Privacy Policy

We collect the following categories of personal information:

Information you provide directly

• Account data: name, email address, password (stored as a secure hash).
• Profile data: age, gender, location (city/country), bio, interests, relationship preferences, and profile photos.
• Communications: messages you send to other users through the Service.
• Reports: information you submit when reporting another user.

Information collected automatically

• Usage data: pages visited, features used, time spent, and interactions within the Service.
• Device data: IP address, browser type, operating system, and device identifiers.
• Cookies: session cookies used to keep you logged in. We do not use advertising or tracking cookies.

We use the information we collect to:

• Create and manage your account and authenticate your identity.
• Provide, operate, and improve the Service, including matching and discovery features.
• Send transactional emails such as email verification, password resets, and match notifications.
• Detect and prevent fraud, abuse, and violations of our Terms of Service.
• Respond to your support requests and communications.
• Comply with legal obligations.

We do not sell your personal data to third parties. We do not use your data for advertising purposes.

We do not sell, rent, or trade your personal information. We may share your data only in the following limited circumstances:

• With other users: your profile information (name, photos, bio, interests, location city) is visible to other registered users as part of the core Service functionality. Private photos are only shared with users you explicitly grant access to.
• Service providers: we use trusted third-party services (e.g. cloud hosting, email delivery) that process data on our behalf under strict confidentiality agreements.
• Legal requirements: we may disclose your information if required by law, court order, or governmental authority, or to protect the rights, property, or safety of VELORAMATCH, our users, or the public.

Dating platforms by nature involve the collection of sensitive personal data, including information about your sexual orientation, relationship preferences, and physical characteristics. We treat this data with the highest level of care and process it only to provide the matching and discovery features of the Service. You may delete this information at any time by updating your profile or deleting your account.

We retain your personal data for as long as your account is active or as needed to provide the Service. If you delete your account, we will delete your personal data within 30 days, except where we are required to retain it for legal, regulatory, or fraud-prevention purposes.

Anonymised or aggregated data that cannot be used to identify you may be retained indefinitely for analytical purposes.

We implement industry-standard security measures to protect your personal data, including:

• Passwords stored using bcrypt hashing — we never store plaintext passwords.
• All data transmitted over HTTPS/TLS encryption.
• Session tokens signed with a secure JWT secret.
• Access to production databases restricted to authorised personnel only.

Despite these measures, no method of transmission over the internet is 100% secure. We cannot guarantee the absolute security of your data.

We use a single session cookie to keep you logged in. This cookie is:

• HTTP-only (not accessible to JavaScript).
• Secure (only transmitted over HTTPS).
• Deleted when you log out or when your session expires.

We do not use advertising cookies, tracking pixels, or third-party analytics cookies.

Depending on your location, you may have the following rights regarding your personal data:

• Access: request a copy of the personal data we hold about you.
• Rectification: correct inaccurate or incomplete data.
• Erasure: request deletion of your personal data ("right to be forgotten").
• Portability: receive your data in a structured, machine-readable format.
• Objection: object to certain types of processing.
• Withdrawal of consent: withdraw consent at any time where processing is based on consent.

To exercise any of these rights, please contact us at [email protected]. We will respond within 30 days.

The Service is not directed to individuals under the age of 18. We do not knowingly collect personal data from minors. If we become aware that a minor has created an account, we will immediately terminate the account and delete all associated data. If you believe a minor is using our Service, please contact us immediately.

Your data may be stored and processed in countries outside your own. Where we transfer data internationally, we ensure appropriate safeguards are in place in accordance with applicable data protection laws, including standard contractual clauses where required.

We may update this Privacy Policy from time to time. When we make material changes, we will update the "Last updated" date and notify you by email or through the Service. Your continued use of the Service after any changes constitutes your acceptance of the revised policy.

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact our Privacy team at: [email protected]