Privacy Policy

Account information: When you create an account, we collect your email address, encrypted password, date of birth, gender, and gender preference. We use this to authenticate you and serve relevant matches.

Profile information:Name, occupation, city, photos, and quiz/prompt answers that you choose to share. These are used in the matching process and displayed to other users according to Blindly's progressive reveal mechanics.

Photos: We store up to 3 photos per user in encrypted cloud storage. Photos expire after 60 days and are permanently deleted upon expiry or account deletion. We do not use facial recognition technology.

Location data: If you opt in to path-crossing features (Full tier only), we store your location as a geohash — never as raw latitude/longitude coordinates. Location data is never exposed to other users in any form. Only an aggregate crossing count is surfaced after a mutual match.

Usage data: We collect anonymized interaction data (selections, matches, message counts) to calculate your Blindly Score and to improve the service. We use PostHog for privacy-respecting product analytics.

Payment information: Payment processing is handled entirely by Stripe. We never see, store, or have access to your credit card numbers or banking details.

We use your information to:

• Operate the Blindly matching service
• Calculate your Blindly Score (selection rate, match rate, response rate)
• Generate cross-pool match signals
• Send notifications about matches, messages, and reveals
• Process subscription payments through Stripe
• Award tokens for referrals and engagement milestones
• Track city unlock progress (anonymous counts only)
• Prevent abuse and enforce community standards

We never sell your personal information to third parties. We never use your data for advertising targeting. We never share your quiz answers, match quality ratings, or intimacy question responses with anyone — including the people you match with (unless you both mutually opt in to reveals).

• Store raw GPS coordinates in user-accessible tables
• Reveal quiz answers on public profiles
• Show match quality ratings to the rated user
• Share intimacy question answers without mutual opt-in
• Store ID verification documents on our servers (verified status only)
• Send SMS messages — we don't use your phone number
• Use facial recognition or biometric data
• Sell or rent your data to advertisers or data brokers

Your data is stored in Supabase (PostgreSQL) with Row Level Security (RLS) enabled on every table. This means users can never directly query another user's raw data — all data access goes through secure server-side functions.

Photos are stored with signed URLs that expire. All API requests are authenticated and rate-limited. Passwords are hashed with bcrypt and never stored in plaintext.

Active accounts: We retain your data as long as your account is active.

Photos: Automatically deleted 60 days after upload. You receive a warning notification 14 days before expiry.

Deleted accounts: When you delete your account, we perform a soft delete immediately. Your profile is removed from all matching pools instantly. We permanently purge all personal data within 30 days of deletion.

Messages: Conversation history is deleted when either participant deletes their account.

Regardless of where you live, you have the right to:

• Access — Request a copy of all data we hold about you
• Correction — Update or correct inaccurate information
• Deletion — Delete your account and all associated data
• Portability — Export your data in a machine-readable format
• Objection — Object to specific data processing activities

For GDPR (EU) and CCPA (California) requests, use the “Request My Data” link in Settings or email us at privacy@getblindly.app.

• Supabase — Database, authentication, real-time messaging
• Stripe — Payment processing (PCI compliant)
• Vercel — Application hosting
• PostHog — Privacy-respecting product analytics
• SendGrid — Transactional email delivery
• Firebase Cloud Messaging — Push notifications

Each of these services has their own privacy policy. We only share the minimum data necessary for each service to function.

Blindly is designed for adults ages 25 and older. We do not knowingly collect information from anyone under 18. If we learn that a user is under 18, we will immediately delete their account and associated data.

We may update this privacy policy from time to time. If we make material changes, we will notify you through the app or via email before the changes take effect. Your continued use of Blindly after changes constitutes acceptance of the updated policy.

If you have questions about this privacy policy or how we handle your data:

Email: privacy@getblindly.app
Location: Nashville, Tennessee, USA