Privacy Policy

Last updated: 24 November 2025

Data controller: Redateme, 86–90 Paul Street, London, EC2A 4NE

Data Protection Officer (DPO): dpo@redate.me

1) What we collect

Identifiers: your phone number; your obfuscated 6-digit code.
Date outcomes: ❤️ / 💛 / 🖤 / 👻 / 💙 (last three shown publicly).
Reflections (optional): two short private fields collected only on 💛 / 🖤.
Comms metadata: SMS invite status, nudge opt-ins, expiry timestamps (e.g., 72-hour window).
Technical data: IP address, device/browser info, cookies or local storage for security and session.

2) Why we use your data (lawful bases)

Run the service and show your last-three emojis (contract).
Send SMS invites/reminders (contract & consent for optional reminders).
Safety & abuse handling (legitimate interests; legal obligation).
Analytics & product improvement (legitimate interests; consent where required — see Cookies).
Verification, and support (contract; legitimate interests; legal obligation).

3) What's public vs private

Public: your 6-digit code and last-three emojis only. No names or phone numbers.

Private: your reflections, full history, and any personal details in your account/dashboard.

4) Sharing your data

We share limited data with:

Twilio (SMS delivery),
Hosting/ops providers (infrastructure, error logging),

We don't sell your data.

5) International transfers

Some providers e.g. Twilio may process data outside the UK/EEA. Where they do, we rely on UK IDTA/SCCs or equivalent safeguards.

6) Retention

Public emojis: roll forward as you log new outcomes (only the last three appear publicly).
Reflections/history: kept until you delete your account, unless we must keep data to meet legal obligations or resolve disputes.
SMS metadata: typically up to 30 days for security and delivery records.

7) Your rights (UK GDPR)

You can access, correct, delete, restrict, object, and port your data. Where we rely on consent (e.g., analytics cookies, marketing, optional reminders), you can withdraw it at any time. To exercise rights, email dpo@redate.me. You can also complain to the ICO (ico.org.uk), but we'd appreciate a chance to resolve it first.

8) Children

Redate.me is 18+ only. We don't knowingly collect data from children.

9) Security

We use industry-standard security; transport encryption; signed magic links; and role-based access. No system is perfectly secure — please protect your devices.

10) Automated decision-making

We don't make decisions with legal or similarly significant effects about you. Emojis and view nudges are simple status indicators and prompts.

11) Changes

We'll update this notice from time to time. If we make significant changes, we'll notify by SMS.

12) Contact

DPO: dpo@redate.me

General: privacy@redate.me

Address: 86–90 Paul Street, London, EC2A 4NE

1) What we collect

Identifiers: your phone number; your obfuscated 6-digit code.

Date outcomes: ❤️ / 💛 / 🖤 / 👻 / 💙 (last three shown publicly).

Reflections (optional): two short private fields collected only on 💛 / 🖤.

Comms metadata: SMS invite status, nudge opt-ins, expiry timestamps (e.g., 72-hour window).

Technical data: IP address, device/browser info, cookies or local storage for security and session.

2) Why we use your data (lawful bases)

Run the service and show your last-three emojis (contract).

Send SMS invites/reminders (contract & consent for optional reminders).

Safety & abuse handling (legitimate interests; legal obligation).

Analytics & product improvement (legitimate interests; consent where required — see Cookies).

Verification, and support (contract; legitimate interests; legal obligation).

7) Your rights (UK GDPR)