Privacy Policy

Effective date: April 26, 2026
Last updated: April 26, 2026

---

1. About this Policy

This Privacy Policy explains how Vaida LLC ("Vaida", "we", "our", "us") collects, uses, shares, and protects personal information when you use the Vaida international dating platform at https://vaida.app (the "Service"). It applies to visitors, registered members, paying subscribers, and anyone who otherwise interacts with the Service.

By using the Service, you acknowledge the practices described below. If you do not agree with any part of this Policy, please do not use the Service.

We will update this Policy when our practices change. Material changes will be announced in the Service and by email at least 30 days before they take effect, except where a shorter period is legally required.

2. Who is the Data Controller

The data controller responsible for your personal information is:

Vaida LLC
Fort Collins, Colorado, United States
Email: privacy@vaida.app

If you reside in the European Economic Area (EEA), the United Kingdom, or Switzerland and require an EU/UK representative under Article 27 of the GDPR, please contact us at privacy@vaida.app and we will provide current representative details.

3. Information we collect

3.1 Information you provide

• Account information. Name (or chosen display name), email address, password (stored only as a salted hash), date of birth, gender, sexual orientation if you choose to share it, country of residence, phone number if you opt into SMS verification.
• Profile content. Photos, videos, short bio text, language(s) spoken, interests, lifestyle attributes, the countries you are open to dating in, whether you are open to relocating, and any other content you voluntarily add to your profile.
• Identity verification data. When you complete identity verification, we collect a government-issued ID image and a real-time selfie. These are processed by our identity-verification provider and matched only for the purpose of confirming you are a real, unique person of the age you claim to be. We retain the verification result and a non-reversible match score; we do not retain the ID image after verification completes, except where required by law (typically up to 90 days for fraud-investigation purposes).
• Communications. Messages you send and receive on the Service, including text, voice notes, video calls, and any media you share. Translated versions of your messages are stored alongside the originals so both parties can re-read in their preferred language.
• Payment information. Cardholder name, billing address, and the last four digits of your card. Full card numbers and security codes are processed and stored exclusively by our PCI-DSS-compliant payment processor (see Section 6) and are not retained by Vaida.
• Customer-support communications. If you contact us, we keep records of the conversation and any information you choose to share.
• Survey, feedback, and beta-test responses.

3.2 Information we collect automatically

• Device and connection information. IP address, device type, operating system, browser type and version, screen resolution, language settings, time zone, and a randomly generated device identifier.
• Approximate location. Derived from your IP address. We do not collect precise GPS location unless you explicitly grant it.
• Usage data. Pages and screens viewed, features used, profiles viewed, profiles you liked or skipped, messages opened, time spent in chat, video-call duration, click and tap events, search queries within the Service, and similar interaction metrics.
• Cookies and similar technologies. See Section 9.
• Anti-fraud and safety signals. Behavioral patterns used by our scam-detection systems (typing cadence, link-sharing patterns, repeated-message detection, image-reuse fingerprints across profiles, login-anomaly signals).

3.3 Information from third parties

• Identity-verification provider. Pass/fail result and a confidence score from our verification partner.
• Payment processor. Transaction status, declined-payment reasons, and chargeback notifications.
• Communications providers. Delivery and bounce information for emails and SMS.
• Anti-abuse services. Reputation signals about IP addresses and devices used to detect bots, fraud, and previously-banned users attempting to return.
• Single sign-on (if used). If you sign in via a third-party identity provider you have connected, we receive the identifying information that provider shares with us; we do not receive your password.

3.4 Sensitive personal information

Some of the data above is treated as sensitive under GDPR Article 9 or under CCPA/CPRA, including data revealing sexual orientation, precise religious or political views you choose to share, photographs that may reveal racial or ethnic origin, and identity-verification biometric-derived data. We process this information solely to operate the matchmaking and safety features of the Service, with the legal bases set out in Section 5. We do not use sensitive personal information for advertising or for inferring characteristics about you for purposes outside the Service.

4. How we use your information

We use personal information for the following purposes:

• Operate the matchmaking Service. Show you potential matches, surface profiles, deliver messages, run translation, host video calls, manage your subscription.
• Translate communications. Process the text of your messages through automated translation systems so members who speak different languages can communicate. Translation may involve sending message text to vetted third-party translation providers.
• Trust and safety. Detect and prevent scams, romance fraud, harassment, impersonation, underage users, and other policy violations. This includes automated review of profile photos and message content using machine-learning systems and human review of flagged accounts.
• Identity and age verification. Confirm you are 18 or older and a real person.
• Process payments and manage subscriptions. Including renewals, refunds, chargebacks, and tax compliance.
• Customer support. Respond to your requests, resolve disputes, and maintain support records.
• Service improvement and analytics. Understand how members use features, measure performance, fix bugs, run A/B tests in aggregate.
• Communications. Send transactional messages (account, security, billing, match notifications), service announcements, and — only if you opt in or where local law permits — marketing about Vaida features.
• Legal compliance. Respond to lawful requests, enforce our Terms, defend legal claims, and meet record-keeping obligations.
• Aggregated and de-identified analytics. We may aggregate or de-identify personal information so it can no longer reasonably be linked to you and use it for any business purpose. Once data has been de-identified to a standard recognized under applicable law, this Policy no longer restricts its use.

