10XSWIPE logo10XSWIPE
    Free Sauce

    Privacy Policy

    Last Updated: October 1, 2025

    Data Controller:

    Zenex Innovations OÜ

    Registry Code: 16721227

    Tallinn, Estonia

    Email: info@zenexinnovations.com

    1. Introduction

    Zenex Innovations OÜ ("we," "us," "our," or "10XSwipe") respects your privacy and is committed to protecting your personal data. This Privacy Policy explains how we collect, use, store, share, and protect your personal information when you use our website and services (collectively, the "Service").

    This Privacy Policy applies to all users of 10XSwipe and should be read in conjunction with our Terms of Service.

    By using our Service, you acknowledge that you have read, understood, and agree to this Privacy Policy and our data practices.

    1.1 Age Requirement

    Our Service is intended for individuals aged 18 years and older. We do not knowingly collect or process personal data from anyone under the age of 18. If we become aware that we have collected personal data from someone under 18, we will take steps to delete that information immediately. If you believe we have collected information from a minor, please contact us at info@zenexinnovations.com.

    1.2 GDPR Compliance

    As a company operating in Estonia (European Union), we comply with the General Data Protection Regulation (GDPR) and Estonian data protection laws. This Privacy Policy outlines your rights under GDPR and how we fulfill our obligations as a data controller.

    2. Information We Collect

    2.1 Account Information

    When you create an account, we collect:

    • Email address
    • Username
    • Password (stored in encrypted form)
    • Subscription plan information
    • Payment information (processed through Stripe - see Section 4.3)

    Legal Basis: Contract performance and legitimate business interests

    2.2 Dating Profile Data

    To provide our AI analysis service, you voluntarily submit:

    • Dating app profile photographs
    • Dating app bios and profile text
    • Screenshots of dating app profiles
    • Screenshots of dating app conversations and chats
    • Information about your dating preferences and targets
    • Any other content you choose to upload for analysis

    Legal Basis: Your explicit consent and contract performance

    IMPORTANT: By uploading this content, you represent that:

    • You have the right to share these images and content
    • You are not uploading images of minors
    • You are not uploading illegal, fraudulent, or stolen content
    • You consent to our processing of this sensitive personal data

    2.3 Usage Data

    We automatically collect information about how you interact with our Service:

    • Pages visited and features used
    • Time spent on the Service
    • Click patterns and navigation paths
    • Frequency of use and session duration
    • Feedback reports generated
    • Refund requests and associated documentation

    Legal Basis: Legitimate business interests (service improvement, fraud prevention)

    2.4 Technical Data

    We automatically collect technical information about your device and connection:

    • IP address
    • Browser type and version
    • Device type and operating system
    • Time zone settings and location (country/city level)
    • Referring website URLs
    • Crash reports and error logs

    Legal Basis: Legitimate business interests (security, service optimization)

    2.5 Communications Data

    If you contact us, we collect:

    • Email correspondence
    • Support ticket information
    • Feedback and survey responses
    • Any information you choose to provide

    Legal Basis: Legitimate business interests (customer support) and contract performance

    2.6 Cookies and Tracking Technologies

    We use cookies and similar tracking technologies to:

    • Keep you logged in
    • Remember your preferences
    • Analyze website traffic and usage patterns
    • Improve user experience

    Types of cookies we use:

    • Essential cookies: Required for the Service to function (cannot be disabled)
    • Performance cookies: Help us understand how visitors use our Service
    • Functional cookies: Remember your preferences and settings

    You can control cookies through your browser settings. Note that disabling essential cookies may prevent you from using certain features of the Service.

    Legal Basis: Your consent (for non-essential cookies) and legitimate interests

    3. How We Use Your Data

    3.1 Primary Service Provision

    We process your data to:

    • Generate AI-powered feedback on your dating profiles
    • Analyze your photos, bios, and compatibility with targets
    • Provide personalized recommendations
    • Deliver the Service according to our Terms of Service
    • Process your subscription payments
    • Send you service-related communications

    3.2 Service Improvement and AI Training

    We may use your uploaded content and usage data to:

    • Improve our AI models and algorithms
    • Enhance the accuracy and quality of our analysis
    • Develop new features and services
    • Conduct internal research and analytics
    • Create anonymized datasets for testing and development

    Your content may be used to train and improve our AI systems. However, we implement measures to protect your identity in these processes.

