Ta'aluf logo

Privacy Policy

Last updated: Oct 15, 2025

Ta’aluf takes reasonable steps to protect user privacy using technical and administrative safeguards.

1. User Information Privacy

  • We collect essential registration data (name, email, phone, gender, DOB), profile information, and in-app actions (likes, blocks, etc.).
  • We do not sell, rent, or share personal data with third parties.
  • Data are stored on servers located inside Saudi Arabia, and we implement reasonable measures to protect them.
  • We use Zoho Mail, hosted in the United States, for sending and receiving email communications, including verification codes, automated service notifications, account assistance, and support inquiries. Any information shared by the user in support messages is processed solely for the purpose of resolving the request. Core profile data, photos, matching data, and compatibility test information remain stored and processed on servers located inside Saudi Arabia.

2. Image Privacy

  • Photos are private by default and shared only after mutual likes and permission.
  • Users can choose automatic sharing for Mutual Likes, Plus Members, or Anyone.
  • Images are encrypted, stored, and processed solely on Ta’aluf’s servers in Saudi Arabia.
  • We may, at our discretion, review images to ensure they comply with our content and cultural standards.
  • Users may delete images anytime; backups are intended to be purged within about 3 months.

3. Payment Privacy

  • Payments are processed by secure third-party gateways (e.g., Tap Payments or PayTabs).
  • Ta’aluf never stores credit-card or payment credentials.
  • We retain only a limited set of payment data necessary for compliance and regulatory purposes, including: the payment date and time, payment method, transaction ID, original amount, discount value (if any), final amount paid, currency, payment status, subscription type, subscription duration, and its expiration date. When provided by the user, we may also retain the name as it appears on the payment record, address, phone number, and email address. Ta’aluf does not store any confidential payment card information such as card numbers or security codes.
  • We share no payment data with third parties.
  • We may request additional billing details (such as legal name or address) if necessary for compliance or invoicing purposes.

4. Data Retention and Deletion

  • Active accounts: data retained for service operation.
  • Upon deletion or system account/blocking:
    • Immediately removed: profiles, media, settings, test answers, likes, reports, notifications.
    • Deleted after 30 days: chats/conversations.
    • Removed from backups after 3 months.
  • Billing/invoices and ratings are kept as required by law.
  • Blocked user emails may be kept to prevent re-registration.

5. Cookies

  • Only essential authentication cookies are used:
    • token (15 min)
    • refreshToken (30 days)
  • Both are HttpOnly, Secure, and SameSite Lax.
  • No analytics or ad-tracking cookies are used.
  • Locale preferences are stored via URL parameters, not cookies.

6. Moderation and Content Review

  • We may, at our discretion, review images or messages when reported or appear suspicious, to maintain safety and compliance.
  • Inappropriate content may be removed, and offending accounts may be deleted without notice.

7. Data Security and Incidents

  • All data transmissions use HTTPS/TLS, and sensitive personal data are encrypted at rest using industry-standard encryption.
  • In case of a data breach, we will take appropriate steps and, where required by law, notify the relevant authority and/or affected parties as appropriate.

8. Policy Updates

  • We may revise this Privacy Policy anytime. Updated versions are published on our website. Continued use indicates acceptance.

Questions? Contact Us