Privacy Policy

We collect information that you provide directly to us, including:

Account Information

• Email address
• Name (optional)
• Date of birth (to verify age 18+)
• Gender and sexual orientation (for matching)
• Profile information you choose to provide
• Photos and media you upload
• Payment information (when purchasing premium features)

Usage Information

• Device information (device type, operating system, device ID)
• Log data (IP address, browser type, pages visited, time spent)
• Location data (city-level, with your permission)
• App interaction data (features used, preferences set)
• Network information

Conversation Data (When App Launches)

• Conversations within the DateSmarter app
• Profile information from your matches (to provide personalised suggestions)
• Your feedback and interactions with our AI coaching features
• Message timestamps and read receipts

Match and Interaction Data

• Profiles you view, like, or skip
• Matches you make
• Interactions with other users

Collection Methods

• Directly from you (when you register, update profile, or use features)
• Automatically (through cookies and tracking technologies)
• From third parties (authentication providers like Google/Apple Sign-In)
• From public sources (if you link social media accounts)

• Service Provision (Legal Basis: Contract Performance): Provide, maintain, and improve DateSmarter; create and manage your account; enable matching and connections; facilitate messaging; process payments.
• AI Coaching (Legal Basis: Contract Performance): Analyse your conversations to provide context-aware suggestions; generate personalised conversation starters; detect conversation stage and sentiment; provide real-time support.
• Communication (Legal Basis: Contract Performance & Consent): Send you updates about our launch and early access; communicate about features and support; respond to inquiries; send marketing (with consent).
• Analytics and Improvement (Legal Basis: Legitimate Interests): Analyse usage patterns; improve our AI models (using anonymized data only); conduct R&D; test new features.
• Safety and Security (Legal Basis: Legitimate Interests & Legal Obligation): Prevent fraud; detect and prevent abuse or Terms violations; verify identity and age; investigate suspicious activity.
• Legal Compliance (Legal Basis: Legal Obligation): Comply with legal obligations; respond to authorities; enforce Terms of Service; protect our legal rights.

We process your personal information based on the following legal grounds:

• Contract Performance: Processing necessary to provide DateSmarter services you have signed up for (e.g., creating profiles, matching, AI coaching, payments).
• Legitimate Interests: Necessary for business interests like improving AI, analysing usage, and preventing fraud. You can object to this by emailing info@datesmarter-ai.com.
• Consent: We only process certain data with your explicit consent (e.g., marketing, precise location, research). You can withdraw consent via app settings or by emailing us.
• Legal Obligation: Processing required by law (e.g., tax compliance, age verification, legal requests).
• Vital Interests: In rare cases, to protect someone's life or safety.

For EU Users: Under GDPR Article 6, you have the right to know the legal basis for processing your data. Contact us at info@datesmarter-ai.com for specific questions.

We do not sell your personal information. We may share your information in the following circumstances:

Service Providers

• Cloud hosting: Amazon Web Services (AWS), US
• AI/ML services: Anthropic/Claude, US (for AI coaching)
• Other providers: Email services, analytics, payment processors, customer support tools

These providers are contractually obligated to protect your information, use it only for provided services, and comply with privacy laws.

Business Transfers

If DateSmarter is acquired or merged, your information may be transferred. We will notify you before your information is transferred.

Legal Requirements & Safety

We may disclose information to comply with valid legal requests (court orders, subpoenas), protect our rights, prevent fraud or criminal activity, or protect user safety.

How AI Works in DateSmarter

• Real-Time Processing: Our AI (Amazon Bedrock with Claude AI) analyses conversations to provide coaching suggestions. Data is encrypted in transit (TLS/SSL) and at rest (AES-256).
• What the AI Does: Analyses context and tone, generates personalised suggestions, detects conversation stages, provides sentiment analysis, and learns your preferences.
• What the AI Does NOT Do: Send messages on your behalf, make decisions for you, share conversations with other users, or use your data to train public AI models.

Automated Decision-Making

• Our AI provides SUGGESTIONS, not decisions.
• You always choose whether to use suggestions and send your own messages.
• No purely automated decisions are made about you that significantly affect you.

Your Control & Rights Regarding AI

• You Choose: Which conversations to share with AI, whether to use suggestions, and when to request help.
• You Can: Delete conversation history, opt out of AI model improvement (anonymized data), or disable AI coaching entirely in settings.
• Your Rights: You have the Right to Explanation, Right to Human Intervention, Right to Contest, and Right to Opt-Out. Contact info@datesmarter-ai.com to exercise these.

