Badoo

Warning: *Privacy Not Included with this product

Badoo

Bumble, Inc
Wi-Fi

Review date: March 15, 2024

|
|

Mozilla says

|
People voted: Very creepy

Launched in 2006 and with over 100+ million downloads in the Google Play Store alone, Badoo is one of the most used dating apps in the world. They say it pays to be the "real, unapologetic you" on Bumble Inc.-owned Badoo. Before you get going, you might have to prove you're really you -- with a phone number and photo verification. Then, you can message other users to your heart's content, without waiting for a match first. The app's Screenshot Block feature means your conversation probably won't end up on Reddit (phew!) but also that you can't crowdsource your witty responses by sending screenshots to your friends (not that you would!). Free users get access to most of the app's features like location-based matches, messaging, and video chats. Badoo Premium lets you see who added you to their favorites, see who liked you, and more. So, how is Badoo at privacy. Well, they're actually kinda Bad. Boo! (see what we did there ;-).

What could happen if something goes wrong?

Hey, here's a good reminder from Badoo! Their privacy policy states that even though they use security measures to protect your data, "no website or Internet transmission is every completely 100% secure and even we cannot guarantee that unauthorised access, hacking, data loss or other breaches will never occur". This is a good reminder that when dating apps that ask you to give up a ton of personal information, there's no guarantee that it will be protected. On that front, Badoo does do better than most: their security and recent track record are OK (although we can't exactly say the same about the Bumble app from their parent company Bumble Inc.). Too bad they will share your personal information for marketing and might not let you delete it if you decide you want to depending on what privacy laws you live under (or don't). Bad move, Badoo!

Badoo's privacy policy is full of sensible warnings -- about limiting what you share and sharing at your own risk. Hopefully they also put those in a place where their users might see them. After all, Badoo can collect a heck of a lot of information about you. There's your birthday, gender, phone number, sexual preference, and more just to get started. Then there's any information you add to your profile, including photos. There's your messages too -- Badoo's moderators might be able to read those to make sure you're following the rules. Their privacy policy says, "We use a combination of automated systems and a team of moderators to monitor and review accounts (including photos and any other information uploaded onto user profiles) and messages for content that indicates breaches of our Terms and Conditions of Use." Gotcha. There's also your biometric information if you do photo verification, which might be required by Badoo. You can also choose to share your geolocation. Like most dating apps, you should know that just providing sensitive information (like your sexual orientation) counts as "explicitly consenting" to Badoo's processing of it. Oh! And if you login with Facebook or decide to link your Instagram account, then both apps can potentially collect more information together. That's why we recommend you don't link your dating app to social media.

That's not all. Badoo might use any of the above to create "inferences" about you that summarize your "preferences and characteristics." What for? Well, besides helping you date with confidence, Badoo can use your personal information (and those inferences) to show you ads on and off the app. Does Badoo sell your personal information? They might! Badoo has a pop-up window that says "We use services that help improve marketing campaigns. ... Under certain privacy laws, this may be considered selling or sharing your personal information with our marketing partners," and then gives you the option to opt out of the selling of your data. So, yeah, they're probably selling some of your data. Go opt out people

Besides ads, Badoo can use some of your personal information including your name, in-app activity, and photos for "research and analysis to help [them] improve the App and to test new technologies". Hmm. Badoo might also share your information with law enforcement when it's required by law or they believe "in good faith" (a legal qualifier that always raises this privacy researcher's eyebrow) that it's necessary to protect the safety of a person, address fraud, or protect their or a third party's rights or property. That language is a bit broad for our taste, since it's not totally clear when your information could be shared.

More sharing Badoo can do! They can also share your personal data with third parties when it's aggregated and "doesn't identify you directly". That's common, but we should point out that privacy researchers say it can be easy to re-identify so de-identified personal data. One last gripe with Badoo is that we can't confirm if they guarantee all users the right to delete their personal data. Boo.

What could go wrong with Badoo? Well one thing that may already be happening is that information you're sharing to meet your mate could also be used to serve you ads all over the internet. And since that can include Badoo's assumptions about you, some of those things could be untrue. Just because you say you like long walks on the beach doesn't mean you want to be flooded with ads for water shoes!

