trust.grindr.com privacy policy — score 40/100 (high risk)
Sist analysert
Rapportinnholdet (sammendrag, funn, sitater) er generert på engelsk og er ikke lokalisert.
Grindr LLC · grindr.com
Rapportdetaljer
high risikoGrindr collects deeply sensitive data—including HIV status, precise geolocation, and biometric information—from a vulnerable community, ships it all to the US with no EU establishment, and reserves the right to keep training AI on it even after you opt out.
This privacy policy covers Grindr LLC's processing of personal information for its dating/social networking app serving the GBTQ+ community. The policy details extensive data collection including highly sensitive categories (health data, biometrics, precise location, ethnic origin), broad content scanning by both Grindr and unnamed partners, AI-driven features (gAI™) that use sensitive personal information, and advertising partnerships. Grindr is US-based with no EEA/UK/Swiss establishment, meaning all EU user data is transferred to the US under the EU-US Data Privacy Framework or SCCs. While the policy provides a detailed legal bases table and describes GDPR rights, significant concerns remain around the breadth of sensitive data processing, vague third-party sharing categories, weak AI opt-out provisions, and the inherent risks of centralizing such sensitive data in a US jurisdiction.
Vurdering per kategori
Oppdeling av erklæringen på viktige compliance-områder. God = sterk, rimelig = blandet, dårlig = bekymringsfull.
Collects HIV status, vaccination status, biometric video selfies, precise geolocation, and scans all uploaded content including private messages—far beyond what is strictly necessary.
Provides a detailed legal bases table and describes processing purposes, but uses vague categories like 'Other Partners' and defers AI details to an external help article.
Shares data with undefined 'Other Partners,' advertising/marketing partners, and service providers; the 'Other Partners' category appears repeatedly without any explanation of who these entities are.
Grindr is US-based with no EU establishment; all EU user data is transferred to the US under the Data Privacy Framework or SCCs, which is particularly concerning given the extreme sensitivity of the data.
Explicitly uses sensitive personal information for AI-driven features (gAI™) and states that opting out of AI processing of sensitive data may not stop processing 'where permitted under applicable law.'
Describes access, deletion, portability, correction, restriction, objection, and consent withdrawal rights with EU/UK/Swiss representatives appointed, but the opt-out caveats for AI and sensitive data processing significantly weaken the practical exercise of these rights.
Viktige funn
Bemerkelsesverdige klausuler, problemer eller gode praksiser (kritiske først)
Broad content scanning by Grindr and unnamed partners
The policy states that 'We and our partners also scan, analyze, and collect information from the videos, images, audio, messages, and other content and metadata that you upload.' This gives Grindr and unidentified partners sweeping access to all user content, including private messages, with no clear limitation on what is scanned or by whom.
AI training on sensitive data with ineffective opt-out
Grindr uses sensitive personal information for its AI-driven features (gAI™) and explicitly states: 'if you opt out, your sensitive data may continue to be processed where permitted under applicable law.' This renders the opt-out largely illusory, as Grindr reserves the right to continue processing under its own interpretation of 'legitimate interest' or other legal bases.
Precise geolocation risks for a vulnerable community
The policy acknowledges that precise geolocation 'could be used by some users to determine your exact location and to determine your identity.' For an app serving the GBTQ+ community in regions where homosexuality is criminalized or stigmatized, this represents a severe safety risk that is inadequately mitigated by the offered controls.
Vague 'Other Partners' sharing category
Throughout the legal bases table, 'Other Partners' is listed as both a data source and a recipient category without any definition or examples. This opacity makes it impossible for users to understand who receives their data, violating the GDPR principle of transparency.
Extended post-deletion data retention
Grindr retains device identifiers (IDFV, Android ID) and limited log information for up to two years after account deletion 'to support internal reporting, metrics, and statistics.' For banned accounts, even more data including chat messages may be retained indefinitely, which appears disproportionate.
Biometric data collection for age verification
The policy states that in certain jurisdictions, users may be required to provide 'a video selfie or pair a video selfie with an official photo ID to confirm you are 18 years of age or older. This will involve processing your biometric information.' The policy does not specify retention periods or deletion procedures for this biometric data.
Oppsummering for brukeren
Your most intimate data—health status, exact location, biometrics, private messages—is all sent to and stored in the US, and Grindr's AI may keep learning from it even if you try to opt out.
Compliance-stilling
Grindr has appointed EU/UK/Swiss representatives and a DPO, uses the IAB TCF framework, and provides a legal bases table—showing awareness of GDPR obligations. However, the substantive privacy risks from broad sensitive data processing, vague sharing categories, and weak AI opt-outs undermine these formal compliance structures.
EU-overføringer
All EU user data is transferred to the US. Grindr relies on the EU-US Data Privacy Framework and SCCs. Given the extreme sensitivity of the data (GBTQ+ community, health, biometrics, precise location), this transfer posture is high-risk even with these safeguards.
Oppdagede signaler
Spesifikke datapunkter og praksiser identifisert i teksten
Bevisutdrag
Direkte sitater fra erklæringen som støtter disse funnene
We and our partners also scan, analyze, and collect information from the videos, images, audio, messages, and other content and metadata that you upload, such as content characteristics and attributes, used for purposes of recommendations, to provide the Services, and other operations that do not identify you but may be associated with your profile consistent with your choices.
Note that if you opt out, your sensitive data may continue to be processed where permitted under applicable law.
Grindr is a U.S.-based company with no EEA/EU/UK/Swiss establishments at this time. When you use the Services, your personal information will be processed by Grindr and its service providers in countries outside the EEA, UK and Switzerland, including in the United States.
If you choose to display your Distance Information in your profile, it could be used by some users to determine your exact location and to determine your identity.
We also retain a device identifier (i.e., IDFV and Android ID) and limited log information for a period of up to two years following account deletion to support internal reporting, metrics, and statistics.
Mangler eller uklart
- No subprocessor list or detailed inventory of 'Other Partners'
- No specific retention period for biometric data collected during age verification
- No Data Protection Impact Assessment (DPIA) summary despite processing high-risk sensitive data at scale
- No detail on what specific AI models are trained and on what data
- No commitment to notify users of data breaches within GDPR timelines
- No information on data encryption standards or pseudonymization techniques
- No clarity on whether message content is used for AI training beyond safety features
Spørsmål å stille
- Who specifically are the 'Other Partners' listed as both data sources and recipients in the legal bases table, and what data do they receive?
- What happens to biometric data (video selfies) after age verification is complete—is it deleted, and if so, on what timeline?
- Can you provide a complete list of subprocessors and their locations, particularly those processing data outside the US?
- When you say sensitive data 'may continue to be processed' after an AI opt-out, under which specific legal bases and for which specific processing purposes?
- Has a Data Protection Impact Assessment been conducted for the processing of precise geolocation data of GBTQ+ users, and can its summary be shared?
- What specific content scanning is performed by 'partners' on private messages, and can users opt out of this scanning?
- How do you ensure that the EU-US Data Privacy Framework safeguards are actually implemented by all US-based subprocessors receiving EU user data?
Del denne analysen
Alle med denne lenken kan se resultatet ovenfor.
Bygget av DentroChat
100 % europeisk AI-chat for alle
Chat med AI, jobb med filer, generer bilder og søk på nettet. Data forblir i Europa.