policies.tinder.com privacy policy — score 48/100 (high risk)

Utolsó elemzés

A jelentés tartalma (összefoglaló, megállapítások, idézetek) angolul készült és nincs lokalizálva.

Új elemzés futtatása másik szabályzaton

Tinder (MTCH Technology Services Limited) · tinder.com

Jelentés részletei

high kockázat

Tinder collects a massive amount of highly sensitive personal data—including sexual orientation, biometric face data, and precise location—and shares it widely across Match Group companies and advertising partners, making it a concerning privacy choice despite offering standard EU rights.

Tinder's privacy policy reveals extensive data collection and sharing practices that go well beyond what is strictly necessary for a dating application. While the policy is transparent about its practices and provides clear mechanisms for exercising GDPR rights, the sheer volume of sensitive data collected, the broad sharing with Match Group affiliates and advertisers, and the use of data for machine learning without clear opt-out mechanisms raise significant privacy concerns under EU law.

Utolsó elemzés
ForrásURL
Hossz40,776 karakter

Kategória szerinti értékelés

A szabályzat bontása a fő megfelelőségi területekre. Jó = erős, közepes = vegyes, gyenge = aggasztó.

Data Minimizationpoor

Collects highly sensitive categories (sexual life, biometrics, precise location) and generates broad 'insights and inferences' that go well beyond what is strictly necessary for the service.

Transparencyfair

The policy is clearly written and structured, but uses broad language around purposes like 'improving services' and 'legitimate business purposes' that lack specificity.

Third-party Sharingpoor

Extensive sharing with Match Group affiliates for vague purposes, advertising partners using tracking technologies, and joint data control with Meta, creating a wide data dissemination footprint.

International Transfersfair

Acknowledges transfers to the US and cites SCCs, but is silent on supplementary technical or organizational measures required to ensure effective protection post-Schrems II.

AI/Model Trainingpoor

Explicitly reserves the right to use data for machine learning and developing new technologies, but offers no information on safeguards or an opt-out mechanism for users.

User Rightsgood

Clearly outlines GDPR rights (access, portability, deletion, objection, restriction) and provides direct links and contact details for the DPO and data protection authorities.

Fő megállapítások

Fontos záradékok, problémák vagy jó gyakorlatok (kritikusak először)

Kritikus

Excessive Collection of Special Category Data

The policy explicitly collects highly sensitive data categories like sexual orientation, sexual life, health, and political beliefs under 'Profile Data', and biometric 'Face Data', which goes far beyond what is strictly necessary for a dating service's core functionality and requires explicit consent under GDPR Article 9.

Kritikus

Broad and Vague Affiliate Data Sharing

Data is broadly shared with 'Affiliates' (other Match Group companies) for purposes as vague as 'corporate / consolidated audit, analysis and reporting' and 'enhance marketing and advertising campaigns', which may fail the GDPR's purpose limitation and compatibility tests.

Figyelmeztetés

No Opt-Out for AI/ML Training

The policy states they may maintain and use de-identified data 'to improve our service and create new features, technologies and services, including through machine learning', but is completely silent on any opt-out mechanism or specific safeguards for this use.

Figyelmeztetés

Incomplete International Transfer Safeguards

While the policy mentions relying on Standard Contractual Clauses for transfers to third countries like the USA, it lacks specifics on the supplementary measures implemented to ensure adequate protection post-Schrems II.

Figyelmeztetés

Disproportionate Data Retention Periods

Data retention periods are excessively long for certain categories, such as keeping customer care exchanges for 6 years and profile data for 1 year after closure 'in anticipation of potential litigation', which appears disproportionate under the GDPR's storage limitation principle.

Összefoglaló a felhasználónak

Your most intimate data is collected, inferred, and shared widely within the Match Group corporate family and with third-party advertisers, with limited ability to prevent its use in AI training.

Megfelelőségi helyzet

Mixed compliance posture: Strong on transparency and user rights mechanisms, but weak on data minimization and purpose limitation for sensitive data categories.

EU-s átvitelek

Acknowledges reliance on Standard Contractual Clauses for US transfers but is silent on supplementary measures required post-Schrems II.

Észlelt jelek

A szövegben azonosított konkrét adatok és gyakorlatok

Gyűjtött adatok
Phone numberEmail addressDate of birthGenderInterestsPreferencesApproximate locationSexual orientationSexual lifeHealthPolitical beliefsPhotosVideosAudioTextSearch queriesChatsPurchase historyFinancial infoSurvey responsesThird-party contactsCustomer support dataSocial media dataUsage dataIP addressDevice IDDevice typeOperating systemNetwork informationDevice movement and sensor dataAdvertising IDsCookiesPrecise geolocationFace geometry dataGovernment-issued ID
Adatkezelési célok
Service provision and account managementMatching and recommendationsPayment processing and price customizationAdvertising and marketing campaignsService improvement and new feature developmentMachine learning and AI trainingSafety and security enforcementLegal compliance and law enforcement responseCorporate audit and reporting across Match Group
Harmadik felekkel való megosztás
Other Tinder membersMatch Group affiliatesService providers and vendorsAdvertising partnersMeta (as Joint Data Controllers)Law enforcement authoritiesPartners for safety and security purposesThird parties via profile sharing features
Nemzetközi átvitelek
Transfers to US affiliates and vendorsReliance on EU Commission Standard Contractual ClausesReliance on adequacy decisions where availableNo mention of supplementary transfer measures
AI / Modelltanítás
Data used for machine learning and new technology developmentNo opt-out mechanism provided for AI trainingDe-identified data may be maintained indefinitely for ML purposes

Bizonyító részletek

Közvetlen idézetek a szabályzatból e megállapítások alátámasztására

Some of this data may be considered sensitive or special in certain countries, such as details about sexual orientation, sexual life, health, or political beliefs. If you choose to provide this data, you consent to us using it as laid out in this Privacy Policy.

Where appropriate and as legally permitted, we may maintain and use data that, by itself, cannot identify or be attributed specifically to you... including through machine learning, and keep Match Group services safe.

We share data about you with our Affiliates and they share data about you with us... For other legitimate business purposes including corporate / consolidated audit, analysis and reporting.

we keep customer care exchanges with you for 6 years from the date of the communication; customer care records and supporting data... for five years in support of our safety efforts... profile data for one year in anticipation of potential litigation

We rely on such mechanisms to transfer personal data to our Affiliates... and to third parties for the purposes outlined in Section 5 in countries without adequacy decisions, such as the United States of America.

Hiányzó vagy nem egyértelmű

  • No mention of a Data Protection Impact Assessment (DPIA) for the high-risk processing of biometric and sexual life data
  • No details on supplementary measures for US data transfers despite acknowledging the US lacks an adequacy decision
  • No opt-out mechanism or specific safeguards described for the use of personal data in machine learning/AI model training
  • No clear explanation of how 'insights and inferences' are generated or specific examples of what these inferences might be
  • No information on automated decision-making and profiling safeguards beyond a link to an external FAQ

Felteendő kérdések

  • What specific supplementary technical and organizational measures have you implemented alongside SCCs to protect EU data transferred to the US?
  • How can users opt out of having their data used for machine learning and AI model training, as mentioned in your retention section?
  • Can you provide the results of the DPIA conducted for processing special category data (sexual orientation, biometrics) and automated profiling?
  • What exactly constitutes 'insights and inferences' generated from user data, and are these used to make automated decisions that significantly affect users?
Ezt az elemzést AI generálja, és nem minősül jogi tanácsadásnak. Megfelelőségi döntésekhez mindig kérj képzett jogász véleményét.

Elemzés megosztása

Bárki, aki rendelkezik ezzel a linkkel, megtekintheti a fenti eredményt.

A DentroChat készítette

100%-ban európai AI chat mindenkinek

Csevegj AI-val, dolgozz fájlokkal, generálj képeket és keress a weben. Az adatok Európában maradnak.

EU-ban üzemeltetett infrastruktúraSzöveg, fájlok, képek és webes keresésGyors, Gondolkodó és Kreatív módokAdatvédelem alapbólEgyetlen adat sem hagyja el Európát
Próbáld ki ingyen →