Summary: HoopFrog Inc. is the data controller for all personal data processed through HoopFrog.

Data Controller: HoopFrog Inc., Federal Corporation No. 1467452-9, 3-11 Bellerose Drive, Suite 312, St. Albert, AB T8N 5C9, Canada.

Privacy Officer / DPO Contact: privacy@hoopfrog.com

This policy applies to all users of HoopFrog, regardless of where they are located. Where you are located in the European Economic Area (EEA), the United Kingdom, or Canada, additional jurisdiction-specific rights apply as described in this policy.

We do not have a physical establishment in the EU or UK. We have designated our Privacy Officer as the point of contact for EU and UK data subjects. We are assessing whether formal EU/UK representative designation is required based on processing volumes.

Summary: We collect information you give us directly, information generated by your use of the Service, and limited information from third parties.

a. Information You Provide Directly

\n
• Account details: Email address (stored encrypted), date of birth, password (hashed, never stored in plain text)
\n
• Profile information: Display name, photos, bio, gender identity, pronouns, location (city-level), dating preferences, relationship style, height, interests, and other profile fields you choose to complete
\n
• Special category data: Sexual orientation and gender identity, as disclosed voluntarily through your profile. This is special category data under GDPR Article 9. We process it only with your explicit consent (see Section 4).
\n
• Communications: Messages you send to other users (encrypted at rest using industry-standard encryption), voice notes, Opening Move prompts, and any communications you send to our support team
\n
• Consent records: Records of your consent to these policies and to the processing of your special category data
\n
• Payment information: Subscription details; payment card processing is handled entirely by PayPal, we do not store your full card details
\n

b. Information Generated by Your Use of the Service

\n
• Usage data: Pages visited, features used, discovery feed interactions, connection history, message timing (not content), login timestamps
\n
• Device and technical data: IP address (truncated, first three octets for IPv4, first four groups for IPv6), browser type, operating system, device identifiers
\n
• Location data: City-level location you enter, or approximate location from IP address. No precise GPS unless you explicitly grant permission.
\n
• Activity indicators: Last active timestamp (suppressed when Incognito Mode is enabled)
\n

c. Information from Third Parties

\n
• OAuth providers (Apple, Google): Email address and unique identifier. We do not receive your password from these providers.
\n
• Age verification (VerifyMy): Boolean pass/fail result, age band (18+), and anonymised reference token only. We do not receive identity documents. See Section 10.
\n
• Biometric identifiers (facial geometry scores): Collected during selfie age/identity verification. Governed by our separate Biometric Privacy Policy, which establishes retention limits (max 3 years or purpose-satisfied, whichever is sooner), destruction procedures, and your right to revoke consent. Processed under GDPR Art. 9(2)(a) explicit consent and, for Illinois residents, a BIPA § 15(b) signed written release.
\n

Summary: Sometimes we receive information about people who do not hold a HoopFrog account — for example when a user reports someone, names another person in a message or scam report, or uploads a photo that includes someone else.

Where we receive personal data about you from another person rather than from you directly, the categories are typically your name or alias, the content in which you were mentioned, and any image in which you appear. We process this data on the basis of our legitimate interests in keeping the platform safe and in meeting our legal and safety obligations (GDPR Art. 6(1)(f) and, where applicable, Art. 6(1)(c)), and we limit it to what is necessary for those purposes.

This is the information we are required to describe under GDPR Article 14 (information not obtained from the data subject). If you believe you have been mentioned in, or appear in, content on HoopFrog and you are not a user, you may contact us at privacy@hoopfrog.com to exercise your rights of access, rectification, objection or erasure, subject to the limits that apply where disclosure would prejudice an investigation or the rights of another person.

Summary: We use your data to operate the platform, keep it safe, communicate with you, and comply with the law. We never sell your data.

