Grindr

Warning: *privacy not included with this product

Grindr

Review date: 03/04/2021

Launched in 2009, Grindr is the largest dating app for gay, bisexual, queer, and trans men. The app matches people based on location using the location tracking features on your mobile phone. Grindr is free to sign up, premium users can eliminate those third-party ads. Historically, Gindr has had a horrible track record on privacy, including coming under fire for its data breaches and sharing user data to advertisers without user consent. Grindr has operated under new ownership since June 2020; we’re keeping an eye out to see if they make changes to do better at protecting users’ privacy and security.

What could happen if something goes wrong

Like all dating apps where sharing your most sensitive personal data with others, there's a lot that can go wrong. This is particularly true for an app like Grindr that includes location-based matching within a potentially vulnerable community. So what can go wrong? In 2020 a security researcher found a loophole where a hijacker could take over an account and get access to account data. The company eventually fixed the issue and announced a new bug bounty program to incentive outside security review, which is an industry best practice. Strong password requirements are also a best practice, but we can't find their policy on this so are unsure how it's enforced. What else can go wrong? Well your data could get leaked or used in ways you didn't agree to, which is what happened when the company shared users’ HIV data with other companies in 2018. Recently, the Norwegian Data Protection Authority said they are investigating whether Grindr shared personal user information with advertising companies, a violation that could result in a fine. Many current users express concern about the amount of fake profiles on the app and the dangers that could result from interacting with anonymous profiles. After buying Gindr, its new owners acknowledged others’ concerns about the company’s track record on privacy and have taken steps to rebuild trust. Grindr recently shared clear details about their data sharing practices including their data retention timelines. The company keeps data for a short amount of time, which is better news for you, because the less time your TMI photos and messages sit around on a server the less likely it is that someone else will find them. Grindr says its location based data tracks users within 100 meters, and that the company does not sell personal information to advertisers. Grindr’s history of data breaches is not unique to the industry, nor is its relationship with advertisers. However, due to its poor historical track record on privacy, and the relative newness of the current ownership, we remain concerned. Our recommendation is to look at other options if you want to use a dating app with a longstanding commitment to privacy.

Privacy

Can it snoop on me?

Camera

Device: N/A

App: Yes

Microphone

Device: N/A

App: Yes

Tracks Location

Device: N/A

App: Yes

What is required to sign up?

Users can choose between email or social (Google, Facebook or Apple) or phone to verify their account.

What data does it collect?

How can you control your data?

Users can request information regarding the processing of their personal data and request their data be deleted by filling in a request form via https://help.grindr.com/hc/en-us/requests/new or emailing [email protected]

What is the company’s known track record for protecting users’ data?

Bad

In 2018, it was revealed Grindr allowed other companies access to user HIV status and location data. In addition, Grindr is being investigated by the Norwegian Data Protection Authority for potentially exposing user data to advertisers in the past.

Can this product be used offline?

No

User friendly privacy information?

No

Links to privacy information

Security

Does this product meet our Minimum Security Standards?

No

Encryption

Yes

Strong password

No

Grindr requires a six character password. However, we were able to log in using 123456.

Security updates

Yes

Manages vulnerabilities

Yes

Users can submit a vulnerability report directly on Grindr's website at https://www.grindr.com/security/.

Privacy policy

Yes

Artificial Intelligence

Does the product use AI?

Yes

Does the AI use your personal data to make decisions about you?

No

Does the company allow users to see how the AI works?

No

Grindr uses AI for things such as detecting and removing spammers & non-compliant images (see Privacy Policy). However, they say they do not use AI in relation to matching people.

