Effective Date: May 29, 2025
Welcome to Nomi, India’s premier personality-based dating application, owned and operated by Triora Zenith Private Limited (“Company,” “we,” “us,” or “our”), a private limited company incorporated in India. Nomi represents a revolutionary approach to online dating, leveraging advanced personality assessment algorithms and psychological compatibility matching to create meaningful connections between individuals seeking romantic relationships.
At Nomi, we recognize that privacy is a fundamental right and a cornerstone of trust in digital relationships. We are committed to maintaining the highest standards of data protection and privacy practices under Indian laws, including but not limited to the Information Technology Act, 2000, the Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011, and emerging data protection regulations including the Digital Personal Data Protection Act, 2023.
This Privacy Policy ("Policy") governs the collection, processing, storage, sharing, and protection of your personal information when you:
Download, install, or use the Nomi mobile application on iOS or Android devices
Create a user account or profile on our platform
Participate in personality assessments and compatibility testing
Engage with other users through our matching and messaging services
Make payments for premium features or subscriptions
Interact with our customer support services
Visit our website or access any of our affiliated services
The Policy applies to all users of Nomi, regardless of their location, though our services are currently available exclusively to users residing in India.
Nomi is exclusively designed for adults aged 18 years and above. By using our services, you represent and warrant that you are at least 18 years of age and have the legal capacity to enter into this privacy agreement. We do not knowingly collect, process, or retain personal information from individuals under the age of 18. If we discover that we have inadvertently collected information from a minor, we will take immediate steps to delete such information from our systems.
By creating an account, downloading our application, or using any of our services, you explicitly consent to the collection, processing, and use of your personal information as described in this Policy. Your continued use of Nomi following any modifications to this Policy constitutes your acceptance of such changes. If you do not agree with any aspect of this Policy, you must immediately discontinue use of our services and may request deletion of your account and associated data.
This Policy is written in English and may be translated into other languages for convenience. In case of any discrepancy between the English version and any translated version, the English version shall prevail. Any headings used in this Policy are for convenience only and do not affect the interpretation of the terms.
2.1.1 Identity and Contact Information
When you register for Nomi, we collect essential identity verification data, including:
Age and Date of Birth: We require your exact date of birth to verify that you meet our minimum age requirement of 18 years. This information is also used to calculate age-based compatibility factors and ensure compliance with legal requirements. Your age may be displayed to other users as part of your profile, but your exact birth date remains private.
Contact Information: We collect your primary email address, which serves as your account identifier and primary means of communication. We also collect your mobile phone number for account verification, security purposes, and important service notifications. Both email and phone number must be verified through our authentication process.
Gender Identity and Sexual Orientation: We collect detailed information about your gender identity, expression, and sexual orientation preferences. This includes your own gender identity (with options beyond traditional binary classifications), the gender(s) you are interested in meeting, and any specific preferences or requirements for potential matches. This information is crucial for our matching algorithm and is handled with utmost sensitivity and respect.
2.1.2 Visual and Descriptive Profile Data
Profile Photographs: Users can upload multiple high-resolution photographs (up to 9 images) which are processed and stored on our secure servers. We analyze these images for content moderation purposes to ensure compliance with our community guidelines. We do not use facial recognition technology for identification purposes beyond basic content moderation. Images are compressed and optimized for various display formats while maintaining quality.
Biographical Information: Users provide detailed biographical information including educational background, profession, interests, hobbies, lifestyle preferences, relationship goals, and personal descriptions. This rich dataset enables our personality matching system to make more accurate compatibility assessments.
2.1.3 Precise Location Data
Real-Time GPS Coordinates: With your explicit permission, we collect precise location data from your device's GPS, WiFi networks, and cellular towers. This includes latitude and longitude coordinates accurate to within a few meters. This data enables location-based matching and helps you discover potential matches in your vicinity.
Location History: We maintain a limited history of your location data to improve matching algorithms and provide location-based insights. This history is automatically purged after 90 days unless required for ongoing investigations or legal compliance.
Geographic Preferences: Users can set distance preferences for potential matches, preferred areas for meeting, and geographic boundaries for their search criteria. This information is stored and used to optimize the matching experience.
2.2.1 Personality Profiling
Scenario-Based Questionnaire Responses: Our proprietary personality assessment consists of 150+ carefully crafted scenario-based questions designed by licensed psychologists and relationship experts. These questions explore various aspects of personality, including:
Introversion vs. Extroversion tendencies across different social contexts
Emotional intelligence and empathy levels
Communication styles and conflict resolution approaches
Value systems and moral frameworks
Lifestyle preferences and life goals
Relationship attachment styles and commitment patterns
Decision-making processes and risk tolerance
Creative expression and intellectual interests
Psychological Profile Generation: Based on your responses, we generate a psychological profile that includes personality type classifications, compatibility indicators, and behavioral predictions. This profile is continuously refined as you interact with the platform and provide additional data points.
Behavioral Pattern Analysis: We analyze patterns in your responses to identify consistency, authenticity, and psychological indicators that inform our matching algorithms. This includes response time analysis, question skipping patterns, and consistency checks across related questions.
2.2.2 Dynamic Personality Insights
Adaptive Assessment Updates: Your personality profile is not static; we periodically invite you to update your responses or answer additional questions to ensure your profile remains current and accurate. These updates are optional but recommended for optimal matching results.
Contextual Personality Variations: We recognize that personality can vary across different contexts (work, social, romantic), and our assessment captures these nuances to provide more accurate matching for romantic compatibility specifically.