\n
• To provide and operate the Service: Matching, profile display, messaging, subscription processing
\n
• To keep the platform safe: Automated message scanning, age verification, scam detection, user reporting and banning
\n
• To communicate with you: Transactional emails, safety alerts, platform updates
\n
• To send marketing communications: Only with your consent or as permitted by CASL; unsubscribe at any time
\n
• To improve the Service: Usage analytics, performance monitoring
\n
• To comply with legal obligations: Responding to lawful requests, audit logs, breach notification, legally required retention
\n
• To enforce our Terms: Investigating violations, taking action against accounts violating community standards
\n

We do not sell your personal information to any third party, ever. We do not use your personal data to train external AI models.

Summary: For users in the EEA and UK, every processing activity has a specific legal basis. This section maps each one.

For users in the European Economic Area or the United Kingdom, we rely on the following legal bases under GDPR Article 6 and Article 9:

Where we rely on legitimate interest, we have conducted a balancing test and determined our interests do not override your fundamental rights. You have the right to object at any time (see Section 8).

Where we rely on consent, you can withdraw it at any time without affecting prior processing.

Important, automated message scanning: This is NOT automated decision-making with legal or similarly significant effect within the meaning of GDPR Article 22. Flagged messages require human moderator review before any account action is taken. The system does not make final decisions about your account.

Summary: Some features use automated systems that can affect you. You have the right to request human review.

Some features of HoopFrog use automated systems to make decisions that affect you. Under GDPR Article 22 and equivalent laws, we disclose them here and provide a right to request human review.

Scam-score flagging

We assign every incoming message a risk score based on keywords, link content, attachment patterns, and sender reputation. Messages scoring above our internal threshold are held for human moderator review before delivery. High-confidence scores (crypto pitches, phishing patterns, love-bombing sequences) may auto-hide the message and mark the sender for review.

Consequence: temporary message suppression; possible account suspension if repeated. Your right: request human review via Settings → Privacy → Request human review.

Tier-gate auto-reduction

Free-tier users who exhibit high-risk behavior patterns (mass messaging, flagged photos, reports received) may have new-feature access temporarily restricted pending manual review.

Consequence: feature degradation (fewer matches per day, delayed messages). Your right: request human review and immediate restore via Settings.

Matching algorithm

We rank potential matches for you using a geometric-mean compatibility score across questionnaire answers, shared interests, and location proximity.

Consequence: who appears in your Discover feed and in what order. Your right: the algorithm's inputs (your questionnaire, their questionnaire, and your filters) are all user-controlled. Matching itself is non-final — you still choose whom to connect with.

Content moderation auto-actions

Photos, voice recordings, and video greetings run through AWS Rekognition (nudity/violence detection) and Microsoft PhotoDNA (CSAM hashes) on upload. CSAM matches are reported to NCMEC/IWF automatically. Nudity matches are held for human review.

Consequence: content rejection or delayed publication. Your right: review via Settings → Privacy → Request human review.

How to request human review

Tap Settings → Privacy → Request human review on an automated action, or email privacy@hoopfrog.com with the affected item's ID. We respond within 30 days per GDPR Art. 12(3).

Summary: We keep your data only as long as needed. When you delete your account, most data is erased within 30 days.

On hard-delete (after the 30-day recovery window), we delete: profile data, photos, messages, voice notes, connection history, swipe history, discovery actions, event RSVPs, ratings, report history, settings, sessions, and verification records. Consent logs and billing records are retained as required by law.

Summary: We share your data only with service providers who help us operate the platform. We never sell your data.

Service Providers (Data Processors)

We use the following third-party service providers, each bound by a Data Processing Agreement (DPA) or equivalent contractual obligations:

