Privacy Policy

NissMatch ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your personal information when you use our premium matrimonial platform at nissmatch.company (the "Service"). By using NissMatch, you consent to the data practices described in this policy.

We process personal data in accordance with the General Data Protection Regulation (GDPR), the California Consumer Privacy Act (CCPA), and other applicable data protection laws. Our legal basis for processing your data is your explicit consent upon registration, contractual necessity to deliver our matchmaking service, and our legitimate interest in maintaining a safe and trustworthy platform.

1. Information We Collect

1.1 Information You Provide

When you register for and use NissMatch, we collect:

• Account Information: Full name, email address, phone number, date of birth, gender, and password.
• Profile Information: Biographical details, education, occupation, location, height, marital history, number of children (if any), and your preferences regarding a life partner.
• Religious and Cultural Preferences: Level of religious practice, denominational affiliation, cultural background, and language preferences. This data is classified as special category data under GDPR and is processed solely with your explicit consent for the purpose of providing compatibility matching.
• Photographs: Profile photos you upload. We require clear, recent photographs to maintain authenticity on the platform.
• Compatibility Questionnaire Responses: Answers to our in-depth questionnaire covering communication style, life goals, family values, financial attitudes, and social preferences.
• Marriage Preparation Coaching Data: Results from optional personality and compatibility coaching sessions administered through the platform.
• Identity Verification Data: Government-issued identification documents, selfie photographs, and biometric facial data processed through our verification partner, Veriff, to confirm your identity.
• Communications: Messages sent through the platform, support requests, and feedback you provide.
• Payment Information: Billing address and payment method details, processed securely through Stripe. We do not store your full credit card numbers.

1.2 Information Collected Automatically

• Device Information: IP address, browser type, operating system, device identifiers, and screen resolution.
• Usage Data: Pages visited, features used, time spent on the platform, click patterns, and search queries.
• Location Data: Approximate geographic location derived from your IP address. We do not collect precise GPS location.
• Cookies and Tracking Technologies: See our Cookie Policy for full details.

1.3 Information from Third Parties

• Veriff: Identity verification results, including verification status and confidence scores.
• Stripe: Payment confirmation, subscription status, and transaction history.
• PostHog: Anonymized usage analytics including page views and feature usage events, collected only with your consent.
• Sentry: Error reports with PII scrubbed, used to detect and fix software issues.

2. How We Use Your Information

We use the information we collect for the following purposes:

• Matchmaking Service: To analyze compatibility, generate curated match recommendations, and facilitate introductions between compatible members.
• Identity Verification: To verify your identity and maintain a community of authentic, verified members.
• Communication: To send you match notifications, messages from other members, service updates, and security alerts.
• Payment Processing: To process subscriptions, manage billing, and handle refunds.
• Safety and Security: To detect and prevent fraud, harassment, fake profiles, and other violations of our Terms of Service.
• Service Improvement: To analyze usage patterns, improve our matching algorithm, and enhance the user experience.
• Legal Compliance: To comply with applicable laws, regulations, and legal processes.
• Personalized Insights: To generate compatibility explanations and relationship insights. Your data may be processed by our technology service providers under strict data processing agreements.

3. Data Storage and Security

Your data is stored on secure servers managed by Supabase (built on AWS infrastructure) with data centers located in the European Union. We implement industry-standard security measures including:

• AES-256 encryption for data at rest
• TLS 1.3 encryption for data in transit
• Row-level security policies ensuring strict data isolation between tenants
• Regular security audits and penetration testing
• Access controls limiting employee access to personal data on a need-to-know basis
• Automated threat detection and monitoring

Photographs are stored in secure cloud storage with access controls. Identity verification documents are processed by Veriff and are not permanently stored on our servers. Biometric data used for verification is deleted within 90 days of verification completion.

4. How We Share Your Information

We do not sell your personal data. We share your information only in the following circumstances:

