Last updated: February 12, 2026
Privacy & legal contact: legal@xder.com
General support: help@xder.com

This Policy explains how Xder (“Xder”, “we”, “us”, “our”) collects, uses, shares, protects and retains your Personal Data when you use our platforms and services.

1. Scope

This Policy applies to:

• The Xder mobile application (iOS/Android) and related features

• Any associated web interfaces or services (“Services”)

• Service communications (security notices, technical notices, support)

• Cookies and similar technologies used in web components

This Policy must be read together with the Terms and Conditions and Community Guidelines/Safety Guide.
If a conflict exists, the more specific rule for the specific matter will prevail.

2. Key Definitions

Personal Data: information that identifies or can reasonably identify you directly or indirectly (email, phone, photos, device identifiers, approximate or precise location in certain contexts).

Processing: any operation performed on Personal Data (collection, storage, use, deletion, sharing, etc.).

User Content: content you upload or share (photos, videos, text, audio, messages, reports, tags).

Location Data: geographic location information, either precise (with permission) or approximate (IP-based).

Special Categories of Data (EU): sensitive personal data such as sexual orientation when applicable by law.

Service Providers/Processors: companies providing infrastructure, analytics, notifications, support, payments, fraud prevention, moderation, etc., under contract.

3. Adults Only

Xder is strictly intended for adults (18+ or local age of majority, whichever is higher).

We do not knowingly collect data from minors.
If you believe a minor is using Xder, you should report it using the in-app reporting tool or by contacting legal@xder.com.

4. Data We Collect

We collect data from four sources:
(i) data you provide, (ii) data generated through use, (iii) device data, (iv) third-party data.

4.1 Mandatory account data

• Email and/or phone number

• Date of birth

• Login credentials

4.2 Profile information you choose to provide

You may optionally provide:

• Photos, videos, descriptions

• Preferences and interests

• Connection intentions (friends/dating)

• Privacy settings

• Information considered sensitive in certain jurisdictions (e.g., sexual orientation)

4.3 Chats, groups and media

• Messages, reactions, multimedia files

• Delivery metadata (timestamps)

• Group participation and reports

If ephemeral content exists, it is a feature — not a guarantee against copying.

4.4 Location and distance

We may process location to:

• Show nearby profiles

• Calculate approximate distance

• Enable optional location sharing

Even if distance is hidden, advanced users may infer approximate location through external methods. This risk cannot be fully eliminated in proximity-based services.

4.5 Device and technical data

• IP address, device identifiers, OS, language, timezone

• Usage logs and diagnostics

• Cookies and SDK data

4.6 Third-party data

Limited data may come from:

• Payment providers

• Analytics providers

• Authentication services

• Fraud prevention providers

5. Image Metadata (EXIF Cleaning)

Images and videos may contain metadata (EXIF), including GPS coordinates and device details.

For your safety, Xder removes metadata (EXIF) from images uploaded to public profiles and, where technically possible, other upload flows.

However:

• some formats may retain limited metadata for compatibility

• files shared outside Xder are beyond our control

• recipients may retain copies already downloaded

6. How We Use Your Data

We process Personal Data to:

1. Provide the service (accounts, matching, messaging, groups, support)

2. Security and abuse prevention

3. Product improvement and diagnostics

4. Service communications

5. Legal compliance and defense

6. Advertising and measurement (where applicable and consented)

Automated systems are subject to safeguards described in Section 10.

7. Special Categories of Data (EU)

When you voluntarily include information such as sexual orientation in your profile or interactions, you provide explicit consent for processing for:

• profile display according to settings

• compatibility recommendations

• feature functionality

You may withdraw consent anytime by removing the information or contacting us.

8. Chats and Deletion (“Deletion Paradox”)

When deleting messages “for both sides”, Xder removes access within the service and deletes or dissociates data from active systems where technically possible.

Technical limitations:

• No remote deletion from another person’s device

• Push notifications may already have displayed content

• Screenshots or recordings cannot be prevented entirely

• Temporary retention may exist in caches or delivery systems

Encryption: communication between your device and Xder servers is protected via encrypted transport (e.g., TLS).
If end-to-end encryption is implemented in specific features, it will be explicitly stated.

9. Data Sharing

9.1 With other users

Your profile information is visible according to your settings.

9.2 With service providers

We share data with providers operating infrastructure, moderation, analytics, notifications, fraud prevention, and payments under contractual safeguards.

9.3 Legal disclosures

We may disclose data when reasonably necessary to:

• comply with law

• respond to legal requests

• protect users or rights

• investigate abuse or fraud

9.4 Corporate transactions

Data may transfer during mergers or acquisitions with safeguards.

10. Automation, AI and Visibility Limiting

We may use automated systems to:

• detect spam, bots, scams

• prevent harassment

• improve quality and safety

• personalize recommendations

These systems may temporarily limit visibility or messaging ability when suspicious patterns are detected.

You may request human review via legal@xder.com.

Inferences

We may generate behavioral inferences to operate the service but will not:

• sell sensitive inferred data

• create discriminatory profiles

• make automated decisions with significant legal effects without human intervention

11. Cookies and SDKs

We use cookies and SDK technologies for:

• performance analytics

• fraud prevention

• notifications

• measurement (where applicable)

Consent is requested where legally required.

Third-party SDK risks

No software is immune to vulnerabilities (including zero-day flaws).
If a risk is detected, integrations may be modified or removed.

External services operate under their own privacy policies.

12. International Transfers and Hosting

Your data is hosted primarily within the European Union.

Where providers outside your country are used, we implement appropriate safeguards under applicable law.

13. Data Retention

We retain data only as long as necessary:

• Account data: while active + limited period after deletion

• Security logs: longer retention where necessary

• Reported content: retained for investigation and dispute resolution

Content may remain on other users’ devices even after deletion from servers.

14. Your Rights

Depending on your location, you may have rights to:

• Access

• Rectification

• Deletion

• Portability

• Restriction or objection

• Withdraw consent

• File complaints with authorities

Data download

A downloadable data file may be available in account settings or upon request.

Identity verification may be required.

15. After Death (Post-Mortem Rights)

Where legally applicable, authorized representatives may request access or deletion, subject to legal limitations and third-party rights.

16. Security

We implement reasonable technical and organizational safeguards.
Absolute security cannot be guaranteed.

If a breach legally requires notification, we will notify accordingly.

17. Policy Changes

We may update this Policy for legal, security or service reasons.
Material changes will be reasonably communicated.

18. Contact

Privacy and legal requests: legal@xder.com
Support: help@xder.com