\n
• PayPal: Payment processing, Canada / USA
\n
• VerifyMy: Age verification, UK. Returns pass/fail + age band only.
\n
• Google (OAuth, GTM): Sign-in and tag management, USA
\n
• Apple (OAuth): Sign-in, USA
\n
• Mixpanel: Product analytics, USA (consent-gated)
\n
• Microsoft Clarity: Session analytics, USA (consent-gated)
\n
• Hotjar: UX analytics, Ireland (consent-gated)
\n
• Segment: Analytics routing, USA (consent-gated)
\n
• AWS: Photo moderation, USA / EU regions
\n
• Cloudflare: CDN / DDoS protection, USA / EU PoPs
\n
• OVHcloud: VPS hosting (Beauharnois, QC, Canada). DPA in place.
\n
• Slack (Salesforce): Internal admin notifications, USA. Only ticket metadata (ID, subject, timestamp) is sent; no user personal data.
\n
• rsync.net: Encrypted off-site backup storage, USA. Data is AES-256 encrypted at rest; rsync.net has no access to decryption keys.
\n
• Grafana Cloud (Grafana Labs): Infrastructure monitoring and alerting, USA / EU. Receives server metrics only; no user personal data is transmitted.
\n
• Twilio: SMS delivery for two-factor authentication, USA. Receives phone number and OTP message only.
\n
• Mapbox: Map tiles for location-based features, USA. Receives anonymized map tile requests only; no user identity data is shared.
\n
• Tenor (Google): GIF search and delivery in messages, USA. Receives search queries only; no user identity data is shared. Subject to Google's privacy policy.
\n
• Postmark (Wildbit LLC): Transactional email delivery, USA. SOC 2 compliant, EU–US Data Privacy Framework certified. Receives recipient email address and message content for delivery only.
\n
• FreeScout (self-hosted): Helpdesk ticketing system for user support, hosted on GreenGeeks (USA). Processes support ticket data including user name, user ID, and message content. No user email addresses are included in support tickets (GDPR-safe design).
\n
• GreenGeeks Web Hosting: Hosting provider for the FreeScout helpdesk instance (198.72.126.225, USA). Infrastructure-level processor only; does not access ticket content.
\n
• Rspamd (self-hosted): Spam filtering, self-hosted on OVHcloud VPS (Canada). Processes inbound email headers and metadata for security purposes. No data is shared with third parties.
\n

Analytics providers only receive data after you give explicit consent through our cookie consent banner.

Legal Compliance

We review all legal requests for compliance, challenge overbroad requests, disclose only the minimum necessary, and where permitted, notify affected users before complying.

Business Transfers

In a merger or acquisition, your data may transfer. We will notify you at least 30 days before, and you may delete your account before the transfer completes.

What We Never Do

\n
• We do not sell your personal data
\n
• We do not share your data with advertisers for targeted advertising
\n
• We removed Meta Pixel and TikTok Pixel in March 2026 due to the sensitive nature of dating app data
\n

Summary: Some service providers are outside Canada. We have safeguards for all cross-border transfers.

\n
• EU/EEA to Canada: Canada has adequacy status under GDPR Article 45 for PIPEDA-covered organisations.
\n
• Canada/EU to USA: Standard Contractual Clauses (SCCs), EU Commission Implementing Decision 2021/914 (Module 2).
\n
• UK transfers: UK International Data Transfer Agreement (IDTA) or UK Addendum to EU SCCs.
\n
• VerifyMy (UK): Contractual safeguards between Canada and UK.
\n

We implement contractual or other safeguards to protect personal data transferred outside Canada, consistent with PIPEDA, Alberta PIPA, and Québec Law 25. Copies of our SCCs are available upon request from privacy@hoopfrog.com.

International Transfers, Processor Registry (CP-F)

The following table enumerates every processor that receives personal data, the country of receipt, the data categories involved, and the safeguard relied on for cross-border transfer.

All transfers from UK/EU/Canada to processors in third countries rely on Standard Contractual Clauses (2021/914) or equivalent approved safeguards. Current DPA registry available on request to support@hoopfrog.com, or machine-readable at GET /api/v1/compliance/dpa-registry.

Summary: You have broad rights over your personal data. Most can be exercised directly in your account settings.

