Privacy Policy — mmeet
Effective date: April 13, 2026
Welcome to mmeet — a video-based dating app where you agree on a real-life meeting in under 5 minutes. We respect your privacy and are committed to protecting your personal data. This Privacy Policy explains what data we collect, why we collect it, how we use it, and what rights you have under the General Data Protection Regulation (GDPR) and applicable law.
1. Data Controller
Name: Roman Malko
Email: mmeetapp.mail@gmail.com
Website: https://mmeet.app
If you have any questions or requests regarding your personal data, please contact us at the email address above.
2. Data We Collect
We collect only the data necessary to provide and improve our service.
| Category | Examples |
|---|---|
| Account / Identity | Name, date of birth, gender, email address, phone number, Apple/Google account identifier |
| Profile / Demographic | Profile photos, mmeet video answers, city of residence |
| Location | Approximate location (city/region) used to show nearby users — only with your explicit consent |
| Media Content | Videos and photos you record or upload in the app; stored in AWS S3 (Frankfurt, EU) |
| Behavioural | Likes, profile views, matches, meeting confirmations, in-app interactions |
| Technical / Device | Device type, OS version, app version, push notification token (FCM) |
| Analytics & Crash Reporting | Sentry (EU region): anonymised user ID only — no email or IP address; limited session replays triggered only on errors. Firebase Analytics: aggregated usage statistics |
| Payment | Subscription status, purchase history; payment card details are processed exclusively by App Store / Google Play — we never see or store them |
3. Legal Basis for Processing (GDPR Art. 6)
| Legal basis | When we rely on it |
|---|---|
| Consent (Art. 6(1)(a)) | Location access, push notifications, optional analytics, session replays |
| Contract (Art. 6(1)(b)) | Account creation, providing the matching and meeting-scheduling service |
| Legitimate Interest (Art. 6(1)(f)) | Fraud prevention, community safety, service improvement, crash diagnostics |
| Legal Obligation (Art. 6(1)(c)) | Responding to lawful requests from competent authorities |
4. How We Use Your Data
- Create and manage your account.
- Show your profile (photos, videos) to other users so they can decide whether to match with you.
- Enable the core feature: agreeing on a real-life meeting in under 5 minutes.
- Send push notifications about matches and meeting updates.
- Detect and prevent fraud, abuse, and policy violations.
- Automatically moderate uploaded photos and mmeet videos using AI (Google Gemini) to reject fake photos, deepfakes, AI-generated faces, nudity, and other content that breaks our Community Guidelines before it reaches other users.
- Diagnose crashes and technical issues (via Sentry with minimised PII).
- Understand aggregate usage patterns to improve the app (Firebase Analytics).
- Process and manage in-app purchases and subscriptions.
5. Data Sharing & Third Parties
Other Users
Your public profile (name, age, city, photos, mmeet videos) is visible to other users of the app. You control what you add to your profile.
Service Providers
| Provider | Purpose | Location |
|---|---|---|
| DigitalOcean | Cloud hosting (servers, PostgreSQL, Redis, RabbitMQ) | Frankfurt, EU |
| AWS S3 | Media storage (photos, videos) | Frankfurt, EU |
| Firebase Analytics | Aggregated app analytics | Google (EU-US DPF) |
| Firebase Cloud Messaging (FCM) | Push notifications | Google (EU-US DPF) |
| Google Maps | Location display in app and website | Google (EU-US DPF) |
| Google Sign-In | Authentication | Google (EU-US DPF) |
| Apple Sign-In | Authentication | Apple (SCCs) |
| Sentry | Crash reporting and error monitoring (anonymised user ID only; limited session replays on errors) | EU region |
| Resend | Transactional email delivery | EU region |
| Google Analytics | Website usage analytics | Google (EU-US DPF) |
| Google Gemini | AI moderation of uploaded photos and mmeet videos (rejecting fakes, deepfakes, nudity, and other policy violations). Media is sent for one-time analysis only and is not used by Google to train their models. | Google (EU-US DPF) |
International Transfers
Where data is transferred outside the European Economic Area (EEA), we rely on the EU–US Data Privacy Framework (DPF) or Standard Contractual Clauses (SCCs) approved by the European Commission to ensure an adequate level of protection.
No Selling of Data
We do not sell, rent, or trade your personal data to any third party for their own marketing purposes.
6. Data Storage & Retention
| Data / Storage | Location | Retention |
|---|---|---|
| Profile data, behavioural data (PostgreSQL) | DigitalOcean Frankfurt, EU | Until account deletion |
| Photos & videos (AWS S3) | Frankfurt, EU | Until account deletion |
| Session cache (Redis) | DigitalOcean Frankfurt, EU | 1 day |
| Auth token (JWT) | Device only — Keychain (iOS) / EncryptedSharedPreferences (Android); AES-256 encrypted | 30 days |
| Crash & error data (Sentry) | Sentry EU region | 90 days |
| Analytics (Firebase / Google Analytics) | Google (EU-US DPF) | 14 months |
7. Your Rights under GDPR
As a data subject under the GDPR you have the following rights:
- Access — request a copy of the personal data we hold about you.
- Rectification — correct inaccurate or incomplete data.
- Erasure — request deletion of your data ("right to be forgotten").
- Restriction — ask us to limit processing in certain circumstances.
- Data Portability — receive your data in a structured, machine-readable format.
- Object — object to processing based on legitimate interests.
- Withdraw Consent — withdraw consent at any time without affecting the lawfulness of prior processing.
To exercise any of these rights, email us at mmeetapp.mail@gmail.com. We will respond within 30 days. You also have the right to lodge a complaint with your local data protection authority.
8. Data Security
- All data in transit is encrypted via HTTPS / TLS.
- Passwords are hashed with bcrypt; we never store plaintext passwords.
- Auth tokens (JWT) are stored encrypted on-device (AES-256) using Keychain on iOS and EncryptedSharedPreferences on Android.
- Crash reports sent to Sentry contain an anonymised user ID only — no email addresses or IP addresses.
- Session replays in Sentry are limited in scope and triggered only when an error occurs.
9. Device Permissions
The mmeet app may request the following device permissions:
| Permission | Purpose |
|---|---|
| Camera | Recording mmeet video answers |
| Microphone | Audio in video recordings |
| Photo Library | Uploading profile photos |
| Notifications | Match alerts and meeting confirmations |
All permissions are optional and can be revoked at any time in your device settings.
10. Cookies
Mobile App
The mmeet mobile app does not use browser cookies.
Website (mmeet.app)
| Cookie / Storage | Purpose | Type |
|---|---|---|
| Google Analytics | Aggregate traffic and usage statistics | Analytics |
| Language preference | Remember your chosen language (UA / EN) | Functional |
| Google Maps | Map rendering and location display | Functional |
11. Children's Privacy
mmeet is intended exclusively for users aged 18 and over. Age is verified at registration both on the client side and on the server side. If we discover that a user is under 18, we will immediately delete their account and all associated data.
12. Account and Data Deletion
You can delete your account at any time from the app settings. Upon deletion, all your personal data — including profile information, photos, and videos — is permanently and irreversibly deleted from our systems. There is no soft-delete or recovery period.
13. Changes to This Policy
We may update this Privacy Policy from time to time. When we make material changes, we will notify you via the app or by email before the changes take effect. The date at the top of this page always reflects the most recent revision. Continued use of the app after the effective date constitutes acceptance of the updated policy.
14. Contact
If you have any questions or concerns about this Privacy Policy or how we handle your data, please contact:
Roman Malko
mmeetapp.mail@gmail.com
https://mmeet.app
