Privacy policy

Last updated: 2021-04-24

My name is Viktor and I am the developer of this site. On many other services I am a user just like you and I unfortunately understand how frustrating it is when one's privacy is violated. That's why your privacy on this site is extremely important to me. Let me tell you what data is collected and how it is used. If you have any questions, please reach out to me.

Please remember that I am developing firedating.me on my own in my free from work time. Unfortunately this greatly limits my resources. Thus, if you see something missing or know a better way of doing something, please talk to me. It might be that I just haven't got to implementing it yet or wasn't aware of such an approach. In any case I would love to improve the site and provide even more value to you!

HTTPS

The site uses HTTPS protocol to secure communication between your device and the server.

Email address

You provide your email address during the registration. It is never shown to other users or shared with anyone. It is used to send you optional automatic notifications about new activity on the site. This is done via Amazon SES and mailersend.com. You can turn these notifications off in settings. In rare cases, I might use it to reach out to you, for example, if there is a very important announcement (as of 2021-04-24 this never happened so far) or a suspicion of a bug or an abuse (a complaint or malicious activity).

Password

You provide your password during the registration. Your password is not stored anywhere. Instead only its hash is stored according to the latest security standards in the industry. Thus, I don't have access to your password. If you are interested into the nitty-gritty, this is done using default Django hashing (manual) and as of 2021-04-24 it is salted pbkdf2_sha256.

User activity in aggregate in open stats

As you might have noticed, I am a huge fan of transparency and honesty. In particular, I intentionally keep the stats public. This is done by aggregating anonymized user activity (that is not attached to a particular user identity, e.g. showing a count of requests). This data is not attached to any specific user. When adding new stats, I keep in mind privacy and avoid adding too specific metrics, which could leak data of a particular user.

Your profile fields & search preferences

Your dating profile is the key element of the site, since this is a dating site. It contains mandatory fields (gender & location, but you can choose 'Unknown'), which you have to fill in during registration. There are also optional fields, such as your FIRE numbers, age, hobbies, photos, audio recording. You don't have to provide these fields. You can also specify your search preferences to define which users you want to be matched with. All of these fields (mandatory, optional, search preferences) can be seen by users who satisfy your search criteria during the matching process. With the exception of location this data is never shared with anyone else in any other way.

Regarding the location, in order to perform geographic proximity search, the site needs to map your location to its coordinates. This is done using a third party service called Nominatim API. How this works - firedating.me server sends a request to Nominatim, which contains country, state and city you provided. This request is not attached to you in any way (it is done from the server, it does not contain any other information from your profile). The requests are cached, so in some cases the site already knows coordinates and won't even do such a request.

Manual examination by admin

Unfortunately firedating.me is just a part of the public Internet and anyone can register here (even people with malicious intent). At the same time, your security is very important to me. That's why in rare case I might have to examine some data of suspicious accounts manually. In particular when there is a complaint. This may include profile fields and other data mentioned below. Without this I wouldn't be able to keep the community safe and healthy.

Unfortunately, bugs sometime happen. In order to fix them and improve the site I need to first understand what went wrong. In some cases, this is not possible without examining the state of the site. Thus, occasionally I have to examine data of random accounts for development and debugging. These accounts are selected not by who their owners are, but by the technical necessity (e.g. being affected by a bug). I do my best to minimize amount of data I analyze and do this only as the last resort.

Photos

You may upload photos as part of your profile. By default other users can see only blurred versions of your photos. One can see your unblurred photo only in the following cases:

• You sent a request to them
• They sent a request to you and you approved it
• You explicitly selected in your preferences to always show unblured photos

Unfortunately, in rare cases, I might have to examine photos of suspicious accounts manually. Please see "Manual examination by admin" for details.

The photo files are stored under randomly generated names (50 characters long), which prevents others from accessing them without authorization.

Messages

You can message other users on firedating.me. The contents of the messages are not shared in any way. Only the sender and the recipient can see them.

Unfortunately, in exceptional cases, I might have to examine messages of suspicious accounts manually. Please see "Manual examination by admin" for details. My admin account intentionally does not have access to your messages on the site. I have to use special tools to examine the database state, which is cumbersome and inconvenient. I understand that this is extremely sensitive and private area, thus, I do my best to minimize amount of information I analyze and do this only as the last resort:

1. I examine the messages only when having a strong reason (e.g. complaint about spam or scam attempt).
2. When examining the messages, I minimize amount of information I gain. For example, if there is a complaint about a user spamming a link to site X, I will only check how many messages contain X using automatic tools without examining the messages manually. In other words, I don't read messages, I just ask the site "Tell me how many messages contain X" and the site gives me 1 number.
3. If I have to examine the actual contents manually, I start only with the messages the suspicious account wrote (i.e. not examine messages they received).

As of 2021-04-24, there were 2 cases when I had to analyze messages:

1. Spam complaint. I examined messages they produced. The account was banned.
2. Potential scam complaint. I checked how many messages contained the suspicious url.

Requests

As part of using the site, you can send requests to other users. This data is not shared in any way with anyone. Only the sender and the recipient can see them.

Unfortunately, in some cases, I might have to examine requests of accounts manually (e.g. to fix the bugs). Please see "Manual examination by admin" for details.

Profiles you see

As part of using the site, you get matched with other users. This information is stored (otherwise the site wouldn't know who you already saw). This data is not shared in any way with anyone. Only you can see the list of profiles you've seen.

Unfortunately, in some cases, I might have to examine these lists for some accounts manually (e.g. to fix the bugs). Please see "Manual examination by admin" for details.

Activity timestamps

The site heavily relies on time to function (e.g. limited number of requests to send per day). In order to implement this functionality, the time when you perform certain activies is stored. This may include when you last visited the site, saw specific profile, sent a request or a message.

Logs

To prevent abuse of the server, a temporary server access log is maintained. It includes your IP & user agent, time, visited url.

Analytics

The site uses Google Analytics to monitor site usage. For details, please see " Information for Visitors of Sites and Apps Using Google Analytics".

To be honest, I would love to avoid this dependency, but haven't found an appropriate replacement and time to migrate yet. I am exploring options. Without monitoring, I would be basically going blind and this would make developing the site even harder. E.g. using analytics I know which pages are the most used, which are the slowest, which sites mention firedating.me.

Cookies

The site uses cookies to implement 'sign-in' and keep you signed in between sessions.

Deleting account

You can delete your account at any time. This is available in settings. Please see the account deletion page for details.