Effective date: 14 May 2025
MatchBoost AI is owned and operated by Jumpstart Developments Limited, Suite 15025, 17B Farnham Street, Parnell, Auckland 1052, New Zealand.
Contact: jumpstartdevelopments@gmail.com
Privacy Officer / Data Protection Officer: Lazain — lazain@jumpstartdevelopments.com
We follow the New Zealand Privacy Act 2020 principles privacy.org.nz, the EU/UK GDPR eur-lex.europa.eu, the California CCPA/CPRA oag.ca.gov, Apple’s App Store Review Guideline 5.1.1 developer.apple.com and Google Play’s Data Safety policy support.google.com. These rules require a clear explanation of what data we collect, why, how long we keep it, where we send it, and the rights you have.
This policy covers the MatchBoost AI iOS and Android apps, any related websites, and email support at matchboostai@gmail.com. Third-party dating services you may use are outside our control. Apple’s guidelines oblige us to link this policy inside the app and on the App Store listing developer.apple.com.
We collect the following categories of personal information when you use the app:
Account data – e-mail address, password hash, Apple / Google / Facebook sign-in IDs, RevenueCat subscriber ID.
Profile content – dating-profile screenshots you upload, selfies, AI-generated images, and any prompt text you type.
Usage and diagnostics – in-app actions, device type, crash logs, push-notification token.
Purchase data – product identifier, price, currency, and transaction ID supplied by Apple or Google.
Analytics & attribution – event data sent to Firebase, Mixpanel and Meta (Facebook) if you grant tracking permission via App Tracking Transparency (ATT) developer.apple.com.
Children – The app is aimed at adults; we do not knowingly collect data from anyone under 16. COPPA imposes strict duties on services directed to children under 13, which we honour by refusing registration from such users ftc.gov.
To deliver core features (image generation, profile feedback, push notifications) on the legal basis of contractual necessity under GDPR Art 6 (1)(b) eur-lex.europa.eu.
To handle in-app purchases and meet tax obligations (legal obligation / contract).
To understand product usage and improve the service using Firebase Analytics (default 14-month retention) support.google.com and Mixpanel (five-year default, customisable) mixpanel.com under legitimate interests Art 6 (1)(f).
Marketing e-mail or push promos only when you have given consent, which you can withdraw at any time (consent Art 6 (1)(a)).
Fraud prevention and regulatory compliance where law requires it (legal obligation). We do not “sell” personal information as that term is defined by the CCPA/CPRA oag.ca.gov.
Google Firebase — hosting, authentication, analytics, push notifications. Google Cloud services hold SOC 2 and ISO 27001 certifications cloud.google.com.
RevenueCat — processes your subscription transactions.
OpenAI — generates text and images; API inputs and outputs are retained for up to 30 days unless we use a zero-data-retention endpoint community.openai.com.
Replicate — trains and runs custom image-generation models under its own DPA.
Mixpanel — product analytics with a five-year default retention window mixpanel.com.
Meta / Facebook SDK — receives limited event data only after you grant ATT permission developer.apple.com.
Law enforcement or regulators — only when legally compelled.
We never rent or trade your data for money.
Our primary servers are in the United States and Europe. When personal data leaves New Zealand or the EEA we rely on Standard Contractual Clauses approved by the European Commission ec.europa.eu, plus Google Cloud’s ISO 27001 and SOC 2 certifications cloud.google.com.
Active accounts: data kept while your account remains active.
Inactive accounts: all personal data is erased six months after your last activity.
Uploaded and generated images: deleted with your account or sooner if you remove them yourself.
OpenAI prompt data: automatically purged after ≤ 30 days community.openai.com.
Firebase Analytics: records older than 14 months are purged automatically support.google.com.
Mixpanel: retained for five years by default or the shorter window we configure mixpanel.com.
Purchase records: kept seven years to comply with tax law.
All traffic is encrypted in transit with TLS 1.2+ and data at rest with AES-256. Access is controlled by role-based IAM and multi-factor authentication. Google Cloud undergoes annual SOC 2 audits and maintains ISO 27001 certification cloud.google.com.
New Zealand — request access or correction under the Privacy Act 2020 privacy.org.nz.
EU/UK — rights to access, erase, port, restrict or object under the GDPR eur-lex.europa.eu.
California — rights to know, delete or correct data under the CCPA/CPRA; we also honour Global Privacy Control signals oag.ca.gov.
To exercise any right, email matchboostai@gmail.com or lazain@jumpstartdevelopments.com. We respond within one month (or 45 days for CCPA requests).
MatchBoost AI is not directed to children. We do not knowingly collect information from anyone under 16, and we will delete such data if discovered in line with COPPA requirements ftc.gov.
The app presents Apple’s App Tracking Transparency prompt before sharing data with Meta Ads or Mixpanel. If you decline, no cross-app tracking occurs developer.apple.com.
We will post any material change in the app and update the “Last updated” date. Where required, we will seek fresh consent at least 30 days before changes take effec t support.google.com.
Questions about privacy? Email jumpstartdevelopments@gmail.com or write to:
Jumpstart Developments Limited
Suite 15025, 17B Farnham Street
Parnell, Auckland 1052
New Zealand
End of policy