Who we are
LoveCertain is a dating platform that matches people using relationship science. We are committed to protecting your personal data and being transparent about how we use it.
For the purposes of the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018, LoveCertain is the data controller. If you have questions about this policy or your data, please contact us.
Plain English version: We collect the minimum data needed to run a dating platform well. We don't sell it, we don't use it to show you ads, and we store it securely. That's the summary.
Data we collect
Data you give us directly
| Data type | What it includes | Why |
|---|---|---|
| Account information | Name, email address, date of birth, gender, location | To create and manage your account |
| Profile information | Photos, bio, occupation, values, relationship intentions, attachment style answers | To match you with compatible people |
| Payment information | Processed by Stripe — we never see your full card number | To process your £49 payment |
| Messages | Conversations you have with your matches | To provide the messaging service; moderation if reported |
| Compatibility answers | Your responses to the 5 compatibility questions | To calculate match scores |
Data we collect automatically
When you use LoveCertain, we automatically collect certain technical information: your IP address, browser type and version, device type, operating system, pages visited, and time spent on the platform. We use this to keep the service running well and to detect misuse.
Special category data
Some information you provide — such as your sexual orientation (implied by your gender and who you're seeking) — is classified under UK GDPR as "special category" data. We treat this with extra care. We process it only to provide the core service of matching you with suitable people. We do not share this data with third parties except where strictly required to operate the platform.
How we use your data
We use your personal data for the following purposes:
- Creating and managing your LoveCertain account
- Running our compatibility matching algorithm to find you suitable matches
- Facilitating conversations between matched members
- Processing payments and refunds via Stripe
- Sending transactional emails (account updates, match notifications, guarantee reminders)
- Detecting and preventing fraud, abuse, and safety violations
- Improving our matching algorithm and platform features (using aggregated, anonymised data)
- Complying with legal obligations
We do not use your data for advertising. We do not build advertising profiles. We do not sell your data to data brokers. We do not share your data with employers, insurers, or government agencies except where legally required.
Legal basis for processing
| Processing activity | Legal basis |
|---|---|
| Providing the dating service | Contract — necessary to perform our service to you |
| Processing payment | Contract — necessary to complete your transaction |
| Sending match notifications | Contract — core part of the service you signed up for |
| Safety and moderation | Legitimate interests — protecting our members and platform |
| Platform improvement | Legitimate interests — using anonymised aggregated data |
| Marketing emails (if opted in) | Consent — only with your explicit opt-in |
| Legal compliance | Legal obligation — e.g. financial records, court orders |
How long we keep your data
We keep your data for as long as your account is active plus a further 12 months, to allow for refund processing and dispute resolution. After that period, we delete or fully anonymise your personal data.
Payment records are kept for 7 years as required by UK financial regulations. Anonymised, aggregated data (e.g. match rate statistics) may be kept indefinitely as it contains no personal information.
If you request account deletion, we action it within 30 days. The 12-month grace period applies to payment-related data only.
Your rights
Under UK GDPR, you have the following rights. You can exercise any of them by contacting us.
Right to access
Request a copy of all personal data we hold about you.
Right to rectification
Ask us to correct inaccurate or incomplete data.
Right to erasure
Ask us to delete your data ("right to be forgotten").
Right to restriction
Ask us to limit how we process your data in certain circumstances.
Right to portability
Receive your data in a machine-readable format to transfer elsewhere.
Right to object
Object to processing based on legitimate interests.
We will respond to data rights requests within 30 days. If you're not satisfied with our response, you have the right to lodge a complaint with the Information Commissioner's Office (ICO) at ico.org.uk.
Security
We take data security seriously. All data is transmitted over HTTPS. Passwords are hashed using bcrypt. Access to our production database is restricted to authorised personnel only, and all access is logged and audited.
Despite these measures, no online service can guarantee absolute security. If we ever experience a data breach that affects your rights and freedoms, we will notify you and the ICO within 72 hours as required by UK GDPR.
Contact us about privacy
If you have any questions about this privacy policy, want to exercise your rights, or have a concern about how we've handled your data, please contact us via our contact page.
We aim to respond to all privacy-related requests within 5 business days, and will always respond within the statutory 30-day limit.
This policy was last updated on 1 January 2026. We'll notify active members by email of any material changes to this policy before they take effect.