Effective date: the earlier of (i) February 12, 2026 or (ii) the moment you accept this policy.

This section explains what data we collect, why we need it, and how it is used within Xder.

We collect information when you create an account, use the app, interact with other users, make purchases, or contact support.

Some data is required to operate the service, while other data depends on your choices.

 

1. DATA REQUIRED TO USE XDER (REGISTRATION AND ACCESS)

Without this data, the account cannot be created or used.

Account data

  • email address or phone number

  • date of birth (age verification)

  • password or third-party authentication

  • approximate country

  • language

Location required for functionality

  • approximate location via IP

  • precise GPS location (if proximity features are enabled)

The app requires location to display nearby profiles. If permanently disabled, some features will not function.

Security data

  • anti-fraud identifiers

  • verification status

  • consent history

  • session information

Identity verification (when required)

We may request a video-selfie or official ID verification.

These biometric data:

  • are used only to confirm you are a real person

  • are deleted or anonymized after verification

  • are not used for mass facial recognition

 

2. PROFILE INFORMATION (OPTIONAL)

You choose what to make public.

Profile visible to other users

  • photos and videos

  • display name

  • biography

  • tags and interests

  • approximate age

  • optional physical traits

  • dating preferences

  • gender identity

  • orientation or interests

  • social links

Sensitive data

If you include orientation, intimate interests, health or disability:

➡️ You provide explicit consent to process it as part of your public profile.

You can withdraw consent at any time by removing the information.

 

3. CONTENT AND COMMUNICATIONS

We process content required to operate the service:

  • messages

  • audio

  • video

  • images

  • reactions

  • read receipts

  • interactions

⚠️ Message deletion
If you delete content, it is removed from our servers.
However:

content already delivered may remain on the recipient’s device or within system-level notifications.

 

4. LOCATION AND DISTANCE

We process:

  • GPS coordinates (precise, if enabled)

  • IP address (approximate)

  • relative distance between users

We display approximate distance, not exact location.

 

5. MEDIA, AUDIO AND METADATA

When you upload media:

  • camera/microphone permission is requested

  • files are processed for display

Privacy protection

  • EXIF metadata (camera, GPS) is removed

  • technical measures are applied to hinder automated image extraction

 

6. IN-APP ACTIVITY

We collect usage events:

  • viewed profiles

  • matches

  • blocks and reports

  • frequency of use

  • purchases

  • anti-fraud behavior

Used for operation, safety, and recommendations.

 

7. RECOMMENDATIONS AND INFERENCES

We analyze interactions to:

  • rank profiles

  • improve matches

  • detect bots or abuse

Ranking primarily uses:

  • approximate proximity

  • shared interests

  • recent activity

We do not use these inferences for automated decisions with significant legal effects without human review.

 

8. DEVICE DATA

Automatically collected:

  • device model

  • operating system

  • carrier

  • language

  • timezone

  • IP address

  • advertising identifiers

  • crash logs

 

9. COOKIES AND SIMILAR TECHNOLOGIES

We use:

  • cookies

  • SDKs

  • local storage

  • technical logs

Purposes:

  • authentication

  • security

  • analytics

  • personalization

You may manage these via your browser or device settings.

 

10. NOTIFICATIONS AND EXTERNAL DELIVERY SERVICES

To deliver notifications we use:

  • Apple Push Notification Service (APNs)

  • Firebase Cloud Messaging (FCM)

These providers process technical information required to deliver messages to your device.
You can control notification privacy in your device settings.

 

11. THIRD-PARTY DATA

We may receive data from:

Authentication providers
Google, Apple or others (email, name)

Payments
Apple, Google Play, Stripe
(we never receive full card numbers)

Advertising attribution
encrypted technical identifiers (IDFA/GAID) to measure installs and prevent fraud.

 

12. DATA RETENTION

We retain data while the account is active.

After account deletion:

  1. data becomes inaccessible

  2. enters legal blocking period

  3. is progressively deleted

We may retain:

  • anti-fraud records

  • sanction history

  • irreversible technical identifiers (hash)

Legal basis: legitimate interest to protect the community

After the retention period, data may be irreversibly anonymized for statistical purposes.

 

13. DATA SOURCES

Data comes from:

  • you

  • your device

  • other users

  • technical providers

  • authorities when legally required

 

14. INTERNATIONAL TRANSFERS

Your data is primarily hosted in the European Union.

If transferred internationally:

  • we apply Standard Contractual Clauses (SCC)

  • we require equivalent safeguards

 

15. DATA SHARING AND NO SALE OF DATA

Xder does not sell:

  • name

  • email

  • phone number

  • message content

We only share:

  • aggregated data

  • technical identifiers necessary for operation or measurement

 

16. CONTROL OVER YOUR INFORMATION

At any time you may:

Edit data: via “Edit profile”
Download data: request at privacy@xder.com
Delete account: via settings

Deleting your account automatically initiates the erasure process.