Company contact info

Phone Number

No

Live Chat

No

Email

No

Twitter

@grindr

Updates

Grindr is fined $11.7 million under European privacy law.
NY Times
The Norwegian Data Protection Authority said on Monday that it would fine Grindr, the world’s most popular gay dating app, 100 million Norwegian kroner, or about $11.7 million, for illegally disclosing private details about its users to advertising companies.
Norwegian DPA: Intention to issue € 10 million fine to Grindr LLC
European Data Protection Board en
The Norwegian Data Protection Authority has notified Grindr LLC (Grindr) that we intend to issue an administrative fine of NOK 100 000 000 for not complying with the GDPR rules on consent.
Study says Grindr, OkCupid, and Tinder breach GDPR
ZDNet
Dating apps Grindr, OkCupid, and Tinder are allegedly spreading user information like sexual preferences, behavioural data, and precise location to advertising companies in ways that may violate privacy laws, according to a study conducted by the Norwegian Consumer Council (NCC).
Study: Tinder, Grindr And Other Apps Share Sensitive Personal Data With Advertisers
NPR
A group of civil rights and consumer groups is urging federal and state regulators to examine a number of mobile apps, including popular dating apps Grindr, Tinder and OKCupid for allegedly sharing personal information with advertising companies.
Grindr Admits It Shared HIV Status Of Users
NPR
The same-sex dating app Grindr says it will stop sharing its users' HIV status with other companies, after it was discovered the app was allowing third parties to access encrypted forms of the sensitive data.
Swiped: How dating apps harm marginalized communities
MIT Media Lab
We started out investigating media coverage of LGBTQ+-specific data breach issues, yet race and racism are unavoidable. Potential harms from online dating apps are constant, but our attention to these issues should extend far beyond the pandemic.
A security flaw in Grindr let anyone easily hijack user accounts
TechCrunch
Grindr, one of the world’s largest dating and social networking apps for gay, bi, trans, and queer people, has fixed a security vulnerability that allowed anyone to hijack and take control of any user’s account using only their email address.
Twitter suspends Grindr from ad network after alleged privacy violations
CBS News
Twitter has kicked Grindr off of its ad network after a report claimed the dating app was sharing users' personal data with marketers and advertisers. Grindr, which bills itself as "the world's largest social networking app for gay, bi, trans and queer people," uses Twitter subsidiary MoPub to share user data, according to the report from the Norwegian Consumer Council.
How Grindr became a national security issue
The Verge
Grindr is an app used primarily by gay men to find hookups in their immediate vicinity. With more than 27 million users, it’s so popular among its target audience that it has basically defined gay life for the past decade. In 2016, the American-made app was sold to a Chinese company called Beijing Kunlun Tech Co Ltd. And in an extraordinary move today first reported by Reuters, the US government is now forcing Kunlun to sell the app on national security grounds.
Is it a threat to US security that China owns Grindr, a gay dating app?
Brookings
But the notion that a dating app could threaten national security is not as ludicrous as it seems. Like other social networking companies, Grindr keeps a lot of social data on its customers, including U.S. officials and government contractors who could be blackmailed or compromised. Moreover, since Grindr uses geolocation, it can track its users’ movements. Although it is impossible to know precisely why CFIUS intervened in this case—the agency is secretive and never discloses the specific justifications for its decisions—reporting suggests these data privacy issues were an important factor.
Grindr pulls feature that lets users sort by race. It says it's supporting Black Lives Matter
CNN
Grindr is removing its "ethnicity filter" in what it says is a show of support for the Black Lives Matter movement. The gay dating and hookup app announced the change on Monday, saying: "We will continue to fight racism on Grindr, both through dialogue with our community and a zero-tolerance policy for racism and hate-speech on our platform."
Grindr features failing to protect users from sexual predators, harassment
ABC
LGBT Australians have criticised the dating app Grindr for allowing predators to easily create new profiles, despite reporting them for harassment or assault.
How to protect yourself from dating app data breaches
ProtonVPN
Dating apps are now as much a part of modern courtship as going to the movies or buying flowers. But dating apps, like Tinder, Grindr, or Bumble, present significant privacy risks. This Valentine’s Day, take some time to secure your data to avoid falling victim to a Tinder scammer.
Ads on Grindr: Setting the Record Str8
Grindr
As our Chief Privacy Officer and in honor of Data Privacy Day 2021, I’d like to address one of the areas that I think many people get wrong about privacy at Grindr: online advertising.

Related products