trust.grindr.com privacy policy — score 40/100 (high risk)

Viimeksi analysoitu

Raportin sisältö (yhteenveto, havainnot, lainaukset) on luotu englanniksi eikä sitä ole lokalisoitu.

Aja uusi analyysi toiselle käytännölle

Grindr LLC · grindr.com

Raportin tiedot

high riski

Grindr collects deeply sensitive data—including HIV status, precise geolocation, and biometric information—from a vulnerable community, ships it all to the US with no EU establishment, and reserves the right to keep training AI on it even after you opt out.

This privacy policy covers Grindr LLC's processing of personal information for its dating/social networking app serving the GBTQ+ community. The policy details extensive data collection including highly sensitive categories (health data, biometrics, precise location, ethnic origin), broad content scanning by both Grindr and unnamed partners, AI-driven features (gAI™) that use sensitive personal information, and advertising partnerships. Grindr is US-based with no EEA/UK/Swiss establishment, meaning all EU user data is transferred to the US under the EU-US Data Privacy Framework or SCCs. While the policy provides a detailed legal bases table and describes GDPR rights, significant concerns remain around the breadth of sensitive data processing, vague third-party sharing categories, weak AI opt-out provisions, and the inherent risks of centralizing such sensitive data in a US jurisdiction.

Viimeksi analysoitu
LähdeURL
Pituus43,893 merkkiä

Kategoria-arviointi

Käytännön jakautuminen keskeisille vaatimustenmukaisuusalueille. Hyvä = vahva, kohtalainen = ristiriitainen, heikko = huolestuttava.

Data Minimizationpoor

Collects HIV status, vaccination status, biometric video selfies, precise geolocation, and scans all uploaded content including private messages—far beyond what is strictly necessary.

Transparencyfair

Provides a detailed legal bases table and describes processing purposes, but uses vague categories like 'Other Partners' and defers AI details to an external help article.

Third-party Sharingpoor

Shares data with undefined 'Other Partners,' advertising/marketing partners, and service providers; the 'Other Partners' category appears repeatedly without any explanation of who these entities are.

International Transferspoor

Grindr is US-based with no EU establishment; all EU user data is transferred to the US under the Data Privacy Framework or SCCs, which is particularly concerning given the extreme sensitivity of the data.

AI/Model Trainingpoor

Explicitly uses sensitive personal information for AI-driven features (gAI™) and states that opting out of AI processing of sensitive data may not stop processing 'where permitted under applicable law.'

User Rightsfair

Describes access, deletion, portability, correction, restriction, objection, and consent withdrawal rights with EU/UK/Swiss representatives appointed, but the opt-out caveats for AI and sensitive data processing significantly weaken the practical exercise of these rights.

Keskeiset havainnot

Huomionarvoiset ehdot, ongelmat tai hyvät käytännöt (kriittiset ensin)

Kriittinen

Broad content scanning by Grindr and unnamed partners

The policy states that 'We and our partners also scan, analyze, and collect information from the videos, images, audio, messages, and other content and metadata that you upload.' This gives Grindr and unidentified partners sweeping access to all user content, including private messages, with no clear limitation on what is scanned or by whom.

Kriittinen

AI training on sensitive data with ineffective opt-out

Grindr uses sensitive personal information for its AI-driven features (gAI™) and explicitly states: 'if you opt out, your sensitive data may continue to be processed where permitted under applicable law.' This renders the opt-out largely illusory, as Grindr reserves the right to continue processing under its own interpretation of 'legitimate interest' or other legal bases.

Kriittinen

Precise geolocation risks for a vulnerable community

The policy acknowledges that precise geolocation 'could be used by some users to determine your exact location and to determine your identity.' For an app serving the GBTQ+ community in regions where homosexuality is criminalized or stigmatized, this represents a severe safety risk that is inadequately mitigated by the offered controls.

Varoitus

Vague 'Other Partners' sharing category

Throughout the legal bases table, 'Other Partners' is listed as both a data source and a recipient category without any definition or examples. This opacity makes it impossible for users to understand who receives their data, violating the GDPR principle of transparency.

Varoitus

Extended post-deletion data retention

Grindr retains device identifiers (IDFV, Android ID) and limited log information for up to two years after account deletion 'to support internal reporting, metrics, and statistics.' For banned accounts, even more data including chat messages may be retained indefinitely, which appears disproportionate.

Varoitus

Biometric data collection for age verification

The policy states that in certain jurisdictions, users may be required to provide 'a video selfie or pair a video selfie with an official photo ID to confirm you are 18 years of age or older. This will involve processing your biometric information.' The policy does not specify retention periods or deletion procedures for this biometric data.

Yhteenveto käyttäjälle

Your most intimate data—health status, exact location, biometrics, private messages—is all sent to and stored in the US, and Grindr's AI may keep learning from it even if you try to opt out.

Vaatimustenmukaisuusasento

Grindr has appointed EU/UK/Swiss representatives and a DPO, uses the IAB TCF framework, and provides a legal bases table—showing awareness of GDPR obligations. However, the substantive privacy risks from broad sensitive data processing, vague sharing categories, and weak AI opt-outs undermine these formal compliance structures.

EU-siirrot

All EU user data is transferred to the US. Grindr relies on the EU-US Data Privacy Framework and SCCs. Given the extreme sensitivity of the data (GBTQ+ community, health, biometrics, precise location), this transfer posture is high-risk even with these safeguards.

Havaitut signaalit

Tekstistä tunnistetut erityiset tiedot ja käytännöt

Kerätyt tiedot
EmailPhone numberDate of birthBiometric data (video selfie)Profile information (HIV status, vaccination status, ethnicity, photos, videos)Messages (text, photos, audio, video, emojis, gifs)Precise geolocationPurchase and subscription informationFinancial account and payment detailsDevice hardware and software informationDevice IDs (IDFV, Android ID)Advertising identifiersIP addressBrowser typeUser activity dataContent and metadata from uploadsInferred data
Käsittelyn tarkoitukset
Providing and supporting Services including AI-driven features (gAI™)Safety and security including AI-based content moderationTroubleshooting, data analytics, and researchMarketing and advertising via third-party cookiesCustomer support and feedbackLegal compliance and law enforcement responsePersonalization, recommendations, and AI-powered featuresSurveys and voluntary feedbackEnforcing Terms of Service and Community Guidelines
Jakaminen kolmansille osapuolille
Shared with other Grindr users (profile, location)Shared with service providers for fraud prevention, customer supportShared with advertising and marketing partnersShared with payment processorsShared with undefined 'Other Partners'May be disclosed in business transactions (acquisitions)Disclosed to law enforcement and regulators pursuant to legal obligations
Kansainväliset siirrot
All data transferred to US where Grindr is basedNo EEA/EU/UK/Swiss establishmentRelies on EU-US Data Privacy Framework certification of recipientsUses Standard Contractual Clauses where DPF does not applyUnited States and other third countries may not afford equivalent privacy protections
Tekoäly / Mallin koulutus
AI-driven features (gAI™) use sensitive personal information for personalization and recommendationsSensitive data used for AI training with consent where requiredOpt-out available for AI-related sensitive data processing but processing may continue under other legal basesMachine learning/AI used for safety features including content moderationAI used for behavior-based profile insights, compatibility recommendations, chat prompts

Todisteiden otteet

Suorat lainaukset käytännöstä näiden havaintojen tueksi

We and our partners also scan, analyze, and collect information from the videos, images, audio, messages, and other content and metadata that you upload, such as content characteristics and attributes, used for purposes of recommendations, to provide the Services, and other operations that do not identify you but may be associated with your profile consistent with your choices.

Note that if you opt out, your sensitive data may continue to be processed where permitted under applicable law.

Grindr is a U.S.-based company with no EEA/EU/UK/Swiss establishments at this time. When you use the Services, your personal information will be processed by Grindr and its service providers in countries outside the EEA, UK and Switzerland, including in the United States.

If you choose to display your Distance Information in your profile, it could be used by some users to determine your exact location and to determine your identity.

We also retain a device identifier (i.e., IDFV and Android ID) and limited log information for a period of up to two years following account deletion to support internal reporting, metrics, and statistics.

Puuttuu tai epäselvä

  • No subprocessor list or detailed inventory of 'Other Partners'
  • No specific retention period for biometric data collected during age verification
  • No Data Protection Impact Assessment (DPIA) summary despite processing high-risk sensitive data at scale
  • No detail on what specific AI models are trained and on what data
  • No commitment to notify users of data breaches within GDPR timelines
  • No information on data encryption standards or pseudonymization techniques
  • No clarity on whether message content is used for AI training beyond safety features

Kysyttävät kysymykset

  • Who specifically are the 'Other Partners' listed as both data sources and recipients in the legal bases table, and what data do they receive?
  • What happens to biometric data (video selfies) after age verification is complete—is it deleted, and if so, on what timeline?
  • Can you provide a complete list of subprocessors and their locations, particularly those processing data outside the US?
  • When you say sensitive data 'may continue to be processed' after an AI opt-out, under which specific legal bases and for which specific processing purposes?
  • Has a Data Protection Impact Assessment been conducted for the processing of precise geolocation data of GBTQ+ users, and can its summary be shared?
  • What specific content scanning is performed by 'partners' on private messages, and can users opt out of this scanning?
  • How do you ensure that the EU-US Data Privacy Framework safeguards are actually implemented by all US-based subprocessors receiving EU user data?
Tämän analyysin tuottaa tekoäly, eikä se ole oikeudellista neuvontaa. Kysy aina pätevältä juristilta vaatimustenmukaisuuspäätöksiin.

Jaa tämä analyysi

Kuka tahansa, jolla on tämä linkki, voi nähdä yllä olevan tuloksen.

DentroChatin rakentama

100 % eurooppalainen tekoälychat kaikille

Keskustele tekoälyn kanssa, käsittele tiedostoja, luo kuvia ja hae verkosta. Tiedot pysyvät Euroopassa.

EU:ssa isännöity infrastruktuuriTeksti, tiedostot, kuvat ja verkkohakuNopea-, Ajattelu- ja Luova-tilatTietosuoja ensin oletuksenaTiedot eivät poistu Euroopasta
Kokeile ilmaiseksi →