Skip to content

Privacy Policy

Last updated: April 16, 2026

1. Overview

Date Busted ("we," "us," or "our") operates the Date Busted website and reverse face search service. This Privacy Policy explains how we collect, use, disclose, and protect your information when you use our service.

2. Information We Collect

We collect the following types of information:

  • Account Information: Email address and password when you create an account.
  • Payment Information: Payment details are processed by Stripe. We do not store credit card numbers on our servers.
  • Uploaded Photos: Face photos you upload for searches. These are processed in memory and are not permanently stored after the search is complete.
  • Search Results: Results linked to your account for your reference. You can delete them at any time.
  • Usage Data: IP address, browser type, device information, and usage patterns for analytics and service improvement.

3. How We Use Your Information

  • To provide and maintain the face search service
  • To process payments and manage your account
  • To send transactional emails (account confirmations, receipts)
  • To improve our service and user experience
  • To detect and prevent fraud or abuse
  • To comply with legal obligations

4. Photo Processing & Retention

Uploaded photos are processed in real-time to generate facial recognition vectors. The original photo is deleted from our servers within 1 hour of the search completing. We do not use your photos to train AI models. We do not share your photos with third parties. Facial vectors generated from your photo are used solely for the purpose of your search and are discarded after the search completes.

5. Data Sharing

We do not sell your personal data. We share data only with:

  • Payment Processors: Stripe, for processing payments.
  • Infrastructure Providers: Cloud hosting and CDN providers necessary to operate the service.
  • Law Enforcement: Only when required by valid legal process (court orders, subpoenas).

6. Data Security

We implement industry-standard security measures including encryption in transit (TLS 1.3), encryption at rest, and access controls. However, no method of transmission over the internet is 100% secure. We cannot guarantee absolute security.

7. Your Rights

You have the right to:

  • Access the personal data we hold about you
  • Request correction of inaccurate data
  • Request deletion of your data and account
  • Export your search history
  • Opt out of marketing communications

To exercise these rights, contact us at privacy@datebusted.app.

8. Cookies, Analytics & Advertising

We use cookies and similar technologies to operate our service, measure usage, and understand the effectiveness of our marketing. Under EU/UK law (GDPR & ePrivacy) we set non-essential cookies only after you grant consent through our cookie banner. You can change or withdraw your consent at any time via the "Cookie settings" link in the footer.

8.1 Categories of cookies we use

  • Strictly necessary: authentication, session management, security, load balancing, and remembering your cookie consent choice. These are always active and do not require consent.
  • Analytics: help us understand how visitors use the site (pages viewed, time on page, errors). Set only with your consent.
  • Advertising / Marketing: measure the performance of our ad campaigns (e.g. Google Ads conversions, remarketing) and attribute sign-ups and purchases. Set only with your consent.

8.2 Third-party tools we use

ProviderPurposeCategoryRetention
Google Analytics 4
Google Ireland Ltd.		Audience measurement, page views, traffic sources, conversion funnels.AnalyticsUp to 14 months
Google Ads (incl. Enhanced Conversions)
Google Ireland Ltd.		Conversion tracking, remarketing, attribution. Email addresses are SHA-256 hashed in your browser before being sent for enhanced conversions matching.AdvertisingUp to 540 days
Microsoft Clarity
Microsoft Corporation		Aggregated heatmaps and anonymised session recordings to improve usability. Sensitive form fields are masked.AnalyticsUp to 13 months
Stripe
Stripe Payments Europe Ltd.		Payment processing and fraud prevention.Strictly necessaryPer Stripe policy

8.3 Google Consent Mode v2

We implement Google Consent Mode v2. Before you make a choice, all Google tags load with consent denied by default β€” meaning analytics and advertising cookies are not set, and Google receives only anonymous, cookieless pings. When you accept analytics or advertising cookies, the relevant consent signals are updated and full measurement begins.

8.4 International data transfers

Google and Microsoft may transfer data to the United States. These transfers are protected by the EU–U.S. Data Privacy Framework and/or Standard Contractual Clauses approved by the European Commission, with supplementary safeguards as required.

8.5 Lawful basis (GDPR Art. 6)

  • Strictly necessary cookies: legitimate interest (Art. 6(1)(f)) and contractual necessity (Art. 6(1)(b)).
  • Analytics & advertising cookies: your explicit consent (Art. 6(1)(a) GDPR and Art. 5(3) ePrivacy Directive).

8.6 Opt-out & browser controls

You can withdraw consent at any time via the "Cookie settings" link in the footer. You may also use your browser's privacy controls (e.g. Do Not Track, third-party cookie blocking), Google's GA opt-out add-on, or Google Ads Settings to manage personalised advertising.

9. Children's Privacy

Date Busted is not intended for use by anyone under the age of 18. We do not knowingly collect personal information from children. If we discover that a child under 18 has provided us with personal information, we will delete it immediately.

10. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the new Privacy Policy on this page and updating the "Last updated" date. Continued use of the service after changes constitutes acceptance of the updated policy.

11. Contact

For privacy-related questions or concerns, contact us at privacy@datebusted.app