Tips to protect yourself

  • Follow Badoo's Safety and Security Tips.
  • Visit the app's privacy preferences at the app and opt out from personalized advertising as well as all non-essential data collection.
  • Request your data be deleted once you stop using the app. Simply deleting an app from your device usually does not erase your personal data nor does close your account.
  • Do not give consent to constant geolocation tracking by the app. Better provide geolocation 'only when using the app'.
  • Do not share sensitive data through the app.
  • Do not give access to your photos and video or camera.
  • Do not log in using third-party accounts.
  • Do not connect to any third party via the app, or at least make sure that a third party employs decent privacy practices.
  • Do not give consent for sharing of personal data for marketing and advertising.
  • Choose a strong password! You may use a password control tool like 1Password, KeePass etc.
  • Do not use social media plug-ins.
  • Use your device privacy controls to limit access to your personal information via app (do not give access to your camera, microphone, images, location unless necessary).
  • Keep your app regularly updated.
  • Limit ad tracking via your device (eg on iPhone go to Privacy -> Advertising -> Limit ad tracking) and biggest ad networks (for Google, go to Google account and turn off ad personalization).
  • When starting a sign-up, do not agree to tracking of your data if possible.
  • mobile

Can it snoop on me? information

Camera

Device: N/A

App: Yes

Microphone

Device: N/A

App: Yes

Tracks location

Device: N/A

App: Yes

What can be used to sign up?

Facebook account, Google account or Apple ID sign-ups available

What data does the company collect?

How does the company use this data?

We ding this product as it shares personal data and inferences derived from personal data for targeted marketing purposes. It also appear to sell some personal information with their marketing partners, including Google, Twitter, LinkedIn, Shopify, and more -- unless you opt out.

Privacy Policy

"We recommend and encourage you (and all our members) to think carefully about the information you disclose about yourself. We also do not recommend that you put email addresses, URLs, instant messaging details, phone numbers, full names or addresses, credit card details, national identity numbers, drivers’ licence details and other sensitive information which is open to abuse and misuse on your profile."

"We may use your Registration and other information to:
offer you our services and features;
contact you with information about the App (e.g., updates and new features);
personalise the App/Sites and the content we deliver to you;
conduct research and analytics about how you use and interact with the App/Sites;
to test new technologies and processes designed to enhance and improve the App/Sites;
resolve disputes, troubleshoot problems and to enforce our Terms & Conditions;
investigate fraud, protect our legal rights, and to enforce our Terms & Conditions.
to send you information about the promotions and offers we have available (e.g., specify the types of goods/services/offers to be provided via direct marketing) by direct marketing or other modes of communication - if you've signed up for our communications or otherwise told us it’s OK. We will not use your information in email direct marketing unless you give us your consent during the Account creating process or via Settings in the App (you can withdraw from marketing at any time via Settings in the App or by using the opt-out mechanisms and links provided in each message); and
protect our Users and third parties from harm."

Badoo uses the following information "to send you marketing information about our events, offers and services": "Name, email address, postal address, Instagram handle and mobile phone number (CCPA Categories A and B)."

Badoo uses the following information "to serve advertisements on third party networks and measure the effectiveness of such ads": "Data about your visit to our Sites or App and action taken on those (for example if you downloaded our App or created an account with Bumble), IP address (and your estimated location based on your IP address), age and gender, device ID (CCPA Categories B, C, G, F and K)."

Badoo shares the following personal data with "Marketing Services Providers – To help us serve marketing and advertising on third party websites and applications and measure the effectiveness of our advertising campaigns. More information on this is available below": "Advertising identifier associated with your device (Device ID), estimated location (based on your IP address), age, gender and data about your visit to our Sites or App and action taken on those (for example if you downloaded our App or created an account with our App), hashed email address (for ‘custom audiences’ only) (CCPA Categories B, C, G, F and K)"

"Marketing Service Providers and Advertising Partners

We may partner with advertising publishers to place third party adverts on our App and Sites (‘Advertising Partners’). We also partner with providers of marketing services (such as Facebook for example) (‘Marketing Services Providers’) to help us market and advertise our App and services on third party websites and applications and measure the effectiveness of our advertising campaigns. For example:

to exclude you from advertising campaigns aimed at finding new users, if you already have a Badoo account;
to show Badoo adverts to users who have visited the Badoo App/Sites but haven’t yet created a Badoo account;
to create an audience for our advertisements of other potential users who have similar characteristics to you based on the information the Marketing Service Providers hold about you (also known as a Lookalike Audience); or
to include you in a ‘custom audience’ that will receive Badoo advertising content (a custom audience is essentially a list of people who we think are most likely to be interested in a particular advertisement).

