Privacy Policy.

§ 01 — Who we are

DelbarMe Ltd ("DelbarMe", "we", "us") is the company behind the DelbarMe dating application and the website at delbarme.com. We are the "data controller" for your personal data under the UK GDPR and the EU GDPR.

Registered address: to be published at launch.
Data Protection Officer: privacy@delbarme.com

§ 02 — What we collect

We only collect what we genuinely need to run the service. That is:

• Account details — your name, email, phone number, date of birth, city.
• Profile content — photos, bio, values, faith, family orientation, languages, and your stated dating intent.
• Verification data — a short selfie video used once to confirm your photos match you. The video is compared and then deleted within 30 days. We keep only the verification status.
• Messages — what you send and receive on the app. We do not read them routinely. They are only reviewed when you report them or when moderation is triggered automatically.
• Device and usage — device type, operating system, app version, crash logs, coarse IP location (city-level).
• Payments — if you buy premium features, our payment provider (Stripe or the platform store) handles card details. We never see your card number.

We do not collect: precise GPS location, contacts, calendar, microphone (unless you record a voice note), health data, or content from other apps.

§ 03 — How we use your data

• To operate your account and show you to compatible matches (contractual necessity).
• To verify that the person in the photo is you (legitimate interest: trust and safety).
• To protect members from harm — reviewing reports, removing abusive content (legitimate interest).
• To improve the app — aggregated, non-identifying analytics (legitimate interest).
• To tell you about your account (contractual) and, only with consent, occasional updates about the service.
• To comply with legal obligations (e.g. tax records).

We do not train machine-learning models on your private messages or photos. We do not sell your data. We do not serve you behavioural advertising.

§ 04 — Who we share your data with

A short list, and why:

• Other members — your profile is visible to compatible matches. You control which photos and details appear.
• Service providers we carefully select: hosting (Firebase / Google Cloud), verification (Onfido or equivalent), payments (Stripe, Apple, Google), email (Postmark), crash logs (Sentry). Each is bound by data-processing agreements.
• Law enforcement — only when legally required, and we push back on overbroad requests.
• A buyer — if DelbarMe is ever acquired, your data transfers with strong contractual protections. We will notify you first.

§ 05 — International transfers

Your data is stored primarily in the European Union (Frankfurt). Some providers process data in the United States or United Kingdom. We rely on Standard Contractual Clauses and adequacy decisions where applicable. You can ask us for a copy of these clauses at any time.

§ 06 — Your rights

Under GDPR, you have the right to:

• Access your data (and receive a copy).
• Correct inaccurate data.
• Delete your account and associated data.
• Restrict or object to certain processing.
• Port your data to another service.
• Withdraw consent at any time.
• Complain to a data protection authority.

To exercise any of these, write to privacy@delbarme.com from the email on your account. We answer within 30 days — usually within three.

§ 07 — How long we keep your data

• Active account — as long as your account is open.
• Deleted account — your profile, photos, and messages are deleted within 30 days. Some minimum records (fraud prevention, legal obligations) may be kept up to 7 years.
• Verification videos — deleted within 30 days of verification.
• Crash logs and analytics — 90 days.

§ 08 — How we protect your data

All data is encrypted in transit (TLS 1.2+) and at rest (AES-256). Messages and photos are access-controlled. We run regular security reviews. We have a defined incident response process and will notify you and the relevant authority within 72 hours of a confirmed breach affecting your data.

§ 09 — Cookies & similar technologies

The website sets no cookies. Your language preference is stored locally in your browser (localStorage) and is never sent to us. We use Vercel Web Analytics and Speed Insights — privacy-respecting services that do not use cookies, do not set tracking identifiers, and do not sell or share visitor data. They measure aggregate page views and core web vitals only. Because we set no cookies, no cookie-consent banner is required.

The mobile app uses the standard OS identifiers only for crash reporting and app-store attribution — nothing for third-party advertising. When the app launches we will list the exact identifiers and what each is used for.

§ 10 — Changes to this policy

We will update this policy as the service evolves. If the changes are material — for example, new categories of data or new recipients — we will tell you by email and in the app at least 30 days before they take effect.

§ 11 — Contact

Questions, concerns, or requests: privacy@delbarme.com. We reply within three working days.

Note: this is a draft policy published ahead of our public launch. It will be reviewed by counsel before the app goes live. If you notice anything unclear or inaccurate, please let us know.