    3.3 Fraud Prevention and Security

    We process your data to:

    • Prevent fraudulent refund requests
    • Detect and prevent abuse of our Service
    • Verify compliance with our Terms of Service
    • Protect against security threats
    • Investigate violations of our policies
    • Maintain the integrity of our platform

    This includes retaining data for extended periods when necessary for fraud investigation or legal compliance.

    3.4 Legal Compliance

    We process your data to:

    • Comply with legal obligations
    • Respond to legal requests from authorities
    • Enforce our Terms of Service
    • Protect our legal rights and interests
    • Resolve disputes and pursue legal remedies

    3.5 Marketing Communications (Optional)

    With your explicit consent, we may send you:

    • Product updates and new feature announcements
    • Promotional offers and discounts
    • Tips for improving your dating profile
    • Newsletter and blog content

    You can opt out of marketing communications at any time by clicking the "unsubscribe" link in any marketing email or contacting us at info@zenexinnovations.com. Note that you cannot opt out of essential service-related communications.

    4. How We Share Your Data

    We do not sell your personal data to third parties.

    4.1 Third-Party Service Providers

    We share your data with trusted third-party service providers who assist us in operating our Service:

    OpenAI (United States)

    • Purpose: AI analysis and feedback generation
    • Data Shared: Dating profile photos, bios, text content you submit for analysis
    • Legal Basis: Contract performance and legitimate interests
    • Note: Your submitted content is processed through OpenAI's API to generate feedback. OpenAI's data processing is governed by their Data Processing Agreement and Terms of Service. OpenAI has committed to GDPR compliance for EU customers.

    Stripe (United States/Ireland)

    • Purpose: Payment processing
    • Data Shared: Payment information, billing details, transaction data
    • Legal Basis: Contract performance
    • Note: We do not store your full payment card details. Stripe is PCI-DSS compliant and GDPR compliant.

    Hosting and Infrastructure Providers

    • Purpose: Website hosting, data storage, cloud services
    • Data Shared: All data necessary to operate the Service
    • Legal Basis: Contract performance and legitimate interests

    All third-party service providers are contractually required to protect your data and use it only for the purposes we specify.

    4.2 International Data Transfers

    Some of our service providers (including OpenAI and Stripe) are based outside the European Economic Area (EEA), primarily in the United States. When we transfer your data outside the EEA, we ensure appropriate safeguards are in place:

    • Standard Contractual Clauses (SCCs): We use EU-approved Standard Contractual Clauses with our US-based providers
    • Adequacy Decisions: We rely on EU adequacy decisions where applicable
    • Data Processing Agreements: All providers sign agreements requiring GDPR-compliant data handling

    By using our Service, you acknowledge and consent to the transfer of your data to countries outside the EEA, including the United States, under these safeguards.

    4.3 Legal Requirements

    We may disclose your personal data if required to do so by law or in response to:

    • Valid legal requests from government authorities
    • Court orders, subpoenas, or legal processes
    • Requests to comply with Estonian or EU law
    • Protection of our legal rights or defense of legal claims
    • Prevention of fraud, security threats, or illegal activity
    • Protection of the safety of any person

    4.4 Business Transfers

    If we undergo a merger, acquisition, reorganization, bankruptcy, or sale of assets, your personal data may be transferred to the successor entity. We will notify you via email and/or prominent notice on our website before your data is transferred and becomes subject to a different privacy policy.

    4.5 Anonymized and Aggregated Data

    We may share anonymized, aggregated, or de-identified data that cannot reasonably be used to identify you with:

    • Researchers and academics
    • Business partners
    • The public (for marketing, case studies, or insights)

    This data does not constitute personal data under GDPR.

    5. Data Retention

    5.1 General Retention Principles

    We retain your personal data only for as long as necessary to fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required or permitted by law.

