Privacy Policy
Privacy Policy of D&D
Welcome to the Privacy Policy of D&D (“Policy”). Thank you for choosing D&D. This Privacy Policy applies to the mobile application D&D. All references to “D&D” or “D&D” in this document are interchangeable and refer to the same application.
Your privacy is important to us, and we are committed to protecting your personal data. This Privacy Policy describes how we collect, use, store, protect, and share your information while using the D&D mobile application (“Application”).
We recommend reading this together with our Terms of Use.
The primary purpose of this document is not only to ensure transparency in the functioning of the application but also to protect the privacy of each user in accordance with applicable data protection laws, such as the GDPR (General Data Protection Regulation), CCPA (California Consumer Privacy Act), and other relevant regulations.
The Privacy Policy for the D&D mobile application plays an important role in ensuring the protection of users’ personal data and transparency in how such data is collected, used, and stored. Considering the unique features of the application, the aim of the Privacy Policy is to safeguard users’ rights and give them confidence in the security of their personal information. Since D&D offers an original approach to online dating with the possibility of participating in leisure activities through donations to charity, confidentiality and proper data usage are critically important for creating a safe and transparent platform.
For D&D, the Privacy Policy is not just a legal document but also a tool for building trust between users and the platform. Given the specifics of the application, users must be assured that their data — both personal and financial — is protected at all stages of interaction with the application. The Privacy Policy helps establish clear rules of engagement, ensuring that users feel protected and confident when using the platform.
This Privacy Policy (“Privacy Policy”) describes what personal data D&D (“D&D,” “we,” “us,” or “our”) collects, the purposes of collecting this personal data, to whom we may disclose personal data, and what rights you may have under applicable data protection laws.
This Privacy Policy applies in full to our website https://datedonate.app/, including all our subpages, related sites, or pages (“Website”), as well as the Android and iOS mobile application “D&D” (“Mobile Application”), and the related services and features (for simplicity, we collectively call the Website and Mobile Application the “Platform” in this Privacy Policy) (together “D&D”). We have also added links to this Privacy Policy across all relevant services. Some services may require their own unique privacy policy. If a specific service has its own privacy policy, then the policy of that service applies, not this Privacy Policy.
We are responsible for all information relating to an identified or identifiable natural person, and in applicable cases, a legal entity (“Personal Data”), that we collect, process, and use while you use D&D.
This Privacy Policy defines how we process your Personal Data both in connection with (in interaction with) D&D and in other cases. The Website contains links to third-party websites, such as social networks. Clicking on these links or activating such connections may allow third parties to collect or transmit data about you. We do not control these third-party websites, so we recommend reviewing the privacy policies of the respective third-party websites.
In addition, you may voluntarily share information with other D&D users (“Users”) through the application or websites, just as we may occasionally need to transfer your data.
The D&D application and websites are used worldwide, and we will transfer your information to the USA, the UK, Bulgaria, and Ukraine, and use it in these countries regardless of your country of residence. Our Privacy Policy describes how we protect your data during cross-border transfers. Please review these provisions carefully!
You have the right to access, correct, or delete your personal data that we store. Your privacy is important to us, and we strive to maintain the highest standards of data protection and user control to make D&D a service people love and trust.
This platform is intended exclusively for individuals who are at least 18 years of age. Any use by minors is strictly prohibited.
1. About Us
The protection of your personal data, collected and processed through the D&D mobile application and website, in accordance with this Privacy Policy, is ensured by the company (the “Data Controller”) Driveforce Ltd (company number: 207576513, date of company registration: 27.10.2023), registered at the following address: Odrin St., 15, 9th floor, 8001 Northern Industrial Zone, Burgas, Bulgaria.
If you wish to contact us, please email dateanddonate@proton.me or send mail to:
Driveforce Ltd, Address: Odrin St., 15, 9th floor, 8001 Northern Industrial Zone, Burgas, Bulgaria.
Where Our Privacy Policy Applies
This Privacy Policy applies to the websites, applications, events, and other services provided by the D&D brand. For simplicity, we refer to all of these as “our services” in this Privacy Policy. We have also included links to this Privacy Policy across all relevant services.
Some services may require their own unique privacy policy. If a specific service has its own privacy policy, then the policy of that service applies, not this Privacy Policy.
Effective Date of the Privacy Policy
This Privacy Policy takes effect on 03 September 2025.
2. What Data We Collect
2.1. Personal Data Provided by Users
We collect information from you when you register (“Registration Information”), visit and use our application, our website, subscribe to our newsletter, respond to a survey, or fill out a form.
By using our services, you agree to provide us with certain information.
The list of data that users voluntarily provide during registration and account creation (“Account”) or while using the application includes:
Registration Data
Name (username or pseudonym); email address or another login method, such as through Facebook, Apple, or Google account; gender (gender identity); preferences (including gender preferences and sexual preferences); photos.
To register, you must log in through Facebook, Apple, or Google account or enter your email address, where a link will be sent to create your account (hereinafter – login link).
When registering an account through Facebook, Apple, or Google, we may request or automatically receive your account data from these social networks.
By authorizing through Facebook, Apple, or Google, you allow them to disclose your account data to us, including your name, profile picture, email address, date of birth, gender, likes, actual place of residence, unless you opt out separately. We use this personal data to create an account on D&D. If you delete your account, we will no longer have access to this data.
After registration, you can link your account to Facebook, Apple, or Google accounts in the settings, even if those were not used during your initial registration.
To add certain materials, such as photos, you may grant us access to your camera or photo album.
Profile Data
Name (username), age, gender (gender identity), preferences (including gender preferences and sexual preferences), photos, interests, and personal details (height, weight, hair color, eye color, spoken languages, specific physical conditions (disability)).
By creating an account, you provide us with the information necessary for the platform to operate, such as gender, age, and preferences for searching and meeting other users.
The profile data you provide will be displayed to other users when they visit your profile.
Identification Data
Photos and videos of the user during Oath authentication (authentication via a third party for identity verification).
For the purpose of ensuring the safety and authenticity of our users, all users who wish to create and propose meetings on the D&D platform are required to pass OATH authentication (authentication via a third party for identity verification) and photo authentication to confirm that the person in the profile photo matches the authentication photo. This process confirms the user’s identity and ensures the account belongs to a real person. As part of this authentication, users must upload at least one real photo with a clear image of their face.
If you decide to undergo verification via photo, we will scan each photo you provide for this purpose. The procedure may include facial recognition technology, which allows comparing uploaded photos with your profile photos to confirm your identity. Photos uploaded for verification will not be displayed in your profile. We will store their scanned copies for possible re-verification and recordkeeping until they are no longer needed for this purpose or for six years from the date of your last use of our sites and applications, whichever comes first. After this period, we will take commercially reasonable measures to securely and permanently delete scanned copies from our systems.
By completing OATH authentication and uploading a real photo, users agree to the use of this information in accordance with our Privacy Policy and understand that failure to meet these requirements may limit access to certain platform features, such as creating or proposing meetings.