5. Legal bases for processing (GDPR/UK GDPR)

If you are in the EEA, the UK, or Switzerland, we rely on the following legal bases:

• Performance of a contract (GDPR Art. 6(1)(b)) — to operate the Service for you, including matching, messaging, translation, video calls, and subscription management.
• Legitimate interests (Art. 6(1)(f)) — to detect fraud and abuse, secure our systems, improve the Service, and conduct limited analytics. Where we rely on legitimate interests, we have weighed those against your rights and freedoms; you may object as described in Section 11.
• Consent (Art. 6(1)(a) and Art. 9(2)(a) for sensitive data) — for processing your sensitive personal information to provide the matchmaking Service, for non-essential cookies, and for marketing communications. You may withdraw consent at any time without affecting the lawfulness of prior processing.
• Legal obligation (Art. 6(1)(c)) — to comply with tax, anti-fraud, and law-enforcement obligations.
• Vital interests (Art. 6(1)(d)) — in rare circumstances involving imminent harm to a person.

6. How we share your information

We do not sell personal information for money. We disclose personal information only as described below.

• With other members. Your profile, photos, public bio, and messages are visible to the members you choose to interact with.
• Service providers (processors). We use vetted vendors who process data on our behalf under written contracts that restrict their use of the data:
  • Cloud hosting and database — Amazon Web Services (United States).
  • Payment processing — our PCI-DSS-compliant payment partner.
  • Identity verification — our verification partner described in Section 3.
  • Email and transactional messaging — Amazon SES and equivalent providers.
  • SMS delivery — our SMS gateway provider.
  • Translation services — automated translation APIs used for chat translation.
  • Video infrastructure — our video-calling provider.
  • Anti-fraud and AI moderation — our scam-detection and content-moderation tooling, including third-party machine-learning APIs and reputation services.
  • Analytics and error monitoring — privacy-respecting analytics and error-monitoring providers.
  • Customer-support tooling.
• Professional advisers. Lawyers, auditors, and similar advisers under confidentiality obligations.
• Corporate transactions. If Vaida is involved in a merger, acquisition, financing, or sale of assets, personal information may be transferred as part of that transaction. We will require the recipient to honor this Policy or notify you of any material changes.
• Legal and safety reasons. When we believe in good faith that disclosure is necessary to (a) comply with applicable law or legal process, (b) enforce our Terms, (c) detect, prevent, or address fraud, security, or technical issues, or (d) protect the rights, property, or safety of Vaida, our members, or others.

A current list of subprocessors is available on request to privacy@vaida.app.

7. International data transfers

Vaida is operated from the United States. When you use the Service from outside the US, your information will be transferred to and processed in the US and in any country where our service providers operate.

For transfers from the EEA, UK, or Switzerland to the United States or to other countries that have not been recognized as providing adequate protection, we rely on the European Commission's Standard Contractual Clauses (and the UK addendum where applicable), supplementary measures where appropriate, or another lawful transfer mechanism. You may request a copy of the relevant safeguards by emailing privacy@vaida.app.

8. Data retention

We keep personal information only as long as necessary for the purposes described in this Policy, unless a longer retention period is required or permitted by law. Typical retention guidelines:

• Active account data — for as long as your account is active.
• Closed-account data — most personal information is deleted within 60 days after you close your account, except as listed below.
• Identity-verification records (pass/fail and score) — up to 24 months after account closure for fraud-prevention purposes.
• Payment and tax records — up to 7 years to meet US tax and accounting requirements.
• Trust-and-safety records related to abuse, fraud, or law-enforcement requests — up to 5 years to allow us to identify repeat offenders and to respond to legal claims.
• Backups — overwritten on a rolling cycle, typically within 90 days.

When retention periods expire, we delete or irreversibly anonymize the data.

9. Cookies and similar technologies

Vaida uses cookies and similar technologies (local storage, pixels, SDK identifiers) to keep you signed in, remember preferences, secure the Service, measure performance, detect fraud, and — only with your consent where required by law — measure marketing effectiveness.

