Privacy Policy

1. Introduction

Dash Dating ("we," "our," or "us") operates a speed dating event management platform consisting of a marketing website (dash.dating) and a mobile/web application used by daters, hosts, and event organizers. This Privacy Policy explains what information we collect, how we use it, who we share it with, and the rights you have over it.

This policy applies to all Dash Dating products. Where a practice applies only to the marketing website or only to the app, we say so explicitly.

2. Information We Collect

2.1 Information You Provide in the App

• Account information: email address (used for magic-link sign-in) and display name.
• Profile information: gender, date of birth, hometown, occupation, bio, and an optional profile photo.
• Event activity: event registrations, check-ins, waitlist status, and table assignments at events you attend.
• Matching picks: the "yes" picks you make during an event's matching phase.
• Messages: plain-text messages you send to mutual matches through the in-app chat (up to 2,000 characters per message).
• Reports and blocks: the reason text and target user ID when you report another participant or block them.
• QR code scans (hosts only): when a host scans a dater's check-in QR code, the camera processes the code locally on the device and only the decoded event/user ID is sent to our servers.
• Venue address (hosts only): hosts type a venue address when creating an event. We convert it to approximate coordinates (latitude/longitude) and store them with the event so that daters can tap a "Get Directions" button that opens their device's Maps app (Apple Maps or Google Maps) with the venue as the destination. The Maps app makes its own request to its provider after you tap; Dash Dating does not send your location to Apple or Google. We do not request or read the device's GPS.

2.2 Information You Provide on the Marketing Website

• Contact and lead forms: if you fill out the Contact Us, Get Started, or similar forms on dash.dating, we collect your name, email address, company name (optional), inquiry type, and the message you write.

2.3 Information Collected Automatically on the Marketing Website

When you visit dash.dating in a web browser, our analytics providers collect standard web telemetry: page URL, referrer, approximate geographic region (derived from IP), browser type, device type, and timestamps. This data is used to understand traffic patterns and improve the site. See Section 4.5 for the specific providers and our Cookie Policy for details on cookies.

2.4 Information the App Does Not Collect

For clarity, the Dash Dating mobile and web app does not:

• Request access to your device's GPS or precise location.
• Read your contacts, calendar, microphone, or files outside the photos you explicitly pick.
• Run third-party advertising SDKs or tracking pixels inside the app.
• Sell your personal information to anyone for any purpose.

The app's web build (when you use Dash Dating in a browser) does include the same web-analytics providers as the marketing site; see Section 4.5.

3. How We Use Your Information

• Authenticate your account via email magic link (one-time password). We do not store passwords.
• Provide the core platform: event registration, check-in, table assignment, matching, mutual-match reveal, and in-app chat between mutual matches.
• Send transactional notifications (event reminders, RSVP confirmations, match results, new messages) by email and, with your permission, push notification.
• Operate safety features: enforcing your blocks, processing reports, and reviewing reported content.
• Show hosts the participant roster they need to run their event.
• Respond to support requests you submit through our contact channels.
• Detect and prevent fraud, abuse, and violations of our Terms of Service.
• Improve our services through aggregate, de-identified usage analysis.
• Comply with legal obligations.

4. Authentication, Messaging, and Third Parties

4.1 Authentication Methods

You can sign in to Dash Dating using any of three methods:

• Email magic link — we send a short-lived sign-in link to your email address. We do not store, hash, or transmit passwords because we don't use them.
• Sign in with Apple — Apple verifies your identity and shares a unique identifier with us. You can choose to share your real email address or use Apple's "Hide My Email" feature, which gives us a private relay address (e.g. abc123@privaterelay.appleid.com) that forwards to your real address without revealing it. Either form works for sign-in and event-related notifications. Apple also shares your first and last name on your first sign-in only; we use it to prefill the onboarding screen.
• Sign in with Google — Google verifies your identity and shares your email address and basic profile information (name) with us.

Whichever method you choose, the resulting account is identified by your email address inside our system, so you can use the same method going forward to return to the same account.

4.2 Email Communications

We use your email address for:

• Sign-in magic links.
• Transactional notifications about events you've joined (e.g. reminders, match results).
• Customer support responses.