    5.2 Specific Retention Periods

    Account Data:

    • Retained for the duration of your active subscription
    • Retained for 12 months after account cancellation or termination for legal compliance and potential reactivation
    • Deleted after 12 months unless required for legal purposes

    Uploaded Content (Photos, Bios, Screenshots):

    • Active Users: Retained while your account is active and for 90 days after your last login
    • Fraud Prevention: If we suspect fraudulent activity, content may be retained indefinitely for investigation and legal purposes
    • AI Training: Anonymized versions may be retained indefinitely for AI model improvement
    • Refund Requests: Content submitted with refund requests is retained for 24 months for fraud prevention and dispute resolution

    Generated Feedback Reports:

    • Retained while your account is active
    • Retained for 12 months after account closure
    • You may request deletion at any time (see Section 7)

    Payment and Transaction Data:

    • Retained for 7 years to comply with Estonian accounting and tax requirements
    • Credit card information is not stored by us (handled by Stripe)

    Usage and Technical Data:

    • Retained for 24 months for analytics and service improvement
    • Anonymized versions may be retained indefinitely

    Marketing Communications Data:

    • Retained until you withdraw consent or for 3 years after last interaction, whichever comes first

    Legal and Compliance Data:

    • Retained as long as necessary to comply with legal obligations, resolve disputes, and enforce our agreements

    5.3 Data Deletion

    After the applicable retention period, we securely delete or anonymize your personal data. Deletion methods include:

    • Permanent deletion from active databases
    • Secure erasure from backup systems within 90 days
    • Anonymization rendering data no longer personally identifiable

    Note: We may retain certain data in anonymized form for historical, statistical, or research purposes, as this no longer constitutes personal data under GDPR.

    6. Data Security

    We implement appropriate technical and organizational measures to protect your personal data against unauthorized access, alteration, disclosure, or destruction.

    6.1 Security Measures

    • Encryption: Data is encrypted in transit (TLS/SSL) and at rest
    • Access Controls: Strict access controls limit who can access personal data
    • Authentication: Multi-factor authentication for administrative access
    • Regular Security Audits: Periodic security assessments and vulnerability testing
    • Employee Training: Staff are trained on data protection and security best practices
    • Secure Infrastructure: We use reputable, secure hosting and cloud providers

    6.2 Data Breach Notification

    In the event of a data breach that poses a risk to your rights and freedoms, we will:

    • Notify the relevant supervisory authority within 72 hours (as required by GDPR)
    • Notify affected users without undue delay if the breach poses a high risk
    • Provide information about the nature of the breach and steps being taken
    • Offer guidance on protective measures you can take

    6.3 Your Responsibility

    You are responsible for:

    • Maintaining the confidentiality of your account credentials
    • Using a strong, unique password
    • Not sharing your account with others
    • Notifying us immediately of any unauthorized access

    We are not liable for security breaches resulting from your failure to protect your account credentials.

    7. Your Rights Under GDPR

    As a data subject in the European Union, you have the following rights regarding your personal data:

    7.1 Right of Access

    You have the right to request a copy of the personal data we hold about you. You can request:

    • Confirmation that we are processing your personal data
    • Access to your personal data
    • Information about how we use and share your data

    How to exercise: Email info@zenexinnovations.com with "Data Access Request" in the subject line

    7.2 Right to Rectification

    You have the right to request correction of inaccurate or incomplete personal data.

    How to exercise: Update your information in your account settings or email info@zenexinnovations.com

    7.3 Right to Erasure ("Right to be Forgotten")

    You have the right to request deletion of your personal data in certain circumstances:

    • The data is no longer necessary for the purposes it was collected
    • You withdraw consent (where consent is the legal basis)
    • You object to processing and there are no overriding legitimate grounds
    • The data was unlawfully processed
    • Deletion is required to comply with a legal obligation

    Limitations: We may refuse deletion if the data is necessary for:

    • Compliance with legal obligations
    • Establishment, exercise, or defense of legal claims
    • Fraud prevention or security purposes

    How to exercise: Email info@zenexinnovations.com with "Deletion Request" in the subject line

    7.4 Right to Restrict Processing

    You have the right to request that we limit how we use your data in certain circumstances:

    • You contest the accuracy of the data
    • Processing is unlawful but you don't want deletion
    • We no longer need the data but you need it for legal claims
    • You have objected to processing pending verification of legitimate grounds

    How to exercise: Email info@zenexinnovations.com with "Restrict Processing Request" in the subject line

    7.5 Right to Data Portability

    You have the right to receive your personal data in a structured, commonly used, machine-readable format and transmit it to another controller, where:

    • Processing is based on your consent or contract performance
    • Processing is carried out by automated means

    How to exercise: Email info@zenexinnovations.com with "Data Portability Request" in the subject line

    7.6 Right to Object

    You have the right to object to processing based on legitimate interests or for direct marketing purposes.