After passing verification, users receive a blue “authenticity” icon in their profile.
This ensures transparency and helps users understand the authentication process and its purpose.
These materials are processed exclusively for verification (authentication) purposes and are not used for other purposes without the user’s consent.
Facial geometry data that we collect if you choose to undergo photo verification may be considered biometric in some jurisdictions.
Payment Data
Name, billing addresses, debit/credit card numbers, or other financial details.
When making charitable donations through the application, the payment system processes your payment data for the purpose of completing the transaction and confirming its security.
Interaction Data with Other Users (messages, photo sharing).
With your consent, we may collect photos and videos, for example, if you decide to upload images or recordings or use live streaming features on our platform.
By posting information about yourself or communicating with other users in chats, you alone decide how much personal information to share.
To enable the organization of meetings, we may collect data (information) about the place, date, and time of a scheduled meeting.
This data is processed exclusively for the organization of meetings and the provision of corresponding services. We guarantee that no information is used for other purposes without your direct consent.
Other Information
We collect information that you provide when contacting our support service and during communication with our support team. In addition, to ensure the stable functioning of the platform and the safety of our community, we process data from your chats with other users and the content you publish.
Our Platform contains forms for submitting feedback or personal stories about meetings that occurred as a result of using our mobile application. We may also conduct surveys for analysis and research purposes and contact you to provide feedback or invite you to participate in surveys or promotional campaigns. Such information may be published on our website and may also be used to advertise D&D. Participation in such surveys, forms, or campaigns is voluntary. If you do not wish to participate, please contact support.
If you participate in our promotions, events, or contests, we collect the information you use for registration or application.
If you share with us information about other people (for example, if you use a friend’s contact information for a specific feature), we process this information on your behalf to fulfill your request.
We may also collect information regarding interactions with links in the D&D application or on the website (including the number of clicks on a specific link). We may also share general statistics of such interactions.
2.2. Automatically Collected Data
Data that is automatically collected while using the application and/or Website includes:
Technical Data
Information about the device (IP address, device model, operating system), date and time of access, country and city from which access to D&D is made, browser type, referral URL, login data, and device type.
Tracking Data
Cookies, analytics, log files.
We use, and may allow third parties to use, cookies and similar technologies in the D&D application and on the website to recognize you or your devices. A cookie is a small file that can be downloaded to your device or browser so that we can recognize and remember you. You can learn more about cookies and similar technologies in Section 10 of this Privacy Policy — Cookies and Similar Technologies.
We may also use general access data, analyzed in anonymized form, to improve technical aspects, such as server optimization and user interface improvements, as well as to study interaction with the application over different time periods. Personal data is not used for these purposes. General access data is stored in a log file to create statistics.
Location Data (with user consent).
If you consent to the collection of your geolocation information, we may collect this data (longitude and latitude), including in the background (when you are not using the platform). You may choose not to grant permission for the collection of such data. In that case, we will not collect it, and some services that depend on precise geolocation may not be available.
Location information helps us adapt the functionality of the application, determine your location to facilitate interaction with other users. Thanks to this, other users may see information about your location, and you may see profiles of users who are nearby.
The location function can be turned on/off in the settings of the device you use or in your browser.
Activity Log, including page views, clicks, time spent in the application.
We automatically collect data about your interaction with the D&D platform to improve functionality, ensure security, and provide a personalized experience. This includes:
Page view data (pages and sections of the application you visit; sequence of page navigation; time spent on each page).
Click data (elements you click on, such as buttons, links, profiles; time and date of each click; frequency and intensity of interaction with certain features).
Time spent in the application (total time spent in the application during each session; idle time (e.g., when the app is open but unused); periods of activity in the app, helping us analyze peak usage hours).
Interaction with features (interaction with user profiles (views, likes, messages, etc.); use of search functions, filters, and other interactive tools).
Behavioral data analysis (we analyze this data to identify behavioral patterns, which helps improve usability; data is also used to recommend content or profiles that may be of interest to you).
Activity log data is used for:
analyzing the application’s performance and fixing technical issues;
improving functionality and adapting the interface to users’ needs;
preventing fraud, suspicious actions, or violations of the Terms of Use;
creating statistical data that helps in the development of the platform.
Privacy Protection:
All activity log data is processed anonymously, unless direct linking to your profile is required to provide functionality;
We retain this data only as long as necessary to achieve the stated purposes, in accordance with our data retention policy.
If you have questions regarding the collection or use of this data, you may contact our support service via the contact information provided in this Privacy Policy.
2.3. Data Obtained from Third Parties
Given that the application and website integrate with social networks and third-party services (Apple, Facebook, Google), if you created an account and logged into it via a social network or another account, we will receive information about you from such sources.
In addition, we may receive information about you from other users who interact with you or have filed a complaint against you.
We may also receive information about you from our partners regarding the results of an advertising campaign when our ads are published on a partner’s service.
We care about the safety of our users, so in certain cases, in accordance with the laws of a given country, we may receive information about suspected or actual offenses from third parties.
3. How We Use Your Data
We use your data to ensure a high-quality user experience and to improve our services. The primary purpose of collecting information is to provide and enhance the functionality of the application so that your time on the platform is convenient and enjoyable.
In addition, we use your data to ensure the safety of our community and to protect against fraudulent or suspicious activities. The information may also be used to personalize your experience, for example, by showing relevant advertising or recommendations that may interest you.
In this section, we explain in detail how exactly we use your information and provide practical examples of how we apply this data to improve your interaction with the application.
The purposes for using personal data include, for example:
To create an account and provide access to application features
We collect your data during registration to create a personal account that allows you to access all core application features and manage them.
Information such as name, email, phone number, or other data is needed for your identification and authorization.
This also includes using data to set up your profile, display information to other users, and ensure the privacy of your account settings.
To match suitable meetings and improve compatibility algorithms
We use your personal information, such as interests, preferences, location (with your consent), and in-app activity data, to create relevant recommendations.
Compatibility algorithms analyze your data to find people who best match your interests.
Data about your preferences—for example, profiles you view or interact with—are used to continuously improve the recommendation system.
To process charitable donations
If you make donations in the application, we process your payment data to properly transfer contributions in favor of the selected charitable organizations.
This includes transferring such data to trusted payment systems that process transactions.
We store only the minimum necessary payment information, such as confirmation of a successful transaction, to ensure its accounting and compliance with the law.
To provide user support and service
We use your data when you contact support to resolve your requests, technical issues, or any other questions, and when communicating with you about our platform (our services).
The data you provide during communication with us helps us respond promptly to your needs.
This may include, for example, information about your account or previous activity in the application to resolve requests more accurately.
To improve the application experience (e.g., testing new features)
We analyze your activity data to test and implement new features to make the app more convenient and useful.
This may include analyzing user behavior to understand which features are in demand or need improvement.
Data are also used for A/B testing (comparing different versions of features) to choose the best solutions.
In addition, data may be used to register and display your profile in new D&D features and applications and to administer your account in these new features and applications.
Reviewing interactions with the support service to improve platform quality.
Developing new features and services (for example, we may create a new feature based on interests requested by users).
For security and fraud prevention
We use your data to monitor suspicious activity, prevent fraudulent actions, and protect you and our community.
This may include automatic account checks and data analysis to detect inconsistencies or violations of the rules of use. Identifying and eliminating violations of our Terms and Conditions, including through the review of complaints and interactions between users.
If violations are detected, we may temporarily or permanently block the account. A user may contact D&D to appeal this decision. We may also store data related to violations of our Terms and Conditions to eliminate the violation and prevent repeat cases.
If you publish materials that do not comply with our Terms of Use, we are entitled to restrict or block access to your account.
We may identify and communicate with persons who submit complaints, including to inform them about our actions regarding their complaint.
We may use your information to ensure compliance with the law (compliance with legal requirements; assisting law enforcement agencies).
For marketing purposes (with the user’s prior consent)
We may use your contact details to send information about promotions, new features, or special offers, but only after obtaining your consent.
We may also carry out price personalization, special discounts and other promotions, and manage sweepstakes and contests.
Data may also be used to personalize marketing materials so that they match your interests. You can opt out of receiving marketing messages at any time by changing the settings in your profile.
We may contact you regarding products or services that we believe may interest you.
4. Legal Bases for Processing Personal Data
The processing of personal data in our D&D dating mobile application is carried out in accordance with applicable data protection laws such as the General Data Protection Regulation (GDPR), the California Consumer Privacy Act (CCPA), as well as other international and national regulations. This section explains in detail the legal bases on which we process your data.
4.1 Performance of a Contract
We process your personal data when it is necessary to fulfill our contractual obligations to you. This includes:
creating and maintaining your account;
providing access to the application’s features, including the ability to match meetings, view profiles, and communicate with other users;
performing transactions, such as making charitable donations to support designated funds and initiatives;
providing support in the event of technical questions or requests.
Processing your data in this case is necessary to provide the services specified in the Terms and Conditions.
4.2 Consent
We process your personal data based on your consent when:
you grant permission to collect geolocation data;
you agree to receive marketing messages such as promotions, special offers, or new features;
you voluntarily add photos, videos, or other information to your profile;
you participate in surveys, sweepstakes, or other interactive initiatives in the application.
If you decide to provide us with personal data that may be considered sensitive in certain jurisdictions, such as data about your sexual identity, you give us consent to process this personal data in accordance with this Privacy Policy.
Consent is voluntary, and you can withdraw it at any time using the appropriate settings in your profile or by contacting our support team.
4.3 Legitimate Interests
We process your data to achieve our legitimate interests when this does not infringe your rights and freedoms. This includes:
ensuring platform security, monitoring activity to detect fraud or rule violations;
improving the application’s functionality, including analyzing user behavior to enhance algorithms;
ensuring the effective operation of our platform and providing users with relevant content;
protecting the rights and interests of our company in the event of legal disputes.
We always balance our legitimate interests against your rights to ensure fair data processing.
4.4 Compliance with Legal Obligations
We process your data when necessary to fulfill our legal obligations, such as:
complying with tax and financial laws, for example, storing payment documents;
responding to requests from law enforcement or judicial authorities in cases where required by law;
providing information to comply with regulatory requirements on anti-money laundering or other crimes;
we may also store data evidencing that users have given consent and their possible decisions to opt out of a particular feature or processing activity.
These obligations may include: maintaining tax documentation, responding to audits by government authorities, complying with legislation on anti-money laundering (AML) and counter-terrorist financing (CTF), as well as ensuring consumer protection.
4.5 Protection of Vital Interests
In exceptional cases, we may process your data to protect your vital interests or those of others. For example:
in the event of an emergency or threat to life or safety;
if it is necessary to notify the relevant authorities or third parties about a threat.
4.6 Performance of a Task in the Public Interest
Although this is a rare case for our application, we may process your data if it is necessary to perform tasks that serve the public interest, for example:
supporting charitable initiatives through the application;
conducting analytical research for public benefit (in anonymized form).
For additional information or to exercise your rights, you can contact our support service using the contact details specified in this Privacy Policy.
5. With Whom We Share Your Data
To ensure the quality functioning of our D&D platform, support its operation, and comply with legal requirements, we may transfer your personal data to third parties. In this section, we explain in detail with whom and for what purpose we share your data.
5.1 Service Providers (Data Processors)
We cooperate with third parties who help us provide services. We transfer only the personal data that are necessary to provide the relevant service. These companies process data on our behalf and strictly within confidentiality agreements. These include:
Payment processors. Performing financial transactions within charitable donations that users voluntarily make through the application. Payment systems process only the data necessary for the secure transfer of such donations. They receive only the data required to execute payments (for example, transaction information, cardholder’s name and address, card number, amount, date and time of the transaction, but not personal messages).
Hosting providers and cloud service providers. They provide storage and access to data such as profile photos, messages, and technical information.
Analytics providers. We transfer anonymized or de-identified data to analytics services (e.g., Google Analytics) to analyze user behavior and improve our services.
Communication service providers. For example, services for sending emails, messages, or push notifications.
Moderators. To control behavior on the website / in the mobile application and to approve content (names, registration data, profile data, messages, photos).
Marketing service providers and advertising partners. We may work with advertisers (“Advertising Partners”) and place third-party advertising in our application or on websites. Providers help perform marketing and advertising tasks on third-party websites and in applications (including rewarded video ads), as well as evaluate the effectiveness of our advertising campaigns. We share, among other things, such data as an advertising identifier linked to your device (device identifier), probable location (determined based on IP address), age, gender, data about your visits to websites or applications, and your interaction with them (for example, downloading our application or creating an account).
Social network services. They enable users to create or link their D&D account with accounts on other platforms (e.g., Facebook or Google).
5.2 Other Application Users
Information that you choose to make public in your profile (for example, your name, age, photos, interests, and preferences) is available for viewing by other users. To ensure that other users cannot temporarily see your profile (your profile data), including in the feed, you can use the “pause account” function in your profile settings.
You can share other users’ profiles, and they can share yours with people outside our services using sharing features.
Your interactions with other users, such as messages, are available only to those with whom you choose to interact.
If someone submits a complaint related to you (for example, about your violation of our Terms and Conditions), we may inform the person who submitted the complaint about the measures (if any) that we took as a result of the complaint.
5.3 Partners and Affiliated Companies
In certain cases, we may share your data with our partners or affiliated companies in order to:
ensure the operation of our joint programs or features (for example, integration with charitable organizations);
carry out marketing initiatives with your consent. All such organizations are required to adhere to privacy policies and to use the data exclusively for the agreed purposes;
combat spam and fraud. Such data may include: email address, phone number, IP address and IP session information, social network identifier, username, user-agent data, transaction information, and payment data.
5.4 Legal Requirements
We may transfer your data to the relevant authorities or other third parties if necessary to:
comply with legal requirements or respond to official requests from government authorities, including law enforcement. To prevent or detect a crime (in each case depending on the applicable law);
comply with court orders (for example, a court ruling, subpoena, or search warrant, through government or law-enforcement investigations, or other legal requirements) or other legal processes;
protect the rights, property, or safety of the company, our users (including any specific individual), or the public.
We may disclose information if necessary to reduce our liability in the event of an actual or potential claim; to protect our legal rights as well as the rights of our users, business partners, or other interested parties; to fulfill our obligations to you; or to investigate, prevent, or respond to illegal activities, suspected fraud, or other violations of the law.
5.5 In the Event of Corporate Changes
In the event of a merger, sale, acquisition, asset disposition, restructuring, reorganization, dissolution, bankruptcy, or other change of ownership or management of the company, your data may be transferred to a new owner or another organization involved in such processes. In such a case, we will notify you about the data transfer as well as the application of the new privacy policy.
5.6 Information Shared with Charitable Organizations
As part of our mission to support charity, we may share with selected charitable organizations de-identified information about your donations (for example, contribution amounts without any link to an individual).
5.7 Anonymized or De-Identified Data
We may transfer de-identified data to third parties for research, statistical, or analytical purposes. Such data does not identify you as an individual and is used exclusively to improve services or to create new features.
We may use and transfer de-identified (aggregated) information (for example, device data, generalized demographic information, general behavioral data, location without linkage to a specific person), as well as personal information that has been processed in hashed form (excluding those that directly identify you), which makes it unreadable to a human, in the cases specified in this Policy.
Hashing is a method of data encryption whereby information is transformed into a set of random characters (numbers and letters). The resulting hash code does not allow identification of or tracking back to the original data, including an email address.
We may combine such information with additional de-identified data or personal information in hashed format obtained from other sources. More detailed information about the use of cookies and similar technologies can be found in Section 10 of this Policy — Cookies and Similar Technologies.
5.8 Third Parties with Your Consent
We may share your personal data with other parties with your explicit consent. For example, if you agree to participate in a marketing campaign or a unique feature that involves interaction with partner services.
6. Your Rights Regarding Your Data
We adhere to the principles of transparency and personal data protection and provide you with control over the information you provide to us. In accordance with the General Data Protection Regulation (GDPR), the California Consumer Privacy Act (CCPA), and other applicable data protection laws, you have a number of rights regarding your personal data.
In this section, we explain in detail what rights you have, how to exercise them, and what limitations may apply.
6.1 Right of Access
You have the right to obtain confirmation as to whether we process your personal data, as well as access to such data.
What can you request?
Exactly what data we store about you.
For what purposes it is processed.
What categories of personal data are collected.
To whom we transfer your data and on what grounds.
How long we store your information.
To access your data, you can contact our support service. We will respond to your request within 30 days from the date of receipt.
You can use your account settings and the relevant tools in the application to view, modify, or delete the information you have provided to us.
Mobile operating systems allow you to manage the application’s access to certain data and features, such as contacts, images, geolocation, push notifications, and advertising identifiers. You can change permission settings on your device by allowing or revoking access to this data.
If you want to stop data collection through the application, you can delete it from your device using the standard procedure. Alternatively, if you want other users to be temporarily unable to see your profile (your profile data), including in the feed, you can use the “pause account” function in your profile settings.
6.2 Right to Rectification
You have the right to request the correction or update of your personal data if it is inaccurate or incomplete.
How does it work?
You can change most of your data yourself (for example, name, age, photos, email) in your profile settings.
If some data cannot be changed through the application, you can contact our support service.
We will make corrections within a reasonable time and notify you accordingly.
6.3 Right to Erasure (“Right to be Forgotten”)
You have the right to request the deletion of your personal data in the following cases:
The data is no longer needed for the purposes for which it was collected.
You have withdrawn your consent to data processing.
You object to the processing, and we have no legitimate grounds to continue processing.
The data was collected unlawfully.
Deletion is necessary to comply with legal obligations.
How to do this?
You can delete your account through the settings in your profile in the application or by contacting our support service.
If you decide to stop using our Platform, you can delete your account. After account deletion, we implement a thirty (30) day safety and protection period. During this period, your data will be stored but will no longer be visible to other users.
Please note: deleting the application does NOT terminate the account. To close your account, use the appropriate function on the platform.
Limitations.
We may retain certain data if necessary to fulfill legal obligations (for example, in cases of fraud prevention or compliance with financial regulation).
In some cases, your data may be temporarily retained in backups. Access to such backup data is restricted, and it is not used for active processing or interaction.
6.4 Right to Restrict Processing
You have the right to request the temporary or permanent restriction of the processing of your data in the following cases:
you contest the accuracy of the data (for the period of verification);
the processing is unlawful, but you do not want us to delete the data;
we no longer need your data, but you require it for the establishment, exercise, or defense of legal claims;
you have objected to the processing, and we are verifying the legal grounds for its continuation.
During this period, we will cease any active processing of your data other than storage.
6.5 Right to Data Portability
You have the right to receive your personal data in a structured, commonly used format (for example, CSV or JSON) and to transmit it to another organization.
This right applies if:
the processing is based on your consent or is necessary for the performance of a contract;
the data is processed by automated means.
To obtain a copy of your data, you can submit a request through the support service.
6.6 Right to Object
You have the right to object to the processing of your personal data if we process it on the basis of legitimate interests or for direct marketing (for example, advertising mailings).
If you object to marketing communications, we will stop sending them to you immediately.
If you object to processing based on legitimate interest, we will review your request and determine whether we have compelling grounds to continue processing.
6.7 Right to Withdraw Consent
If we process your data based on your consent, you can withdraw it at any time without giving reasons.
This may affect the use of geolocation, the receipt of marketing messages, and the provision of certain personalized features.
Withdrawal of consent does not affect the lawfulness of processing carried out before that moment.
6.8 Right to Lodge a Complaint
If you believe that we are processing your personal data incorrectly, you have the right to lodge a complaint with:
Our support service. We will review your complaint and respond within the time limits established by law.
A data protection authority. For example, if you reside in the EU, you can contact the relevant authority in your country.
Contact details of national data protection authorities are available on their official websites.
How to exercise your rights?
You can exercise your rights through the profile settings in the mobile application or by sending a request to our support service by email or through a special form on the website or in your profile settings in the mobile application.
We will respond to your request within 30 days. In the case of complex requests, this period may be extended to 90 days, of which you will be notified.
Identity verification for security purposes
To ensure your safety and the safety of our community, we may require identity verification before processing any requests related to your personal data.
Requests may be rejected if:
we cannot verify your identity;
the request is unlawful or invalid;
the request may jeopardize trade secrets, intellectual property rights, confidentiality, or the rights of another person.
If you submit a request regarding information about another user (for example, copies of messages exchanged through our platform), the other user must provide explicit written consent for the disclosure of such data. We may also require identity verification from that person before fulfilling the request.
In addition, certain requests to restrict or delete personal data may not be fulfilled if this would make it impossible to provide our services to you. For example, we cannot provide services without indicating your date of birth, as we must confirm that you are at least 18 years old to use the platform.