Rights Under GDPR (EU) and UK GDPR

\n
• Right of access (Art. 15): Use "Download My Data" in Settings for instant export.
\n
• Right to rectification (Art. 16): Update your profile in Settings at any time.
\n
• Right to erasure (Art. 17): Use "Delete My Account" in Settings, or submit a formal DSAR.
\n
• Right to restriction (Art. 18): Request we limit how we process your data in certain circumstances.
\n
• Right to data portability (Art. 20): Machine-readable JSON export via "Download My Data" in Settings.
\n
• Right to object (Art. 21): Object to legitimate interest processing. Contact privacy@hoopfrog.com.
\n
• Right to withdraw consent: At any time, without affecting prior processing.
\n
• Right not to be subject to solely automated decisions (Art. 22): Message scanning always involves human review before any account action.
\n
• Right to lodge a complaint: With your national supervisory authority (see Section 12).
\n

Rights Under PIPEDA and Alberta PIPA (Canada)

\n
• Right of access to your personal information
\n
• Right to correction of inaccurate personal information
\n
• Right to withdraw consent for non-essential processing
\n
• Right to complain to the OPC, OIPC Alberta, or OIPC British Columbia
\n

Mexican Users (LFPDPPP)

\n
• You have ARCO rights: Access, Rectification, Cancellation, and Opposition
\n
• We will acknowledge your ARCO request within 5 business days and respond within 20 business days
\n
• You may revoke consent for non-essential data processing at any time
\n
• You may file a complaint with the INAI (inai.org.mx)
\n
• See our Aviso de Privacidad for the full Mexican privacy notice
\n

Australian Users (Privacy Act 1988 / APPs)

\n
• You have the right to access, correct, and request deletion of your personal information under the Australian Privacy Principles (APPs)
\n
• We will respond to access requests within 30 days
\n
• If we disclose your data cross-border, we ensure comparable safeguards are in place (APP 8)
\n
• You may file a complaint with the Office of the Australian Information Commissioner (OAIC) — oaic.gov.au
\n
• Ireland, Data Protection Commission (DPC): dataprotection.ie | Phone: +353 (0)761 104 800 | Email: info@dataprotection.ie
\n
• Iceland, Persónuvernd (Data Protection Authority): personuvernd.is | Phone: +354 510 9600 | Email: postur@personuvernd.is
\n

New Zealand Users (Privacy Act 2020 / IPPs)

\n
• You have the right to access, correct, and request deletion of your personal information under the Information Privacy Principles (IPPs)
\n
• We will respond to access requests within 20 working days
\n
• Cross-border disclosures are made only where comparable privacy protections exist (IPP 12)
\n
• You may file a complaint with the Office of the Privacy Commissioner of New Zealand — privacy.org.nz
\n

Data Subject Access Requests (DSARs)

Submit via your dashboard Settings or email privacy@hoopfrog.com. We respond within 30 days (20 business days for Mexican users under LFPDPPP). Identity verification may be required. No charge for DSARs.

\n
• Necessary cookies: Authentication, session management, cookie consent preference. Cannot be disabled.
\n
• Analytics cookies: GTM, Clarity, Mixpanel, Hotjar, Segment. Only activated after explicit consent via our cookie banner.
\n

No advertising or targeting cookies. Manage preferences via the cookie settings link in the footer. See our Cookie Policy.

Summary: We receive only a pass/fail result from VerifyMy, not your identity documents.

When you complete age verification:

\n
• Your email is encrypted and sent to VerifyMy for background verification
\n
• If background verification is insufficient, you complete VerifyMy's secure flow directly with them
\n
• HoopFrog receives only: a boolean result (verified: yes/no), age band (18+), and an anonymised reference token
\n
• HoopFrog does not receive, store, or have access to your identity documents
\n
• The anonymised reference token cannot be used to reconstruct your identity
\n

VerifyMy's collection, use, and deletion of your identity data is governed by VerifyMy's own privacy policy: verifymy.io/privacy-policy.

Summary: Optional photo verification to prove your profile is genuine. No selfie images are stored.

What it is: An optional feature that compares a live selfie to your profile photos to verify that your profile is genuine.

How it works: A selfie image is captured and compared to your profile photos using a third-party facial comparison service (Amazon Web Services). The comparison produces a numerical confidence score.

Special category data (GDPR Art. 9): Facial comparison constitutes biometric processing. The lawful basis for this processing is your explicit consent (Art. 9(2)(a)). Consent is obtained before the selfie is taken and can be withdrawn at any time.