We share a limited amount of your personal data with companies that help us with marketing and advertising, such as:

the advertising identifier associated with your device (this is a random number assigned by your mobile device manufacturer (for example Apple or Google) to your device to help advertisers (including the manufacturer), know when an ad has been viewed or clicked on in the App or sites, and when an ad causes a “conversion” (for example downloading the app advertised to you))
your estimated location (based on your IP address)
age and gender
data about your visit to our Sites or App and action taken on those (for example if you download our App or created an Account with our App)
a hashed* version of your email address (to create ‘custom audiences’)."

"In some cases, these third parties will also use the data that they collect for their own purposes, for example they may aggregate your data with other data they hold and use this to inform advertising related services provided to other clients."

"Using your social media details to sign in to Badoo
When you sign in to our App using your Facebook account, you give permission to Facebook to share with us your name and profile picture. Unless you opt-out, you also give permission to Facebook to share with us your email address (if there is one associated with your Facebook account), date of birth, profile photos, gender, Page likes and current town/city.

If you register or sign in with your Apple ID, you give Apple permission to share your Apple login, a name (that can be edited by you) and an email (you can choose to hide your email and Apple will create a random email address so your personal email can stay private). This email address will be linked to your Badoo account and will be used to retrieve your Badoo account.

We will then use this personal data to form your Badoo account. If you remove the Badoo app from your Facebook settings, or from your Apple ID, we will no longer have access to this data. However, we will still have the personal data that we received when you first set up your Badoo account using your Facebook or Apple ID (you must delete your Badoo account entirely for us to no longer have access to this data)."

"Geolocation Information
If you have given Badoo access to your location in your device settings, when you use your cell, we will collect information about WiFi access points as well as other location information about your longitude and latitude and may save your device’s coordinates to offer certain features to you. This information helps us identify your physical location and we use it to personalize the App and make it easier for you to interact with other Users, by enabling the general locality information to be displayed to Users seeing your profile and showing you the profiles of other Users who are near you.

If you have given Badoo access to your location, but wish to turn this off, you can do so by the following methods:
iPhone app — settings, privacy, location services, Badoo
Android — settings, location, Badoo, permissions, location"

"Unfortunately, no website or Internet transmission is ever completely 100% secure and even we cannot guarantee that unauthorized access, hacking, data loss or other breaches will never occur, but here are some handy tips to help keep your data secure:
Please make sure you log out of your Account after use as you never know who may stumble onto your Account!
Please don’t share the password you use to access your Bumble Account with anyone else!
Change your password periodically."

Do Not Share or Sell My Personal Information Page
"Your privacy choices
We use services that help improve marketing campaigns. (Learn more in our Privacy Policy).
Under certain privacy laws, this may be considered selling or sharing your personal information with our marketing partners.
You can view these partners and opt out by clicking “Do not sell or share my personal information” at the bottom of the homepage."

How can you control your data?

We ding this product as it is unclear if all users, regardless of location, can get their data deleted.

Privacy Policy

"Privacy laws applicable in your country may give you the following rights:

Right to be informed: what personal data an organisation is processing and why (we provide this information to you in this Privacy Policy).
Right of access: you can request a copy of your data.
Right of rectification: if the data held is inaccurate, you have the right to have it corrected.
Right to erasure: you have the right to have your data deleted in certain circumstances.
Right to restrict processing: in limited circumstances, you have the right to request that processing is stopped but the data retained.
Right to data portability: you can request a copy of certain data in a machine-readable form that can be transferred to another provider.
Right to object: in certain circumstances (including where data is processed on the basis of legitimate interests or for the purposes of marketing) you may object to that processing.
Rights related to automated decision-making including profiling: there are several rights in this area where processing carried out on a solely automated basis results in a decision which has legal or significant effects for the individual. In these circumstances your rights include the right to ensure that there is human intervention in the decision-making process.

