We use information to operate and secure the Service, authenticate logins, process payments through our processor, deliver your daily photos and any unlocks, provide support, prevent fraud and abuse, comply with legal obligations, and improve the Service.

Third-party Service Providers

We rely on third parties for specific functions. They receive only the information needed for their role and are expected to protect it. Each has its own privacy practices and retention periods; to exercise rights over data held by a processor, you may need to contact them directly.

• Payment processing — our authorized payment processor(s) handle billing and hold your payment details.
• Age verification — an independent provider confirms legal age where required.
• Hosting & content delivery — our servers and content-delivery network store and serve the Service.
• Analytics — if used, limited analytics help us understand aggregate usage.

What We Do Not Do

We do not sell your personal information. We do not host your card or bank numbers. We do not publish or share which content you view with anyone outside the providers needed to run the Service.

International Data Transfer

The Service is hosted in the United States. If you access it from outside the U.S., you consent to your information being transferred to and processed in the United States, which may not provide the same level of data protection as your home country.

Security

We use commercially reasonable technical and organizational measures to protect your information, including encryption of stored passwords and monitored, access-controlled servers. No method of transmission or storage is completely secure, so we cannot guarantee absolute security.

Children's Privacy & The RTA Label

The Service is strictly for adults and is not directed to anyone under 18 (or the age of majority where you live). We do not knowingly collect information from minors; if we learn we have, we delete it. We label every page with the Restricted To Adults ("RTA") tag so parental-control software can block the Service. Learn more at rtalabel.org.

Data Retention & Deletion

We keep account information for as long as your account is active and as needed for legal, security, and fraud-prevention purposes. You may request deletion of the data we control (see your rights below). We will also pass deletion requests to our processors where applicable, though it may be faster to contact a processor directly for data they hold.

Your GDPR Rights (EEA Residents)

If you are in the EEA, you have the right to access, correct, delete, restrict, or port your personal data, and to object to certain processing ("the right to be forgotten" among them). To exercise these rights, email [email protected] with the email address you used and enough detail to locate your data. Note that deleting your data means we will no longer be able to contact you to confirm completion.

Your California Rights (CCPA/CPRA)

California residents may request to know what personal information we have collected, request its deletion, and opt out of any "sale" or "sharing" of personal information (we do not sell or share personal information for cross-context behavioral advertising). To make a request, email [email protected]. We will not discriminate against you for exercising these rights.

Do Not Track

Some browsers send a "Do Not Track" signal. There is no common standard for responding to these signals, and the Service does not currently respond to them.

Business Transfers

If we are involved in a merger, acquisition, reorganization, or sale of assets, personal information may be transferred as part of that transaction. We will take reasonable steps to ensure it continues to be handled consistently with this policy.

Changes To This Policy

We may update this policy from time to time. Changes take effect when posted on this page; please review it periodically.

Contact

Privacy questions or requests: [email protected].

This page is provided for general informational purposes and is not legal advice.