Welcome to Veggie Vibe, the dating app created for vegans and vegetarians around the world. This Privacy Policy outlines how we collect, use, store, and protect your personal information. By using our app or website, you consent to the terms described in this policy.
1. Introduction and Purpose
The data controller responsible for your personal data under this policy is:
- Company Name: Inno Lynx UG
- Address: Hasbachtal 120, 33619 Bielefeld, Germany
- Email: [email protected]
- Managing Director: Ali Kroll
We deeply value your privacy and are committed to protecting your personal information. This Privacy Policy explains how we collect, use, and safeguard your data when you engage with our platform.
This policy applies to all users of Veggie Vibe and governs the collection, processing, and use of personal data in accordance with the General Data Protection Regulation (GDPR) and other applicable data protection laws.
As a small startup, we are not currently required to appoint a Data Protection Officer. Nonetheless, we are fully committed to handling your personal data responsibly and in compliance with relevant regulations.
2. Types of Data Collected
We collect the following categories of data when you use Veggie Vibe:
2.1 Personal Information Provided by Users
- Account Information: When you create a Veggie Vibe account, we collect your name, email address, date of birth, gender, profile photos, and any additional details you choose to include in your profile to express yourself and find compatible matches.
- Location Data: To suggest nearby matches and manage regional access, we collect your GPS-based location (optional but required to complete profile creation) and IP-based location.
- User Communications: Messages and interactions within the app may be processed to operate our services, enhance security, and support meaningful matching.
2.2 Automatically Collected Data
- Device and Usage Information: This includes your IP address, device type, operating system, browser type, app usage patterns, and time spent within the app or on our website.
- Cookies and Tracking Technologies: We use cookies and similar technologies through services like Google Analytics and Cloudflare to collect usage statistics and improve functionality. On our website, you can opt in or out of each cookie category.
2.3 Payment Information
Payments are processed securely via trusted third-party services such as Google Pay and Apple Pay. We do not store your payment details on our servers.
2.4 Analytics and Technical Data
We use services like Google Analytics, Cloudflare, and New Relic to monitor performance, gather usage insights, and troubleshoot technical issues to keep Veggie Vibe running smoothly.
3. Purpose of Data Collection
We collect and process user data for the following purposes:
- Account Creation and Maintenance: To enable users to register, build a profile, and manage their presence on Veggie Vibe.
- Matching and Introductions: To connect users with like-minded vegans and vegetarians based on their preferences, values, and location.
- User Communication: To facilitate messaging and interaction between users within the app.
- Customer Support: To address user inquiries, provide assistance, and resolve any technical or account-related issues.
- Payment Processing: To process payments for premium features securely via third-party payment providers.
- Authentication: To verify user identity and protect against unauthorized access or fraudulent activity.
- Marketing and Communications: To send updates, offers, and relevant content—only if the user has given explicit consent.
- Compliance with Legal Obligations: To fulfill legal requirements, prevent abuse, and support a safe and trusted environment for all users.
4. Legal Basis for Processing Data
We process your personal data based on the following legal grounds:
4.1 Consent
We rely on your explicit consent to process certain types of data, including:
- Collecting your GPS location to suggest nearby matches.
- Sending you newsletters, notifications, and marketing materials.
- Using cookies and tracking technologies for analytics (where opt-in or opt-out is provided).
4.2 Contractual Necessity
We process your data as required to fulfill our Terms of Service, such as:
- Creating and managing your Veggie Vibe account.
- Facilitating discovery and communication with other users.
- Processing payments for premium services.
4.3 Legal Obligations
Some data is processed to comply with legal and regulatory requirements, including:
- Retaining transaction data for accounting and tax compliance.
- Cooperating with anti-fraud measures and other legal duties.
- Securing your data in accordance with data protection laws.
4.4 Legitimate Interests
We may process data based on legitimate interests, provided these do not override your fundamental rights. These purposes include:
- Improving app performance and user experience via analytics tools like Google Analytics, Cloudflare, and New Relic.