The particular rights which are applicable to you <...> may vary depending on your country. You should make yourself aware of the rights you have under applicable privacy laws in your country."

"DATA RETENTION AND DELETION.

We keep your personal information only as long as we need it for the legal basis relied upon (as set out in Section 2 above) and as permitted by applicable law. Please see “Profile Verification Information (Including Biometric Information)” in Section 1, above, to learn about our retention policy with respect to biometric information.
When your Account is deleted, we make sure it is no longer viewable in the App. For up to 28 days, it is still possible to restore your Account if it was accidentally deleted. After 28 days, we begin the process of deleting your personal information from our systems, unless:
we must keep it to comply with applicable law (for instance, if you make purchases within the App, some personal data may be kept for tax and accounting purposes);
we must keep it to evidence our compliance with applicable law (for example, if an account is blocked, we keep some account information and a record of the behavior that led to the block - this information is retained for evidential purposes in case of queries or legal claims concerning the block);
there is an outstanding issue, claim or dispute requiring us to keep the relevant information until it is resolved; or
the information must be kept for our legitimate business interests, such as fraud prevention and enhancing Users’ safety and security (for example, information may need to be kept to prevent a user who was banned for unsafe behavior or security incidents from opening a new account)."

What is the company’s known track record of protecting users’ data?

Average

No known data breaches discovered in the last three years. However, Badoo's parent company Bumble Group's app Bumble has had a number of concerning privacy and security issues.

Child Privacy Information

"Although we want as many people as possible to enjoy our creation, you have to be at
least 18 years old to use Badoo.
Badoo does not knowingly collect any information about or market to children, minors or
anyone under the age of majority. If we become aware that a child, minor or anyone
under the age of 18 has registered with us and provided us with personal data, we will
take steps to terminate that person’s registration and delete their Profile information
from Badoo. If we do delete a Profile because you violated our no children rules, we may
retain your email and IP address to ensure that you do not try to get around our rules by
creating a new Profile."

Can this product be used offline?

No

User-friendly privacy information?

No

The privacy policy language is relatively user-friendly. However, their privacy policy isn't totally clear on how they are sharing your data.

Links to privacy information

Does this product meet our Minimum Security Standards? information

Yes

Encryption

Yes

Strong password

Yes

Security updates

Yes

Manages vulnerabilities

Yes

Badoo runs a bug bounty program.

Privacy policy

Yes

Does the product use AI? information

Yes

"Bumble Inc. has launched Deception Detector™, harnessing artificial intelligence (A.I.) to weed out fake, spam, or scam profiles on our app. In our tests so far, our Deception Detector™ machine learning model has demonstrated 99.5% precision in identifying these catfish and other fakers. Profiles deemed likely to be a scam by Deception Detector™ will have to go through a verification process to ensure they’re authentic, or could be removed from Badoo altogether."

Is this AI untrustworthy?

Can’t Determine

What kind of decisions does the AI make about you or for you?

Is the company transparent about how the AI works?

Can’t Determine

Does the user have control over the AI features?

Can’t Determine

*Privacy Not Included

Dive Deeper

  • Another Day, Another Hack: User Accounts of Dating Site Badoo
    Motherboard Link opens in a new tab
  • Badoo Uses Facial Recognition to Match You With Celeb Lookalikes
    PC Magazine Link opens in a new tab
  • This Dating App’s Lookalikes Feature Is Actually Super Creepy
    Gizmodo Link opens in a new tab
  • Love in the time of algorithms: would you let artificial intelligence choose your partner?
    The Conversation Link opens in a new tab
  • Dating Apps Will Be Better Matchmakers Thanks to AI, but will They Be Safer?
    Hacker Moon Link opens in a new tab
  • How Much Personal Data Can Dating Apps Access From Your Smartphone?
    Observer Link opens in a new tab

Comments

Got a comment? Let us hear it.