Spreading wings...
Join +10K users
Navigation
Search for a page or action...
Spreading wings...
Join +10K users
Spreading wings...
Search for a page or action...
FlirtyFly privacy policy and personal data protection. Information on the collection, processing, and security of your data in compliance with GDPR.
Last updated: June 4, 2026
FlirtyFly places great importance on the protection of your personal data. This privacy policy describes how we collect, use, store, and protect your information in accordance with the General Data Protection Regulation (GDPR).
The data controller for personal data is: FlirtyFly — SIRET: 99365366600012 — Address: 78, Avenue des Champs-Élysées, Office 326, 75008 Paris, France — Email: [email protected]
In the course of using our AI-assisted dating application, we may collect the following personal data: Identification data (first name, last name, email address) — Profile data (age, gender, dating preferences, location, photos) — Personality data (personality traits, values, interests extracted during the AI onboarding interview) — Communication data (messages exchanged via the platform, AI conversation transcripts) — Payment data (billing information processed by Stripe, subscription history) — Technical data (IP address, browser type, operating system, mobile device identifiers).
Your personal data is collected and processed for the following purposes: Creating and managing your AI clone (personality profile, vector embeddings) — Running the matching engine (filtering, vector similarity, AI-to-AI conversations) — Generating compatibility reports and date proposals — Managing your subscription and credits — Sending you notifications (weekly summary, match alerts) — Improving our AI algorithms and service quality — Ensuring platform security — Complying with our legal obligations.
The processing of your personal data is based on: Your consent (profile creation, AI onboarding interview) — Performance of a contract (provision of the subscription service) — Compliance with legal obligations (retention of billing data) — Our legitimate interest (algorithm improvement, platform security).
Your personal data is intended exclusively for: FlirtyFly internal teams authorized to process data — Our technical service providers within the strict scope of their missions: Supabase (hosting and database), Stripe (payments), Vercel (web hosting), Mailjet (transactional emails), OpenAI/Anthropic/Google (AI processing). We do not sell or rent your personal data to third parties.
Your personal data is retained for the following periods: Account and profile data: duration of the business relationship plus 3 years — Billing data: 10 years (accounting obligations) — AI conversation transcripts: duration of the account — Technical data and logs: 13 months maximum — In case of a deletion request, your data is erased within 30 days (GDPR grace period).
In accordance with GDPR, you have the following rights regarding your personal data: Right of access (obtain confirmation that your data is being processed and access it) — Right of rectification (correct inaccurate or incomplete data) — Right to erasure (request deletion of your data) — Right to restriction (restrict processing in certain cases) — Right to object (object to the processing of your data) — Right to data portability (receive your data in a structured format, via the CSV export available in your account) — Right to withdraw consent (at any time, without affecting the lawfulness of prior processing). To exercise these rights, you can contact us at: [email protected]. You also have the right to lodge a complaint with the CNIL (Commission Nationale de l'Informatique et des Libertés).
We implement appropriate technical and organizational measures to protect your personal data: SSL/TLS encryption for all communications — Magic link authentication (no stored passwords) — Row Level Security (RLS) on all database tables — CSRF protection and input validation on all APIs — Rate limiting on all endpoints — HTTP security headers (CSP, HSTS, X-Frame-Options) — Restricted access to personal data to authorized personnel only — Photos stored in private buckets with access control.
Our application uses only strictly necessary technical cookies for the operation of the service. No advertising or third-party tracking cookies are used without your consent. Technical cookies enable: Authentication session management — Language and theme preference storage — Security and fraud prevention (CSRF) — Proper functioning of push notifications.
Some of our technical service providers (Vercel, Stripe, OpenAI, Anthropic, Google) may process data in the United States. These transfers are governed by appropriate safeguards in compliance with GDPR (standard contractual clauses, Data Privacy Framework). Our main database is hosted within the European Union by Supabase.
FlirtyFly uses artificial intelligence to create your AI clone, generate conversations between clones, and calculate compatibility scores. Personality data extracted during onboarding is transformed into anonymized vector embeddings. AI-to-AI conversations are generated by third-party language models and are not used to train these models. You can request the deletion of your AI clone and all associated data at any time.
We reserve the right to modify this privacy policy at any time. Any changes will be published on this page with an updated date. Significant changes will be notified to you by email.
For any questions regarding this privacy policy or the processing of your personal data, you can contact us at: Email: [email protected] — Address: 78, Avenue des Champs-Élysées, Office 326, 75008 Paris, France.