- Monitoring the app for abuse, fraud, and violations of our terms.
- Providing technical and user support.
4.5 Vital Interests
In exceptional situations, we may process data to protect someone’s vital interests—for example, cooperating with law enforcement in emergencies or responding to reports of serious threats.
4.6 Public Interest
We may process data when required for tasks carried out in the public interest, such as assisting authorities in matters of public safety, health, or criminal investigation.
5. Data Sharing and Disclosure
We only share your personal data with trusted third parties when necessary and in line with this Privacy Policy.
5.1 Payment Processors
We use secure third-party services to manage payments for premium features:
- Google Pay
- Apple Pay
These providers handle your financial data in accordance with their own privacy policies:
5.2 Cloud and Hosting Providers
Your data is stored and processed using secure infrastructure:
- Google Cloud, Hetzner, and Cloudflare: Personal data is stored within the EU to ensure compliance with European data protection standards.
- Cloudflare CDN: Public-facing data like profile pictures may be distributed via international servers to enhance performance.
Learn more from their privacy policies:
5.3 Marketing and Advertising Partners
We partner with the following platforms for marketing:
- Google Ads
- Facebook Ads
These services may receive anonymized or pseudonymized data to help deliver relevant content. Their privacy policies apply:
5.4 Legal Compliance and Security
We may share data where required by law or to ensure safety, including:
- Responding to lawful requests by authorities.
- Investigating suspected fraud, abuse, or breaches of our terms.
- Protecting the rights and safety of Veggie Vibe users or others.
6. User Rights
As a user of Veggie Vibe, you are entitled to the following rights under the General Data Protection Regulation (GDPR) and applicable privacy laws:
6.1 Right to Access
You may request a copy of the personal data we hold about you, including how it’s used and for what purposes.
6.2 Right to Rectification
If your personal data is inaccurate or incomplete, you may request corrections or updates at any time.
6.3 Right to Erasure (“Right to be Forgotten”)
You can request the deletion of your data when it is no longer needed, or when you withdraw your consent.
6.4 Right to Restrict Processing
You may request restricted processing in certain circumstances—such as when the accuracy of your data is contested or processing is unlawful.
6.5 Right to Data Portability
You may request your personal data in a machine-readable format and have it transferred to another provider where feasible.
6.6 Right to Object
You have the right to object to data processing, especially when used for direct marketing or based on legitimate interests.
6.7 Right to Withdraw Consent
You can withdraw your consent at any time for processing based on consent. This does not affect the legality of prior processing.
6.8 Right to Lodge a Complaint
If you believe your rights have been violated, you have the right to file a complaint with your local data protection authority.
7. Data Retention Policy
We retain your personal data only as long as necessary to fulfill the purposes for which it was collected, or to meet legal, regulatory, or contractual obligations. The specific retention periods are as follows:
7.1 Account Information
We retain your profile and account data for as long as your account remains active. If you delete your account, your personal data will be deleted or anonymized, unless legal retention is required (e.g., tax or legal claims).
7.2 Communications and Messages
Messages exchanged with other users are retained during the life of your account to enable full app functionality. If you delete your account, these messages are deleted unless legally required to be preserved.
7.3 Payment Information
We retain payment-related data only as needed to complete transactions and comply with applicable laws. In most cases, financial records are stored for at least six (6) years as required for tax and accounting purposes.
7.4 Usage Data and Analytics
Analytics data collected through tools like Google Analytics, Cloudflare, or Google Cloud is usually anonymized and retained for up to 26 months, unless a longer period is necessary for service improvement or technical troubleshooting.
7.5 Legal Obligations
We retain personal data when necessary to:
- Maintain tax records (typically for 6 years)
- Detect and prevent fraud or misuse
- Resolve disputes and meet legal deadlines for filing or defending claims
7.6 Marketing Data
Data used for marketing purposes (such as newsletter subscriptions) is retained as long as you remain subscribed. If you withdraw your consent, your data will be deleted or anonymized, unless retention is legally required.
