In 2019, a French journalist named Judith Duportail filed a GDPR data access request with Tinder. She wanted to see what the app knew about her.
Tinder sent back 800 pages.
Not a typo. Eight hundred pages of data on a single user. Her Facebook likes, her Instagram photos (including ones she'd deleted from Instagram but that Tinder had already ingested), the precise GPS coordinates of every place she'd opened the app, every message she'd ever sent, every person she'd swiped on, and internal analytics scores that rated her "desirability" on a scale the company never told her about (Duportail, 2017, The Guardian).
Most people have a vague sense that dating apps collect "some data." The reality is significantly more than that.
What Tinder knows
Tinder's privacy policy, last updated in 2025, states that the app collects your name, date of birth, gender, sexual orientation, photos, location data, device information, usage patterns, the content of your messages, and your purchase history.
But the privacy policy is just the surface layer.
Match Group, the company that owns Tinder (and also Hinge, OkCupid, Match.com, Plenty of Fish, and several others), shares data across its portfolio of apps. If you've used Tinder and Hinge, those profiles are linked internally. Match Group's 2024 SEC filing disclosed relationships with 51 third-party data partners, including advertising networks, analytics providers, and data brokers.
A 2023 Mozilla Foundation review rated Tinder as "Privacy Not Included" and flagged that the app can share precise geolocation data with third parties. Mozilla's researchers noted that Match Group's privacy practices were "significantly worse" than the industry baseline for apps handling sensitive personal data (Mozilla Foundation, 2023, Privacy Not Included*).
There's also the Elo score, or whatever internal rating system has replaced it. Tinder admitted in 2019 that it used an internal "desirability score" to rank users and determine who saw whom. The company later said it no longer uses "Elo" specifically, but its privacy policy still describes "proprietary scoring systems" that affect how profiles are distributed. Users have no visibility into how they're rated or what affects their score.
What Bumble knows
Bumble collects similar categories of data: profile information, photos, location, device data, usage analytics, and message content. But Bumble's privacy policy also includes something worth reading carefully: it states that the company may infer information about you based on your activity, including "inferences about your preferences, characteristics, and behavior."
In 2025, Bumble disclosed a data vulnerability that exposed user location data with enough precision to triangulate a user's position within metres. Security researcher Robert Heaton demonstrated that the API returned distance data that, when queried from three different points, could pinpoint a user's exact location (Heaton, 2025). Bumble patched the vulnerability after media coverage, but the incident highlighted a structural problem: the app collected granular location data in the first place.
Bumble also engages in what privacy researchers call "dark patterns" around data consent. A 2024 study by the Norwegian Consumer Council found that dating apps, including Bumble, used confusing consent flows designed to make it difficult for users to opt out of data sharing without degrading their experience. The "accept all" button was always the most prominent and easiest option (Forbrukerradet, 2024, Deceived by Design: Updated).
What Hinge knows
Hinge, also owned by Match Group, markets itself as "designed to be deleted." Its data practices tell a different story.
Hinge collects everything Tinder collects, plus detailed interaction data: which prompts you respond to, how long you look at each profile, which photos you zoom in on, and the sentiment of your messages. The app uses this data to train its matching models, which is reasonable in isolation, but the data also flows into Match Group's shared analytics infrastructure.
A 2024 investigation by Wired magazine found that Hinge's "Most Compatible" feature used a modified Gale-Shapley algorithm that prioritised engagement metrics over stated user preferences. In practice, this meant the app sometimes surfaced profiles designed to keep you opening the app, not profiles most likely to lead to a meaningful connection (Wired, 2024).
Hinge also retains your data after you delete your account. The company's data retention policy states that it may keep your information for "as long as necessary for legitimate business purposes." In GDPR terms, this is a vague standard that European regulators have repeatedly challenged in other contexts.
The advertising layer
This is the part that most people miss entirely.
Free-tier dating apps are advertising businesses. The user is not the customer. The user is the product. And the data these apps collect is astonishingly valuable to advertisers because it reveals intimate details about a person's life, desires, relationship status, sexual orientation, and behaviour patterns.
Match Group's 2024 annual report showed that advertising and data licensing revenue accounted for a meaningful portion of its non-subscription income. The company shares aggregated and, in some cases, individual-level data with advertising partners through SDKs embedded in the app.
An SDK (software development kit) is a piece of third-party code embedded inside an app. Every SDK has access to some slice of your data, and dating apps typically contain dozens of them. A 2023 analysis by privacy platform Exodus found that Tinder's Android app contained 17 third-party trackers, including Facebook Analytics, Google Firebase, and several advertising networks. Bumble contained 11. Hinge contained 9 (Exodus Privacy, 2023).
Each of those trackers sends data back to its parent company. Your dating app activity does not stay in your dating app. It feeds into the broader advertising ecosystem, where it's combined with data from other apps and platforms to build a profile of you that's far more detailed than any individual service could construct alone.
