Ostrzeżenie: *Prywatność dla tego produktu do nabycia osobno

Grindr

Wi-Fi

Data recenzji: 4 marca 2021

Według Mozilli:

Według użytkowników: Bardzo przerażające

Launched in 2009, Grindr is the largest dating app for gay, bisexual, queer, and trans men. The app matches people based on location using the location tracking features on your mobile phone. Grindr is free to sign up, premium users can eliminate those third-party ads. Historically, Gindr has had a horrible track record on privacy, including coming under fire for its data breaches and sharing user data to advertisers without user consent. Grindr has operated under new ownership since June 2020; we’re keeping an eye out to see if they make changes to do better at protecting users’ privacy and security.

Co się może stać, jeśli coś pójdzie nie tak?

Like all dating apps where sharing your most sensitive personal data with others, there's a lot that can go wrong. This is particularly true for an app like Grindr that includes location-based matching within a potentially vulnerable community. So what can go wrong? In 2020 a security researcher found a loophole where a hijacker could take over an account and get access to account data. The company eventually fixed the issue and announced a new bug bounty program to incentive outside security review, which is an industry best practice. Strong password requirements are also a best practice, but we can't find their policy on this so are unsure how it's enforced. What else can go wrong? Well your data could get leaked or used in ways you didn't agree to, which is what happened when the company shared users’ HIV data with other companies in 2018. Recently, the Norwegian Data Protection Authority said they are investigating whether Grindr shared personal user information with advertising companies, a violation that could result in a fine. Many current users express concern about the amount of fake profiles on the app and the dangers that could result from interacting with anonymous profiles. After buying Gindr, its new owners acknowledged others’ concerns about the company’s track record on privacy and have taken steps to rebuild trust. Grindr recently shared clear details about their data sharing practices including their data retention timelines. The company keeps data for a short amount of time, which is better news for you, because the less time your TMI photos and messages sit around on a server the less likely it is that someone else will find them. Grindr says its location based data tracks users within 100 meters, and that the company does not sell personal information to advertisers. Grindr’s history of data breaches is not unique to the industry, nor is its relationship with advertisers. However, due to its poor historical track record on privacy, and the relative newness of the current ownership, we remain concerned. Our recommendation is to look at other options if you want to use a dating app with a longstanding commitment to privacy.

mobile

Czy może mnie podsłuchiwać?

Aparat

Urządzenie: Nie dotyczy

Aplikacja: Tak

Mikrofon

Urządzenie: Nie dotyczy

Aplikacja: Tak

Śledzi położenie

Urządzenie: Nie dotyczy

Aplikacja: Tak

Czego można użyć do rejestracji?

Users can choose between email or social (Google, Facebook or Apple) or phone to verify their account.

Jakie dane zbiera ta firma?

Osobiste

Date of birth (necessary), age (optional), sexual orientation (optional), ethnicity (optional), physical characteristics (optional), relationship status (optional), gender (optional), precise location (optional), HIV status and last tested dates (optional), photos (optional) and videos (optional). In addition, Grindr also states in their Privacy Policy that: "We may collect government issued identification, postal address, signature, and phone number to assist with account authentication, to validate access requests, or receive some form of refund/payment from Grindr." Grindr collects data on ethnicity but it doesn't appear users can filter for it.

Społecznościowe

Grindr's privacy policy is unclear about what data it collects or submits to a user's associated social media accounts, stating that it depends on the privacy policies of those platforms. Users can connect their accounts to Instagram, Spotify, Twitter and Facebook. In addition, users can also sign in with their Google or Apple account.

Jak ta firma wykorzystuje te dane?

Grindr says they use your data for partner promotions, conducting research, accessing your camera, photos and microphone so you can share with other users, and using AI for automated decisions.

Jak możesz kontrolować swoje dane?

Users can request information regarding the processing of their personal data and request their data be deleted by filling in a request form via https://help.grindr.com/hc/en-us/requests/new or emailing [email protected]

Jaka jest znana historia tej firmy w zakresie ochrony danych użytkowników?

Zła

In 2018, it was revealed Grindr allowed other companies access to user HIV status and location data. In addition, Grindr is being investigated by the Norwegian Data Protection Authority for potentially exposing user data to advertisers in the past.

Czy ten produkt może być używany bez połączenia z siecią?

Nie

Przyjazne dla użytkownika informacje o prywatności?

Nie

Relatively accessible though a lot of different tabs to read through all the different infos (see different tabs in Grinder's Privacy Policy). While the amount of info is meant to infom the user, it can be quite daunting to read, understand and retain all the info, especially determining which is the most crucial to know. Plus, subjetive evaluation but Grindr strikes me as quite aggressive in its lanaguge - their Privacy texts are incredibly long and intense, as though they will scare you and confuse you

Odnośniki do informacji o prywatności

Czy ten produkt spełnia nasze minimalne standardy bezpieczeństwa?

Nie

Szyfrowanie

Tak

Grindr uses HTTPS and certificate pinning for network requests

Silne hasło

Nie

Grindr requires a six character password. However, we were able to log in using 123456.

Aktualizacje zabezpieczeń

Tak

From email exchange: "Grindr has a mechanism in the backend to block logins that predate a minimum version we can specify if we need to make a major change for security reasons."

Zajmuje się problemami z bezpieczeństwem

Tak

Users can submit a vulnerability report directly on Grindr's website at https://www.grindr.com/security/.

Zasady ochrony prywatności

Tak

Czy produkt wykorzystuje sztuczną inteligencję?

Tak

Grindr uses AI for things such as detecting and removing spammers & non-compliant images (see Privacy Policy). However, they say they do not use AI in relation to matching people.

Czy tej sztucznej inteligencji nie można ufać?

Nie można ustalić

Jakie decyzje sztuczna inteligencja podejmuje o Tobie lub za Ciebie?

Czy firma jest przejrzysta w kwestii działania sztucznej inteligencji?

Nie

Czy użytkownik ma kontrolę nad funkcjami sztucznej inteligencji?

Nie można ustalić

Dowiedz się więcej

Grindr is fined $11.7 million under European privacy law.
NY Times
Norwegian DPA: Intention to issue € 10 million fine to Grindr LLC
European Data Protection Board en
Study says Grindr, OkCupid, and Tinder breach GDPR
ZDNet
Study: Tinder, Grindr And Other Apps Share Sensitive Personal Data With Advertisers
NPR
Grindr Admits It Shared HIV Status Of Users
NPR
Swiped: How dating apps harm marginalized communities
MIT Media Lab
A security flaw in Grindr let anyone easily hijack user accounts
TechCrunch
Twitter suspends Grindr from ad network after alleged privacy violations
CBS News
How Grindr became a national security issue
The Verge
Is it a threat to US security that China owns Grindr, a gay dating app?
Brookings
Grindr pulls feature that lets users sort by race. It says it's supporting Black Lives Matter
CNN
Grindr features failing to protect users from sexual predators, harassment
ABC
How to protect yourself from dating app data breaches
ProtonVPN
Ads on Grindr: Setting the Record Str8
Grindr