We do not send marketing email to daters. Hosts and prospective hosts who submit a contact or lead form on dash.dating may receive a follow-up email from our team about their inquiry.

4.3 In-App Messaging

Messages sent through the in-app chat are stored on our servers and are only visible to the two participants in a mutual match. Hosts and daters who are not part of a given conversation cannot see its contents through the app. If a user reports a conversation, our moderation staff may review the reported messages to assess the report. See Section 7 for moderation timelines.

4.4 Push Notifications

With your permission, we send push notifications to your device for event updates, new messages, and match results. We support two delivery channels:

• Mobile push via Firebase Cloud Messaging (iOS and Android).
• Web push via your browser's standard Push API (web app only).

You can disable push notifications at any time through your device or browser settings.

4.5 Third-Party Service Providers (Subprocessors)

We rely on the following third parties to operate the platform. Each is contractually required to handle your data only on our instructions and to apply appropriate security measures.

• Supabase — primary database, authentication, file storage (profile photos and event cover images), and real-time messaging infrastructure.
• Apple — when you choose Sign in with Apple, Apple verifies your identity and returns a token plus the email address (or private relay address) you elected to share. We exchange a one-time code with Apple's authentication server to enable account-deletion revocation (Apple's requirement for apps that use Sign in with Apple).
• Google — when you choose Sign in with Google, Google verifies your identity and returns a token plus your email address and basic profile information.
• Firebase Cloud Messaging (Google) — delivery of mobile push notifications.
• Vercel — hosting for the marketing website and the web build of our app, including its Web Analytics product, which records page-view-level traffic data without third-party cookies.
• Google Analytics 4 — aggregate traffic measurement on the marketing website and the web build of the app.
• Resend — delivery of transactional emails (event reminders, RSVP confirmations, match notifications, support replies).
• Supabase Auth — delivery of magic-link sign-in emails.

We do not use third-party advertising networks, retargeting pixels, or cross-site behavioral tracking.

5. Information Sharing and Disclosure

5.1 With Other Participants

Before a match is detected, the only information other participants see is aggregate event counts (e.g. number of men/women registered). Individual names, photos, and profiles are not visible to other daters until matching results are released.

When you and another participant both pick each other (a mutual match), your profile (display name, photo, hometown, occupation, bio, and age derived from date of birth) becomes visible to that match, and theirs to you. You can then exchange messages through in-app chat. Anything additional you share in chat is your choice.

5.2 With Event Organizers

The host of an event you register for can see participant information needed to run the event: display name, profile photo, age (derived from date of birth), gender, registration and check-in status, and assigned table number. The host cannot see your matching picks, your mutual matches with other daters, or the contents of chats between other participants.

Sales staff at Dash Dating (employees and authorized contractors with elevated roles) can see all event and registration data needed to support hosts, and can read submitted reports and contact-form messages.

5.3 With Other Third Parties

Beyond the subprocessors named in Section 4.5, we share your information with third parties only in these limited cases:

• Legal compliance: when required by subpoena, court order, or other legal process, or to comply with applicable law.
• Safety: to investigate, prevent, or take action regarding fraud, abuse, or threats to the safety of users or the public.
• Business transfers: in connection with a merger, acquisition, financing, or sale of assets, with notice to you to the extent required by law.

We do not sell your personal information.

6. Data Security

We use industry-standard technical and organizational safeguards to protect your information, including encryption in transit (TLS), encryption at rest for our database and file storage, role-based access controls (Postgres row-level security on all user tables), and audit logging on privileged operations. Magic-link tokens are short-lived. No system is 100% secure, so we cannot guarantee absolute security; if we learn of a breach affecting your personal data, we will notify you as required by applicable law.

7. Safety, Content Moderation, and Reporting

Dash Dating includes safety features designed to give you control over your experience and let you flag content that violates our community standards.

• Block: you can block another user from any chat. Once blocked, neither party can message the other, and you will not see their content. Blocks are enforced server-side.
• Report: you can report another user from any chat. Reports include the reason you provide and the conversation context.
• Moderation response: we aim to review and act on reports of objectionable content within 24 hours of submission. Actions may include warning the reported user, removing content, suspending the account, or permanently banning the user. We retain a record of reports for safety and legal purposes.
• Reporting outside the app: if you have a concern you can't raise through in-app reporting, email hello@dash.dating.

