Privacy Policy
1. Introduction
At MatchNest, we believe your personal information belongs to you. This Privacy Policy explains exactly what data we collect, why we collect it, how we use it, who we share it with, and what control you have over it.
We know privacy policies can be overwhelming, so we've tried to be clear and direct. If you have any questions after reading this, please reach out to us at [email protected]. We're committed to being transparent about our data practices because trust is essential for meaningful connections.
2. Information We Collect
To help you find meaningful relationships, we need some information about you. Here's a complete breakdown of what we collect and why each type matters.
2.1 Information You Provide
Account Registration: When you create your MatchNest account, we collect your name, email address, phone number, and date of birth. Your phone number serves as your primary identifier and enables secure authentication. Your date of birth confirms you're at least 18 years old, which is required to use our platform. We store this information securely and use it to create and maintain your account.
Profile Information: Your profile includes your gender, sexual orientation, photos, bio, interests, location, job title, and relationship preferences. This information is visible to other users and is essential for finding compatible matches. Some information, like your photos and bio, you can update or delete at any time.
Communication Data: When you message other users, those conversations are stored on our servers. This allows you to access your message history across devices and enables features like read receipts for premium users. All messages are encrypted in transit and at rest. When you interact with Nesty AI directly (e.g. the AI coaching chat), those exchanges are also stored. The Nesty Conversation Helper feature only accesses your in-progress chat messages if you have explicitly granted it permission - see section 3.3.1 for full details.
2.2 Information Collected Automatically
Device Information: We automatically collect technical information about the devices you use to access MatchNest, including device type, operating system, unique device identifiers, app version, and IP address. This helps us optimize our app for different devices, diagnose technical issues, and detect suspicious activity like automated bots or account sharing.
Usage Data: We track how you use MatchNest - which features you use, how often you open the app, which profiles you view, your swipe patterns, and search filters you apply. This data helps us understand user behavior, improve our matching algorithms, and personalize your experience.
Swipe Timestamps: To support our impulsive swipe detection feature, we store a rolling record of your last 10 swipe timestamps. If we detect 5 swipes within 20 seconds, a 5-minute cooldown is applied automatically. This data is used solely for this feature and is not shared with third parties or used for advertising.
Token & Reward Activity: We record your NestyPoints balance, token earn events (daily login claims, ad views), token spend events (Super Likes, Boosts, etc.), and token purchase history. We also record when you last claimed your daily login reward to prevent double-claiming. This data is necessary to operate the token economy and resolve any billing disputes.
Ad Watching: If you choose to watch an ad to earn NestyPoints, the ad network receives an impression signal (confirming the ad was viewed). We do not share your dating profile, preferences, or personal identifiers with ad networks beyond standard device-level ad identifiers that you can reset in your device settings.
Location Data: MatchNest uses your general location (city or region level) to show you nearby matches. We may also track your precise location if you grant permission, which enables features like "distance from me" filters. You can disable location access in your device settings, but some features may not work as effectively.
2.3 Information from Third Parties
If you sign up using Google Sign-In, we receive your basic profile information from Google (name, email, profile photo). This speeds up registration and reduces friction. We only request the minimum information needed and never access your Google contacts or other data without your explicit permission.
3. How We Use Your Information
Your data helps MatchNest work better for you. Here's how we use it to create meaningful connections.
3.1 Core Functionality
We use your information to provide core MatchNest services: creating and maintaining your account, showing you potential matches based on preferences and compatibility, facilitating conversations between users, and processing subscription payments. Without this data, we couldn't run a dating platform-you need to see others, and they need to see you.
3.2 Communications
We send you service-related notifications-new matches, messages, profile visitors, and subscription reminders-through push notifications and email. If you've opted into marketing communications, we may also send you tips, success stories, and promotional offers. You can control notification preferences in your account settings.
3.3 AI Services (Nesty)
Nesty is MatchNest's built-in AI dating coach, powered by Anthropic's Claude AI. Simple coaching responses use Claude Haiku; bilingual and complex advice uses Claude Sonnet. Your profile information and stated preferences are sent to Anthropic's API to generate coaching responses. Anthropic processes this data under their usage policies and API data handling agreement with MatchNest.
We take extra care with AI processing - Nesty's analysis stays within MatchNest and is not shared with third parties for marketing. We use anonymized and aggregated insights to improve our features rather than processing individual identifiable data unnecessarily. We do not use your private messages or Nesty conversations to train AI models without your explicit consent.