You can manage cookies through your browser settings. Where required by GDPR or ePrivacy rules, we will display a cookie banner at first visit so you can accept or reject non-essential categories. Rejecting non-essential cookies will not prevent you from using the Service.

We do not currently respond to "Do Not Track" browser signals because no industry-standard interpretation has been adopted, but we honor the Global Privacy Control (GPC) signal as an opt-out of "sale" or "sharing" of personal information for California residents.

10. Your privacy choices

• Access, edit, or delete your profile at any time from your account settings.
• Close your account from account settings; this triggers the deletion timeline in Section 8.
• Opt out of marketing email by clicking unsubscribe in any marketing email or by emailing privacy@vaida.app. Transactional and security messages will continue while your account is active.
• Manage cookies as described in Section 9.

11. Your rights

Depending on where you live, you may have some or all of the following rights. We will respond to verifiable requests within the timelines required by your local law (typically 30 days under GDPR, 45 days under CCPA/CPRA).

11.1 GDPR / UK GDPR rights (EEA, UK, Switzerland)

• Access your personal data and receive a copy.
• Correct inaccurate data.
• Delete your data ("right to be forgotten") in certain circumstances.
• Restrict processing in certain circumstances.
• Object to processing based on legitimate interests, including profiling, and to direct marketing.
• Receive your data in a portable, machine-readable format.
• Withdraw consent for any processing based on consent.
• Lodge a complaint with your local supervisory authority. If you live in the EEA, you can find your authority at edpb.europa.eu. If you live in the UK, you can contact the Information Commissioner's Office at ico.org.uk.

11.2 California rights (CCPA / CPRA)

If you are a California resident, you have the right to:

• Know what categories of personal information we collect, the sources, the purposes, and the categories of third parties we share it with.
• Access the specific pieces of personal information we hold about you.
• Delete personal information we hold about you, subject to legal exceptions.
• Correct inaccurate personal information.
• Limit the use and disclosure of sensitive personal information to the purposes specified by the CPRA.
• Opt out of "sale" or "sharing" of personal information. Vaida does not sell personal information for money. We may "share" certain device-level identifiers with analytics or anti-fraud providers in a way that could meet the CPRA's broad definition of "sharing"; you may opt out by emailing privacy@vaida.app or by sending a Global Privacy Control signal from your browser.
• Be free from retaliation for exercising your rights.

You may submit a request via privacy@vaida.app. We will verify your identity using information already associated with your account before fulfilling any request involving disclosure or deletion. You may use an authorized agent; we will require written proof of authorization.

11.3 Other US states

Residents of states with comprehensive privacy laws (including Colorado, Connecticut, Delaware, Indiana, Iowa, Montana, Nebraska, New Hampshire, New Jersey, Oregon, Tennessee, Texas, Utah, and Virginia) have rights similar to those above, subject to each state's specifics. Contact privacy@vaida.app to exercise them.

12. How we protect your information

We use administrative, technical, and physical safeguards designed to protect personal information, including encryption in transit (TLS) and at rest, role-based access controls, audit logging, vendor due diligence, and regular security reviews. No method of transmission or storage is perfectly secure; we cannot guarantee absolute security.

If a security incident affects your personal information and triggers notification obligations, we will notify you and the appropriate regulators in accordance with applicable law.

13. Children

Vaida is for adults aged 18 and over. We do not knowingly collect personal information from anyone under 18. If we learn that an underage user has registered, we will close the account and delete the associated data. If you believe an underage user is on the Service, please contact privacy@vaida.app.

We do not direct the Service to children under 13 and do not knowingly collect data from them within the meaning of the US Children's Online Privacy Protection Act (COPPA).

14. Automated decisions and profiling

We use automated systems to detect scams, abuse, and impersonation, to rank potential matches, and to translate messages. These systems may flag accounts for human review or, in clear cases, take automated action such as restricting messaging or suspending an account. You can request human review of any automated decision that significantly affects you by emailing privacy@vaida.app.

15. Third-party links and integrations

The Service may link to or integrate with third-party sites or services. Their privacy practices are governed by their own policies. We encourage you to review them.

16. Changes to this Policy

We may revise this Policy from time to time. The "Last updated" date at the top of this page reflects the most recent revision. Material changes will be announced in the Service and by email at least 30 days in advance unless a shorter period is required by law. Your continued use of the Service after a change becomes effective constitutes acceptance of the revised Policy.

See also: Terms of Service.

17. How to contact us

For privacy questions, requests, or to exercise your rights:

Vaida LLC — Privacy Team
Email: privacy@vaida.app
Mail: Vaida LLC, Fort Collins, Colorado, United States

We aim to respond within the timeframes required by your local law.