Summary (TL;DR)
- ✓ We collect profile info, preferences, messages, and usage data
- ✓ Messages are end-to-end encrypted – we can't read them
- ✓ We never sell your data to third parties
- ✓ You can delete your account and all data at any time
- ✓ We use industry-standard security measures
- ✓ Watermark protection on profiles to prevent unauthorized sharing
- ✓ You have privacy controls (photo blur, incognito mode, hide distance)
- ✓ We comply with PIPEDA (Canada), GDPR (Europe), and CCPA (California)
- ✓ Data stored on US servers with appropriate safeguards
- ✓ You'll be notified of any data breaches within 72 hours
- ✓ Contact hello@joinaccord.app for questions or data requests
Introduction
Welcome to Accord ("we," "our," or "us"). We are committed to protecting your privacy and personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our mobile application.
By using Accord, you agree to the collection and use of information in accordance with this policy.
PIPEDA Compliance (Canadian Privacy Law)
Canadian Users - Your Rights Under PIPEDA
Accord complies with Canada's Personal Information Protection and Electronic Documents Act (PIPEDA) and British Columbia's Personal Information Protection Act (PIPA). We are committed to the following principles:
- Accountability: We are responsible for all personal information under our control
- Identifying Purposes: We clearly explain why we collect your information
- Consent: We obtain your consent before collecting, using, or disclosing personal information
- Limiting Collection: We only collect information necessary for our services
- Limiting Use & Disclosure: We only use your information for stated purposes
- Accuracy: We keep your information accurate and up-to-date
- Safeguards: We protect your information with appropriate security measures
- Openness: We are transparent about our privacy practices
- Individual Access: You can access and correct your personal information
- Challenging Compliance: You can challenge our privacy practices
Privacy Commissioner of Canada: If you have concerns about how we handle your personal information, you can file a complaint with the Office of the Privacy Commissioner of Canada at priv.gc.ca/en/report-a-concern
Information We Collect
Personal Information You Provide
When you create an account and use Accord, you may provide us with:
- Account Information: Email address, phone number, password
- Profile Information: Display name, age, gender identity, sexual orientation, location (city, state), occupation, education
- Photos: Profile photos you upload
- Preferences: Marriage goals, relationship preferences, lifestyle preferences, matching criteria
- Messages: Content of messages you send to matches (end-to-end encrypted)
Information Collected Automatically
- Device Information: Device type, operating system, unique device identifiers
- Usage Data: App interactions, features used, time spent in app, swipe history
- Location Data: Approximate location based on IP address or precise location if you grant permission
- Push Notification Token: To send you notifications about matches and messages
How We Use Your Information
We use your information to:
- Provide Services: Create your profile, show you potential matches, facilitate messaging
- Matching Algorithm: Calculate compatibility scores based on your preferences and profile
- Safety & Security: Protect user privacy with watermark protection, prevent fraud, enforce our Terms of Service
- Push Notifications: Send you notifications about new matches, messages, and likes
- Payment Processing: Process subscription payments through RevenueCat and Apple/Google
- Analytics: Understand how users interact with the app to improve our services
- Customer Support: Respond to your inquiries and provide assistance
- Legal Compliance: Comply with legal obligations and protect our rights
Data Retention
How Long We Keep Your Data
We retain your personal information only as long as necessary to fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required by law.
- Active Accounts: While your account is active, we retain all profile and usage data
- Deleted Accounts: When you delete your account, we permanently delete your profile, photos, messages, and personal information within 30 days
- Backup Systems: Data in backup systems is automatically purged within 90 days
- Legal Compliance: Some data may be retained longer if required by law (e.g., financial records for 7 years for tax purposes)
- Anonymized Data: We may retain anonymized analytics data indefinitely, as this data cannot identify you
- Fraud Prevention: If your account was banned for Terms violations, we may retain limited data (email hash, device ID) to prevent repeat offenses for up to 2 years
To request immediate deletion of your data, contact us at hello@joinaccord.app
Subscriptions and Payment Information
Auto-Renewable Subscriptions
Accord offers auto-renewable subscription plans (Premium and Platinum) with monthly billing.
When you purchase a subscription:
- • Payment is processed through your Apple App Store or Google Play Store account
- • We collect payment information necessary to process your subscription through RevenueCat
- • Your subscription will automatically renew unless canceled 24 hours before the renewal date
- • We store your subscription status and purchase history to manage your access to premium features
For complete subscription details including pricing, features, and cancellation terms, please see our Terms of Service.
Data Security
End-to-End Encryption
All messages exchanged on Accord are end-to-end encrypted. This means:
- • Messages are encrypted on your device before being sent
- • Only you and your match can decrypt and read messages
- • We cannot read your messages, even if compelled by law enforcement
Other Security Measures
- All data is transmitted over HTTPS
- Passwords are hashed using industry-standard algorithms
- Data is stored securely in Supabase (PostgreSQL) with encryption at rest
- Row-level security policies prevent unauthorized access to your data
- Regular security audits and monitoring
- Screenshot Protection: Screenshots are disabled within the app
- Watermark Protection: Invisible watermarks are embedded on profile information and images. These watermarks are unique to each user viewing the content, allowing us to identify and take action against unauthorized sharing or screenshots taken outside the app
Data Breach Notification
What Happens If There's a Data Breach
While we take every precaution to protect your data, no system is 100% secure. In the unlikely event of a data breach that poses a real risk of significant harm to you, we will:
- Notify Affected Users: Within 72 hours of discovering the breach, we will notify all affected users via email and in-app notification
- Notify Authorities: Report the breach to the Office of the Privacy Commissioner of Canada as required by PIPEDA
- Provide Details: Explain what information was compromised, when the breach occurred, and what we're doing about it
- Offer Guidance: Provide recommendations to protect yourself (e.g., password changes, monitoring for suspicious activity)
- Remediation: Take immediate action to contain the breach and prevent future incidents
We maintain a comprehensive incident response plan and conduct regular security drills to ensure we can respond quickly and effectively to any security incidents.
Your Privacy Rights
You have the right to:
- Access Your Data: Request a copy of all personal data we have about you
- Edit Your Profile: Update your profile information at any time
- Delete Your Account: Permanently delete your account and all associated data
- Export Your Data: Download your profile data and message history
- Opt Out of Notifications: Disable push notifications in app settings
Privacy Controls
Accord provides privacy features:
- Photo Blur: Blur your photos until you match with someone
- Incognito Mode: Hide your profile from discovery while still seeing others
- Hide Distance: Don't show exact distance to other users
- Hide Last Active: Don't display when you were last online
Data Sharing and Disclosure
We Do Not Sell Your Data
We will never sell your personal information to third parties.
Limited Sharing
We may share your information only in these circumstances:
- With Matches: Your profile information is visible to users you match with
- Service Providers: Supabase (database), RevenueCat (payments), Expo (push notifications)
- Legal Requirements: If required by law, court order, or government request
- Safety & Fraud Prevention: To protect the safety of our users and prevent fraudulent activity
International Data Transfers
⚠️ Cross-Border Data Storage
Important Notice for Canadian Users: While Accord is operated from British Columbia, Canada, your personal information is stored and processed on servers located in the United States.
Our service providers include:
- Supabase (Database): US-based servers with SOC 2 Type II certification
- RevenueCat (Payments): US-based payment processing with PCI DSS compliance
- Apple/Google (App Stores): International infrastructure for app distribution and in-app purchases
What This Means: Your data may be subject to access by US law enforcement or government agencies under US laws such as the CLOUD Act, FISA, or Patriot Act. These laws may provide different privacy protections than Canadian law.
Our Safeguards: We use contractual protections (Standard Contractual Clauses), encryption in transit and at rest, and work only with service providers who comply with international privacy frameworks to protect your data.
By using Accord, you consent to the transfer and processing of your personal information in the United States. If you do not consent to this transfer, please do not use our services.
Children's Privacy
Accord is not intended for users under 18 years old. We do not knowingly collect personal information from minors. If we discover that a user is under 18, we will immediately delete their account and all associated data.
GDPR & CCPA Compliance
We comply with the General Data Protection Regulation (GDPR) for European users and the California Consumer Privacy Act (CCPA) for California residents. You have additional rights under these regulations, including the right to know what data we collect, the right to deletion, and the right to opt-out of data sales (which we don't do).
Changes to This Privacy Policy
We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or for other operational reasons.
How We'll Notify You:
- Material Changes: If we make significant changes that affect your rights, we will notify you via email and/or in-app notification at least 30 days before the changes take effect
- Minor Changes: For non-material changes (e.g., clarifications, formatting), we will update the "Last Updated" date at the top of this policy
- Your Consent: Continued use of Accord after changes take effect constitutes your acceptance of the updated policy
We encourage you to review this Privacy Policy periodically to stay informed about how we protect your information.
Contact Us
Company Information
Privacy Officer & Data Requests
For privacy-related inquiries, data access requests, or to exercise your rights under PIPEDA, contact our Privacy Officer:
- Email: hello@joinaccord.app
- Subject Line: "Privacy Request - [Your Name]"
- In-App Support: Navigate to Settings → Help & Support → Privacy Request
We will respond to all privacy requests within 30 days as required by PIPEDA.
Privacy Commissioner of Canada
If you are not satisfied with our response to your privacy concern, you have the right to contact the Office of the Privacy Commissioner of Canada:
Your privacy and safety are our top priorities. Thank you for trusting Accord.