8. Security Measures
We take your data protection seriously and implement industry-standard safeguards to secure your personal data from unauthorized access, alteration, or disclosure.
8.1 Encryption
We use modern encryption methods to secure data in transit and at rest, including:
- AES (Advanced Encryption Standard)
- RSA (Rivest–Shamir–Adleman)
- SSL/TLS protocols to encrypt communication between the app, website, and servers
8.2 Access Control
Access to sensitive data is limited to authorized personnel only, and all access is logged and monitored.
8.3 Data Anonymization and Pseudonymization
Where possible, we anonymize or pseudonymize your personal data to minimize risk in the event of a breach.
8.4 Regular Security Audits
We routinely assess our systems for vulnerabilities and conduct internal audits to maintain a secure environment.
8.5 Incident Response
In case of a security incident, we follow predefined procedures to assess, contain, and resolve the breach while minimizing its impact.
9. Data Breach Notification
At Veggie Vibe, we are committed to transparency and user safety. In the unlikely event of a data breach, we will act swiftly to inform you and the relevant authorities.
9.1 Breach Identification and Assessment
Upon detecting a breach, we investigate its origin, the data affected, and the potential risks involved.
9.2 User Notification
If the breach poses a high risk to your privacy, we will notify you without undue delay. Notifications will include:
- A description of the incident
- The data affected
- Recommended protective actions
- Contact details for further support
9.3 Authority Notification
We will report qualifying breaches to the appropriate data protection authority within 72 hours, in compliance with GDPR.
9.4 Remediation and Containment
Immediate steps will be taken to resolve the breach, such as:
- Securing compromised systems
- Updating credentials
- Strengthening security protocols
9.5 User Support
We will support affected users with guidance and remain available for assistance throughout the remediation process.
10. Children’s Privacy
Veggie Vibe is intended for users aged 18 and older. We do not knowingly collect or process personal data from individuals under 18.
If we become aware that someone under 18 is using the app, we will promptly remove their account and delete any associated data.
If you believe a minor may have registered on Veggie Vibe, please contact us at [email protected] so we can take appropriate action.
11. International Data Transfers
Most personal data collected on Veggie Vibe is stored and processed within the European Union to comply with GDPR. However, certain features such as our CDN may involve international data transfers.
11.1 Public Data on CDN
Some publicly visible content—like user profile pictures—may be distributed via Cloudflare CDN, which stores cached content on servers worldwide for performance optimization. This does not include private or sensitive information.
11.2 Safeguards for International Transfers
We ensure all data transfers outside the EU are protected using recognized safeguards such as Standard Contractual Clauses (SCCs) and other legally compliant mechanisms to maintain GDPR-level protection.
12. Changes to the Privacy Policy
This Privacy Policy may be updated from time to time to reflect:
- Legal changes
- Feature or platform updates
- Operational improvements
When changes are made:
- The updated policy will be published on our app and website, with the effective date clearly stated.
- If the changes are significant, you will be notified by email (if available).
We encourage you to review this Privacy Policy periodically to stay informed.
13. Contact Information
If you have questions or concerns about this Privacy Policy or your personal data, please contact us:
Company Name: Inno Lynx UG
Address: Hasbachtal 120, 33619 Bielefeld, Germany
Email: [email protected]
Managing Director: Ali Kroll
We’re here to help with anything related to your privacy or data rights.
14. Supervisory Authority
If you believe your rights under data protection laws have been violated, you have the right to lodge a complaint with a supervisory authority.
In Germany, you can contact:
Federal Commissioner for Data Protection and Freedom of Information (BfDI)
Website: www.bfdi.bund.de
Address: Graurheindorfer Str. 153, 53117 Bonn, Germany
Telephone: +49 (0)228 997799-0
Email: [email protected]
Alternatively, you may contact your local data protection authority if you are based in another country.