Fund the Bit
Fund the Bit
ExploreHow it worksSafetyCreators
Sign inApply

Policy center

Creator-approvedNo dangerous daresCreator responsibilityRefund reviewPrivacy basicsReport a concern

We've got your back.

These rules are built for fans and creators to make fun things happen safely and fairly.

Report a concern

Policy center

Safe bits. Clear rules.

Privacy without the creepy stuff

Fund the Bit should collect only what it needs to run pledges, creator profiles, reports, optional proof review, support, and abuse prevention.

Privacy
Creator-approvedEvery campaign is reviewed by real people.No dangerous daresZero tolerance for harmful or risky prompts.Creator responsibilityCreator fulfillment belongs to the creator, not the website.Refund reviewIf something is off, the team reviews it.Privacy basicsPayment cards stay with Stripe, not Fund the Bit.Report a concernReports go into review without external notifications.

What data is used

The product needs account identifiers, public profile details, proposals, pledge records, reports, optional proof records, support notes, and moderation signals.

  • Analytics events should measure conversion, safety, and reliability without selling user data.
  • Creator profile data should be public only when the creator approves it.
  • Private dashboards, customer data, payment data, and secrets must not be uploaded to image generation tools.

Payments stay with Stripe

Fund the Bit should store Stripe object references and reconciliation records, not raw payment card numbers.

  • Card numbers, wallet credentials, and bank details must never be stored in this app.
  • Stripe webhook signatures and idempotency are required before live payment launch.
  • Live payment data must not be copied into tickets, prompts, screenshots, or repo files.

Account deletion

Users need a deletion workflow or support route before app-store submission and public launch.

  • Deletion should remove or anonymize account profile data where legally and operationally allowed.
  • Financial, audit, dispute, fraud, safety, and tax records may need retention rules.
  • The current route surface includes an account deletion request flow that still needs auth-backed fulfillment.

Security basics

Secrets belong in provider dashboards and environment variables, never in source control or public pages.

  • Production Supabase and Stripe values are not enabled yet.
  • Admin and creator role checks must be enforced server-side.
  • Incident and rollback controls are documented in the launch runbooks.

Privacy copy is a product summary and still needs legal/privacy review before public launch.

Report a concern