Privacy Policy

Last updated: 10 June 2026

This Privacy Policy explains how Match Maker collects, uses, stores, and shares your personal information when you use our mobile application ("the App"). Please read it carefully. By using the App you agree to the practices described here.

1. Who We Are

The App is operated by:

Denis Sangi is the data controller for personal data processed through the App.

2. Data We Collect and Why

We collect only data that is necessary to provide the service. The table below lists every category we process.

2.1 Account Data

DataPurposeLegal Basis
Email address Account creation, authentication, transactional emails (email verification, password reset) Performance of contract
Password (securely hashed; plaintext never stored) Account security Performance of contract
User ID Internal record identifier; links all account data Performance of contract

2.2 Profile Data

DataPurposeLegal Basis
Nickname (display name) Shown to potential matches Performance of contract
Date of birth Age-eligibility check (18+); age-range matching filters Performance of contract
Gender identity Match filtering Performance of contract
Location coordinates (derived from device GPS with your permission, then reduced in precision to approximately 1.1 km before storage). Only your city name is shown on your profile to other users; exact coordinates are never shown to other users. Distance-based filtering (5–100 km radius); city name shown on profile Consent
Interests, hobbies, and values tags across multiple categories Core compatibility matching algorithm Performance of contract
Icebreaker prompt answers (free-text, user-authored) Displayed on profile to facilitate conversation starters Performance of contract
Personality / compatibility traits (derived from your answers to in-app questions) Compatibility scoring in the matching algorithm Performance of contract
Mobility / accessibility preferences (optional) Matching and profile display, where you choose to provide them Explicit consent (special-category data — see notice below)
Sensitive Data — Explicit Notice and Consent
The following categories are legally classified as special-category (sensitive) personal data under the EU GDPR (Article 9) and equivalent laws. They are optional. We process them only on the basis of your explicit consent (GDPR Article 9(2)(a)), which you give by choosing to provide the data; we use them solely to provide core matching functionality and never for advertising. You may withdraw consent at any time by removing the data in Settings. These fields are visible only to the matching algorithm; they are not displayed to other users and not shared with third parties for any purpose other than hosting (Supabase, described in Section 4).

2.3 Messages

DataPurposeLegal Basis
In-app chat content (text messages between matched users) Delivering messages to recipient; moderation upon reports Performance of contract

Messages are encrypted in transit (TLS 1.2+). Messages at rest are stored on Supabase servers. Each message is automatically screened before delivery (for example, to block prohibited content and limit spam); this screening is fully automated and is not reviewed by a person. We do not read the content of your messages unless investigating a formal abuse report.

2.4 Device and Technical Data

DataPurposeLegal Basis
Push notification token (FCM) Delivering push notifications for new matches, messages, and likes Consent (granted when you allow notifications)
Device model, OS version, app version Crash diagnosis and compatibility testing Legitimate interests
IP address and session/authentication metadata (recorded at login and during your session by our authentication provider) Security: authentication, rate-limiting, and fraud detection Legitimate interests

2.5 Crash Reports and Analytics

ServiceData CollectedPurpose
Firebase Crashlytics (Google) Stack traces, device state at crash time; no personally identifiable fields Bug diagnosis and app stability
Firebase Analytics (Google) Anonymized event counts (screen views, feature usage); no user-level profiles Understanding which features are used; improving the product

2.6 Subscription and Purchase Data

DataPurposeLegal Basis
Subscription status, tier, renewal date (via RevenueCat) Unlocking Premium features; enforcing entitlements Performance of contract
Purchase receipt (from Apple/Google) Receipt validation; fraud prevention Performance of contract; Legal obligation

We do not store full payment card details. All payment processing is handled by Apple App Store or Google Play.

3. What We Do Not Collect

4. Third Parties We Share Data With

We share your data only with the service providers listed below, for the stated purposes. We never sell your data to advertisers and use no third-party advertising SDKs.

ProviderWhat We SharePurposeRegion
Supabase, Inc. All user data stored in the App (profiles, messages, matches) Database hosting, authentication, real-time messaging EU (Frankfurt)
Google LLC (Firebase) Anonymized crash reports, anonymized analytics events, push tokens Crashlytics, Analytics, Cloud Messaging (FCM) US (global CDN)
RevenueCat, Inc. User ID, subscription state, purchase receipts Subscription management and entitlement enforcement US
Resend, Inc. Email address, email content (transactional only) Transactional email delivery (verification, password reset) US
Upstash, Inc. User ID and message request timestamps Rate limiting and abuse prevention for messaging US / global
Apple Inc. Purchase receipt, App Store user ID In-app purchase processing and validation US
Google LLC (Play) Purchase receipt, Play user ID In-app purchase processing and validation US
Cloudflare, Inc. Email address and request content of messages you send to support; network/IP metadata at the edge Hosting of our website and legal pages, DNS, and routing of email sent to support@matchmaker-team.com (including data-access and deletion requests) US / global

We may also disclose data if required by law, regulation, court order, or to protect the safety of our users.

5. Data Retention

6. Your Rights

Depending on your jurisdiction you have the right to:

To exercise any right, contact us at support@matchmaker-team.com. We will respond within 30 days.

7. Children

Match Maker is an adults-only service intended for users aged 18 and older. We do not knowingly collect personal data from anyone under 18. If you believe a minor has registered, please report it to support@matchmaker-team.com and we will delete the account promptly.

8. International Data Transfers

Match Maker is operated from Kazakhstan. Our service providers (Supabase, Google Firebase, RevenueCat, Resend, Upstash, Cloudflare) may process your data in the United States and the European Union.

For transfers of data from the European Economic Area to providers in the United States, we rely on the European Commission's Standard Contractual Clauses (SCCs), and, where a provider is certified, the EU–US Data Privacy Framework. You may request a copy of the relevant safeguards by emailing support@matchmaker-team.com.

For users in the Republic of Kazakhstan, cross-border transfer of your personal data to the providers listed above is carried out on the basis of your consent, in accordance with Article 16 of the Law of the Republic of Kazakhstan "On Personal Data and Its Protection" (No. 94-V).

9. Security

We use industry-standard security measures including:

No transmission over the internet or electronic storage is 100% secure. We maintain appropriate safeguards but cannot guarantee absolute security.

10. Changes to This Policy

We may update this Privacy Policy from time to time. When we do, we will update the "Last updated" date at the top of this page, notify you within the App, and send an email to your registered address if the changes are material. Continued use of the App after the effective date constitutes acceptance of the updated policy.

11. Contact

Questions, complaints, or data requests: