General Data Protection Regulation (GDPR)
GleeMeet is committed to fostering a secure and respectful dating environment, aligning with data protection standards to ensure privacy and user trust. This GDPR compliance document outlines how we collect, process, and protect your data in line with the European Union (EU) and European Economic Area (EEA) regulations. We prioritize transparent, ethical handling of personal data and have incorporated GDPR principles into all aspects of our app's design and user interaction.
GleeMeet is committed to maintaining the privacy and security of your personal data. This document outlines our policies and procedures to ensure compliance with the General Data Protection Regulation (GDPR) for users in the European Union (EU) and European Economic Area (EEA). We are dedicated to handling your personal information responsibly, transparently, and in accordance with applicable laws.
Data Controller and Contact Information
GleeMeet is the data controller of your personal data, meaning we are responsible for deciding how we hold and use personal information about you.
Data Controller Name: GleeMeet Private Limited
Email: dpo@gleemeet.com.
Address: Gleemeet,Raheja MindSpace,Hydrabad, India 500081
We collect and process the following types of personal data to facilitate a safe and personalized dating experience:
Identity Data: This includes information like your name, username, profile picture, date of birth, and gender, essential for creating and maintaining your profile.
Contact Data: Email address and phone number, necessary for account setup and to provide account security alerts.
Location Data: General city-based location, without revealing exact geolocation, to help users find suitable matches nearby.
Technical Data: IP address, device type, browser version, and app usage details, which assist in troubleshooting and enhancing app security.
Usage Data: Information about your interactions with the app, used to optimize features and enhance user experience.
In line with GDPR, we only collect data necessary for app functionality and improved service delivery, with strong controls on data visibility within the app.
We may collect and process the following types of personal data about you:
Identity Data: First name, last name, username, profile picture, date of birth, gender.
Contact Data: Email address, phone number, postal address.
Location Data: General location information (city of residence) and distance from other users (displayed as approximate distance without disclosing exact geolocation).
Technical Data: IP address, browser type and version, time zone setting, browser plug-in types, operating system, and platform.
Usage Data: Information about how you use our app, products, and services.
Marketing and Communications Data: Preferences regarding receiving marketing from us and communication preferences.
Purpose and Legal Basis for Processing Personal Data
We process your personal data for the following purposes:
To Provide Services: Managing your account, providing customer support, and responding to inquiries.
To Improve Our Services: Analyzing usage patterns to enhance user experience and functionalities of our app.
Marketing: Sending you newsletters, marketing communications, and other relevant information based on your preferences.
Legal Compliance: Complying with legal obligations, preventing fraud, and maintaining the security of our services.
Legal Bases for Processing:
Under GDPR, we rely on the following legal bases for processing your personal data:
Consent: You have provided explicit consent for us to process your personal data for a specific purpose.
Contractual Necessity: Processing is necessary for the performance of a contract with you or to take steps at your request before entering into a contract.
Legal Obligation: Processing is necessary for compliance with a legal obligation to which we are subject.
Legitimate Interests: Processing is necessary for our legitimate interests, except where such interests are overridden by your interests or fundamental rights and freedoms.
As a GleeMeet user, you are empowered with several rights over your personal data, including:
Right to Access: You may request to view the personal data we hold about you, understanding how it's processed and used within the app.
Right to Rectification: If you notice inaccuracies, you may ask us to correct them, ensuring your data is up-to-date and accurate.
Right to Erasure (Right to be Forgotten): You may request the deletion of your data under specific conditions, such as account closure or withdrawal of consent. GleeMeet securely processes deletion requests, including removing associated data from all active systems.
Right to Object: You can object to data processing, especially for marketing purposes or if based on legitimate interests.
To exercise these rights, contact us via the provided contact information, and we will respond within one month.
Under GDPR, you have the following rights concerning your personal data:
Right to Access: You have the right to request access to your personal data and obtain a copy of that data.
Right to Rectification: You have the right to request correction of inaccurate or incomplete personal data.
Right to Erasure: You have the right to request deletion of your personal data when it is no longer necessary for the purposes for which it was collected, or if you withdraw your consent.
Right to Restrict Processing: You have the right to request restriction of processing your personal data under certain circumstances.
Right to Data Portability: You have the right to request the transfer of your personal data to another data controller in a structured, commonly used, and machine-readable format.
Right to Object: You have the right to object to the processing of your personal data based on legitimate interests or direct marketing purposes.
Right to Withdraw Consent: Where we process your personal data based on consent, you have the right to withdraw that consent at any time.
To exercise these rights, please contact us at the contact details provided above. We will respond to your request within one month.
Data Retention
We will retain your personal data only for as long as necessary to fulfill the purposes for which we collected it, including for the purposes of satisfying any legal, accounting, or reporting requirements. The following criteria are used to determine retention periods:
Duration of Relationship: The length of time you have an account with us.
Legal Obligations: Any legal obligations we may have (e.g., for tax or accounting purposes).
Litigation Needs: The necessity of retaining your data for purposes of potential litigation.
GleeMeet operates internationally, and to facilitate this, we may transfer your data outside the EEA. When doing so, we ensure appropriate safeguards such as:
Standard Contractual Clauses (SCCs): Used for countries outside the EEA without adequacy decisions, ensuring data protection compliance.
Adequacy Decisions: Data is transferred only to countries deemed to have adequate data protection standards by the European Commission.
We may transfer your personal data outside the EEA. If we do so, we ensure that appropriate safeguards are in place, such as:
Standard Contractual Clauses (SCCs): We will implement SCCs approved by the European Commission to ensure adequate protection for your personal data.
Adequacy Decisions: We will transfer your data only to countries that the European Commission recognizes as providing adequate protection.
We employ advanced technical and organizational security measures to protect your data, including:
Encryption: Personal data is encrypted during transmission and storage to prevent unauthorized access.
Access Controls: Access is restricted to authorized personnel, with regular audits to enforce data security.
Incident Response Plan: A data breach response plan is in place to address and mitigate any incidents effectively.
We implement appropriate technical and organizational measures to ensure a level of security appropriate to the risk of processing your personal data, including:
Encryption: Encrypting personal data in transit and at rest.
Access Controls: Restricting access to personal data to authorized personnel only.
Regular Security Assessments: Conducting regular assessments of our security measures to identify and mitigate vulnerabilities.
Incident Response Plan: Establishing a data breach response plan to handle potential data breaches effectively.
Cookies and Tracking Technologies
GleeMeet uses cookies and similar tracking technologies to enhance user experience and analyze usage. For more details, please refer to our Cookie Policy.
Cookie Policy Summary: We may use Flash Cookies, HTML5 Local Storage, or Web Storage to collect and store information about your usage of our services. You can manage cookie preferences through your browser settings or our app settings.
Data Protection Impact Assessments
We conduct Data Protection Impact Assessments (DPIAs) when initiating any new project or processing activity that may impact the privacy rights of individuals. This assessment helps us identify and mitigate any potential risks related to the processing of personal data.
Staff Training and Awareness
We ensure that our employees are trained on data protection principles and are aware of their responsibilities concerning the handling of personal data. Regular training sessions are conducted to keep staff updated on GDPR compliance and best practices in data protection.
Changes to This GDPR Compliance Document
We may update this document from time to time. Any changes will be posted on this page, and we will notify you by email or through our app. We encourage you to review this document periodically for any updates.
Third-Party Data Processing
We may engage third-party service providers to process your personal data on our behalf. We ensure that these processors adhere to GDPR requirements through appropriate contracts and due diligence. Types of third-party processors may include:
Cloud Storage Providers: For storing user data securely.
Analytics Services: Such as Google Analytics and social media platforms for understanding user engagement and app performance.
Marketing Services: For email marketing and communication purposes.
Payment Processors: To manage transactions securely and efficiently.
All third-party processors are contractually obligated to protect your personal data and may only process it according to our instructions.
Profiling and Automated Decision-Making
GleeMeet may use automated decision-making processes that involve profiling for specific purposes, such as:
Personalized Recommendations: Analyzing user behavior to offer tailored content and matches within the app.
Fraud Prevention: Identifying unusual patterns in account activity that may indicate fraudulent behavior.
Users have the right to contest decisions made solely based on automated processing, which significantly affects them, and to request human intervention.
Profiling and Automated Decision-Making
With your consent, we may send you marketing communications about our services, promotions, or updates. You can opt out of receiving these communications at any time by:
Using the Unsubscribe Link: Included in all marketing emails.
Adjusting Your Preferences: In your account settings.
Contacting Us: Directly through our support email.
Please note that even if you opt out of marketing communications, we may still send you service-related emails (e.g., account updates, changes to our terms).
User Consent Management
We provide mechanisms for obtaining and managing your consent regarding the processing of your personal data. This includes:
Opt-In Mechanisms: For explicit consent before collecting sensitive data.
Granular Consent Options: Allowing you to choose what types of data you consent to share (e.g., marketing vs. non-marketing data).
Withdrawal of Consent: Easily withdrawing consent through account settings or by contacting us, where applicable.
Data Breach Notification
In the event of a data breach, we will notify affected individuals without undue delay if it is likely to result in a high risk to your rights and freedoms. Our notification will include:
Description of the Breach: Nature of the breach and types of data affected.
Consequences: Potential consequences for affected individuals.
Measures Taken: Steps taken to mitigate the impact and prevent future breaches.
Contact Information: How to reach our data protection officer or relevant contact for inquiries.
Data Protection by Design and by Default
GleeMeet incorporates data protection principles into our product development processes. This includes:
Minimizing Data Collection: Only collecting personal data that is necessary for specific purposes.
Default Settings: Ensuring that default settings prioritize user privacy (e.g., limiting data sharing options).
Ongoing Assessment: Regularly evaluating our systems and processes for compliance with data protection requirements.
GleeMeet operates internationally, and to facilitate this, we may transfer your data outside the EEA. When doing so, we ensure appropriate safeguards such as:
Standard Contractual Clauses (SCCs): Used for countries outside the EEA without adequacy decisions, ensuring data protection compliance.
Adequacy Decisions: Data is transferred only to countries deemed to have adequate data protection standards by the European Commission.
When transferring personal data outside the EEA, we take additional measures to ensure that such data remains protected, including:
Ensuring Adequate Protection: Transferring to countries with an adequacy decision by the European Commission.
Implementing Standard Contractual Clauses (SCCs): For data transfers to non-EEA countries without an adequacy decision.
Conducting Risk Assessments: Before any data transfer to ensure compliance with GDPR requirements.
Complaints and Supervisory Authorities
If you believe that our processing of your personal data infringes upon your rights under GDPR, you have the right to lodge a complaint with a supervisory authority.
In India, the relevant authority is the Data Protection Authority of India.
You can also reach out to the supervisory authority in the EU member state where you reside.
Additional Data Protection Responsibilities
GleeMeet ensures that all employees and contractors who have access to personal data are trained in data protection and aware of their responsibilities regarding handling personal data.
We maintain documentation of all processing activities to demonstrate compliance with GDPR.
Regular Reviews and Updates
We regularly review and update our data protection policies and practices to ensure continued compliance with GDPR and evolving industry standards.
This includes conducting audits and risk assessments as necessary.
Cooperation with Authorities
GleeMeet commits to cooperating with data protection authorities regarding compliance investigations, audits, and inquiries.
We will provide all necessary information to demonstrate our compliance with GDPR.
User Education and Awareness
We strive to educate our users about their rights under GDPR and the importance of data privacy.
This may include:
Informational Resources: Providing guides and resources on data protection on our website.
Webinars and Workshops: Offering sessions to inform users about their rights and our privacy practices.
Contact Us
If you have any questions or concerns about this GDPR Compliance Document, our data practices, or your rights, please contact us at:
Email: dpo@gleemeet.com.
Address: Gleemeet,Raheja MindSpace,Hydrabad, India 500081