7. How We Protect Your Data
We take the protection of your personal data seriously. To this end, we have implemented appropriate technical and organizational measures in accordance with GDPR, CCPA standards, and leading international cybersecurity practices.
Our security measures include the following.
Encryption and secure data storage. We use advanced encryption methods to protect data during transmission and storage.
Access control. Access to your personal data is granted only to authorized employees and partners who require it to perform their duties.
Threat monitoring and prevention. We regularly monitor systems for suspicious activity and apply measures to protect against cyberattacks and unauthorized access.
Regular audits and training. We continuously conduct audits and update security measures, and we regularly train staff on privacy and data protection issues.
Although we make every effort to protect your personal data, no method of transmission or storage of information can guarantee absolute protection. Therefore, we also recommend following personal security guidelines: create strong passwords, do not share your personal data with third parties, and be cautious when using the platform.
8. How Long We Store Your Data
We store your personal data only for the necessary period to fulfill the purposes for which it was collected, as well as to fulfill our legal and regulatory obligations. The retention period depends on the type of data, the purpose of processing, and legal requirements.
In this section, we explain in detail the retention periods applied to different categories of data and the possible exceptions.
If you decide to stop using our platform, you can pause or delete your account. In that case, other users will not see your profile. Please note: we close the account automatically if a user shows no activity for two years.
After your account is deleted, it will no longer be displayed in the application. You can restore your account within 30 days if it was deleted by accident.
8.1 General Principles of Data Retention
We apply the following principles to the retention of personal data.
Storage limitation principle — we do not store data longer than necessary for the purposes for which it was collected.
Lawfulness principle — compliance with legal requirements, including the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA).
Data minimization principle — we store only the data necessary to provide services.
Security principle — during storage, we apply appropriate technical and organizational protection measures.
8.2. Categories of Data and Their Retention Periods
We store different categories of data for different periods depending on the purpose of their processing.
8.3. Deletion and Anonymization of Data
After the retention period expires, we delete personal data from our systems if it is no longer needed; we anonymize data if its use is possible for statistical or analytical purposes (for example, to analyze general trends in platform usage); and we restrict access to data in cases where it must be stored solely to fulfill legal obligations.
8.4. Deleting an Account and Personal Data
You can delete your account through the settings in the mobile application. After deletion, the data becomes unavailable to other users; your personal information will be deleted within 30 days; data subject to legal requirements (for example, related to payments) are retained in accordance with applicable law; and some anonymized data may remain in analytical systems without the possibility of identifying the user.
Please note: Deleting the application does not automatically delete the account. To do this, you must use the profile deletion function or contact support.
8.5. Temporary Storage in Backups
In some cases, your data may be temporarily stored in backups for the purpose of recovery after technical failures or cyberattacks.
Access to such data is limited and it is not used for active processing.
Backup data is automatically deleted after 90 days.
8.6. Legal Grounds for Extended Data Retention
In certain situations, we may retain your data for a longer period if this is necessary to fulfill legal obligations (for example, preservation of financial documentation for tax authorities), if it is needed to protect our legitimate interests (for example, in the event of legal claims or during dispute resolution or investigations), or if the data is needed to prevent fraud, violations, or abuse of the platform.
Even after your account or profile information is deleted, the specified data may remain available to third parties to the extent that it was previously disclosed to them or saved/copied by other users. We do not control the further use of such data and do not accept responsibility for such actions. If you have granted access to your personal data to third-party applications or websites, those parties may store and use this data in accordance with their own terms of service and privacy policies.
8.7. How You Can Exercise Your Rights Regarding Data Retention
You have the right to:
Find out what data of yours is stored.
Request the deletion of your personal data.
Request restriction of data processing if it is no longer needed by the platform.
File a complaint regarding retention periods if you believe they violate your rights.
To do this, contact our support service via the in-app contact form or email: dateanddonate@proton.me.
8.8. Updates to the Data Retention Policy
We may review and update our data retention policy in accordance with changes in legislation or new security requirements. All changes will be published in this section and, where necessary, communicated to users.
8.9. Location and Storage of Personal Data
Your personal data may be stored on servers located both within your jurisdiction and outside it, including in countries outside the European Economic Area (EEA). We implement appropriate technical and organizational measures to protect your data, including data encryption during transmission and storage.
Transfers of personal data outside the EEA are carried out exclusively using lawful mechanisms such as Standard Contractual Clauses (SCCs) or other measures ensuring compliance with GDPR data protection requirements.
If you have questions regarding the location of your data or the measures used to protect it, please contact our support service.
9. Organization of In-Person Meetings
D&D is a platform that provides users with the ability to organize real-life meetings and interact within the platform. However, all in-person meetings that occur outside the mobile application are solely agreements between users. We do not provide meeting services ourselves and are not a provider of meeting services; we only act as an intermediary that provides a technological platform for organizing and managing such meetings.
9.1. Rules for Organizing Meetings
D&D acts as an online platform for organizing meetings and facilitates interaction between users who wish to meet on agreed terms. Our platform allows users to arrange meetings and set a fixed price for them. All financial transactions in the application are carried out exclusively for charitable purposes.
Our application allows users to create and view meeting offers, perform transactions through a third-party payment system for booking, and coordinate meeting conditions via the internal chat without disclosing personal contact details.
It is important to note that D&D is not the organizer, operator, or intermediary of in-person meetings and does not control their organization or the process after users reach an agreement, and it is not responsible for their outcomes. All meetings organized through the application take place at physical locations chosen by the users themselves.
9.2. User Responsibility
Meetings are exclusively a physical service that takes place outside the application. Users are solely responsible for organizing, honoring agreements, and ensuring safety during such meetings.
Since all meetings take place outside the application, users are fully responsible for organizing, confirming, and conducting the meeting, including choosing a safe place, adhering to ethical and legal norms during the meeting, and ensuring their own safety during physical interaction with other users.
Additionally, each user registering with D&D agrees that:
their participation in meetings is voluntary, without coercion and without any legal or financial obligations to other users, apart from participating in the meeting itself;
the platform does not provide any guarantees or assistance in organizing subsequent personal or business relationships after the meeting;
any interactions between users that occur after the meeting are their personal responsibility.
D&D is not responsible for any consequences of meetings between users, including but not limited to issues of safety, conduct, settlements, or any other actions during or after the meeting.
If a meeting did not take place or disputes arose, users may contact support, but D&D does not guarantee refunds if the meeting did not occur for reasons beyond our control.
We recommend that users follow our safety recommendations for meetings, which are available in the application. If you have questions or problems, you can always contact our support service.
9.3. No Connection with the Provision of Sexual Services or Escort Services
We emphasize that the D&D platform is solely a platform for dating and organizing meetings between users by mutual consent and without any obligations beyond ordinary social interaction. We are not an intermediary in any other relationships between users outside the application.
Prohibited Activities
We strictly prohibit the use of our platform to organize or facilitate:
the provision of sexual services in any form;
escort services or any activity related to commercial or financial arrangements that involve intimate relations;
exchange of contact information or communication for the purpose of providing such services;
any other activity that contradicts applicable law.
Moderation Policy
We reserve the right to monitor activity on the platform and to remove content, accounts, and messages that contain:
offers or insinuations about the provision of sexual services;
advertisements for escort services or other similar services;
references to financial arrangements outside the permitted conditions of the platform.
Users who violate this policy may be subject to sanctions, including temporary or permanent account blocking without the possibility of recovery.
Cooperation with Law Enforcement
If we detect activity that contradicts this policy or applicable law, we reserve the right to cooperate with the relevant law enforcement authorities, including sharing information about users who violated platform rules, in accordance with applicable law and our Privacy Policy.
Any cases of using the platform for illegal activity, including prostitution, will be immediately investigated and the offenders’ accounts will be blocked.
Your Actions in Case of Violations
If you notice any activity that contradicts our rules, please inform support through the application or via email at dateanddonate@proton.me.
D&D is a platform for safe and comfortable dating. We strive to create a community where every user can interact openly and honestly, without coercion or illegal offers.
9.4. Limitation of Liability
Since D&D is only a platform for interaction between users, we are not responsible for the actual conducting of the meeting and its results, any disputes between users that arise after confirmation of the meeting, the actions or inaction of any party during the meeting, as well as for refunds if the meeting did not take place for reasons beyond D&D’s control.
In cases of violations of conduct rules, fraud, or other abuses, users may contact support, which will review the complaint and take appropriate measures, including account blocking or termination of platform access.
9.5. Payment System and Distribution of Funds
To ensure the security and transparency of financial operations, all payments are made through third-party payment systems that process funds and guarantee compliance with international payment security standards (PCI DSS).
D&D does not store or process users’ financial data and only technically facilitates the automatic transfer of funds to the relevant organizations through the payment system.
All transactions go through the secure gateway of the payment system, which ensures the security and legitimacy of financial operations.
Distribution of the Contribution
The entire amount contributed by the user during participation in joint leisure is transferred in full to charity to the selected fund.
No payments to other users or service commissions are envisaged.
Payment transactions may include a service fee, which the user is informed about before making the payment. The fee does not affect the amount of charitable contributions transferred.
9.6. Meeting Safety and Recommendations
We recommend that users follow the following safety rules when organizing meetings:
Choose public places for the first meeting.
Do not disclose personal contact details before the meeting (phone number, address, etc.).
Inform close contacts about the place and time of the meeting.
If you need to call the police, use the “SOS” function during the meeting if the other user acts inappropriately.
Use the “Report” function if the other user behaved inappropriately during the date.
Each user who offers or purchases a meeting through the D&D platform does so solely of their own free will, without any coercion or obligations, apart from organizing a possible acquaintance and communication.
All subsequent relationships that may arise between the participants of the meeting are solely their personal responsibility, and the company bears no responsibility for developments after the meeting.
The fact of organizing and participating in a meeting does not create any legal or other obligations between the parties, except for the obligation of the person who purchased the meeting to make payment through a third-party payment system, and the obligation of the person who offered the meeting to appear at the specified time and place according to the conditions stated in the application.
No other obligations arise between the parties, and all further actions or decisions are entirely voluntary and made at the sole discretion of each participant.
To ensure user safety and the ability to identify a person in case of improper or unacceptable behavior during a meeting, we collect and process data from both the person offering the meeting and the person purchasing it.
The collection and processing of such data is carried out in accordance with this Privacy Policy and for the purpose of preventing potential violations, as well as ensuring the safety of all platform participants in the future. All personal data are processed in compliance with the principles of lawfulness, proportionality, and data minimization, exclusively for the purposes provided for in this Policy.
9.7. Compliance with App Store and Google Play Policies
To comply with App Store and Google Play requirements, this section clearly delineates the functions of D&D as an online platform for organizing meetings, emphasizing that:
We do not organize meetings and do not provide in-person meeting services— all actions occur between users who independently offer, publish, select, and confirm a meeting. All in-person meetings take place outside the application and are not a service provided by D&D.
The platform performs only technical functions—providing the ability to communicate and organize meetings between users and to carry out payments through third-party payment systems.
All payments are processed by a third-party payment system, ensuring compliance with App Store and Google Play policies.
10. Cookies and Similar Technologies
To provide you with the best experience using D&D, we use cookies and similar technologies. They help us maintain stable service operation, analyze the application’s performance, improve usability, and personalize content and advertising. In this section, we explain which technologies we use, what they are for, and how you can manage your settings.
10.1. What Are Cookies and Similar Technologies
Cookies are small text files stored on your device when you use our application or website. They allow us to remember your settings, identify you among other users, and improve the overall experience of using the platform. In addition to cookies, we may also use other technologies such as tracking pixels, browser local storage, and SDKs (Software Development Kits) that perform similar functions.
10.2. What Types of Cookies We Use
We use several categories of cookies, each serving its own function.
Strictly necessary cookies are required for the basic functioning of D&D. They allow you to log into your account, stay authenticated, make secure payments, and prevent fraud.
Functional cookies help remember your individual settings, such as your chosen language or notification preferences, to enhance the convenience of using the app.
Analytics cookies are used to collect information about how you interact with the platform, which allows us to analyze the operation of the service and improve it. We use tools such as Google Analytics, Appsflyer, Mixpanel, and Amplitude to collect statistical data in a de-identified form.
Advertising cookies allow us and our partners, such as Meta (Facebook, Instagram), Google Ads, TikTok Ads, and others, to show you personalized advertising and measure its effectiveness. We receive only aggregated analytical information without the ability to identify specific users.
10.3. How We Use Cookies
Cookies help us with the following:
Uninterrupted operation of the platform. Without certain cookies, the website and application cannot function properly;
Personalization of content and recommendations. We use analytics to match relevant profiles in the feed;
Optimization of speed and stability. Thanks to caching, we reduce page load times and decrease server load;
Analysis of advertising campaign performance. We can evaluate how many users interacted with the ads;
Maintaining user security and protecting the platform from fraudulent activity.
10.4. Do We Share Data with Third Parties
We may share anonymized or aggregated data with our partners, including analytics services (Google Analytics, Appsflyer, Mixpanel) and advertising networks (Meta, Google, TikTok), to improve the platform’s performance and optimize marketing campaigns. All third-party cookies are used in accordance with their privacy policies. We do not share your personal data with advertisers without your separate consent.
10.5. How You Can Manage Cookies
You have full control over your cookie settings:
Through your browser settings, you can delete or block cookies.
In the D&D app settings, you can change your preferences regarding analytics and advertising cookies at any time, as well as opt out of personalized advertising.
Through advertising platform settings, you can manage your advertising preferences, including via Google Ads Preferences and Facebook Ad Preferences.
Disabling analytics or advertising cookies may affect content personalization and service performance; however, strictly necessary cookies will remain active to ensure the basic operation of the platform.
10.6. Can You Completely Opt Out of Cookies
Yes, you can opt out of the use of non-essential cookies at any time through the app or browser settings. However, a complete opt-out may limit platform functionality, for example, slow page loading or make advertising less relevant.
You can also manage cookie settings of third-party services via their respective opt-out pages.
10.7. Updates to the Cookies Policy
We may periodically update this policy to reflect changes in our use of cookies or changes in applicable law. We will notify you of material changes via the mobile application or email.
Last updated: 25.04.2025.
11. Data Transfers Outside Your Jurisdiction
Since D&D operates in a global environment, your personal data may be transferred to, processed, and stored in countries that have a different level of data protection than your country of residence. We ensure an adequate level of security for all international transfers in accordance with the requirements of the General Data Protection Regulation (GDPR), the California Consumer Privacy Act (CCPA), and other applicable rules.
11.1. When Data Transfers May Occur
Your personal data may be transferred outside your jurisdiction in cases of hosting and storing data on secure cloud servers, processing payments through third-party payment systems, providing technical support and user service, platform usage analytics (via Google Analytics, Appsflyer, Mixpanel, Amplitude), advertising integrations and marketing campaigns, as well as compliance with legal or regulatory requirements.
11.2. How We Protect Your Data During Transfers
We use internationally recognized mechanisms for protecting personal data, including Standard Contractual Clauses (SCCs) approved by the European Commission for transfers to countries outside the European Economic Area (EEA), other lawful mechanisms where provided by applicable law, data encryption during transmission via TLS/SSL protocols, as well as risk assessments and security audits for partners who have access to personal data.
11.3. Transfers to the USA and Other Jurisdictions
Some of our partners and service providers may be located in the USA and other countries outside the EEA. In such cases, we transfer data using approved safeguards, including SCCs. If your country has specific requirements regarding the processing of personal data, you may contact our support team for additional information.
11.4. Compliance with International Privacy Standards
We ensure compliance with key principles:
GDPR (European Union, United Kingdom): use of SCCs, implementation of user rights (access, rectification, deletion).
CCPA (California, USA): users’ right to request deletion, processing limits, opt-out of the sale of data.
Other local laws in relevant jurisdictions.
We cooperate only with vetted service providers who comply with personal data protection requirements.
11.5. Your Rights Regarding International Data Transfers
Under applicable law, you have the right to obtain information about the international transfer of your data; to object to such transfer in the cases provided; to withdraw consent to data transfer at any time (if the transfer is based on consent).
To exercise these rights, contact our support via email: dateanddonate@proton.me or the contact form in the mobile application.
12. Age Restrictions and Protection of Children’s Personal Data
Our application is not intended for persons under 18 years of age, and we do not permit the registration or use of our mobile application by minors and do not knowingly collect, process, or store children’s personal data. We take the protection of children’s privacy seriously and have implemented appropriate measures to prevent their access to the platform.
If we become aware that a user has registered on the platform without having reached the age of 18 and provided personal data, we will take necessary steps to delete their profile and all associated information. In the event of account deletion due to a violation of the age restriction, we may retain the user’s email address and IP address to prevent re-registration and evasion of established rules.
If you suspect that a user is under 18, please report it via the relevant complaint function on the platform.
13. Changes to This Privacy Policy
We continuously improve our platform and personal data protection approaches; therefore, we may update this Privacy Policy from time to time. Changes may be driven by updates to our platform’s functionality, changes in legal requirements for personal data processing, or the introduction of new technological solutions that require clarification of data processing conditions.
We strive to ensure transparency in matters of personal data protection; therefore, we inform our users of all significant changes to the Privacy Policy.
In the event of updates, we may use the following methods of notification:
In-app notifications — if the changes are significant, users will be prompted to review the updated Policy at the next login.
Email notification — for critically important changes that may affect users’ rights, we may send an email to the registered address.
Publication of the updated version on the website — the latest version of the Privacy Policy is always available on our official website.
We encourage all users to review our Privacy Policy periodically to stay informed of current changes. If you continue to use our platform after the changes take effect, this means that you agree to the updated terms of the Policy.
Changes to this Privacy Policy take effect automatically upon their first posting on the Website or in the Mobile Application.
The current version of the Privacy Policy takes precedence in governing how we use your information.
The last update of this Privacy Policy was made on April 25, 2025.
14. Contact Information
We strive to ensure a high level of transparency regarding the processing of personal data and provide users with the ability to contact us with any questions related to the privacy and security of their data.
If you have any questions about this Privacy Policy, the processing of your personal data, or the exercise of your rights, you can contact us using the following details:
Email: dateanddonate@proton.me
Support service in the mobile application
Feedback form on the website: datedonate.app
Postal address for legal requests and complaints: Odrin St., 15, 9th floor, 8001 Northern Industrial Zone, Burgas, Bulgaria
Data protection contact person.
Although we are currently not required to appoint an official Data Protection Officer under GDPR requirements, we take privacy matters seriously and you can contact our privacy team at: dateanddonate@proton.me.
If you believe that we have violated your rights or are improperly processing your personal data, you have the right to file a complaint with the appropriate data protection authority.
If you are a resident of the European Union, you may contact your national data protection authority. Contact details of regulatory authorities can be found at: https://edpb.europa.eu/about-edpb/about-edpb/members_en
If you are in the United Kingdom, the relevant authority is the Information Commissioner’s Office (ICO): https://ico.org.uk/
California (USA) residents may contact the California Privacy Protection Agency (CPPA): https://cppa.ca.gov/
15. Consent to Data Processing
We aim to ensure transparent and lawful processing of our users’ personal data in accordance with the General Data Protection Regulation (GDPR), the California Consumer Privacy Act (CCPA), and other international privacy standards.
This section explains what your consent to data processing means, how it is provided, what data we may process, and how you can withdraw your consent.
15.1. What Consent to Data Processing Means
Consent to the processing of personal data means that you voluntarily grant us permission to collect, process, and store your personal data within the scope specified in this Privacy Policy.
According to GDPR principles, your consent must meet the following criteria:
Freely given — you provide consent without any coercion.
Specific — consent covers only specific purposes that are clearly described.
Informed — you have full information about what data is processed and for what purpose.
Unambiguous — consent must be clearly expressed through an affirmative action (for example, clicking “I agree” or “Yes, I am 18 years old” during registration).
If you do not provide consent to the processing of certain data, we will be unable to provide some features of our platform that are impossible without such data (for example, using geolocation to find suitable meetings).
15.2. How You Provide Consent
D&D users can provide consent in the following ways:
During registration on the platform — you confirm that you have read the Privacy Policy and give consent to data processing by clicking “I agree” or “Yes, I am 18 years old.”
Through profile settings — you can manage your privacy settings and choose what data to share (for example, whether to allow access to geolocation).
Through pop-ups — in the case of new processing purposes (for example, a request to use new analytics cookies), we request separate consent via an appropriate prompt.
When using certain app features — some features require separate permission (for example, camera access to upload photos).
15.3. What Data May Be Processed with Your Consent
Depending on the functionality you use, we may process the following types of data:
15.4. Withdrawal of Consent to Data Processing
You have the right to withdraw your consent at any time without giving reasons.
You can do so by:
Changing data collection settings in your profile settings;
Contacting support to request restriction or cessation of data processing;
Withdrawing cookie consent — adjust your browser settings or opt out of personalized advertising in the app.
If you withdraw consent, this does not affect the lawfulness of processing carried out before that moment. At the same time, certain D&D features may become unavailable.
15.5. Can We Process Data Without Your Consent
Yes, in some cases we may process your data without separate consent if this:
is necessary to perform the contract between you and D&D (for example, to provide dating services);
complies with legal obligations (for example, retaining payment data under tax laws);
is justified by our legitimate interest, provided it does not infringe your rights (for example, fraud prevention).
15.6. Consent to Transfer Data to Third Parties
We may transfer your data only:
Aggregated and anonymized — to analytics partners (e.g., Google Analytics).
Financial transactions — through third-party payment systems (without storing your payment credentials).
To legal authorities — where required by law (for example, to comply with tax reporting, respond to subpoenas, court orders, anti-money-laundering laws, or other applicable legal obligations).
No personal data is transferred to advertisers without your explicit consent.
15.7. Your Rights Regarding Consent to Data Processing
You have the following rights:
Find out what data of yours we process;
Request the deletion of your personal data;
Restrict or object to data processing;
Obtain a copy of your data (right to data portability).
To exercise your rights, you can contact support.
15.8. Updates to the Consent Policy
We may periodically update this section in accordance with changes in legislation or our data processing policy. In the event of significant changes, you will receive a notification via the app or email.
This section defines your rights and our obligations regarding obtaining consent for data processing, ensuring your awareness and control over your information.
Privacy Policy for Users’ Health Data
This Users’ Health Data Privacy Policy supplements the D&D Mobile Application Privacy Policy and applies exclusively to users residing in the states of Washington and Nevada (USA). In the event of inconsistency between our Privacy Policy and this Policy, this Policy prevails with respect to consumer health data of residents of Washington and Nevada. It explains what health data may be collected through our platform, how it is used, stored, and protected in accordance with the Washington My Health My Data Act (MHMDA) and the Nevada Consumer Health Data Privacy Law.
1. What Health Data We May Collect
In the D&D mobile application, users may voluntarily indicate information about their physical, cognitive, or emotional characteristics, in particular:
Mobility features (e.g., use of a wheelchair, limited mobility);
Hearing characteristics (e.g., partial or complete hearing loss);
Limb characteristics (e.g., amputation, congenital limb differences);
Vision characteristics (e.g., myopia, hyperopia, blindness);
Developmental characteristics (e.g., autism, developmental delay);
Cognitive and learning characteristics (e.g., dyslexia, attention deficit disorder);
Communication characteristics (e.g., speech impairments);
Social and emotional characteristics (e.g., anxiety, depression);
Other characteristics that the user may specify at their discretion.
This data is sensitive personal information and is processed with special security measures in accordance with applicable law.
2. How We May Use This Data
We process health information only with your explicit consent and exclusively for the following purposes:
Adding information to the profile (if the user chooses to publicly display certain characteristics);
Profile filtering (enabling users to search and filter profiles by certain parameters);
Ensuring an inclusive user experience (adapting the interface and functionality to users’ needs);
Analysis and improvement of the platform (using de-identified data for analytics and developing new app features).
We do not use your personal health data for marketing, advertising, or other commercial purposes without your separate consent.
3. How We Store and Protect Your Health Data
Your data is protected through modern encryption during transmission and storage, restricted access for specially authorized personnel only, and automatic deletion of data after account deletion.
4. How We Share Health Data with Third Parties
Your health data is not sold, not transferred to advertising companies, and is not used outside cases permitted by law.
We commit to keeping your health data confidential and to sharing it only in strictly defined cases when necessary to provide our services or in accordance with legal requirements. Your data may be transferred to the following categories of third parties:
Other users
You voluntarily decide which data about your physical or cognitive characteristics will be displayed in your public profile. This means other users may see this information if you choose to make it available.
Service providers
We work with vetted third-party providers who assist us with hosting, security, and support (with mandatory data processing agreements).
Affiliates
We may transfer users’ health information to our affiliated companies and subsidiaries that help us process data for customer support, combating unwanted content and abuse, ensuring user safety, and improving platform functionality. Affiliates are also required to comply with privacy requirements and legal norms for processing personal data.
Parties to corporate transactions
In the event of a change in ownership or management of D&D, your data may be transferred to the appropriate legal entities in the case of a merger, acquisition or sale of part or all of the business, corporate reorganization or restructuring, liquidation of the company, or bankruptcy. In such cases, we ensure that your data remains protected and is transferred in accordance with legal requirements.
Law enforcement and legal authorities
We may disclose your personal data (including health data) in the following situations:
– upon request of a court or government authorities (e.g., a subpoena or investigative request);
– to investigate and prevent crimes (e.g., in cases of fraudulent activity or threats to user safety);
– to protect the rights, safety, and welfare of users or third parties;
– to establish, exercise, or defend our legal rights;
– where necessary to respond to legal requirements, including subpoenas, investigative requests, or compliance with health-data privacy laws.
We disclose such information only to the extent necessary to fulfill the relevant legal requirements.
We do not share health data without your consent, except in these cases:
when required by law or law enforcement;
when the transfer is necessary to protect the interests and safety of users;
if the information is aggregated or anonymized so that a specific person cannot be identified.
5. Your Rights Regarding Health Data
Users residing in the states of Washington and Nevada have the following rights:
Right of access — to learn what health data we store;
Right to rectification — to update or change information in your profile;
Right to restrict processing — you can limit the use of your data;
Right to deletion — you can request deletion of all health data from our database;
Right to withdraw consent — you can withdraw your consent to data processing at any time.
To exercise these rights, you can contact us at dateanddonate@proton.me.
6. How Long We Store Health Data
We store users’ health data only for the period necessary to fulfill the purposes for which it was collected.
If you delete health information from your profile, the data is deleted automatically.
If you delete your account, health data will be deleted within 30 days.
If we retain information to comply with legal obligations, the data may be stored for up to 10 years in accordance with international legal norms.
7. How We Comply with the Washington My Health My Data Act and the Nevada Consumer Health Data Privacy Law
To comply with local health-data privacy laws, we have implemented the following measures:
Obtain explicit consent before collecting any health data;
Allow users to easily withdraw consent and delete their data;
Ensure data encryption and protection against unauthorized access;
Do not transfer data to third parties without legal grounds or user consent;
Review all privacy requests within the time limits established by law.
8. How to Get More Information or File a Complaint
If you have questions about this Policy or believe that your rights have been violated, you can file a complaint with the relevant regulatory authority:
Washington — Washington State Attorney General (https://www.atg.wa.gov).
Nevada — Nevada Attorney General’s Office (https://ag.nv.gov).
We strive to ensure the security and confidentiality of each user’s data and encourage you to read this Policy carefully.
Effective Date
This Privacy Policy was last updated on: 03 September 2025.