Privacy Policy

We collect only what the Service needs to work:

• Account data — email address, password (stored as a salted hash, never in plain text), and date of birth to verify you are 18 or older.
• Profile data — display name, photos, bio, gender, who you are seeking, experience level, and your residue tags (goals, lifestyle, and stack interests).
• Location — your city-level location, used solely to compute distance between you and other members. We do not collect or store precise GPS coordinates.
• Messages — conversations with your matches, stored so your chat history works and reviewed only when flagged by our safety systems or reported by a member.
• Technical basics — session records and standard server logs (IP address, timestamps) kept briefly for security and abuse prevention.

Your data is used for exactly three things:

• Matching — showing your profile to compatible members and ranking discovery by shared tags, age, and distance. This is the core use, and the only use of your tags and location.
• Safety and moderation — automated flagging of sourcing, solicitation, and abuse, plus human review of reports.
• Running your account — authentication, verification emails, and support when you write to us.

We keep your data while your account is active. Server logs are retained for no more than 90 days. When you delete your account, your profile, photos, tags, and location are deleted within 30 days. Messages you sent disappear from your side immediately; copies in a match’s conversation history are removed as part of the same 30-day cycle. We may retain minimal records longer where required for legal compliance or to enforce a ban (for example, evidence tied to a sourcing violation or a safety report).

You can delete your account in settings, or email [email protected] from your account address and we will do it for you. You may also request a copy of the data we hold about you, or correction of anything inaccurate, at the same address. We respond within 30 days.

We use a single session cookie to keep you logged in. That is the complete list. No analytics trackers, no advertising pixels, no third-party cookies, no fingerprinting.

The Service is hosted on DigitalOcean, whose infrastructure stores our database and your photos under our instructions and their security commitments. We use a small number of service providers strictly as processors (for example, transactional email delivery); they receive only what their function requires and may not use it for anything else. We do not have “data partners.”

We disclose data outside these providers only if legally compelled by a valid request, or where necessary to address an imminent threat to someone’s safety.

All traffic is encrypted in transit (TLS). Passwords are hashed, access to production data is restricted and logged, and we store as little as we can get away with — the safest data is the data we never collected. If a breach ever affects your data, we will tell you promptly and plainly.

If we change this policy in any material way, we will notify you by email or in-app notice before the change takes effect. We will never weaken the “never sold” commitment in Section 2.

Privacy questions, data requests, or anything that worried you: [email protected]. See also our Terms of Service and Community Guidelines.