3.3.1 Nesty Conversation Helper - Consent, Access & Data Use
The Nesty Conversation Helper (Conversation Rescue AI) is a separate, opt-in feature within the chat screen. The following rules govern how it interacts with your private messages:
- Explicit opt-in per conversation. Before Nesty reads any chat, you are shown a clear in-app prompt: "Allow AI to read this chat to help you?" Nesty will not access any conversation content unless you actively grant permission. There is no passive or background reading of your messages.
- Minimal data access. When you grant permission, Nesty reads only the last 10 messages from both participants in that conversation. This limited window gives Nesty enough context to offer relevant suggestions without processing your full message history.
- No automatic sending. Nesty generates reply suggestions and displays them to you. A suggestion is only sent as a message if you explicitly tap it. At no point does Nesty send, post, or transmit any message on your behalf without your direct action.
- No persistent storage of chat content. The 10 messages read to generate suggestions are used in-session only and are not stored, logged, or used to train AI models in an identifiable form. Once you close the suggestion panel or revoke permission, no further message data is retained for AI processing.
- Revocable at any time. You can withdraw Nesty's chat access for any conversation at any time via the in-chat menu. After revocation, Nesty will not read further messages in that conversation.
- Consent is per-conversation. Granting permission in one chat does not enable Nesty access in any other chat. Each conversation requires its own independent opt-in.
This feature is designed with a privacy-first approach: you are always in control of what Nesty sees, and nothing is sent on your behalf without your deliberate choice.
3.4 Analytics & Improvements
We continuously analyze user behavior to improve MatchNest. This includes A/B testing new features, identifying bugs, understanding user journeys, and studying what makes matches successful. Swipe timestamp data is analyzed in aggregate to improve our impulsive swipe detection thresholds and understand healthy engagement patterns. Individual swipe records are not retained beyond a rolling window of 10 timestamps per user.
We also use this data for security purposes - detecting and preventing fraud, identifying fake accounts, and protecting our community from scammers. When we identify suspicious patterns, we can take action before users are harmed.
3.5 NestyPoints & Token Economy Data
We use your token balance, earn history, and spend history to operate the NestyPoints system - crediting tokens when you log in daily or watch an ad, deducting tokens when you use a Super Like, Boost, or other feature, and recording purchases for billing and dispute resolution. This data is retained for the life of your account and for 3 years after deletion for financial compliance purposes. Your daily login reward eligibility is determined by comparing your last claim date to the current date - no location data or behavioural profiling is involved in this determination.
3.6 Content Safety, Moderation & Violation Records
To keep MatchNest safe, we run automated content checks on two types of content before they reach other users:
- Photos - every photo you upload (during onboarding or profile editing) is scanned by Amazon Rekognition Content Moderation for prohibited visual content such as explicit nudity, graphic violence, hate symbols, and drug paraphernalia.
- Chat messages & letters - every message you send (including initial "letters" to new matches) is scanned by Amazon Comprehend Toxic Content Detection for hate speech, harassment, threats of violence, and similar content before it is delivered to the other person.
Why we keep moderation violation records
Each time our automated systems flag your content, we create an immutable moderation audit log. This record exists so that if you ever contact us saying "my account was banned unfairly", we have solid, specific evidence to show you exactly what was detected, when, and with what confidence - and so we can reverse the decision if it was a false positive.
What is stored in each violation record
| Field | What it contains |
|---|---|
| User ID | Your account identifier |
| Content type | "photo", "chat message", or "letter" |
| Flow | The exact action that triggered the scan (e.g. uploading a profile photo, sending a message) |
| AWS service | Which Amazon service flagged the content (Rekognition or Comprehend) |
| Categories detected | The policy category or categories that were flagged (e.g. "HATE_SPEECH", "Explicit Nudity") |
| Confidence scores | The AI's confidence level (0–100%) for each detected category |
| Content snippet (text only) | The first 300 characters of the flagged message. Photos are not stored - only the detected label names. |
| Match context | If the violation occurred in a chat, the match ID is recorded to allow investigation in context |
| Strike number | Which violation this was (1st, 2nd, 3rd, etc.) |
| Action taken | "warned" or "banned" |
| Timestamp | Date and time (UTC) of the event |
Retention & deletion
Moderation audit logs are retained for 3 years from the date of each event. They are not deleted when you delete your account, as they may be required for ongoing safety investigations or legal requests. This retention is based on our legitimate interest in protecting other users and complying with applicable law.
Appeals
If you believe a moderation action was an error, email [email protected] with subject "Moderation Appeal". Include your registered email. We will retrieve the full audit log for the incident, review the AI results against our policy thresholds, and respond within 10 business days. We will share the detected categories and confidence scores with you so you can see exactly what was flagged.