Data storage: Selfie images are processed transiently and deleted immediately after comparison. No selfie images or biometric templates are stored permanently by HoopFrog. Only the verification status (verified/not verified) and numerical confidence score are retained.

Third-party processor: Amazon Web Services, Inc. (data processed in the EU — Ireland region). AWS Data Processing Addendum applies. Data is excluded from AWS AI/ML training.

Your rights: You can withdraw consent and remove your verified badge at any time via Settings > Privacy. Upon withdrawal, your verification status and score are deleted.

Summary: Messages are encrypted at rest. An automated scanner checks for prohibited content. Flagged messages require human review before any action is taken.

Message Encryption

All messages are encrypted at rest using industry-standard encryption. Decrypted only for delivery to the intended recipient and for safety scanning. We do not read messages for marketing, profiling, or any other purpose.

Image Sharing in Messages

When you share photos in private messages, we process these images to ensure community safety. Photos are automatically scanned for illegal content (CSAM) using PhotoDNA hash matching before delivery. Photos may also be analysed by AWS Rekognition for explicit content detection. Images that violate our content policies are blocked and may result in account suspension.

Photo Retention in Messages

Chat photos are stored for 30 days after delivery, after which they are automatically deleted. Photos flagged for illegal content are preserved as required by law and reported to the appropriate authorities (NCMEC, NCA, IWF, Canadian Centre for Child Protection).

GIF Messaging

We use Tenor (a Google service) to provide GIF search and sharing in messages. When you search for or send GIFs, your search queries are sent to Tenor's API. Tenor's privacy policy applies to this data processing. No user identity data is shared with Tenor.

Automated Message Scanning

Our automated content moderation system scans messages for: scam solicitation, financial fraud, romance fraud, requests to move off-platform, phone number harvesting, hate speech, explicit content, and threats. Legal basis: legitimate interest (platform safety).

Scanning does not make final decisions. Flagged messages require human moderator review before any account action. This is not automated decision-making within the meaning of GDPR Article 22.

Automated Decision-Making (GDPR Art. 22)

We use automated systems to moderate content shared on our platform. This includes:

\n
• Compatibility scoring: Based on your questionnaire answers, using a research-backed algorithm
\n
• Photo moderation: AI-based content detection using AWS Rekognition and PhotoDNA hash matching
\n
• Trust scoring: Based on your account history and content sharing behaviour
\n

These automated decisions may affect your ability to use certain features. You have the right to request human review of any automated decision that significantly affects you by contacting privacy@hoopfrog.com.

Trust-Based Photo Scanning

We maintain a trust score based on your content sharing history. New accounts and accounts with prior content violations receive additional scrutiny. Established accounts with a clean history may receive reduced automated scanning. This trust score is not shared with other users and is used solely for platform safety purposes.

Summary: You can complain to your local data protection authority. We will notify you promptly of any breach.

Supervisory Authorities

\n
• Canada (Federal): Office of the Privacy Commissioner of Canada (OPC), priv.gc.ca
\n
• Alberta: OIPC Alberta, oipc.ab.ca
\n
• British Columbia: Office of the Information and Privacy Commissioner for B.C. (OIPC BC), oipc.bc.ca
\n
• Québec: Commission d'accès à l'information (CAI), cai.gouv.qc.ca
\n
• Mexico: INAI — inai.org.mx
\n
• United Kingdom: ICO, ico.org.uk
\n
• European Union: Your national DPA, edpb.europa.eu
\n
• Australia: Office of the Australian Information Commissioner (OAIC) — oaic.gov.au
\n
• New Zealand: Office of the Privacy Commissioner — privacy.org.nz
\n

Breach Notification

In the event of a breach posing a risk of harm: notify relevant supervisory authority within 72 hours (GDPR / UK GDPR); notify affected users without unreasonable delay where high risk to rights and freedoms; notify OPC if real risk of significant harm (PIPEDA); notify OIPC Alberta without unreasonable delay (Alberta PIPA); notify the OAIC (Australia) within 30 days if likely to result in serious harm (Notifiable Data Breaches scheme); notify the Office of the Privacy Commissioner of New Zealand as soon as practicable if likely to cause serious harm (Privacy Act 2020, Part 6A); maintain breach log for minimum 24 months.

Summary: HoopFrog Inc. complies with PIPEDA, Alberta PIPA, and Québec Law 25 using the 10 Fair Information Principles.

We are subject to PIPEDA, Alberta PIPA, and Québec Law 25. We implement the 10 Fair Information Principles:

\n
1. Accountability: Privacy Officer at privacy@hoopfrog.com
\n
2. Identifying Purposes: Sections 3 and 4
\n
3. Consent: Meaningful consent before collection, use, or disclosure
\n
4. Limiting Collection: Collect only what is necessary
\n
5. Limiting Use, Disclosure, and Retention: Section 5
\n
6. Accuracy: Update in Settings at any time
\n
7. Safeguards: Industry-standard encryption, access controls, security audits
\n
8. Openness: This policy is publicly available at /legal/privacy
\n
9. Individual Access: Settings or DSAR
\n
10. Challenging Compliance: privacy@hoopfrog.com or OPC / OIPC
\n

Named Privacy Officer: HoopFrog Inc., 3-11 Bellerose Drive, Suite 312, St. Albert, AB T8N 5C9, Canada | privacy@hoopfrog.com

Summary: If you live in Québec, you can ask us to stop disseminating your personal information and to de-index links to it where the law allows.

Under section 28.1 of Québec’s Act respecting the protection of personal information in the private sector (as amended by Law 25), you have the right to require that we cease disseminating your personal information, or that any hyperlink attached to your name that gives access to that information by a technological means be de-indexed or re-indexed, where the dissemination contravenes the law or a court order, or where it causes you serious injury in relation to your right to privacy or reputation that clearly outweighs the public interest in the information or the right to freedom of expression.

To make such a request, contact our Privacy Officer at privacy@hoopfrog.com or select “Request search-engine de-indexing” in your dashboard’s privacy-request menu. We respond within 30 days.

Summary: We comply with US state privacy laws including the California Consumer Privacy Act. We never sell your data.

Although HoopFrog Inc. is a Canadian company, we respect the privacy rights granted to US residents under applicable state laws, including:

\n
• California (CCPA/CPRA): California Consumer Privacy Act, as amended by the California Privacy Rights Act
\n
• Virginia (VCDPA): Virginia Consumer Data Protection Act
\n
• Colorado (CPA): Colorado Privacy Act
\n
• Connecticut (CTDPA): Connecticut Data Privacy Act
\n
• Other US states with consumer privacy legislation
\n

Your Rights Under These Laws

Depending on your state, you may have the right to:

\n
• Know what personal information we collect, use, and share
\n
• Delete your personal information
\n
• Correct inaccurate personal information
\n
• Opt out of the sale or sharing of personal information
\n
• Non-discrimination for exercising your rights
\n
• Port your data to another service
\n

Our Commitments

\n
• We do not sell your personal information to any third party — ever.
\n
• We do not share your personal information for cross-context behavioural advertising.
\n
• We do not use your personal data to train external AI or machine learning models.
\n
• We do not use sensitive personal information for purposes beyond what is necessary to provide the Service.
\n
• We do not engage in profiling that produces legal or similarly significant effects without your explicit consent.
\n

Categories of Personal Information

Under CCPA categories, we collect: identifiers (name, email), commercial information (subscription records), internet activity (usage logs, cookies), geolocation (approximate), and sensitive personal information (gender, sexual orientation — provided voluntarily for matching purposes only, with explicit consent).

Exercising Your Rights

To exercise any of these rights, contact our Privacy Officer at privacy@hoopfrog.com or use the Data Export and Account Deletion tools in your dashboard Settings. We will respond within 45 days (or 30 days where required). We will verify your identity before processing requests. You will not be discriminated against for exercising your rights.

