Privacy Policy

Last updated: February 16, 2026

1. Introduction

DatesofAsia is operated by Asia Dating Network (ABN: XX XXX XXX XXX) ("we," "our," or "us"). We operate a dating platform at https://www.datesofasia.dev. This Privacy Policy explains how we collect, use, share, and protect your personal information when you use our service. We are committed to protecting your privacy in accordance with the Australian Privacy Act 1988 (Cth), the Australian Privacy Principles (APPs), the General Data Protection Regulation (GDPR), the California Consumer Privacy Act (CCPA), and other applicable data protection laws.

By creating an account or using our service, you consent to the data practices described in this policy. If you do not agree, please do not use our service.

2. Information We Collect

2.1 Information You Provide Directly

  • Account Information: Email address, username, password, date of birth, gender
  • Profile Information: Photos, location (country and city), headline, "about me" and "about you" descriptions
  • Communications: Private messages sent to other users, public chat room messages, contact form submissions
  • Stories: Temporary photo stories you upload (auto-deleted after 336 hours)
  • Payment Information: When purchasing credits, payment is processed by Stripe. We do not store your credit card number, CVV, or full billing details. We store the transaction record (amount, date, Stripe reference ID)
  • Gift Messages: Optional messages attached to gifts you send to other users

2.2 Information Collected Automatically

  • IP Address: Collected on login, signup, and during use of the service. Used for security (VPN/proxy detection, brute force protection, IP bans) and approximate country detection
  • Device Information: Browser type, operating system, and user agent string from login history
  • Usage Data: Pages visited, features used, last activity timestamp, profile views given and received
  • Cookies: Session cookies for authentication, consent preference cookie, and third-party advertising cookies (with your consent). See Section 8 for details

2.3 Information from Third-Party Services

We use the following third-party services that process your data on our behalf:

  • Face++ (Megvii): When you upload a profile photo, the image is sent to Face++ for face detection to verify the photo contains a clear face. Face++ returns detection data only; we do not store biometric templates
  • ZeroBounce: Your email address is validated through ZeroBounce to check deliverability and prevent fraudulent signups. ZeroBounce does not receive any other personal data
  • VPNAPI.io: Your IP address is checked against VPNAPI.io to detect VPN, proxy, or TOR usage. This is used to prevent fraud and abuse
  • IP2Location: Your IP address is looked up in a local IP2Location database file to detect your country. This lookup is performed locally on our servers; your IP is not sent to a third-party service
  • SendGrid (Twilio): Your email address is shared with SendGrid for the purpose of sending transactional emails (verification, password reset, notification digests). SendGrid tracks delivery status, opens, and clicks
  • Stripe: When purchasing credits, you are redirected to Stripe's hosted checkout page. Stripe processes your payment details directly. We receive only a transaction ID, amount, and payment status
  • Pusher: Used for real-time message delivery. Your user ID and channel membership are transmitted to Pusher's servers. Message content is relayed through Pusher channels
  • OneSignal: If you enable push notifications, your browser subscription data and user ID are shared with OneSignal to deliver notifications. You can disable push notifications at any time in Settings
  • Google AdSense: With your consent, we display advertisements served by Google. Google may use cookies and similar technologies to serve ads based on your browsing history. See Google's privacy policy at policies.google.com/privacy
  • Cloudflare: Our site is served through Cloudflare's CDN and security network. Cloudflare processes request data (IP address, headers) for performance and DDoS protection

3. How We Use Your Information

We use the information we collect for the following purposes:

  • Provide the Service: Create and manage your account, display your profile to other users, facilitate messaging and interactions
  • Matching and Discovery: Show your profile in search results, suggest profiles through "You Might Also Like," and detect mutual likes (matches)
  • Communications: Send you email verification, password resets, notification digests (configurable frequency), and push notifications (opt-in)
  • Security and Fraud Prevention: Detect VPN/proxy abuse, enforce IP bans, prevent brute force attacks, validate email addresses, and detect faces in photos
  • Payments: Process credit purchases, manage refunds, and maintain transaction records
  • Moderation: Review reported content, enforce community guidelines, issue warnings, and maintain a safe environment
  • Advertising: With your consent, display personalized advertisements via Google AdSense
  • Analytics and Improvement: Understand how users interact with the service to improve features and fix issues

4. Legal Basis for Processing (GDPR)

For users in the European Economic Area (EEA) and UK, we process your personal data under the following legal bases:

  • Contract Performance (Article 6(1)(b)): Processing necessary to provide the dating service you signed up for — account management, messaging, profile display, matching
  • Legitimate Interest (Article 6(1)(f)): Security measures (VPN detection, brute force protection), fraud prevention, and moderation to maintain a safe platform
  • Consent (Article 6(1)(a)): Push notifications, advertising cookies (Google AdSense), and email digest notifications. You may withdraw consent at any time
  • Legal Obligation (Article 6(1)(c)): Retaining transaction records for tax and financial compliance, and complying with law enforcement requests

5. How We Share Your Information

5.1 With Other Users

Your profile information (username, photos, age, gender, location, headline, about me, about you) is visible to other registered users. Your email address is never shared with other users. Private messages are only visible to the sender and recipient.

5.2 With Service Providers

We share data with the third-party services listed in Section 2.3, strictly for the purposes described. All service providers are contractually obligated to protect your data and use it only for the services they provide to us.

5.3 For Legal Reasons

We may disclose your information if required by law, court order, or government request, or if we believe disclosure is necessary to protect the rights, property, or safety of DatesofAsia, our users, or the public.

5.4 Business Transfers

If DatesofAsia is involved in a merger, acquisition, or sale of assets, your personal data may be transferred as part of that transaction. We will notify you of any such change.

5.5 No Sale of Personal Data

We do not sell your personal information to third parties. We do not share your data with data brokers.

6. Data Retention

  • Active Accounts: Your data is retained for as long as your account is active
  • Closed Accounts: When you close your account, your profile is immediately hidden from all users. Your data is retained for 30 days to allow reactivation. After this grace period, your account is eligible for permanent deletion
  • Permanently Deleted Accounts: When an account is permanently deleted, all associated data is removed: profile, photos, messages, likes, gifts, stories, and credit history. Photos are deleted from our servers
  • Stories: Automatically deleted 336 hours after posting
  • Transaction Records: Payment records may be retained for up to 7 years for tax and legal compliance, even after account deletion
  • Security Logs: Login history and IP records may be retained for up to 12 months for fraud prevention
  • Email Logs: Email delivery records retained for 90 days

7. Your Rights

Depending on your jurisdiction, you have the following rights regarding your personal data:

  • Right of Access (GDPR Art. 15 / CCPA): Request a copy of all personal data we hold about you. You can download your data at any time from Settings → Download My Data
  • Right to Rectification (GDPR Art. 16): Update or correct inaccurate data through your Edit Profile and Settings pages
  • Right to Erasure (GDPR Art. 17): Delete your account and all associated data from Settings → Close Account
  • Right to Data Portability (GDPR Art. 20): Receive your data in a machine-readable format (JSON) from Download My Data
  • Right to Restrict Processing (GDPR Art. 18): Request restriction of processing by contacting us
  • Right to Object (GDPR Art. 21): Object to processing based on legitimate interests by contacting us
  • Right to Withdraw Consent: Withdraw consent for push notifications (Settings), email digests (Settings), and advertising cookies (clear your browser cookies or use the cookie banner)
  • Right to Non-Discrimination (CCPA): We will not discriminate against you for exercising your privacy rights

To exercise rights not available through self-service, contact us at [email protected]. We will respond within 30 days.

8. Cookies

8.1 Essential Cookies (Always Active)

These cookies are required for the service to function and cannot be disabled:

  • Session Cookie (doa_session): Keeps you logged in and maintains your session. Expires when you close the browser or after session timeout
  • Remember Me Cookie: If you select "Remember Me" during login, extends your session. Expires after 30 days
  • Cookie Consent (cookie_consent): Stores your cookie preferences. Expires after 1 year
  • CSRF Token: Embedded in your session to prevent cross-site request forgery attacks

8.2 Advertising Cookies (Consent Required)

If you accept advertising cookies, the following third-party cookies may be set:

  • Google AdSense Cookies: Google uses cookies (including NID, CONSENT, and others) to serve personalized advertisements based on your browsing activity across websites. You can opt out of personalized advertising at Google Ads Settings

You can change your cookie preferences at any time by clearing your browser cookies — the consent banner will appear again on your next visit.

8.3 Cloudflare Cookies

Cloudflare may set security cookies (e.g., __cf_bm) to identify trusted web traffic and protect against bots. These are classified as essential security cookies.

9. Data Security

We implement the following measures to protect your personal data:

  • All data transmitted over HTTPS/TLS encryption
  • Passwords hashed using bcrypt (never stored in plain text)
  • CSRF protection on all forms
  • Brute force protection with rate limiting on login attempts
  • VPN and proxy detection to prevent abuse
  • Input sanitization to prevent injection attacks
  • Admin access restricted by role-based authentication
  • Cloudflare DDoS protection and WAF

While we take reasonable precautions, no system is 100% secure. We cannot guarantee absolute security of your data.

10. Children's Privacy

Our service is strictly for users aged 18 and older. We do not knowingly collect personal data from anyone under 18. If we discover that a user under 18 has created an account, we will immediately delete the account and all associated data. If you believe a minor is using our service, please report them via our reporting system or contact us directly.

11. International Data Transfers

Your data may be processed in countries outside your country of residence, including countries that may not provide the same level of data protection. Our third-party service providers (Stripe, SendGrid, Pusher, Google, etc.) operate globally. Where applicable, we rely on Standard Contractual Clauses (SCCs) or the service provider's certifications to ensure adequate protection of your data during international transfers.

12. Do Not Track

Our service does not respond to "Do Not Track" browser signals. However, you can control advertising cookies through our cookie consent banner and manage your ad preferences through Google Ads Settings.

13. Changes to This Policy

We may update this Privacy Policy from time to time. When we make significant changes, we will notify you by email or through a site announcement. The "Last updated" date at the top of this page indicates when the policy was last revised. Your continued use of the service after changes constitutes acceptance of the updated policy.

14. Contact Us

If you have questions about this Privacy Policy, wish to exercise your data rights, or have a complaint about how we handle your data, please contact us:

Asia Dating Network (ABN: XX XXX XXX XXX)

Email: [email protected]

Contact Form

If you are in the EU/EEA and are not satisfied with our response, you have the right to lodge a complaint with your local Data Protection Authority. Australian users may contact the Office of the Australian Information Commissioner (OAIC).

Terms of Service Contact Us