← Back to Home

Privacy Policy

            Important Information: You must be at least 18 years old to use the Soundate application. By using the application, you accept the terms outlined in this privacy policy.
        

1. Data Controller Identification

Name: Csordás Zoltán E.V.

Address: 2367 Újhartyán, Malom utca 11/1., Hungary

Email: info@soundate.app

Application Name: Soundate

2. Categories of Personal Data Processed

We process the following personal data in the operation of the Soundate application:

Data Category	Specific Data	Legal Basis
Identification Data	Email address, Google/Apple ID, nickname	Contract performance (GDPR Art. 6(1)(b))
Demographic Data	Gender, date of birth (age)	Contract performance (GDPR Art. 6(1)(b))
Location Data	Current geographic position (GPS coordinates)	Consent (GDPR Art. 6(1)(a))
Multimedia Content	Voice recordings (introduction), profile picture, voice messages, text messages, images	Contract performance (GDPR Art. 6(1)(b))
Preferences	Search settings (preferred gender, age range, distance)	Contract performance (GDPR Art. 6(1)(b))
Interaction Data	Likes, dislikes, matches, message exchanges	Contract performance (GDPR Art. 6(1)(b))
Technical Data	Device identifier, app usage statistics (Firebase Analytics)	Legitimate interest (GDPR Art. 6(1)(f)) - app development and security maintenance
Advertising Data	Advertising identifier (IDFA on iOS, Advertising ID on Android), app install attribution, in-app events for ad measurement	Consent (GDPR Art. 6(1)(a)) - on iOS via App Tracking Transparency (ATT) permission
Reports	User reports about unwanted content	Legitimate interest (GDPR Art. 6(1)(f)) - community protection

3. Purpose of Data Processing

The purposes of processing personal data are:

Registration and Identification: Creating and managing user accounts
Matchmaking Service: Searching for and displaying potential partners based on specified preferences
Matching: Creating connections between users in case of mutual likes
Communication: Enabling sending and receiving voice, text, and image messages
Geolocation: Enabling distance-based search and filtering
Statistics: Analyzing and improving app usage (Firebase Analytics)
Moderation: Handling user reports, removing unwanted content
Ad Measurement: Measuring the effectiveness of advertising campaigns, app install attribution (Facebook/Meta SDK). Collection of the advertising identifier on iOS occurs exclusively with the user's explicit consent (App Tracking Transparency).
Error Reporting: Automatic recording and analysis of application errors to ensure service stability (Sentry)

4. Duration of Data Processing

The duration of data processing depends on the data category:

Active User Account: Until account deletion or 2 years of inactivity
Inactivity: After 2 years of inactivity, we automatically delete the user account and all associated data. We will notify the user by email 30 days before automatic deletion
User-Deleted Account: Deletion occurs immediately, data is irretrievably deleted
Messages: All messages (voice messages, text messages, and images) are automatically and permanently deleted 180 days (6 months) after sending. This applies to all users equally
Analytics Data: Aggregated, anonymous statistics for up to 26 months (Firebase Analytics default setting)

            Message Retention Policy: Messages sent through the app (including voice messages, text messages, and images) are automatically and permanently deleted 180 days after sending. This deletion cannot be undone and affects all message types equally. After deletion, the conversation history will show "No messages from the last 180 days in this conversation."
        

5. Data Transfer, Data Processors

We use the following data processors during data processing:

Firebase (Google LLC)

Service: Backend infrastructure, database, authentication, analytics
Location: United States (data transfer outside EU)
Data Protection Guarantee: Google EU Data Protection Framework, Standard Contractual Clauses (SCC)
More Information: https://firebase.google.com/support/privacy

Google Sign-In

Service: Login with Google account
Data Processed: Google ID, email address
More Information: https://policies.google.com/privacy

Apple Sign-In

Service: Login with Apple account
Data Processed: Apple ID, email address (optionally hidden email)
More Information: https://www.apple.com/legal/privacy/

Facebook / Meta Platforms, Inc.