4. Information Sharing
We're selective about sharing your data. Here's exactly who sees your information and why.
4.1 With Other Users
As a dating platform, MatchNest is designed to be social. Your profile-including your photos, name, age, bio, interests, and general location-is visible to other MatchNest users. This is essential for the platform to function. When you send a message or receive one, the other person sees your messages as part of your conversation.
If someone reports you for violating our community guidelines, we may inform them of any actions taken (like a warning or temporary suspension), but we don't share your personal contact information with reporters.
4.2 Service Providers
We work with trusted third-party companies who help us operate MatchNest. These include cloud infrastructure providers (AWS/Google Cloud) who host our data, payment processors (Stripe) who handle subscriptions securely, AI service providers (Anthropic) who power Nesty, and analytics platforms who help us understand app performance.
These providers are contractually bound to protect your data and can only use it to provide specific services to us. They're prohibited from selling your data or using it for their own marketing purposes.
We also use automated safety tooling: Amazon Rekognition for photo content moderation, and Amazon Comprehend for toxic-content detection in chat messages and letters. Content is sent to these services in-flight for screening only; AWS does not retain your content after the scan completes.
4.3 Legal Requirements
We may disclose your information if required by law, such as responding to a valid court order, subpoena, law enforcement request, or government investigation. We may also disclose data to protect our rights, enforce our Terms of Service, or protect against fraud.
In cases of business transfer-if MatchNest is acquired, merged, or sells assets-your data may be transferred to the new entity under the same privacy protections outlined here.
4.4 What We Don't Share
5. Your Privacy Controls
You have choices about your data. Here's how to control your privacy on MatchNest.
5.1 Profile Visibility
You control who sees your profile. By default, your profile is visible to other users within your selected distance range. You can make yourself invisible to others (Pause mode), limit your profile to users you've already liked, or hide specific profile sections from public view.
Your profile is always shown fairly in discovery - MatchNest does not deprioritise any user based on spending or token balance. All users, regardless of token activity, are treated equally in the discovery algorithm.
5.2 Communication Controls
You can block users you don't want to hear from, which prevents them from messaging you or seeing your profile. If you encounter inappropriate behavior, our reporting system lets you flag content or users for review by our moderation team.
You can also opt out of marketing emails at any time by clicking the unsubscribe link or updating your notification preferences.
5.3 Data Rights
Depending on your location, you may have additional privacy rights. You generally have the right to:
- Access: Request a copy of all personal data we hold about you
- Correction: Request correction of inaccurate or incomplete information
- Deletion: Request deletion of your account and associated data
- Portability: Receive your data in a machine-readable format
- Objection: Object to certain types of processing (where applicable)
To exercise these rights, contact [email protected]. We'll verify your identity before processing any data request to protect your information from unauthorized access.
5.4 Profile Blocking & Ban Rights
MatchNest enforces community standards to maintain a safe, respectful environment. We may restrict or terminate accounts that violate our guidelines. Here's what we prohibit:
- Adult Services: Profiles or messages promoting escort services, prostitution, or sexual services for payment
- Nude Content: Sharing, requesting, or exchanging explicit images or sexually explicit content
- Illegal Activities: Content related to terrorism, drug trafficking, weapons, fraud, human trafficking, or other serious crimes
- Harassment & Hate Speech: Content that promotes violence, discrimination, or hatred based on protected characteristics
- Spam & Commercial Promotion: Unsolicited advertising, multi-level marketing schemes, or promotional content
- Impersonation: Pretending to be a real person you aren't, including celebrities or public figures
- Minor Safety: Any content that endangers or exploits minors in any way
Enforcement: We typically take progressive action-starting with warnings for minor violations and escalating to temporary suspensions or permanent bans for serious or repeated offenses. However, we reserve the right to immediately ban accounts engaged in egregious violations.
To report a violation, use the in-app report feature or email [email protected]. Our moderation team reviews all reports and takes appropriate action.
6. Data Security
Protecting your data is a top priority. We use industry-standard security measures to keep your information safe.
6.1 Technical Measures
We implement robust technical protections: all data is encrypted in transit using TLS 1.3 (the latest security standard) and at rest using AES-256 encryption. User passwords are hashed using bcrypt, meaning we never store actual passwords-just cryptographic representations that can't be reversed.
We conduct regular security audits and penetration testing to identify and fix vulnerabilities. Our infrastructure is hosted on secure cloud providers (AWS/Google Cloud) with SOC 2 compliance certifications.