    For Direct Marketing: You can opt out at any time by clicking "unsubscribe" in marketing emails

    For Legitimate Interests: You can object by emailing info@zenexinnovations.com. We will stop processing unless we have compelling legitimate grounds that override your interests.

    How to exercise: Email info@zenexinnovations.com with "Objection to Processing" in the subject line

    7.7 Right to Withdraw Consent

    Where we process your data based on consent, you have the right to withdraw that consent at any time. Withdrawal does not affect the lawfulness of processing before withdrawal.

    How to exercise: Email info@zenexinnovations.com or adjust your account settings

    7.8 Right to Lodge a Complaint

    You have the right to lodge a complaint with a supervisory authority if you believe we have violated your data protection rights.

    Estonian Data Protection Inspectorate (Andmekaitse Inspektsioon)

    Website: https://www.aki.ee

    Email: info@aki.ee

    You may also lodge a complaint with the supervisory authority in your country of residence.

    7.9 Response Timeline

    We will respond to all rights requests within one (1) month of receipt. In complex cases, we may extend this by two additional months and will notify you of the extension and reasons.

    7.10 Verification

    To protect your privacy, we may need to verify your identity before fulfilling rights requests. We may request additional information to confirm you are the account holder.

    7.11 No Fee

    We will not charge a fee for processing rights requests unless the request is clearly unfounded, excessive, or repetitive. In such cases, we may charge a reasonable administrative fee or refuse the request.

    8. Third-Party Links

    Our Service may contain links to third-party websites, applications, or services that are not operated by us. This Privacy Policy does not apply to third-party sites.

    We are not responsible for the privacy practices of third parties. We encourage you to review the privacy policies of any third-party sites you visit.

    Notable Third Parties:

    • Dating apps (Tinder, Bumble, Hinge, etc.)
    • Social media platforms
    • Payment processors (Stripe)
    • AI providers (OpenAI)

    9. Updates to This Privacy Policy

    We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors.

    9.1 Notification of Changes

    We will notify you of material changes by:

    • Updating the "Last Updated" date at the top of this policy
    • Posting a prominent notice on our website
    • Sending an email notification to your registered email address (for significant changes)

    9.2 Your Acceptance

    Your continued use of the Service after changes become effective constitutes your acceptance of the updated Privacy Policy. If you do not agree to the changes, you must stop using the Service and may request deletion of your account.

    We encourage you to review this Privacy Policy periodically to stay informed about how we protect your data.

    10. Children's Privacy

    Our Service is not intended for individuals under the age of 18. We do not knowingly collect, use, or disclose personal information from children under 18.

    If you are a parent or guardian and believe your child has provided us with personal information, please contact us immediately at info@zenexinnovations.com. We will take steps to delete such information from our systems.

    If we become aware that we have collected personal data from someone under 18 without parental consent, we will delete that information as quickly as possible.

    11. California Privacy Rights (CCPA)

    If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA):

    11.1 Right to Know

    You have the right to request information about:

    • Categories of personal information collected
    • Sources of personal information
    • Business or commercial purpose for collecting personal information
    • Categories of third parties with whom we share personal information
    • Specific pieces of personal information collected about you

    11.2 Right to Delete

    You have the right to request deletion of your personal information, subject to certain exceptions.

    11.3 Right to Opt-Out of Sale

    We do not sell personal information. You do not need to opt out of any sale.

    11.4 Right to Non-Discrimination

    You have the right not to receive discriminatory treatment for exercising your CCPA rights.

    11.5 How to Exercise CCPA Rights

    Email info@zenexinnovations.com with "CCPA Request" in the subject line or call us at [phone number if you have one].

    We will verify your identity before processing your request and respond within 45 days.

    12. Contact Us

    If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

    Zenex Innovations OÜ

    Registry Code: 16721227

    Email: info@zenexinnovations.com

    Website: [Your website URL]

    Data Protection Officer: info@zenexinnovations.com

    For GDPR-related inquiries or to exercise your rights, please email info@zenexinnovations.com with a clear description of your request.

    By using 10XSwipe, you acknowledge that you have read, understood, and agree to this Privacy Policy and our data processing practices.