2.3.1 Platform Interaction Metrics
Detailed Engagement Tracking: We monitor every aspect of your interaction with our platform, including:
Time spent viewing different sections of the app
Frequency and duration of app sessions
Navigation patterns and feature usage statistics
Response times to messages and notifications
Profile completion rates and update frequency
Premium feature utilization and upgrade patterns
Matching Behavior Analysis: We track your preferences and behaviors related to potential matches:
Profiles viewed, liked, passed, or reported
Time spent viewing individual profiles
Photos and profile sections that receive the most attention
Matching criteria adjustments and preference changes
Success rates and conversation initiation patterns
2.3.2 Communication and Relationship Data
Message Content and Patterns: We store all messages exchanged through our platform, including text messages, emoji usage, and media shared within conversations. While we don't actively monitor private conversations for content (except for safety purposes), this data is retained for user safety, dispute resolution, and service improvement.
Conversation Analytics: We analyze communication patterns to identify successful relationship indicators, optimize matching algorithms, and detect potentially harmful behavior. This includes message frequency, response times, conversation length, and progression patterns.
Relationship Outcomes Tracking: With user consent, we track relationship outcomes including successful matches, dates arranged, relationship duration, and user feedback on match quality. This data is crucial for continuously improving our matching algorithms and user experience.
2.4.1 Payment Processing Data
Razorpay Integration: All payment transactions are processed through Razorpay, India's leading payment gateway, which maintains PCI DSS compliance and adheres to RBI guidelines. We do not store your complete credit card numbers, debit card numbers, or banking details on our servers.
Transaction Records: We maintain detailed records of all transactions including:
Purchase dates and amounts
Subscription periods and renewal dates
Premium feature usage and billing cycles
Refund requests and processing status
Payment method preferences (without sensitive details)
Currency conversion rates for international users (if applicable)
Billing Information: We store billing addresses, invoice generation data, and tax calculation information as required for accounting and legal compliance purposes.
2.4.2 Premium Feature Analytics
Usage Pattern Analysis: For users who subscribe to premium features, we track detailed usage patterns to optimize feature development and provide personalized recommendations for service upgrades or modifications.
Value Assessment: We analyze the correlation between premium feature usage and user success rates to continually improve our paid offerings and demonstrate value to subscribers.
3.1.1 Profile Creation and Management
Profile Development: Your personal information forms the foundation of your Nomi profile, which serves as your digital representation to potential matches. We use your identity information, photographs, and biographical data to create a rich, authentic profile that accurately represents who you are and what you're seeking in a relationship.
Dynamic Profile Optimization: Our algorithms continuously analyze profile performance metrics, including view rates, match rates, and user engagement levels, to provide personalized recommendations for profile improvements. This includes suggestions for photo arrangements, biographical content enhancement, and preference refinements.
Profile Authenticity Verification: We use your provided information to verify profile authenticity through various methods including phone number verification, email confirmation, and behavioral pattern analysis to detect and prevent fake profiles or catfishing attempts.
3.1.2 Advanced Personality-Based Matching
Sophisticated Compatibility Algorithms: Your personality assessment data is processed through our proprietary compatibility engine, which uses machine learning algorithms trained on successful relationship patterns to identify potential matches with high compatibility scores. This system considers multiple dimensions of compatibility including:
Psychological compatibility based on personality complementarity and similarity
Lifestyle alignment including life goals, values, and priorities
Communication style compatibility for long-term relationship success
Emotional intelligence matching for deeper connection potential
Physical and intellectual attraction indicators
Continuous Algorithm Refinement: We use aggregated user interaction data and relationship outcome feedback to continuously improve our matching algorithms. Your usage patterns, successful matches, and relationship feedback contribute to making our system more accurate for all users.
Personalized Recommendation Engine: Beyond basic matching, we provide personalized recommendations for conversation starters, date ideas, and relationship development strategies based on your personality profile and the characteristics of your matches.
Secure Messaging Platform: We provide a secure, feature-rich messaging platform that enables meaningful communication between matched users. Your messages are stored securely and can include text, emojis, photos, and other multimedia content.
Conversation Quality Enhancement: We analyze communication patterns to provide users with insights and suggestions for improving conversation quality and relationship development, including timing recommendations and conversation topic suggestions based on shared interests and compatibility factors.
Safety and Moderation: We monitor communications for safety purposes, including detection of harassment, inappropriate content, spam, or fraudulent activity. Our automated systems and human moderators work together to maintain a safe environment for all users.
Continuous Learning Systems: We employ sophisticated machine learning models that continuously learn from user interactions, successful matches, and relationship outcomes to improve our services. Your anonymized usage data contributes to training models that benefit the entire user community.
Feature Development and Testing: We use aggregated user behavior data to identify opportunities for new features and improvements. This includes A/B testing of new functionalities, user interface improvements, and matching algorithm enhancements.
Predictive Analytics: We develop predictive models to anticipate user needs, such as predicting when users might be ready for premium features, identifying users at risk of churning, and optimizing notification timing for maximum engagement.
Relationship Science Research: With appropriate anonymization and aggregation, we conduct research on modern dating behaviors, relationship formation patterns, and compatibility factors to contribute to the broader understanding of human relationships and improve our services.
User Experience Research: We analyze user interaction patterns to identify pain points, optimize user workflows, and enhance the overall user experience through data-driven design decisions.
Market Analysis and Trend Identification: We use aggregated demographic and usage data to understand market trends, user preferences, and evolving needs in the online dating landscape.
Multi-Layer Identity Verification: We use your personal information in combination with behavioral analytics to verify user authenticity and prevent fraudulent accounts. This includes cross-referencing information across multiple data points and monitoring for suspicious patterns.
Real-Time Risk Assessment: Our security systems continuously assess user behavior for signs of fraudulent activity, including unusual login patterns, suspicious messaging behavior, and potential catfishing attempts.
Automated Threat Detection: We employ machine learning models trained to detect various types of threats including spam, scams, harassment, and other harmful behaviors, enabling proactive protection for our user community.
Proactive Content Monitoring: We use automated systems to scan uploaded photos, profile content, and messages for inappropriate material, including explicit sexual content, hate speech, harassment, and other violations of our community guidelines.
User Safety Tools: We provide users with safety tools including blocking, reporting, and privacy controls, all of which rely on your personal information to function effectively and provide appropriate protections.
Incident Response and Investigation: When safety incidents are reported, we use your information and interaction history to conduct thorough investigations and take appropriate enforcement actions to protect the community.
Essential Service Notifications: We use your contact information to send critical service communications including account security alerts, match notifications, message alerts, subscription renewals, and important policy updates.
Personalized Engagement: Based on your usage patterns and preferences, we send personalized notifications about potential matches, profile optimization suggestions, and feature recommendations designed to enhance your experience and success on the platform.
Customer Support: Your personal information enables our customer support team to provide personalized assistance, troubleshoot account issues, and resolve disputes effectively.
Targeted Marketing (With Consent): With your explicit consent, we use your demographic information, interests, and usage patterns to send relevant marketing communications about new features, premium services, and special promotions.
Event and Community Notifications: We may use your location and interest data to inform you about local events, meetups, or community activities that align with your interests and dating goals.
Feedback and Survey Requests: We periodically request feedback on your experience, relationship outcomes, and service satisfaction to guide our product development and improvement efforts.
Controlled Profile Visibility: Your basic profile information, including your chosen display name, age, selected photographs, biographical information, and location (city/area level, not precise coordinates), is visible to other users within your specified matching criteria and distance preferences. You have granular control over what information is displayed and to whom.
Personality Compatibility Insights: We share personality compatibility scores and insights with users who match with you, including complementary traits, shared interests, and compatibility percentages. However, your specific personality assessment responses remain private and are not shared with other users.
Selective Information Disclosure: Users can control the visibility of certain profile elements through privacy settings, including the ability to blur photos until matched, hide specific biographical details, or limit visibility to premium subscribers only.
Message Exchange Platform: When you match with another user, our platform facilitates the exchange of messages, photos, and other content you choose to share. This information becomes accessible to both parties in the conversation and is stored securely on our servers.
Read Receipts and Activity Status: With appropriate privacy controls, we may share information about message read status, online activity, and response patterns to enhance communication effectiveness between matched users.
Mutual Interest Indicators: We share information about mutual interests, shared connections (if any), and common preferences to help facilitate meaningful conversations and connections.
Verification Status: We display verification badges and status indicators to other users when you complete our verification processes, helping to build trust and authenticity in the matching process.
Safety Alerts: In cases where safety concerns are identified, we may share relevant safety information with affected users while maintaining appropriate privacy protections.
Razorpay Integration: We share necessary payment and billing information with Razorpay, our payment processing partner, to facilitate subscription payments, premium feature purchases, and transaction processing. Razorpay maintains independent privacy practices governed by their own privacy policy, and they are required to maintain strict confidentiality and security standards for all processed information.
Financial Compliance Data: We may share transaction information with financial institutions, regulatory bodies, and compliance partners as required for anti-money laundering (AML), know-your-customer (KYC), and other financial regulatory requirements.
Cloud Storage Providers: We utilize secure cloud storage services to store user data, including profile information, photos, and messages. These providers are contractually bound to maintain strict security and privacy standards and are prohibited from using your data for their own purposes.
Analytics and Performance Monitoring: We share aggregated, anonymized usage data with analytics platforms to monitor app performance, identify technical issues, and improve user experience. Individual user information is never shared in identifiable form.
Customer Support Platforms: We may share relevant account and interaction information with customer support platforms and tools to provide efficient and personalized support services.
Email and SMS Service Providers: We share contact information with trusted communication service providers to send service notifications, marketing communications (with consent), and important updates. These partners are contractually obligated to use this information solely for providing communication services on our behalf.
Push Notification Services: We utilize platform-specific push notification services (Apple Push Notification Service, Google Firebase Cloud Messaging) to send timely notifications to your device. These services receive device identifiers and message content necessary for notification delivery.
Compliance with Legal Orders: We may disclose your personal information when required by valid legal processes, including court orders, subpoenas, search warrants, and other legally binding requests from authorized government agencies or law enforcement authorities.
Criminal Investigation Support: In cases involving suspected criminal activity, threats to public safety, or violations of law, we may proactively share relevant information with appropriate law enforcement agencies to assist in investigations and protect public welfare.
Regulatory Reporting: We may be required to report certain types of information to regulatory authorities, including financial transaction data, user statistics, and safety incident reports as mandated by applicable laws and regulations.
Intellectual Property Protection: We may share user information when necessary to investigate and respond to claims of intellectual property infringement, including copyright violations, trademark disputes, and unauthorized use of proprietary content.
Contract Enforcement: We may disclose information necessary to enforce our Terms of Service, investigate violations of our community guidelines, or protect our legal rights, property, and interests.
Litigation and Dispute Resolution: In the event of legal disputes involving our users or our services, we may share relevant information as required for litigation, arbitration, or other dispute resolution processes.
Preventing Illegal Activities: We proactively monitor for and report suspected illegal activities, including fraud, harassment, stalking, threats of violence, and other criminal behavior to appropriate authorities.
Child Safety Protection: Despite our 18+ age requirement, if we receive reports or discover evidence of underage users or threats to child safety, we will immediately report such incidents to relevant authorities and cooperate fully with investigations.
Public Health and Safety: In extraordinary circumstances involving public health emergencies or safety threats, we may share aggregated or individual information with health authorities or emergency services as legally required or ethically necessary.
Asset Transfer Preparation: In the event of a potential merger, acquisition, or sale of substantially all of our assets, user information may be shared with potential buyers, investors, or partners as part of due diligence processes, subject to strict confidentiality agreements and privacy protections.
Completed Transaction Transfers: If a business transfer is completed, user information will be transferred to the acquiring entity, which will be bound to honor the privacy commitments made in this Policy unless users are provided with notice and choice regarding any material changes to privacy practices.
Bankruptcy or Insolvency Proceedings: In the unlikely event of bankruptcy or insolvency proceedings, user information may be considered a business asset subject to sale or transfer, though we will make reasonable efforts to ensure that any acquiring party maintains appropriate privacy protections.
Subsidiary and Affiliate Sharing: We may share user information with current or future subsidiaries, affiliates, or parent companies for business operations, service provision, and administrative purposes, provided that such entities agree to maintain the same privacy protections outlined in this Policy.
Service Provider Transitions: In cases where we change service providers or technology partners, user information may be transferred to new providers to ensure continuity of service, subject to contractual privacy and security requirements.
Advance Notice Requirements: We commit to providing users with reasonable advance notice of any significant business transfers that would affect their personal information, including details about the acquiring entity and any changes to privacy practices.
User Choice and Data Portability: In business transfer scenarios, we will provide users with options to export their data, delete their accounts, or exercise other available rights before the transfer is completed, where legally and technically feasible.
Transport Layer Security (TLS): All data transmission between your device and our servers utilizes TLS 1.3 protocol, ensuring that any information you send or receive through the Nomi app is protected from interception by unauthorized third parties. This includes login credentials, profile updates, messages, and payment information.
Database Security: Our databases employ multiple security layers including access logging, query monitoring, and automated intrusion detection systems. Database connections are encrypted and authenticated using certificate-based authentication, and all database queries are logged and monitored for suspicious activity.
API Security: Our application programming interfaces (APIs) are secured using OAuth 2.0 authentication protocols, rate limiting to prevent abuse, and input validation to protect against injection attacks and other common security vulnerabilities.
5.1.2 Infrastructure Security and Access ControlsCloud Infrastructure Protection: Our application infrastructure is hosted on enterprise-grade cloud platforms that maintain SOC 2 Type II compliance, ISO 27001 certification, and other industry-standard security certifications. These platforms provide built-in DDoS protection, automated security patching, and 24/7 infrastructure monitoring.
Access Control Systems: Access to user data is strictly controlled through role-based access control (RBAC) systems. As the sole developer, administrative access is limited to essential maintenance and support functions only. All access attempts are logged with timestamp, IP address, and purpose documentation.
Development Environment Security: Our development and testing environments are completely separated from production systems and contain no real user data. All development work uses anonymized or synthetic data to ensure user privacy during feature development and testing.
Backup and Recovery: We maintain encrypted backups of user data across multiple geographically distributed locations within India. Backup systems are tested regularly to ensure data integrity and recovery capabilities in case of system failures or disasters.
5.1.3 Continuous Security Monitoring and ResponseReal-Time Threat Detection: Our security systems continuously monitor for suspicious activities including unusual login patterns, potential data breaches, unauthorized access attempts, and malicious software. Automated alerts trigger immediate investigation and response protocols.
Vulnerability Management: We conduct regular security assessments and vulnerability scans of our systems, applications, and infrastructure. Any identified vulnerabilities are prioritized and addressed according to their severity level, with critical vulnerabilities addressed within 24 hours of discovery.
Incident Response Procedures: We maintain incident response procedures that include immediate containment of security threats, assessment of potential data exposure, notification of affected users when required, and cooperation with law enforcement agencies when necessary.
Security Updates and Patching: All system components, including operating systems, databases, and application frameworks, are kept current with the latest security patches and updates. Critical security updates are applied immediately, while routine updates are applied during scheduled maintenance windows.
Profile Information Lifecycle: Your core profile information, including personal details, photographs, personality assessment results, and biographical information, is retained for the entire duration of your active account. This data is essential for providing matching services and maintaining your user experience consistency.
Communication History: Messages exchanged with other users are retained indefinitely while your account remains active to preserve conversation history and enable seamless user experience across devices. However, you can delete individual messages or entire conversations at any time through the app interface.
Usage Analytics and Behavioral Data: Anonymized usage patterns, app interaction data, and behavioral analytics are retained for up to 24 months to support ongoing algorithm improvements and service enhancements. This data is aggregated and cannot be traced back to individual users after anonymization.
Location Data Retention: Precise location data is retained for a maximum of 90 days for algorithm optimization and safety purposes. After this period, location data is automatically purged from our systems, though generalized location information (city/state level) may be retained as part of your profile.
5.2.2 Account Deletion and Data PurgingImmediate Deletion Process: When you delete your Nomi account, we immediately remove your profile from public visibility and halt all matching algorithms. Other users can no longer view your profile or initiate new conversations with you.
30-Day Grace Period: We maintain a 30-day grace period after account deletion during which your data is moved to secure, isolated storage systems. This allows for account recovery if you change your mind, while ensuring your data remains protected during this transition period.
Complete Data Purging: After the 30-day grace period expires, all personally identifiable information is permanently deleted from our systems. This includes your profile information, photographs, messages, personality assessment responses, and precise location data. This deletion process is irreversible.
Legal Retention Requirements: Certain information may be retained beyond the standard purging timeline when required by law, such as transaction records for tax compliance, safety incident reports for ongoing investigations, or information subject to legal holds. Such retention is limited to the minimum required by applicable legal requirements.
5.2.3 Data Minimization and OptimizationAutomatic Data Cleanup: Our systems automatically identify and remove unnecessary data, including expired session tokens, temporary files, cache data, and processing logs that are no longer needed for service operation.
Storage Optimization: We regularly optimize data storage to remove redundancies and ensure efficient use of resources while maintaining data integrity and accessibility for legitimate business purposes.
Retention Policy Reviews: We periodically review and update our data retention policies to ensure compliance with evolving legal requirements and industry best practices, always erring on the side of protecting user privacy.
Primary Data Residence: All user data is primarily stored and processed within India using data centers and cloud infrastructure located within Indian borders. This ensures compliance with emerging data localization requirements and provides faster service performance for Indian users.
Local Processing Priority: Personal data processing, including personality assessments, matching algorithms, and user interactions, occurs primarily on servers located within India to minimize cross-border data transfers and ensure regulatory compliance.
Regulatory Compliance: Our data localization practices are designed to comply with the Digital Personal Data Protection Act, 2023, and other applicable Indian data protection regulations, including any sector-specific requirements for dating and social networking applications.
5.3.2 Limited International TransfersService Provider Exceptions: In limited circumstances, certain technical service providers (such as global CDN networks or specialized security services) may process anonymized or encrypted data outside India. Such transfers are governed by strict data processing agreements and comply with applicable cross-border transfer regulations.
User-Initiated Transfers: If users choose to share their information with matches located in other countries or use features that require international connectivity, they are informed of such transfers and provide explicit consent for cross-border data sharing.
Emergency Scenarios: In rare emergency situations involving user safety or legal compliance, we may need to share specific data with international law enforcement or safety authorities. Such transfers are limited to the minimum necessary information and documented for transparency.
5.3.3 Cross-Border Compliance FrameworkAdequacy Assessments: Before engaging any international service providers, we conduct thorough assessments of their data protection practices and legal frameworks to ensure adequate protection for Indian user data.
Contractual Safeguards: All international data transfers are governed by data processing agreements that include specific privacy and security requirements, audit rights, and breach notification procedures.
Ongoing Monitoring: We continuously monitor international data protection developments and adjust our practices accordingly to maintain compliance with evolving cross-border data transfer requirements.
Instant Profile Updates: You have complete control over your Nomi profile and can modify, update, or enhance your information at any time through the app interface. Changes to your profile information, photographs, biographical details, and preferences take effect immediately and are reflected in the matching algorithm within minutes.
Granular Privacy Controls: Our privacy settings allow you to control exactly what information is visible to other users and under what circumstances. You can choose to hide specific profile elements from certain user categories, require mutual matching before revealing detailed information, or limit visibility to premium subscribers only.
Photo Management and Control: You have complete control over your photo gallery, including the ability to upload, delete, rearrange, or temporarily hide photos. You can also control whether photos are visible immediately or only after matching, and you can watermark or blur photos until certain interaction thresholds are met.
Personality Profile Adjustments: While maintaining the integrity of personality assessments, you can retake portions of the personality quiz, update your responses to reflect personal growth, or provide additional context for your personality traits. These updates are incorporated into your compatibility scoring while maintaining assessment validity.
6.1.2 Communication and Interaction PreferencesMessage and Notification Control: You can customize all aspects of communication preferences, including which types of notifications you receive, how often you're notified of new matches or messages, and whether notifications include preview content or just basic alerts.
Matching Criteria Management: Your matching preferences can be adjusted at any time, including age ranges, distance parameters, personality compatibility thresholds, lifestyle preferences, and deal-breaker criteria. These changes immediately affect future matches while preserving existing connections.
Blocking and Safety Controls: You have immediate access to blocking and safety tools that allow you to prevent specific users from contacting you, report inappropriate behavior, and control who can view your profile or initiate conversations.
6.1.3 Data Visibility and Sharing ControlsInformation Sharing Preferences: You control what personal information is shared with matches at different stages of interaction, from initial profile viewing through ongoing conversations and potential relationship development.
Third-Party Integration Management: If you choose to connect social media accounts or other external services, you maintain control over what information is imported, how it's used in your profile, and whether it remains connected to external platforms.
Analytics and Research Participation: You can opt out of having your anonymized data included in research studies or algorithm improvement initiatives while still receiving full app functionality and personalized matching services.
Data Download: You have the right to request and receive a complete copy of all personal data we hold about you, delivered in a structured, commonly used, and machine-readable format. This includes your profile information, personality assessment results, interaction history, communication records, and technical data associated with your account.
Data Processing Transparency: We provide detailed information about how your data is processed, including the specific algorithms that affect your matching experience, the logic behind personality compatibility calculations, and the factors that influence your profile visibility and ranking.
Regular Data Reports: Upon request, we provide periodic reports detailing what data has been collected, how it has been used, with whom it has been shared, and any significant changes to your data processing since your last report.
6.2.2 Right to Correction and AccuracyError Correction Procedures: If you identify inaccuracies in your personal data, you can request immediate corrections through our in-app tools or customer support channels. We investigate and correct verified inaccuracies within 72 hours of notification.
Profile Verification Updates: If your verification status, identity information, or other validated data elements change, we provide streamlined processes for updating this information while maintaining security and authenticity standards.
Algorithm Impact Assessment: If you believe data inaccuracies are affecting your matching experience or profile performance, we investigate and provide explanations of how corrections will impact your future app experience.
6.2.3 Right to Deletion and ErasureDeletion Rights: You can request deletion of your entire account and all associated data, or selective deletion of specific data categories while maintaining your account. Deletion requests are processed within 30 days, with immediate removal from public-facing features.
Right to Be Forgotten: Beyond basic account deletion, you can request removal of your information from algorithm training data, research datasets, and other analytical uses, ensuring your data doesn't influence future system development.
Deletion Verification: We provide confirmation when deletion processes are complete and, upon request, can provide certification that your data has been permanently removed from our systems.
6.2.4 Data Portability and Export RightsStructured Data Export: You can export your data in multiple formats suitable for import into other services, including JSON, CSV, and XML formats that preserve data relationships and metadata.
Selective Data Portability: Rather than exporting all data, you can choose specific data categories for export, such as personality assessment results, match history, or communication preferences.
Third-Party Integration: Where technically feasible, we facilitate direct data transfer to other services you specify, eliminating the need for manual data re-entry when switching platforms.
Multi-Level Location Sharing: You can choose from multiple levels of location sharing precision, from exact GPS coordinates for nearby matching to city-level approximations for broader geographic matching, or complete location privacy with manual location entry.
Dynamic Location Management: Your location sharing preferences can be adjusted in real-time based on your current activity, safety considerations, or privacy preferences. You can temporarily disable location sharing without affecting your account status.
Location History Management: You can view, edit, or delete your location history, control how long location data is retained, and set automatic deletion schedules for location information older than your specified timeframe.
6.3.2 Safety and Privacy FeaturesLocation Masking Options: Advanced privacy features allow you to mask your exact location while still enabling distance-based matching, providing approximate locations that protect your precise whereabouts while maintaining matching functionality.
Emergency Location Override: In safety emergencies, you can temporarily share precise location information with trusted contacts or authorities while maintaining normal privacy settings for regular app usage.
Geographic Boundary Setting: You can establish geographic boundaries within which your profile is visible and outside of which your information remains private, providing control over your geographic presence on the platform.
Session Management Cookies: These strictly necessary cookies maintain your login session, preserve your app state as you navigate between features, and ensure consistent user experience across different sections of the application. Session cookies are automatically deleted when you close the app or log out, and they contain no personally identifiable information beyond your session identifier.
Authentication and Security Cookies: Security-focused cookies help protect your account from unauthorized access by detecting unusual login patterns, verifying device authenticity, and maintaining security token validity. These cookies are essential for protecting your account and cannot be disabled without compromising app security.
Preference and Customization Cookies: These cookies remember your personalized settings including display preferences, notification settings, language choices, and interface customizations. They enhance your user experience by maintaining your preferred app configuration across sessions.
Category-Based Control: Our cookie preference center allows you to accept or reject different categories of cookies independently. You can choose to accept essential cookies while declining marketing cookies, or customize your preferences for each specific cookie type.
Real-Time Preference Updates: Your cookie preferences can be changed at any time through the app settings, and changes take effect immediately. You can also view which cookies are currently active and when they were last updated.
Cookie Information Transparency: For each cookie category, we provide detailed information about what data is collected, how it's used, how long it's retained, and which third parties (if any) have access to this information.
7.2.2 Third-Party Cookie ManagementExternal Service Integration: When third-party services (such as payment processors or analytics platforms) use cookies through our app, we clearly identify these external cookies and provide links to the relevant third-party privacy policies and cookie management tools.
Cross-Site Tracking Prevention: We implement measures to prevent unauthorized cross-site tracking and ensure that third-party cookies used in our app are limited to their intended functionality and don't enable broader tracking across other websites or services.
Regular Third-Party Audits: We regularly review all third-party cookie implementations to ensure they comply with our privacy standards and user consent preferences, removing any cookies that exceed their authorized scope or purpose.
Payment Processing: Razorpay serves as our primary payment processor for all financial transactions within the Nomi app, including premium subscription payments, feature upgrades, and any additional service purchases. When you make a payment, certain information is shared with Razorpay to facilitate the transaction and ensure security.
Information Shared with Razorpay: The specific information shared includes your billing name, email address, phone number, billing address, transaction amount, currency, payment method selection, and transaction timestamp. We do not share your Nomi profile information, personality assessment results, or dating activity with Razorpay.
Razorpay's Data Handling: Razorpay maintains their own privacy policy and security standards, including PCI DSS Level 1 compliance for handling payment card information. They are contractually obligated to use your information solely for payment processing and fraud prevention purposes. We encourage you to review Razorpay's privacy policy at Razorpay Privacy Policy to understand their data handling practices.
Payment Security Measures: All payment transactions are secured using industry-standard encryption and tokenization technologies. Your actual payment card details are never stored on our servers and are processed securely through Razorpay's encrypted payment infrastructure.
8.1.2 Financial Compliance and ReportingTransaction Monitoring: We may share transaction information with financial monitoring services to comply with anti-money laundering (AML) and know-your-customer (KYC) requirements as mandated by Indian financial regulations.
Tax Compliance: Transaction data may be shared with tax authorities or accounting services as required for GST compliance, income tax reporting, and other applicable tax obligations.
Subscription Management: We work with subscription management platforms to handle recurring billing, subscription modifications, and refund processing, sharing only the minimum information necessary for these specific functions.
Data Storage Partners: We utilize enterprise-grade cloud storage services to securely store user data, including profile information, photos, messages, and app analytics. These providers are selected based on their security certifications, data protection standards, and compliance with Indian data localization requirements.
Service Provider Obligations: All cloud service providers are bound by data processing agreements that strictly limit how they can access or use your information. They are prohibited from using your data for their own purposes and must implement specific security measures to protect your information.
Data Center Locations: Our primary data storage occurs in facilities located within India to ensure compliance with data localization requirements and provide optimal performance for Indian users. Any international backup or redundancy services operate under strict data protection agreements.
8.2.2 Analytics and Performance MonitoringApp Performance Analytics: We use specialized analytics platforms to monitor app performance, identify technical issues, and understand user experience challenges. These platforms receive aggregated, anonymized usage data that cannot be traced back to individual users.
Crash Reporting and Debugging: Technical service providers help us identify and resolve app crashes, bugs, and performance issues. They receive technical data about app failures and device configurations but do not have access to personal user information or profile data.
User Experience Research: With appropriate anonymization, we may share usage patterns and interaction data with user experience research platforms to identify opportunities for app improvements and feature development.
8.2.3 Communication and Customer SupportCustomer Support Platforms: We use customer support software to manage user inquiries, technical support requests, and account issues. Support representatives have access only to information necessary to resolve your specific inquiry and are bound by strict confidentiality agreements.
Email and SMS Services: Third-party communication platforms help us send service notifications, security alerts, and (with your consent) marketing communications. These services receive your contact information and message content but are contractually prohibited from using this information for their own purposes.
Push Notification Services: We utilize Apple Push Notification Service (APNS) for iOS devices and Google Firebase Cloud Messaging (FCM) for Android devices to deliver timely notifications about matches, messages, and app updates. These services receive device tokens and notification content necessary for message delivery.
Spotify and Instagram Integration: If you choose to connect your Spotify or Instagram account, we may import basic profile information such as your name, age, photos, and interests to help populate your Nomi profile. This integration is entirely optional and can be disconnected at any time.
LinkedIn Professional Integration: For users interested in career-focused compatibility, optional LinkedIn integration can import professional information, education details, and career interests. This data is used only for enhanced matching and is never shared with other users without your explicit permission.
Social Media Privacy Controls: When you connect social media accounts, you maintain control over what information is imported and how it's used in your Nomi profile. You can selectively import certain information while keeping other details private.
8.3.2 Photo and Content VerificationImage Verification Services: To enhance profile authenticity and reduce catfishing, we may use third-party image verification services that compare your uploaded photos with optional verification selfies. These services analyze facial features for consistency but do not store or use your photos for any other purpose.
Content Moderation Tools: We employ automated content moderation services to detect inappropriate content, spam, or harmful material in profiles and messages. These tools analyze text and images for policy violations but do not store personal content beyond the analysis period.
Nomi maintains an unwavering commitment to protecting minors by implementing a age restriction policy that prohibits access to individuals under 18 years of age. Our platform is exclusively designed for adults who possess the legal capacity to enter into binding agreements and make informed decisions regarding personal relationships and data sharing.
During the account registration process, users must provide verifiable proof of age through government-issued identification documents or other legally acceptable age verification methods. Our advanced verification systems cross-reference provided information with official databases where legally permissible and technically feasible, ensuring accurate age confirmation before account activation.
We maintain a strict zero-tolerance policy regarding the collection, processing, or retention of personal information from individuals under 18 years of age. Our systems are designed with multiple safeguards to prevent inadvertent minor registration, including automated age verification protocols, behavioral pattern analysis, and continuous monitoring for potential underage activity.
In the event that we discover or are made aware of personal information collected from a minor, we initiate immediate remedial action including account suspension, complete data purging, and notification to appropriate authorities as required by law. All associated data, including profile information, communication history, and usage analytics, is permanently deleted from our systems within 24 hours of discovery.
Our platform employs sophisticated detection mechanisms including artificial intelligence algorithms trained to identify potential minor usage patterns, automated photo analysis for age-inappropriate profile images, and behavioral analytics that flag suspicious account activity. Users are provided with easily accessible reporting tools to notify us of suspected underage users, and all such reports are investigated immediately with appropriate action taken within 24 hours.
When evidence suggests potential child safety concerns, we immediately notify relevant child protection agencies and law enforcement authorities, providing full cooperation with official investigations while maintaining appropriate confidentiality protections for all parties involved.
Our data protection practices are meticulously designed to comply with the Information Technology Act, 2000, and its regulatory framework, including the Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011. We implement prescribed security measures for protecting sensitive personal data, maintain detailed audit trails of data processing activities, and ensure appropriate consent mechanisms are in place for all data collection and processing activities.
Our security infrastructure meets or exceeds the reasonable security practices mandated by Indian law, including implementation of information security policies, regular security audits, and incident response procedures that include mandatory breach notification to affected individuals and relevant authorities within prescribed timeframes.
10.1.2 Digital Personal Data Protection Act, 2023 ImplementationIn anticipation of and compliance with the Digital Personal Data Protection Act, 2023, we have implemented data protection measures that align with the Act's requirements for data fiduciaries. Our consent management systems provide users with granular control over their personal data, including clear options for consent withdrawal, data portability, and erasure rights.
We maintain strict data localization practices, ensuring that personal data of Indian users is processed and stored within India's territorial boundaries, with limited exceptions only for essential technical operations and with appropriate safeguards in place. Our cross-border data transfer protocols include adequacy assessments and contractual safeguards to ensure equivalent protection standards.
10.1.3 Reserve Bank of India Payment System ComplianceAll financial transactions processed through our platform adhere strictly to RBI guidelines for payment system operators and intermediaries. Our payment processing infrastructure implements mandated Know Your Customer (KYC) procedures, Anti-Money Laundering (AML) compliance measures, and transaction monitoring and reporting systems.
Payment data localization requirements are fully implemented, with all payment-related information stored within India on RBI-compliant infrastructure. We maintain detailed transaction records as required by banking regulations and provide necessary reporting to financial intelligence units and regulatory authorities.
Our operations comply with relevant sectoral regulations including telecommunications regulations administered by the Telecom Regulatory Authority of India (TRAI), consumer protection laws under the Consumer Protection Act, 2019, and broadcasting standards where applicable to our content and communication services.
We maintain grievance redressal mechanisms as required by consumer protection regulations, implement fair trading practices, and ensure transparent pricing and service terms. Our communication practices comply with Do Not Disturb (DND) regulations and spam prevention requirements established by telecommunications authorities.
Where applicable, our services comply with state-level data protection and privacy regulations, consumer protection laws, and cultural sensitivity requirements. We provide multilingual privacy policy versions where mandated by local regulations and ensure our services respect regional cultural norms and legal requirements across different Indian states and territories.
We maintain a sophisticated change management system that categorizes policy modifications based on their impact on user rights and data processing practices. Material changes that significantly affect user privacy rights, data processing purposes, or sharing practices require explicit user consent and extended notification periods. Standard changes involving service improvements or clarifications require notification but may proceed with implied consent through continued service usage.
Technical updates, minor clarifications, and corrections that do not affect user rights or data handling practices are implemented with simple notification requirements. Emergency changes required for immediate legal compliance or security protection may be implemented immediately with subsequent detailed notification and explanation.
11.1.2 Multi-Channel Notification InfrastructureOur notification system utilizes multiple communication channels to ensure user awareness of policy changes. In-app notifications provide immediate visibility through prominent alerts and banners within the application interface. Email communications deliver detailed change summaries to all registered email addresses with clear explanations of modifications and their implications.
SMS notifications are utilized for critical changes affecting core privacy rights or security measures, ensuring immediate user awareness regardless of app usage patterns. Website announcements provide persistent visibility of policy changes through prominent notices on our primary web presence and user portal interfaces.
Material changes affecting fundamental privacy rights require explicit user acceptance through in-app consent mechanisms before continued service access. Users are provided with information about proposed changes, their implications, and available alternatives including account deletion and data export options.
For standard policy updates, users receive detailed notification with a specified review period during which they may opt out of continued service or request account deletion. Continued use of our services after the notification period constitutes acceptance of the updated terms, with clear documentation of this consent mechanism provided to users.
11.2.2 User Choice and Data PortabilityUsers who choose not to accept policy changes are provided with data export tools, allowing them to download their complete data archive in portable formats before account closure. We maintain a grace period during which users can change their decision and accept updated terms without data loss or service interruption.
Our consent management system maintains detailed records of user responses to policy changes, including explicit acceptances, opt-outs, and the timing of consent decisions. This documentation ensures compliance with regulatory requirements and provides users with transparency regarding their consent history.
We maintain version control systems that preserve all historical versions of our privacy policy with detailed change logs documenting modifications, implementation dates, and regulatory or business justifications for changes. Users can access previous policy versions to understand the evolution of our privacy practices and their consent decisions over time.
Our documentation system includes impact assessments for significant changes, user communication records, and compliance verification reports that demonstrate adherence to notification and consent requirements established by applicable privacy regulations.
Our primary privacy communication channel, support@triorazenith.com, operates as a monitored, secure communication system staffed by trained privacy professionals available 24 hours a day, 7 days a week. This channel handles all privacy-related inquiries, data subject rights requests, consent management issues, and general privacy concerns with guaranteed response times and escalation procedures for complex matters.
All privacy-related communications are tracked through our case management system, ensuring consistent follow-up, resolution documentation, and user satisfaction verification. We maintain multi-language support capabilities for Hindi and English communications, with translation services available for other regional languages when necessary.
We maintain legally binding commitments to respond to user communications within specified timeframes based on the nature and urgency of the inquiry. Security incidents and potential data breaches receive immediate response and investigation, with initial communication to affected users within one hour of verified incident detection.
All customer-facing staff receive training in privacy regulations, user rights, technical systems, and professional communication standards. Our quality assurance program includes regular monitoring of communication quality, resolution effectiveness, and user satisfaction levels with documented improvement processes for identified deficiencies.
Name: Tejas Gotavade
Email: support@triorazenith.com
Effective Date: May 29, 2025
Last Updated: October 10, 2025
Version: 0.2.0+59