Authorized Agents: California residents may designate an authorized agent to submit requests on their behalf. Agents must provide written authorization and we may require identity verification of both the agent and the consumer.

Appeals: If we deny your request, you may appeal by contacting privacy@hoopfrog.com with the subject line “Privacy Rights Appeal.” We will respond within 60 days.

Summary: We comply with Mexico's federal data protection law. Mexican users have ARCO rights with a 20-business-day response time.

For users in Mexico, HoopFrog Inc. complies with the Ley Federal de Protección de Datos Personales en Posesión de los Particulares (LFPDPPP) and its Regulations.

Your ARCO Rights

Under the LFPDPPP, you have the following rights regarding your personal data:

\n
• Acceso (Access): Request a copy of the personal data we hold about you
\n
• Rectificación (Rectification): Request correction of inaccurate or incomplete personal data
\n
• Cancelación (Cancellation): Request deletion of your personal data when it is no longer necessary for the purposes for which it was collected
\n
• Oposición (Opposition): Object to the processing of your personal data for specific purposes
\n

How to Exercise Your Rights

Submit your ARCO request to our designated personal data department at privacy@hoopfrog.com, or use the Data Export and Account Deletion tools in your dashboard Settings. Your request must include your name, a description of the data in question, and any documents that help verify your identity. We will:

\n
• Acknowledge receipt within 5 business days
\n
• Respond to your request within 20 business days from the date we receive your complete request
\n
• This period may be extended once for an additional 20 business days if justified
\n

Consent

Under the LFPDPPP, we process your personal data based on:

\n
• Express consent: For sensitive personal data (sexual orientation, gender identity) — obtained via our registration consent checkbox
\n
• Tacit consent: For non-sensitive data necessary to provide the Service — implied by your continued use after being informed via this policy and our Aviso de Privacidad
\n

International Transfers

Your data may be transferred to Canada (our headquarters) and to third-party processors in the United States and EU. These transfers are made in compliance with LFPDPPP Articles 36–37 and are governed by data processing agreements that ensure equivalent protection.

Aviso de Privacidad

A complete Aviso de Privacidad in Spanish is available at /legal/aviso-de-privacidad, as required by the LFPDPPP.

Supervisory Authority

If you are not satisfied with our response, you may file a complaint with the Instituto Nacional de Transparencia, Acceso a la Información y Protección de Datos Personales (INAI) — inai.org.mx.

Summary: If you are located in Brazil, the LGPD (Law No. 13,709/2018) gives you specific rights over your personal data. This section explains those rights and how we comply.

If you are located in Brazil, the Lei Geral de Proteção de Dados (LGPD — Law No. 13,709/2018) provides you with specific rights regarding your personal information. This section explains how HoopFrog Inc. complies with the LGPD.

Legal Basis for Processing

We process your personal data on the following legal bases under the LGPD: your explicit consent (Article 7, I) for processing dating preferences and sensitive personal data; the performance of a contract (Article 7, V) for providing the platform services you have requested; and compliance with legal obligations (Article 7, II) where required by applicable law.

Sensitive Personal Data

Dating preferences and information about your relationship interests may constitute sensitive personal data under the LGPD. We process this data solely on the basis of your explicit consent, which you provide during registration. You may withdraw this consent at any time by deleting your account.

Your Rights Under the LGPD

As a Brazilian resident, you have the following rights regarding your personal data:

\n
• Confirmation of the existence of processing and access to your data
\n
• Correction of incomplete, inaccurate, or outdated data
\n
• Anonymisation, blocking, or deletion of unnecessary or excessive data
\n
• Portability of your data to another service provider
\n
• Deletion of data processed with your consent
\n
• Information about third parties with whom your data has been shared
\n
• Information about the possibility of denying consent and the consequences
\n
• Revocation of consent at any time
\n

To exercise any of these rights, contact our Data Protection Officer at privacy@hoopfrog.com. We will respond within 15 days in accordance with the LGPD.

International Data Transfers

Your personal data is stored and processed in Canada. Brazil's National Data Protection Authority (ANPD) recognises transfers to countries with adequate levels of data protection. Canada's PIPEDA provides a comparable level of protection to the LGPD. All transfers are conducted in accordance with LGPD Article 33.

