Warning: *Privacy Not Included with this product
Tinder is the app that made swiping right for love--or a hookup--popular. Since its launch in 2012, the world’s most popular free dating app wants you to know that it’s changed. They recently added quizzes and profile prompts so that users can swipe (and match) on more than just photos. It’s a “rizz-first redesign,” they said! And their subscription tiers now include a pricey “Tinder Select” option where, for $499/month, you can send messages to people you haven't swiped right on you and be seen by Tinder’s most “sought after profiles”--a weird promise from a company that says their matching algorithm doesn’t rank users by desirability (anymore?). As always, Tinder also lets you connect via Facebook, add your Instagram and link your Spotify. All those extras mean Tinder can collect a whole lot of personal data on its users. Unfortunately, from what we can see, they’re (still) not doing enough to keep all that personal information private and safe.
What could happen if something goes wrong?
Yeah, Tinder is pretty bad for your privacy and security. Back in 2020, over 70,000 photos of women from Tinder ended up on a dodgy site known for criminal activity. The same year Tinder came under fire for possible GDPR violations for what a Norwegian consumer group called “out of control” data sharing with advertisers and third parties. In 2022, the United States Federal Trade Commission filed a petition against Tinder’s parent company, Match Group Inc. to force them to hand over documents about a possible deal between one of their apps and an AI company, where images of users’ faces were reportedly used to train facial recognition software. Tinder was also hit with lawsuits about their photo verification feature in 2022 and 2023. One says that Tinder didn't get proper consent from users to process their biometric information and the other claims the feature “verified” a fake account created with the plaintiff's stolen photos. Yikes! Match Group's shaky track record makes us a little nervous about their eagerness to enter the privacy minefield of AI integration. That's something we'll be keeping a close eye on.
Besides security concerns and being the subject of Netflix’s most-watched documentary, other controversies have kept people talking about Tinder. People started asking questions about Tinder’s matching algorithm after their CEO at the time said it involves a secret “desirability” score. It raised a lot of questions about discrimination, racial basis, and (based on the bajillion articles written about how to reset, optimize, and overcome your “score”) probably made people feel bad about themselves. By 2019, Tinder called that scoring system “old news” and said they no longer “rely on it.” But their blog post on the topic raised more questions than answers about how it all works now. The post says that “Likes and Nopes [how people react to your profile] are obviously key pieces of insight into what members like” and are still taken into account for matching. Hmmm. What’s not so obvious is how that’s so different and if the new way is less vulnerable to biases. People also had questions about Tinder’s wacky and inconsistent premium subscription pricing model -- including Mozilla. We partnered with Consumers International to shine a light on the app’s confusing personalized pricing that seemed to take age and other mysterious factors into account. This, again, raised more questions about Tinder’s behind-the-scenes number-crunching in a way that felt icky. It took until 2022 for Tinder to finally announce that they’re phasing out age-based pricing for all markets. And in March 2023, following a lengthy dialogue with the European Commission and other consumer groups, Tinder finally committed to "inform consumers that discounts they propose for premium services are personalised by automated means" because the "network of national consumer authorities found that Tinder applied such personalised prices without informing consumers, which is in violation of EU consumer law."
So Tinder and their parent company Match Group has not been known for their security or transparency. That’s a shame because, as a dating app, they sure can collect a lot of information about you. There’s information you give about yourself when you set up your account like your contact information, gender, and who you’d like to meet. Your profile information, the photos you upload, your sexual orientation, interests, and more. Some of that data's going to be sensitive, so you should know that "choos[ing] to provide it" counts as giving your consent for it to be processed by Match Group. K. You should also know that your DMs may be reviewed by Tinder’s human agents. To be sure you're not sending messages that go against its community guidelines, chats can be filtered by automated tools and may be reviewed by humans. Your conversations also help train those tools. But this and other chat-scanning safety features have apparently helped to cut down inappropriate messages, so that part is good.
Then there’s the information that’s collected automatically when you use the app. Your IP address, device information, your activity, when you're on Tinder, and who you match with. Oh and your geolocation! Even while you're not using Tinder. That's extra worrisome since Match Group doesn't have a rock solid reputation for protecting users' precise location. You can also choose to give Tinder access to biometric information (information about your unique face shape) if you want to be a Verified Cutie. Tinder can also collect more information about you from “partners” and affiliates like other sites owned by Match Group -- that includes Hinge, Match, OKCupid, and dozens more. And they can create inferences about your “preferences, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities, and aptitudes” based on what else they know about you. And then they say they can use those inferences they make about your with all that personal information they get from data in your profile for things like "providing advertising or marketing services," and " the contextual customization of ads." Uhg.
As for the rest of Tinder’s policies, they're not great. Tinder can use your information for reasons that won’t help you get sparks flying, like showing you those targeted ads. We're sure glad Tinder at least says they won't sell your personal information. That’s cool! They do share it around though. Like with all those many other Match Group-owned companies. Tinder also may share your personal information with law enforcement, when it’s required by law or to “assist in the prevention or detection of crime (subject in each case to applicable law).” That’s pretty standard and Match Group does have some pretty clear guidelines around how they share user data with law enforcement, which we like to see.
Tinder’s privacy policy also says they can share “non personal information” and “de-identified” information for targeted ads on Match Group’s services and on third party apps and websites too. And we should point out that researchers say it can be relatively easy to re-identify personal information, especially when location information is collected. Oh, and remember, when you log into Tinder with an existing Facebook, Apple, or Google account or connect your Instagram or Spotify to your profile, both platforms can potentially collect more information together. That's why we recommend users don't link their dating apps to social media.
What else? Well, Tinder has been a bit of a lightning rod for romance scams. It turns out the notorious Tinder Swindler is not alone. In 2023, Tinder did launch a campaign to help spot and stop scammers on the platform. And as of February 2024, Tinder expanded its ID verification program to help users confirm that they're talking to the same person they see in users' profile pictures (when those users have opted in to extra verification). You should know that opting in to that feature does come with some risk to your privacy -- you'll have to trust Match Group with your biometric data. We really hope that will finally help solve the problem of dishonest and fake profiles! It's a big problem, and one that should have been on Match Group’s radar for a while.
So what could go wrong with Tinder? Well, it would be terrible if all of the personal information you share with Tinder's parent company Match Group in hopes of meeting someone special was actually just helping a huge company learn how to make more money off of you and people just like you in your search for love. Hang on, that sounds just like this lawsuit filed in February 2024 in the United States against Match Group. It claims their apps are designed to "coerce subscriptions and retain users forever" by dangling the possibility of establishing an "off-app relationship while implementing features to keep users on the app." Dang! What a waste that would be of all those precious personal details that make you, you.
Tips to protect yourself
- Turn off Match Group data sharing in the app's Privacy Preferences
- Visit the app's privacy preferences at the app and opt out from personalized advertising as well as all non-essential data collection.
- Request your data be deleted once you stop using the app. Simply deleting an app from your device usually does not erase your personal data nor does close your account.
- Do not give consent to constant geolocation tracking by the app. Better provide geolocation 'only when using the app'.
- Do not share sensitive data through the app.
- Do not give access to your photos and video or camera.
- Do not log in using third-party accounts.
- Do not connect to any third party via the app, or at least make sure that a third party employs decent privacy practices.
- Do not give consent for sharing of personal data for marketing and advertising.
- Chose a strong password! You may use a password control tool like 1Password, KeePass etc.
- Do not use social media plug-ins.
- Use your device privacy controls to limit access to your personal information via app (do not give access to your camera, microphone, images, location unless necessary).
- Keep your app regularly updated.
- Limit ad tracking via your device (eg on iPhone go to Privacy -> Advertising -> Limit ad tracking) and biggest ad networks (for Google, go to Google account and turn off ad personalization).
- When starting a sign-up, do not agree to tracking of your data if possible.
Can it snoop on me?
Camera
Device: N/A
App: Yes
Microphone
Device: N/A
App: Yes
Tracks location
Device: N/A
App: Yes
What can be used to sign up?
Yes
Phone
Yes
Third-party account
Yes
You can use Apple, Google or Facebook account to log in.
What data does the company collect?
Personal
Phone number and email address, gender, date of birth; sexual orientation, bio and interests, photos and videos; chats; financial information; information collected through your social media account, for instance if you decide to create and log into your account via your social media or other account (e.g., Facebook, Google or Apple) or to upload onto our services information such as photos from one of your social media accounts (e.g., Instagram or Spotify); data about your activity on our services (e.g., when you logged in, features you've been using, actions taken, information shown to you, referring webpages address and ads that you interacted with) and your interactions with other members (e.g., members you connect and interact with, and when you matched and exchanged messages with them); information from and about the device(s) you use to access our services, including hardware and software information such as IP address, device ID and type, apps settings and characteristics, app crashes, advertising IDs (which are randomly generated numbers that you can reset by going into your device’ settings and, in some cases, disable entirely), and identifiers associated with cookies or other technologies that may uniquely identify a device or browser; cookies and similar technologies (e.g., web beacons, pixels, SDKs) to recognize you and/or your device(s); precise geolocation data (with your consent); photo Verification data (with your consent); ID + Photo Verification data (with your consent), inferences drawn from any of the information identified above to create a profile about you reflecting your preferences, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities, and aptitudes.
Body related
Content such as photos and videos.
Social
Information from your social media account.
How does the company use this data?
How can you control your data?
What is the company’s known track record of protecting users’ data?
In November 2022, Tinder parent company Match Group Inc. was accused in a lawsuit from Tinder users of breaching a state privacy law in Illinois by collecting data on people’s faces from dating app selfies.
The FTC filed a petition on May 26, 2022 to force Match to comply with a civil investigative demand for documents related to an alleged 2014 data-sharing deal between Match subsidiary OkCupid and Clarifai Inc, an artificial intelligence company.
In September 2023, a New Jersey woman filed a class action suit against Tinder, owned by the parent company Match Group Inc., claiming that the app's photo verification feature failed by verifying an account that was created using stolen images of her.
In December 2023, the research by Cybernews into OkCupid, owned by the parent company Match Group Inc., uncovered that a hacker could uncover a distance from them to the victim (any user of the app) in a 10 to 20-meter radius. "With a few simple steps, we can easily track anyone on OkCupid in a given city – from home, to work, to social gatherings, to wherever. This is a terrible blow to users’ privacy."
In February 2024, Tinder parent company Match Group was accused in a lawsuit of making their apps addictive and putting profit over their customers' relationship goals.
In March, 2024, Tinder, following a lengthy dialogue with the European Commission, committed to " inform consumers that discounts they propose for premium services are personalised by automated means." "The network of national consumer authorities found that Tinder applied such personalised prices without informing consumers, which is in violation of EU consumer law. In addition, until April 2022, Tinder used to offer lower prices for their premium services based on age without informing the users. Tinder stopped this practice before the investigation started."
Child Privacy Information
Can this product be used offline?
User-friendly privacy information?
Links to privacy information
Does this product meet our Minimum Security Standards?
Encryption
We know that Tinder announced encryption for photos since June 2018 and Tinder's documentation reads "We know that your time on the app is a private matter and have strict policies and technical systems in place, including encryption for user photos and messages and tools that restrict employee access to user communications and other user data." The parent company Match Group shared with us that "All data stores containing personal data must be encrypted at rest and in transit. Data at rest uses the latest key technologies to cover hybrid data infrastructure, including keys that are created and managed utilizing the latest KMS key policies. Data in transit must utilize predefined SSL policies of TLS-1-1-2017-01 or similar ciphers. MG Security Engineering has an encryption standard that documents the process and procedures and is shared across our brands."
Strong password
Tinder uses 2FA with email and phone number, for a log-in.
Security updates
Manages vulnerabilities
Tinder runs a bug bounty program.
Privacy policy
Tinder uses its ML model called TinVec to provide recommendations for matches.
Tinder is testing Smart Picks, a tool that can help you find suitable profile pictures on your phone.
Tinder is testing a system that uses AI to suggest personalized bios based on users Interests and Relationship Goals.
Is this AI untrustworthy?
What kind of decisions does the AI make about you or for you?
Is the company transparent about how the AI works?
Does the user have control over the AI features?
Dive Deeper
-
Tinder’s new warnings inform users when they’re potentially being inappropriateTechCrunch
-
We Tried a Dating App That Lets a Chatbot Break the Ice for You. It Got WeirdWired
-
Tinder and other Match dating apps will offer in-app tips on avoiding romance scamsTechCrunch
-
Your Tinder Photos Are Finally EncryptedMobile App Daily
-
Pssst! Match.com does not want you to know about this FTC caseReuters
-
Tinder Users Claim Dating App Selfies Breach Biometric PrivacyBloomberg Law
-
Tinder Privacy Settings to Adjust Right NowConsumer Reports
-
Match Group releases its guiding principles for integrating AI into its dating appsFast Company
-
How Match.com is using AI to make its user experience 'more human'IAB
-
Tinder’s new CEO takes the helm, calling it a ‘moment of transition for the industry’Fast Company
-
Tinder commits to provide consumers with clear information about personalised pricesEuropean Commisson
-
Are Dating Apps Racist? Here’s What Tinder And Others Can Do To Protect Users Of ColorMozilla Foundation
-
Tinder Can Now Show Who It Thinks You'll Swipe Right OnWired
-
Many on dating apps are already in relationships or aren't seeking actual dates, new study findsNBC News
Comments
Got a comment? Let us hear it.