Lonely tonight, sissy? Talk to an AI Mistress who never sleeps. Chat now Ad

LEGAL

Privacy Policy

Last updated: 15 May 2026

Plain-English summary.

We collect as little personal information as possible. The only thing we ask you for is your email (if you subscribe to the newsletter). We use anonymised analytics to know how many people read each article. We share data with a small number of third-party tools (listed below) to make the site work. We never sell your data. You can ask us to delete you at any time โ€” write to [email protected] and we'll do it within 30 days.

Who we are.

"We" / "us" / "Sissy WanaBee" refers to the operators of the website sissywanabee.com โ€” a small editorial publication run by the duo Mistress Bee and Evy Sissy (cf About Us). For privacy and personal-safety reasons, our legal name and physical address are not published here ; we operate from the European Union. To exercise your privacy rights, contact us at [email protected].

For GDPR purposes, we are the data controller for any personal data processed via the Site.

What we collect โ€” and when.

1. Newsletter signups (Kit)

If you subscribe to our newsletter, we ask for your email address and optionally a "sissy name" (a custom field you can leave blank). This data is sent to and stored by Kit (formerly ConvertKit), our email service provider.

  • Legal basis: your consent (you actively submit the form).
  • Purpose: to send you the weekly newsletter and occasional product updates.
  • Retention: until you unsubscribe (link in every email) or ask us to delete you.

2. Comments & confessions (Supabase)

If you submit a confession via /sissy-confessions/ or any future UGC feature, we store the text of your submission and a salted hash of your IP address for moderation and spam protection. The IP hash is not reversible โ€” we cannot recover the original IP from it. This data is stored in Supabase, our database provider.

  • Legal basis: our legitimate interest in operating a safe, moderated community.
  • Purpose: moderation, abuse prevention, public display (text only).
  • Retention: indefinitely while the submission is published. We delete on request.

3. Analytics (Google Analytics 4)

If you accept analytics cookies via our consent banner, we load Google Analytics 4 to understand how visitors use the site. GA4 collects pseudonymised data about your visit โ€” pages viewed, time spent, device type, country (IP anonymised). This data is aggregated ; we cannot identify you from it.

If you decline analytics cookies, GA4 is never loaded.

  • Legal basis: your consent (via the cookie banner).
  • Purpose: understand which articles resonate, improve the site.
  • Retention: 14 months at Google (default GA4 setting).

See our Cookie Policy for the full cookie inventory.

4. Server logs (Cloudflare + o2switch)

When you request a page, our hosting providers (Cloudflare CDN + o2switch hosting) temporarily log your IP address, user-agent, and the requested URL. This is standard server operation and used for security (bot detection, rate-limiting, DDoS mitigation).

  • Legal basis: our legitimate interest in operating a secure service.
  • Retention: typically 7 days at Cloudflare, 30 days at o2switch.

Third parties we share data with.

Service What they receive Why Privacy policy
Kit (email) Email, optional sissy name, subscription preferences Send newsletters Kit privacy policy
Supabase (database) Confession text, IP hash UGC storage + moderation Supabase privacy policy
Google Analytics 4 Pseudonymised visit data (with consent only) Analytics Google privacy policy
Cloudflare IP, request metadata (transient) CDN, security Cloudflare privacy policy
o2switch IP, server logs Hosting (EU-based) o2switch privacy policy (PDF)

We do not sell your data. We do not share it with advertisers. We do not run programmatic ads on the site.

Affiliate links.

Some product reviews and recommendations link to third-party retailers (Amazon, Lovense, SissyMarket, FRRK, Our Dream AI). When you click these links, a cookie may be set by the destination site to attribute the click for affiliate commission purposes. We disclose every affiliate relationship in the relevant article. See our Terms of Use ยง"Affiliate disclosure".

Your rights.

Depending on where you live, you have all or some of the following rights regarding your personal data:

  • Access โ€” ask us what data we hold about you.
  • Rectification โ€” ask us to correct inaccurate data.
  • Erasure ("right to be forgotten") โ€” ask us to delete your data.
  • Restriction โ€” ask us to stop processing your data while a dispute is resolved.
  • Portability โ€” ask for a copy of your data in a machine-readable format (CSV, JSON).
  • Objection โ€” object to processing based on legitimate interest.
  • Withdraw consent โ€” at any time, with no impact on the lawfulness of processing already done with your consent.

To exercise any of these rights, email us at [email protected] with the subject line "Privacy request". We respond within 30 days. For sensitive requests (deletion, portability), we may ask you to confirm your identity from the email address that holds the data.

California residents (CCPA).

If you reside in California, you have additional rights under the California Consumer Privacy Act (CCPA), including:

  • The right to know what personal information we collect and how we use it.
  • The right to request deletion of your personal information.
  • The right to opt out of the "sale" of personal information (we do not sell your information, so this right is automatic).
  • The right to non-discrimination for exercising your CCPA rights.

To exercise these rights, contact us at [email protected].

International transfers.

Some of our processors are based outside the European Union (Kit and Google in the United States). When data is transferred outside the EU, we rely on Standard Contractual Clauses (SCCs) approved by the European Commission as the legal basis.

Children.

This site is intended for adults only (cf Age Disclaimer). We do not knowingly collect data from anyone under 18. If you believe a minor has provided data to us, contact us immediately and we will delete it.

Security.

We protect your data with industry-standard measures : HTTPS everywhere (TLS 1.3), security headers (HSTS, CSP, X-Frame-Options), passwordless admin (GitHub OAuth via Sveltia CMS), backups encrypted at rest. No system is perfectly secure, but we treat your data as we'd want our own treated.

Changes to this policy.

We may update this policy occasionally. Material changes will be flagged via a banner on the homepage for 30 days. The "Last updated" date at the top reflects the most recent version.

Complaints.

If you believe we've mishandled your data, please contact us first at [email protected] โ€” we want to fix it. You also have the right to lodge a complaint with the data protection authority in your country (e.g., the CNIL in France).


See also: Terms of Use ยท Cookie Policy ยท All legal pages