Summary: We collect your phone number for account verification and two-factor authentication. It is encrypted at rest and processed via Twilio. You can opt out at any time.

What We Collect

When you provide a mobile phone number during account registration, enable SMS-based two-factor authentication (2FA), or request identity verification for a privacy rights request, we collect and process your phone number. Your phone number is:

\n
• Encrypted at rest using AES-256-GCM encryption
\n
• Hashed using SHA-256 for lookup and deduplication purposes
\n
• Never displayed to other users or shared for marketing
\n

Purpose of Processing

Your phone number is used exclusively for:

\n
• Account verification: A one-time SMS code to verify your phone number during registration
\n
• Two-factor authentication (2FA): A one-time SMS code to verify your identity when logging in from an untrusted device
\n
• Identity verification: A one-time SMS code to confirm your identity when submitting a Data Subject Access Request (DSAR) or other privacy rights request
\n

We do not send marketing, promotional, or recurring campaign messages via SMS.

SMS Message Types and Frequency

Message frequency varies based on your usage. You will only receive SMS messages when you initiate an action requiring verification. Typically this includes 1 message per registration, 1–5 messages per month for 2FA logins, and rarely for DSAR verification.

Message and data rates may apply. Standard messaging rates from your mobile carrier apply.

Data Processor — Twilio

SMS messages are delivered via Twilio Inc. (101 Spear Street, San Francisco, CA 94105, USA), which acts as a data processor under a Data Processing Agreement (DPA) with HoopFrog Inc. For EU/UK users, the DPA includes Standard Contractual Clauses (SCCs) for international data transfers. Twilio processes your phone number solely to deliver SMS messages.

Retention

\n
• Phone number (encrypted): Retained while your account is active, plus 30 days after account deletion
\n
• Phone number hash: Retained for 90 days after account deletion (anti-fraud), then permanently deleted
\n
• SMS delivery logs: 90 days, then permanently deleted
\n
• Verification codes: Expire after 10 minutes and are not stored after use
\n

Opt-Out

You may stop receiving SMS messages at any time by:

\n
• Replying STOP to any message from +1 (587) 805-1506
\n
• Disabling SMS 2FA in your account settings
\n
• Contacting support@hoopfrog.com
\n

If you opt out, you may switch to authenticator app (TOTP) based 2FA as an alternative.

For complete SMS disclosures including TCPA, CASL, CTIA, GDPR, Australian, New Zealand, Mexican, and Brazilian compliance details, see our SMS / Messaging Terms & Conditions.

We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, alteration, disclosure, or destruction. These include encryption in transit and at rest, secure password storage, access controls, regular security audits, and encrypted backups.

Report security concerns to security@hoopfrog.com or /.well-known/security.txt.

HoopFrog is strictly an adult platform. Accounts found to belong to minors are immediately terminated and data deleted. Contact safety@hoopfrog.com if you believe a minor has used the Service. See our Child Safety Policy.

Material changes will be notified in-app at least 30 days before taking effect. Previous versions available from privacy@hoopfrog.com.

When you delete your account:

• Immediately: your profile is hidden from all other users. You cannot log back in.
• Within 30 days: hard deletion of your profile, photos, messages, questionnaire answers, and all personal data from our primary database.
• Within 90 days: encrypted backups containing your data are rotated out. Biometric data held by third-party processors (VerifyMy, AWS Rekognition, PhotoDNA) is deleted per their retention policies and our deletion requests.
• Permanently retained (pseudonymised): non-identifying consent records for CASL/GDPR proof; anonymized fraud signals for scam-ring detection; financial records required by tax law (7 years).

\n
• Privacy Officer: privacy@hoopfrog.com
\n
• Security: security@hoopfrog.com
\n
• General Support: support@hoopfrog.com
\n
• Mailing Address: HoopFrog Inc., Privacy Officer, 3-11 Bellerose Drive, Suite 312, St. Albert, AB T8N 5C9, Canada
\n