If you believe you are in immediate danger, please contact local emergency services first.

8. Your Rights and Choices

• Access: you can view most of your information directly in the app (profile, registrations, picks, matches, messages). For other records, email us and we will provide a copy.
• Correction: you can update profile information at any time in the app's Profile screen.
• Deletion: you can delete your account from inside the app (Settings › Delete Account). See Section 9 for how deletion works in practice.
• Portability: you can request a machine-readable export of your account data by emailing us.
• Marketing opt-out: we do not send marketing email to daters. If you receive marketing email from us as a host or prospect, every message includes an unsubscribe link.
• Push notifications: manage in your device or browser settings.

Depending on where you live, you may have additional rights under laws such as the GDPR (EU/UK), CCPA/CPRA (California), or similar regional laws. To exercise any of these rights, email hello@dash.dating. We will respond within the timeframe required by applicable law.

9. Account Deletion — How It Works

When you delete your account from the app:

• Your profile is anonymized in place: display name becomes "Deleted user," and your photo, gender, date of birth, hometown, occupation, and bio are erased.
• Any elevated role you held (host, sales) is removed.
• Your authentication record is deleted, so the email address can no longer sign in to that account.
• Past registrations, picks, mutual matches, and chat messages are preserved in anonymized form so that the other participants' chat history and the host's attendance records remain intact. The other party will see your side of the conversation attributed to "Deleted user."

You cannot delete your account while you are checked in to a live event whose matching is still in progress, or while you are listed as the host of an event that hasn't ended; we ask you to finish or cancel those first. If you need help, email hello@dash.dating.

If you want a full hard-deletion of all rows associated with your account (rather than the in-place anonymization above), email us. Note that doing so removes your half of every conversation you participated in.

10. Data Retention

We retain data only as long as needed for the purposes described in this policy. Specifically:

• Account and profile: retained while your account is active. On deletion, anonymized as described in Section 9.
• Event registrations, picks, and mutual matches: retained indefinitely so hosts have an attendance record and so your match history remains accessible to you.
• Chat messages: retained indefinitely so the conversation remains available to both participants. Deleting your account anonymizes (but does not erase) your messages so the other party's history stays intact.
• Reports: retained for at least 2 years for safety and legal purposes, and longer if associated with an active investigation.
• Blocks: retained for as long as your account is active.
• Marketing-site form submissions: retained for up to 24 months unless you ask us to delete them sooner.
• Server and authentication logs: typically retained for up to 90 days for operational and security purposes.
• Web analytics data: retained per the analytics provider's defaults (Google Analytics: up to 14 months; Vercel Analytics: up to 90 days).

11. Cookies and Tracking on the Website

Our marketing site and the web build of our app use a small number of cookies and similar storage:

• Strictly necessary: session storage used by the web app to keep you signed in.
• Analytics: Google Analytics and Vercel Analytics use cookies or first-party storage to measure aggregate traffic. These can be disabled through your browser.

The Dash Dating mobile app does not use web cookies. See our Cookie Policy for full details.

12. International Data Transfers

Dash Dating is operated from the United States, and our subprocessors operate infrastructure in the United States and other countries. If you use our services from outside the United States, your information will be transferred to, stored, and processed in the United States and possibly other jurisdictions. Where required, we rely on Standard Contractual Clauses or equivalent safeguards for international transfers.

13. Children's Privacy

Our services are intended only for users 18 years and older. Date of birth is collected at sign-up and the platform blocks anyone whose age is under 18, and event hosts can additionally set per-event age requirements. We do not knowingly collect personal information from anyone under 18. If we learn that we have collected personal information from someone under 18, we will delete it.

14. Changes to This Policy

We may update this Privacy Policy from time to time. We will revise the Effective Date at the top of the page and, for material changes, give you reasonable advance notice (for example, by in-app notice or email).

15. Contact Us

If you have questions about this Privacy Policy or our data practices, or want to exercise any of the rights described above, contact us: