Privacy Policy
1. Data Controller
The data controller within the meaning of the General Data Protection Regulation (GDPR) and other applicable data protection laws is:
UPOZNAJME LTD
Registered Office: 71–75 Shelton Street, Covent Garden, London, WC2H 9JQ,
United Kingdom
Company Number: 17036598 (registered in England and Wales)
Email: info@upoznajme.app
For questions specifically related to data protection, you may contact us at the same email address.
2. Scope of This Policy
This Privacy Policy applies to the Upoznajme mobile application (Android, iOS) and the website upoznajme.app. It describes what personal data we collect, why we process it, with whom we share it, and what rights you have.
3. Data We Collect
3.1 Registration Data
- Email address
- Password (stored only as a hashed value; we never see it in plain text)
- Date of birth (required to verify the 18+ age threshold)
3.2 Profile Data
- Display name
- Profile photos and videos
- Gender and preferences (e.g. sex you are interested in)
- Current city and country of residence
- Country/countries of origin (Balkan heritage)
- Occupation, interests, and "About me" text (optional)
Special Categories of Personal Data (GDPR Art. 9): By using Upoznajme, you may choose to provide information about your sexual orientation (via your matching preferences) and your ethnicity/heritage. As a dating app, this data is essential for our matching service. By creating a profile and interacting with these features, you give your explicit consent for us to collect and process this sensitive information. You can withdraw this consent at any time by deleting your account.
3.3 Moj Krug (Social Feed) Data
- Posts, stories, and comments you publish
- Likes and reactions on content
- Optional location check-ins attached to posts
3.4 Communication Data
- Chat messages exchanged with other users via the in-app messaging feature
- Reports and moderation-related submissions
3.5 Technical & Usage Data
- Device type, operating system version, and app version
- IP address (anonymised for analytics)
- Crash reports and error logs
- Interaction events (e.g. swipes, likes, session duration)
- Firebase Cloud Messaging (FCM) device token for push notifications
4. Legal Bases for Processing (GDPR Art. 6)
| Purpose | Legal Basis |
|---|---|
| Providing the dating and matching service | Art. 6(1)(b) – performance of a contract |
| Age verification (18+) | Art. 6(1)(b) – performance of a contract |
| Account security and fraud prevention | Art. 6(1)(f) – legitimate interests |
| Content moderation and safety | Art. 6(1)(f) – legitimate interests |
| Personalised advertising (AdMob) | Art. 6(1)(a) – consent (via in-app consent form) |
| Push notifications (FCM) | Art. 6(1)(a) – consent (OS-level permission) |
| Service improvement and analytics | Art. 6(1)(f) – legitimate interests |
| Compliance with legal obligations | Art. 6(1)(c) – legal obligation |
Where we rely on legitimate interests, we have assessed that our interests are not overridden by your data-protection rights and freedoms. You may object to processing based on legitimate interests at any time (see Section 8).
5. Third-Party Service Providers
We use the following processors to operate the app. Each is bound by a data-processing agreement and appropriate safeguards for international transfers (Standard Contractual Clauses where required):
| Provider | Service | Data transferred | Privacy link |
|---|---|---|---|
| Google Firebase (USA) | Authentication, Firestore database, Cloud Storage, Crashlytics, FCM | Account data, profile data, messages, device tokens, crash logs | firebase.google.com/support/privacy |
| Google AdMob (USA) | In-app advertising (free version only) | Advertising ID, device info, IP address (subject to consent) | AdMob Privacy |
| Apple App Store / Google Play Store | App distribution and in-app purchases (future) | Transaction data processed independently by the stores | Apple / Google privacy policies |
International transfers: Firebase and AdMob are operated by Google LLC, headquartered in the United States. We rely on Standard Contractual Clauses (SCCs) approved by the European Commission to ensure an adequate level of data protection for transfers to the USA.
6. Advertising & Consent (AdMob / UMP)
The free version of Upoznajme displays banner advertisements served by Google AdMob. Before any personalised advertising is shown to users in the European Economic Area (EEA) or the UK, we collect your consent through Google's User Messaging Platform (UMP) in compliance with the IAB TCF standard and GDPR.
- You may accept or decline personalised ads at any time.
- If you decline, contextual (non-personalised) ads may still be shown.
- You can change your consent at any time in the app settings.
7. Data Retention
- Active accounts: Data is retained for as long as your account is active.
- Deleted accounts: Personal data is removed from active systems within 30 days of account deletion. Backups are purged within 90 days.
- Inactive accounts: Accounts with no login for 24 consecutive months are automatically deleted after advance notice by email.
- Legal holds: We may retain certain data for longer where required by law (e.g. financial records, legal disputes).
- Messages: Chat messages are stored in Firestore and deleted when either user deletes their account.
8. Your Rights Under GDPR
If you are located in the EEA, the UK, or Switzerland, you have the following rights:
- Access (Art. 15): Request a copy of the personal data we hold about you.
- Rectification (Art. 16): Ask us to correct inaccurate or incomplete data.
- Erasure (Art. 17): Request deletion of your personal data ("right to be forgotten").
- Restriction (Art. 18): Ask us to limit how we process your data in certain circumstances.
- Objection (Art. 21): Object to processing based on legitimate interests (including profiling). We will stop unless we have compelling legitimate grounds.
- Data portability (Art. 20): Receive your data in a machine-readable format.
- Withdraw consent (Art. 7(3)): Where processing is based on consent, you may withdraw it at any time without affecting prior processing.
To exercise any right, contact us at info@upoznajme.app. We will respond within 30 days. We may ask you to verify your identity before fulfilling the request.
9. Right to Lodge a Complaint
If you believe we have infringed your data-protection rights, you have the right to lodge a complaint with a supervisory authority. In the UK this is the Information Commissioner's Office (ICO):
ico.org.uk/make-a-complaint | Helpline: 0303 123 1113
EEA users may also contact their national data protection authority. We always encourage you to contact us first so we can address your concern directly.
10. Data Security
We implement appropriate technical and organisational measures including:
- Encrypted data transmission (TLS 1.2+/SSL) for all network communication.
- Passwords are never stored in plain text – Firebase Authentication uses bcrypt hashing.
- Profile images are stored in Firebase Cloud Storage with access rules that prevent public listing.
- Firestore Security Rules restrict data access to authenticated and authorised users only.
- Firebase Crashlytics anonymises device data before transmission.
- Regular security reviews of our Firestore rules and Storage policies.
No method of transmission over the internet is 100% secure. In the event of a data breach that is likely to result in a high risk to your rights, we will notify you and the relevant supervisory authority as required by GDPR Art. 33–34.
11. Protection of Minors & Child Safety
Upoznajme, operated by UPOZNAJME LTD, is exclusively for users aged 18 and over. We do not knowingly collect personal data from anyone under 18. If we become aware that a minor has created an account, we will delete the account and all associated data without delay. If you believe a minor is using our service, please contact us at info@upoznajme.app.
Zero Tolerance for CSAE: Upoznajme maintains an absolute zero-tolerance policy towards Child Sexual Abuse and Exploitation (CSAE) and Child Sexual Abuse Material (CSAM). Any content depicting, promoting, or facilitating the sexual abuse or exploitation of children is strictly prohibited. This includes, but is not limited to: CSAM, child grooming, sexualisation of minors, sextortion, and child trafficking.
11.1 CSAM Reporting
Upon obtaining actual knowledge of CSAM on the Upoznajme platform, we take the following actions:
- Immediate removal of the offending content.
- Permanent suspension of the associated account.
- Preservation of evidence for law enforcement purposes.
- Reporting confirmed CSAM to the National Center for Missing & Exploited Children (NCMEC) and/or the applicable regional authority.
- Full cooperation with law enforcement agencies investigating child exploitation.
11.2 Child Safety Contact
For any child safety concerns, users and authorities may contact our designated child safety representative:
Email:
info@upoznajme.app
Subject line: "Child Safety Report"
Company: UPOZNAJME LTD, 71–75 Shelton Street, Covent Garden,
London, WC2H 9JQ, United Kingdom
12. Cookies & Similar Technologies
Our mobile app does not use browser cookies. The web version of upoznajme.app uses only technically necessary local storage (e.g. session tokens). We do not use tracking cookies or third-party analytics cookies on the website.
13. Changes to This Policy
We may update this Privacy Policy from time to time. When we make material changes, we will notify you via an in-app notification and/or email at least 14 days before the change takes effect. The "Last updated" date at the top of this page always shows the most recent revision. Continued use of the app after the effective date of changes constitutes acceptance of the updated policy.
14. Contact
For any privacy-related questions, requests, or concerns, please contact us:
Email:
info@upoznajme.app
Company: UPOZNAJME LTD, 71–75 Shelton Street, Covent Garden,
London, WC2H 9JQ, United Kingdom