6.2 Organizational Measures
Access to user data is restricted to employees who need it for their job functions, and all access is logged and monitored. We train all employees on data protection and privacy practices, and we have incident response procedures in place to quickly address any security events.
Our team includes dedicated security personnel who continuously monitor for threats and ensure compliance with our security policies.
6.3 Data Retention
We keep your data only as long as needed to provide services and comply with legal obligations. Specifically:
- Active accounts: All data is retained while your account is active
- After deletion: Your profile and messages are deleted within 30 days of account deletion
- Messages: Conversation history is retained for 2 years after deletion to support legal compliance and fraud prevention
- Swipe timestamps: Rolling window of last 10 timestamps - overwritten continuously during active use; cleared on account deletion
- Token transaction history: Retained for 3 years after account deletion for financial record compliance
- Content moderation audit logs: Retained for 3 years from the date of each violation event - not deleted on account deletion (see Section 3.6)
- Analytics: Aggregated, anonymized usage data may be retained indefinitely for service improvement
Some data may be retained longer if required for legal disputes, regulatory compliance, or fraud prevention, but we'll only keep what's necessary.
7. Cookies & Tracking
We use cookies and similar technologies to improve your MatchNest experience.
7.1 Types of Cookies
Essential Cookies: These are required for MatchNest to function-enabling secure login, remembering your preferences, and maintaining session state. Without these, you couldn't use the app. These cookies can't be disabled as they're essential to our service.
Analytics Cookies: These help us understand how users interact with MatchNest-which features are popular, where users encounter issues, and how we can improve. We use anonymized and aggregated data to protect individual privacy.
Marketing Cookies: We may use these to measure the effectiveness of our advertising campaigns and to show you relevant MatchNest ads on other platforms. These are only activated with your consent.
7.2 Managing Cookies
You can manage cookie preferences in your device browser settings or through our app settings. Note that disabling cookies may affect some MatchNest features or cause the app to function less smoothly.
8. Third-Party Services
MatchNest may contain links to external websites or integrate with third-party services. Here's how we handle those relationships.
8.1 Third-Party Links
Our app or website may include links to external websites (for example, partner blogs or support articles). These external sites have their own privacy policies, and we encourage you to review them. We aren't responsible for the privacy practices of third-party websites.
8.2 Social Features
If you choose to connect third-party accounts (like Google Sign-In), you're subject to those platforms' terms and privacy policies. Google Sign-In allows quick, secure registration without creating a new password, but you're responsible for reviewing and accepting Google's privacy practices.
9. Children's Privacy
MatchNest is exclusively for adults. We take children's privacy extremely seriously.
Our platform is not intended for individuals under 18 years of age, and we do not knowingly collect data from minors. Our age verification during registration helps prevent underage users from creating accounts.
If we discover that we've inadvertently collected data from someone under 18, we'll immediately delete that data and terminate the account. If you're a parent or guardian and believe your child has created a MatchNest account, please contact us at [email protected] immediately.
10. International Data Transfer
MatchNest operates globally, which means your data may be processed in different countries.
If your data is transferred outside your country of residence, we ensure adequate protection through Standard Contractual Clauses (SCCs)-legal agreements approved by relevant authorities that require recipients to protect your data to the same standard as required in your home country.
Our primary data centers are located in the United States and European Union, with additional infrastructure globally for performance optimization. All international transfers comply with applicable data protection laws, including GDPR for European users.
11. Changes to This Policy
As MatchNest evolves, we may need to update this Privacy Policy to reflect new features, services, or legal requirements.
When we make material changes-like new data collection practices, different sharing arrangements, or significant changes to your rights-we'll notify you through the app, email, or a prominent notice on our website at least 30 days before the changes take effect.
We encourage you to review this Privacy Policy periodically. Your continued use of MatchNest after any changes indicates your acceptance of the updated policy. For non-material changes (like clarifications or formatting updates), we'll simply update the "Last Updated" date.
12. Contact Us
We welcome questions, feedback, and requests about this Privacy Policy or our data practices.
MatchNest
Privacy inquiries:
[email protected]
Safety reports:
[email protected]
General support:
[email protected]
Website: www.matchnest.co
For data subject requests (access, deletion, correction), please include your account email or phone number and specify which right you're exercising. We'll respond to all legitimate requests within 30 days.
For GDPR and European data protection inquiries, contact our privacy team at [email protected]. If you're not satisfied with our response, you may also lodge a complaint with your local data protection authority.