We implement industry-standard security measures:

Technical Safeguards

• Enterprise-grade encryption (AES-256 at rest, TLS 1.3/SSL in transit)
• Secure cloud infrastructure (AWS)
• Multi-factor authentication for staff
• Regular security audits

Organizational Safeguards

• Staff training, background checks
• Strict access controls (need-to-know basis)
• Incident response procedures

Physical Safeguards

• Secure data centers, physical access controls

Limitations & Your Responsibility

No internet transmission is 100% secure. You are responsible for keeping your password secure, enabling two-factor authentication, logging out of shared devices, and reporting suspicious activity.

We retain information only as long as necessary or required by law:

• Waitlist Data: Until you unsubscribe (Max: 2 years after last interaction).
• Account Data: Until you delete your account (Max: 6 months after inactivity, with notification).
• Conversation Data: Until you delete it or close your account. Permanently removed within 30 days of deletion.
• Payment Data: Retained 7 years for financial records (card details handled by processor, not stored by us).
• Analytics Data: Anonymized and retained for a maximum of 3 years.
• Backup Data: May remain in backups for up to 90 days before permanent deletion.

To Request Deletion: Email info@datesmarter-ai.com. We confirm within 30 days and delete within 90 days.

In the unlikely event of a data breach posing a risk to your privacy:

• Within 72 Hours: We will notify relevant authorities (NZ Privacy Commissioner, EU/UK/AU authorities) and assess severity.
• Notification to You: If high risk, we will notify you via email, in-app, or website notice without undue delay.
• What We'll Tell You: Nature of the breach, affected data, timeline, our remediation steps, steps you can take, and contact information.

You have the right to:

• Access / Portability: Request a copy of your data in a portable format.
• Correction: Update inaccurate information.
• Deletion: Request "Right to be Forgotten."
• Opt-Out / Withdraw Consent: Stop marketing, analytics, or AI training.
• Object / Restrict: Limit or object to how we process your data.

How to Exercise Your Rights

• Email: info@datesmarter-ai.com
• In-App: Settings, Privacy, Data Rights
• Response times: NZ (20 working days), EU/UK (1 month), AU (30 days).

Regional Rights

• New Zealand: Privacy Commissioner (www.privacy.org.nz | 0800 803 909)
• EU / UK: Lodge a complaint with your local supervisory authority or the ICO (www.ico.org.uk).
• Australia: OAIC (www.oaic.gov.au | 1300 363 992)

Your information may be transferred to:

• New Zealand: Primary operations
• United States: AWS (cloud), Anthropic (AI)

Safeguards in Place: We rely on Standard Contractual Clauses (SCCs), Data Processing Agreements, Adequacy Decisions, and comparable contractual obligations to ensure your data is protected internationally according to NZ, EU/UK, and AU standards. Contact us for details on specific safeguards.

DateSmarter is not intended for users under 18. We verify age during registration.

• If we discover an underage user, we immediately delete the data, notify guardians (if possible), and terminate the account.
• To report a suspected underage user, email info@datesmarter-ai.com.

We use cookies to enhance your experience:

• Essential Cookies: Required for basic site functionality and security (cannot be disabled).
• Analytics / Preference Cookies: Optional cookies to track behaviour and remember settings (e.g., Google Analytics).
• Marketing Cookies: Not currently used.

Your Controls: You can control cookies through browser settings or our in-app Cookie Preferences. EU/UK users will see a cookie banner to accept or reject non-essential cookies. We also use Device Identifiers and Web Beacons. See our Cookie Policy for full detail.

DateSmarter may link to third-party services (e.g., social media, payment processors). We are not responsible for their privacy practices. We encourage you to review their policies before sharing data.

We may update this policy.

• Material Changes: We will notify you via email, in-app notice, or require re-acceptance. Takes effect 30 days after notification.
• Minor Changes: Updated on the website immediately.
• Continued use of DateSmarter constitutes acceptance.

Email

• General / Privacy / DPO: info@datesmarter-ai.com
• Include "Data Request", "Security", or "Complaint" in the subject line as needed.

Website: datesmarter-ai.com

Mailing Address: DateSmarter Limited, Auckland, New Zealand

Response Time: We aim to respond within 5 business days.