Service: Login with Facebook account, advertising attribution and campaign measurement (Facebook SDK)
Data Processed: Facebook ID, email address, advertising identifier (IDFA/Advertising ID - only with user consent), app install and usage events for ad measurement purposes
Location: United States (data transfer outside EU)
Data Protection Guarantee: EU-US Data Privacy Framework, Standard Contractual Clauses (SCC)
More Information: https://www.facebook.com/privacy/policy/

Sentry (Functional Software, Inc.)

Service: Automatic recording and analysis of application errors (crash reporting)
Data Processed: Device information, operating system version, error log data, stack traces
Location: United States (data transfer outside EU)
Data Protection Guarantee: Standard Contractual Clauses (SCC)
More Information: https://sentry.io/privacy/

            Important: Due to the use of Firebase services, data may be stored outside the European Union (including the United States). Data transfer occurs with appropriate legal safeguards (Standard Contractual Clauses).
        

6. Mobile Device Permissions

We request the following device permissions for the application to function:

Camera: Taking and uploading profile pictures and photos
Microphone: Recording voice introductions and voice messages
Location: Determining current location for distance-based search
Photo Library/Gallery: Selecting and uploading existing photos
Tracking Permission (iOS - App Tracking Transparency): Use of the advertising identifier (IDFA) to measure the effectiveness of advertising campaigns. This permission is optional, and denying it does not limit the app's functionality in any way. The permission only affects the accuracy of ad measurement.

You can revoke these permissions at any time in your device settings, but this may limit app functionality (except for the tracking permission, which does not affect feature availability).

7. Data Subject Rights

Under GDPR, you have the following rights:

Right of Access (GDPR Art. 15)

You have the right to request information about whether we process your personal data, and if so, to request a copy of that data.

Right to Rectification (GDPR Art. 16)

You can request the correction of inaccurate personal data or the completion of incomplete data. You can also do this within the app by editing your profile.

Right to Erasure / "Right to be Forgotten" (GDPR Art. 17)

You can request the deletion of your personal data. You can easily do this within the app settings using the "Delete Account" function, which completely and permanently deletes all your data.

Right to Restriction of Processing (GDPR Art. 18)

Under certain circumstances, you can request the restriction of data processing.

Right to Data Portability (GDPR Art. 20)

You have the right to receive your stored data in a structured, commonly used, machine-readable format and to transfer this data to another controller.

Right to Object (GDPR Art. 21)

In case of processing based on legitimate interest, you can object to the processing.

Withdrawal of Consent

If data processing is based on consent (e.g., location data), you have the right to withdraw consent at any time. Withdrawal does not affect the lawfulness of processing before the withdrawal.

Legal Remedies

If you believe our data processing violates GDPR provisions, you can file a complaint with your local data protection authority. For users in Hungary, this is the National Authority for Data Protection and Freedom of Information (NAIH):

Name: Nemzeti Adatvédelmi és Információszabadság Hatóság

Address: 1055 Budapest, Falk Miksa utca 9-11., Hungary

Phone: +36 (1) 391-1400

Email: ugyfelszolgalat@naih.hu

Website: www.naih.hu

8. Data Security

We take the protection of your data seriously. We apply the following security measures:

Encrypted data storage on Firebase infrastructure
Secure HTTPS connection during data transfer
Access restriction and authorization management
Regular security backups
User reporting system against unwanted content

9. Protection of Children

The Soundate application may only be used by persons who have reached the age of 18. We do not knowingly collect data from persons under 18. If we become aware that a person under 18 has registered, we will immediately delete their account and all associated data.

10. Cookies and Similar Technologies

The application uses Firebase Analytics, which uses technical identifiers (e.g., device identifier) to collect usage statistics. This data is used in aggregated, anonymous form for app development purposes.

11. Changes

We reserve the right to modify this privacy policy at any time. We will notify you of changes within the app or by email. The updated version will always be available in the app.

12. Contact

If you have questions about data processing or wish to exercise any of your rights, please contact us:

Email: info@soundate.app

Postal Address: Csordás Zoltán E.V., 2367 Újhartyán, Malom utca 11/1., Hungary

Last updated: March 2026