Are you completely, irrevocably, publicly in love this February?
Oh, what’s that? A ready meal for one, next to a novelty ‘meow and you’ Valentine’s day card from your cat?
We’re guessing that’s a no.
It’s rough out there for us single data practitioners, searching high and low for that special someone. You’re tempted to turn to dating apps for assistance but reluctant to make a deal with the devil without a comprehensive analysis of their privacy policies first. I mean, as if our soulmates would be on an app which doesn’t comply with the GDPR and Data Protection Act, right? #relatablecontent
This is where we come in! For one hallmark holiday only, consider us your Data Protection fairy godmothers (or fairy GDPRmothers? We’re still working on our title). We’ve compared the privacy policies of three popular dating apps–Tinder, Hinge and Bumble–to give you the best chance of legitimate, lawful love this Valentine’s day.
We’re rating each app on the following criteria;
- Overall legibility
- Data Collection
Without further ado, get ready to fall in love…with our attention to detail and commitment to data protection compliance!
First up we’re tackling Tinder, the app proving that you can find love at first sight…again and again and again.
- Who we are
- Information we collect
- How we use information
- How we share information
- Cross-border data transfers
- Your rights
- How long we retain your information for
- Children’s privacy
- Job candidates, contractors and vendor representatives
- How to contact us
So far, so good. They also provide the details for their Data Controller (MTCH Technology Services Ltd, if you’re wondering), within the first few lines of their policy, a company after our own hearts.
And now for the question on the tip of every data practitioner’s tongue, how do they collect and share information?
Tinder have outlined clearly all of the reasons why they collect and share personal data, including:
- Helping to operate, distribute and market services
- Improving services (e.g. data hosting and maintenance)
- Customer care
- Payment processing
They also share information with third party vendors who distribute and assist with advertising our services; “…we may share limited information on you in hashed, non-human readable form to advertising vendors.”
They purport to follow a strict vetting process prior to engaging any vendors, requiring them to agree to strict confidentiality obligations. It would seem that when it comes to data collection, Tinder has no skeletons hiding in their closet.
With the tagline ‘designed to be deleted’, Hinge promises its users relationships over hookups. If Tinder is a younger sibling whose short attention span constantly seeks the shiniest toy to play with, Hinge is an older sibling returning from University to dazzle anyone who will listen with their philosophical musings and thoughts on politics. Older, slightly wiser.
- Who We Are
- Information We Collect
- How We Use Information
- How We Share Information
- Cross-Border Data Transfers
- Your Rights And Choices
- How Long We Retain Your Information
- No Children Allowed
- Job Candidates, Contractors and Vendor Representatives
- How To Contact Us
Last, but not least, is Bumble. The dating app which gives women the burden..we mean agency, to be the ones initiating awkward small talk, and focusing heavily on photo verification – which has some advantages but also means there’s some very…intense sensitive (and potentially sensual – if you know what we mean) personal data processing going on behind the curtains. When it comes to keeping women safe in the evidently dangerous dating world, Bumble is great. Let’s see if they’re as committed to keeping their user’s personal information safe.
Bumble gets points from us immediately for putting their ‘Collection of Information’ section loud and proud, at the beginning of their policy. Getting to the good stuff right away.
It’s also worth noting that unlike Tinder and Hinge, both Bumble’s App and Sites are operated by the ‘Bumble Group’ (including Bumble Holding Limited, Badoo Training Limited and Bumble LLC), all of the above acting as Data Controllers of personal information collected and processed through the site and apps.
Out of the three dating apps included in this blog, Bumble provides the clearest instructions for anyone who wishes to control the app’s access to information, for example; “you can withdraw from marketing at any time via Settings in the App or by using the opt-out mechanisms and links provided in each message” and “Once you register, you will be able to review and change this information at any time just by logging in to Bumble”.
What truly sets Bumble apart from other dating apps, in our opinion, is their transparency when it comes to their matching algorithm;
“Our matching algorithms use the following data about you to predict your compatibility with others and generate profile recommendations: the things you tell us about yourself in your profile; information about your activity in our apps; whether you are a photo verified user; and your device coordinates, which are necessary to understand your proximity to other members.”
Bumble makes no bones about their data collection; “We collect some information about you. In addition, you may choose to use the App or Sites to share information with other users, including your friends and contacts (“Users”). We may also need to share your information sometimes”. So far, a little ambiguous for our liking. Let’s dig a little deeper.
As standard, you can expect Bumble to collect the following information;
- Email address
- Mobile number
- Gender identity
- Date of birth
- Sexual preference –
- Photographs – Not only do bumble have access to images of your actual face, they use facial recognition technology to continually scan–and confirm–any photos you upload are actually you. That’s biometric data that is subject to stricter controls, and they say they’ll keep the scans for up to three years, which is quite some time, so we’ll dock them some points for that.
- Geolocation – If Bumble has access to your location, whenever you’re on your mobile they will be collecting information about WiFi access points as well as other location information (like your device’s coordinates) ‘to offer certain features to you’. In layman’s terms, they’re tracking you, all so they can figure out what you’d like to buy.
- Login information for any social media accounts that you connect to Bumble – this is admittedly, a little dicier. Just think, Bumble could be reading your private messages and judging your old selfies right now.
Let’s talk about sharing information with third parties, shall we? Bumble admit to sharing data to the following external suppliers;
- Billing services
- Authentication services
- Social media providers
- Product improvement and market research
- IT services
They’ve also ensured that any shared data is non-attributable to ‘the greatest extent possible’, subjecting suppliers to extensive obligations under contractual arrangements which include strict data retention limits.
Ultimately, it’s impossible for us to determine which one of these services would be best for you to entrust your personal data to. It’ll have to be your decision whether to swipe left or right on each one. What’s clear, however, is that the vast majority of us generously provide our personal information–often special category data–often without pausing to consider the value of what we willingly hand over, or realising that our data will likely be in the custody of these services for years even after we’ve stopped using them. It’s kind of like going on a first date, feeling no spark but moving in with them anyway.
Want to make sure your company’s data is as secure as possible? Take out a data protection audit with us, or enroll in one of our upcoming training courses to develop your staff’s knowledge.
We published an article on Bisexuality Awareness Day last year, which is a great guide to what this day is and how data protection factors into different sexualities.
Get in touch with us today to discuss how we could help you further.