What your match sees vs. what stays private
Here's a question most people don't think to ask: when you match with someone on a dating app, what exactly do they see?
On most apps, your match sees your photos, your bio, your age, and the content of your messages. That feels transparent enough. But there's a vast amount of data that exists in a grey zone: information the app has about you that your match doesn't see, but that third parties might.
Your location history. Your behavioural patterns. How many people you swiped on before them. Your internal attractiveness rating. Your message response times. All of this data exists, all of it informs how the app works, and none of it is visible to you or the person you're talking to.
This creates an odd asymmetry. Two people start a conversation believing they're meeting each other on roughly equal terms. But behind the scenes, an invisible layer of data and scoring has already shaped who sees whom, in what order, and with what priority. The playing field was never level. It was tilted by data you never agreed to share and scores you never knew you had.
Your rights (in plain English)
If you're in the EU, the UK, or a growing number of other jurisdictions, you have real rights over your data. GDPR gives you five that matter most:
The right to access. You can ask any dating app for a copy of all data it holds about you. They have 30 days to respond. This is how Judith Duportail got her 800 pages from Tinder. You can do the same.
The right to deletion. You can ask an app to delete your data entirely. Not just your profile. Your data. Messages, analytics, location history, all of it. They must comply unless they have a specific legal basis to retain it.
The right to portability. You can request your data in a machine-readable format and take it to a different service. In practice, this is rarely used in dating because there's no standard format and no receiving app set up to accept it. But the right exists.
The right to object. You can object to your data being used for specific purposes, including advertising and profiling. If you tell Tinder to stop using your data for ad targeting, they are legally required to stop.
The right to be informed. Companies must tell you what data they collect, why they collect it, and who they share it with, before they start collecting it. The 47-page privacy policies that nobody reads are, in theory, supposed to fulfil this obligation. In practice, regulators have increasingly argued that unreadable policies don't count as informed consent.
These rights are real and enforceable. You can exercise them by emailing the data protection officer listed in any app's privacy policy, or by using the in-app data request tools that most major apps now provide (often buried several menus deep in Settings).
What Lovetick does differently
We built Lovetick knowing that trust is the foundation of a dating app, and that trust starts with data.
Here is what Lovetick collects: your name, your age, your gender, your location (city level, not GPS), your photos, and the content of your AI onboarding conversation. That conversation is the basis of your portrait, the profile the AI builds to understand how you think and communicate.
Here is what Lovetick does not collect: precise GPS coordinates, device advertising identifiers, data from other apps on your phone, your browsing history, or contact lists. We don't read the content of your match conversations for advertising purposes. We don't build behavioural profiles to sell to third parties.
Here is what we share with third parties: nothing. Lovetick uses zero third-party SDKs. No Facebook tracker. No Google Analytics in the app. No advertising networks. No data brokers. Your data exists in our infrastructure and nowhere else.
Here is what your match sees: your photos (limited at first, expanding over time), your first name, your age range, and a connection note from the AI explaining why you were paired. They don't see your conversation with the AI. They don't see your feedback on previous matches. They don't see an internal score, because we don't generate one.
Here is what stays completely private: the content of your onboarding conversation, your match feedback, your portrait data, and any preferences you've shared with the AI. These exist to improve your matches. They are never shown to another user.
The transparency difference
The issue with most dating app privacy practices isn't that they're technically illegal. Most of the data collection described above is covered somewhere in a privacy policy. The issue is that the privacy policies are designed to be technically compliant while remaining practically unreadable.
A 2024 study by researchers at the University of Zurich found that the average dating app privacy policy requires a university-level reading comprehension and takes 23 minutes to read in full (Ermakova et al., 2024, Proceedings on Privacy Enhancing Technologies). The researchers concluded that "informed consent" as currently implemented in dating apps is "largely fictional."
We think this is a solvable problem. Not with a shorter privacy policy (though ours is shorter), but with a different relationship to data altogether.
If your business model depends on advertising, you need data to sell. If your business model depends on subscriptions, you need users who trust you enough to pay. We chose the second model deliberately because it aligns our incentives with yours. We make money when you value the service. Not when we sell your attention to advertisers.
Your dating life is private. The conversations you have with someone you're interested in are private. The things you told an AI about how you think and what matters to you are private. We believe those things should stay that way, and we built our entire technical architecture to make sure they do.
A simple test
Next time you open a dating app, try this: go to Settings, find the privacy section, and request a copy of your data. See how long it takes. See how many pages come back. See how many companies your data has been shared with.
Then ask yourself whether that's the deal you thought you were making when you uploaded a few photos and wrote a bio.
You deserve to know what you're giving away. And you deserve an app that doesn't ask you to give away so much in the first place.