• With Other Members: Your profile information (name, photos, bio, and compatibility details) is visible to other verified members within your tenant community as part of the matchmaking service. You control what information is displayed on your profile.
• Service Providers: We share data with trusted third-party service providers who assist us in operating the platform. All providers are bound by data processing agreements (DPAs). Our current data processors are:
  • Supabase — Database hosting and authentication. Receives account data, profile data, and application content. Used to store and serve all platform data. Privacy Policy
  • Stripe — Payment processing. Receives billing address, payment method details, and transaction metadata. Used to process subscriptions and payments. Privacy Policy
  • Veriff — Identity verification. Receives government-issued ID documents, selfie photographs, and biometric facial data. Used to verify user identity. Privacy Policy
  • Resend — Transactional email delivery. Receives email addresses and email content. Used to send match notifications, security alerts, and service updates. Privacy Policy
  • Upstash — Redis caching. Receives anonymized compatibility scores and session tokens. Used to improve performance through caching. Privacy Policy
  • RevenueCat — Subscription and payment management for mobile apps. Receives purchase receipts, subscription status, and anonymized user identifiers. Used to manage in-app subscriptions. Privacy Policy
  • Apple — Authentication (Sign in with Apple) and in-app payment processing on iOS. Receives authentication tokens and purchase receipts. Privacy Policy
  • Google — Authentication (Sign in with Google) and in-app payment processing on Android. Receives authentication tokens and purchase receipts. Privacy Policy
  • Vercel — Hosting platform. Receives and processes HTTP requests including IP addresses, browser information, and request metadata. Used to host and serve the application. Privacy Policy
  • PostHog — Product analytics (loaded only with your consent). Receives page views, feature usage events, and anonymized user identifiers. Used to analyze usage patterns and improve the service. Privacy Policy
  • Sentry — Error tracking. Receives error reports with personally identifiable information scrubbed (no emails, names, or phone numbers are sent). Used to detect and fix software errors. Privacy Policy
  • Crisp — Customer support chat widget (loaded only with your consent). Receives messages you send through the chat widget and basic device information. Used to provide real-time customer support. Privacy Policy
  • Anthropic — AI-powered compatibility analysis, conversation suggestions, and profile coaching. Receives anonymized compatibility scores, personality dimensions, and preference data. No directly identifying information (name, email, photos) is sent. Data Processing Agreement in place. Privacy Policy
• Legal Requirements: We may disclose your data if required by law, court order, or governmental authority, or if we believe disclosure is necessary to protect our rights, your safety, or the safety of others.
• Business Transfers: In the event of a merger, acquisition, or sale of assets, your data may be transferred as part of the transaction. You will be notified of any such change.

We never share your religious preferences, coaching session results, or identity documents with other members. These data categories are used solely for internal matching and verification purposes.

5. Your Rights

Under GDPR and applicable data protection laws, you have the following rights:

• Right of Access: Request a copy of the personal data we hold about you.
• Right to Rectification: Request correction of inaccurate or incomplete personal data.
• Right to Erasure: Request deletion of your personal data ("right to be forgotten"). Upon account deletion, we remove your profile, photos, messages, and questionnaire responses within 30 days. Some data may be retained for legal compliance purposes for up to 3 years.
• Right to Restrict Processing: Request that we limit how we process your data.
• Right to Data Portability: Request your data in a structured, commonly used, machine-readable format.
• Right to Object: Object to processing based on legitimate interests, including profiling for matchmaking purposes.
• Right to Withdraw Consent: Withdraw your consent at any time for processing based on consent. This does not affect the lawfulness of processing performed prior to withdrawal.

To exercise any of these rights, contact us at privacy@nissmatch.company. We will respond to your request within 30 days.

6. Cookies and Tracking

We use cookies and similar tracking technologies to enhance your experience, analyze usage, and deliver personalized content. For detailed information about the cookies we use and how to manage your preferences, please see our Cookie Policy.

7. Data Retention

We retain your personal data for the following periods:

• Active Account Data: Retained for the duration of your active membership.
• Deleted Account Data: Profile data is deleted within 30 days of account deletion. Anonymized usage data may be retained indefinitely for analytics.
• Identity Verification Records: Verification status is retained; source documents are deleted within 90 days of verification.
• Payment Records: Retained for 7 years as required by financial regulations.
• Support Communications: Retained for 2 years after resolution.
• Safety and Moderation Records: Reports, bans, and related data retained for 3 years to maintain platform safety.

8. International Data Transfers

Your data may be transferred to and processed in countries outside the European Economic Area (EEA), including the United States, where some of our service providers are located. When we transfer data outside the EEA, we ensure adequate protection through Standard Contractual Clauses (SCCs) approved by the European Commission, adequacy decisions, or other legally recognized transfer mechanisms. You can request copies of relevant safeguards by contacting us.

9. Children's Privacy

NissMatch is intended for individuals aged 18 and older. We do not knowingly collect personal data from anyone under the age of 18. If we become aware that we have collected data from a minor, we will promptly delete it and terminate the associated account.

10. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by email or through a prominent notice on the platform at least 30 days before the changes take effect. Your continued use of NissMatch after the effective date constitutes acceptance of the updated policy.

11. Contact Us

If you have questions about this Privacy Policy or wish to exercise your data rights, please contact us:

If you are unsatisfied with our response, you have the right to lodge a complaint with your local data protection authority.