← Back to Flirt

Privacy Policy

Last updated: March 5, 2026

1. Introduction

Flirt ("we," "us," or "our") operates the website at flirtapp.ai and the Flirt mobile application available on the Apple App Store and Google Play Store (collectively, the "Service"). This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our Service.

If you have questions or concerns, contact us at adam.lahmadi@flirtapp.ai.

2. Information We Collect

Account Data

Email address, Firebase user ID, and authentication credentials when you create an account.

Photos

Selfies and other images you upload via the mobile app or website for AI photo generation, as well as the AI-generated output images we create for you.

Conversation Screenshots

Screenshots of dating conversations you upload for AI message generation. These screenshots may contain names, profile images, and messages of third parties. Screenshots are processed in real time to generate message suggestions and are not stored after generating suggestions.

Quiz & Profile Data

Information you provide during our onboarding quiz, including gender, age range, preferred dating app, and style preferences.

Payment Information

Payment transactions are processed by Stripe. We do not store your full credit card number. We receive transaction identifiers, payment status, and the last four digits of your card from Stripe.

Device & Usage Data

Device model, operating system version, unique device identifiers, push notification tokens, app version, browser type, screen size, timezone, IP address, and general location derived from your IP.

Analytics Data

Page views, scroll depth, funnel step progression, session duration, click events, and interaction data collected through our analytics systems.

Cookies & Tracking

We use Meta Pixel for conversion tracking and advertising, UTM parameter cookies for attribution, and localStorage/sessionStorage for session state (such as A/B test variant assignment and funnel progress).

Data Storage

Your data is stored on Google Cloud infrastructure, including Firebase services for authentication, database, and cloud storage.

3. How We Use Your Information

  • To provide and operate the Service, including AI photo generation
  • To generate AI-powered message suggestions from conversation screenshots
  • To process payments and fulfill orders
  • To personalize your experience based on quiz and profile data
  • To provide in-app account management including account deletion
  • To analyze usage patterns and improve the Service
  • To send transactional emails (order confirmations, delivery notifications)
  • To run marketing campaigns and measure advertising effectiveness
  • To detect fraud, abuse, and security threats
  • To comply with legal obligations

4. Legal Basis for Processing (GDPR)

If you are in the European Economic Area (EEA), we process your data under the following legal bases:

  • Contract performance: Processing necessary to provide the Service you requested (account creation, photo generation, message suggestions, payment processing).
  • Consent: Where you have given explicit consent, such as for marketing communications, photo uploads, cookie-based tracking, and explicit consent under Article 9(2)(a) for biometric and facial data processing.
  • Legitimate interest: Analytics, fraud prevention, and service improvement, balanced against your privacy rights. For incidental third-party data in conversation screenshots, we rely on legitimate interest balanced against the limited processing (immediate processing, no storage, no training use).

5. How We Share Your Information

We do not sell your personal information. We share data with the following categories of service providers:

  • Google Cloud / Firebase: Authentication, database, cloud storage, backend processing, and hosting infrastructure. Your data is stored on Google Cloud servers.
  • Stripe: Payment processing.
  • Meta: Advertising pixel for conversion tracking and audience targeting.
  • Vercel: Website hosting and edge delivery.
  • Resend: Transactional email delivery.
  • AI model provider: Your uploaded photos and conversation screenshots are sent to our AI model provider solely for the purpose of generating your photos and message suggestions. Photos are processed and not retained beyond the generation session. Screenshots are processed in real time and not retained.
  • Apple / Google: App distribution, crash reporting, and app analytics through the Apple App Store and Google Play Store.

We may also disclose information if required by law, court order, or governmental regulation, or to protect our rights, property, or safety.

6. Third-Party Data in Conversation Screenshots

When you upload screenshots of dating conversations for AI message generation, those screenshots may contain personal data of individuals who are not Flirt users, including their names, profile images, and messages.

We process this third-party data as follows:

  • Screenshots are processed solely for the purpose of generating message suggestions.
  • Screenshots are deleted immediately after processing. They are not stored on our servers.
  • Third-party data from screenshots is not used for AI model training.
  • We do not identify, contact, or build profiles of third parties from screenshots.

By uploading conversation screenshots, you represent that you have the right to share the content and acknowledge that you bear responsibility for any third-party personal data contained in those screenshots.

7. International Data Transfers

Your data is processed primarily in the United States. If you are located outside the US, your information will be transferred to and processed in the US. We rely on Standard Contractual Clauses (SCCs) and other lawful transfer mechanisms to ensure adequate protection of your data when transferred internationally.

8. Data Retention

  • Account data: Retained until you request deletion of your account.
  • Photos: Uploaded selfies and generated images are retained while your account is active. Biometric data derived from your photos is destroyed when the purpose is fulfilled or within 3 years of your last interaction with the Service, whichever is sooner. You may request deletion at any time.
  • Conversation screenshots: Processed in real time and deleted immediately. Not stored.
  • Payment records: Retained as required by applicable tax and financial regulations (typically 7 years).
  • Analytics data: Retained per each analytics provider's default retention policies.

9. Account Deletion

You may delete your account at any time through the mobile app by navigating to Settings → Delete Account. You may also request deletion by emailing adam.lahmadi@flirtapp.ai.

When you delete your account, the following data is permanently deleted:

  • Your account and authentication credentials
  • Uploaded photos and AI-generated photos
  • Conversation data and message suggestions
  • Quiz and profile data
  • All other personal data associated with your account

Payment records may be retained as required by applicable tax and financial regulations. Account deletion is completed within 30 days, and you will receive a confirmation when the process is complete.

10. Your Privacy Rights

GDPR Rights (EEA Residents)

You have the right to:

  • Access the personal data we hold about you
  • Rectify inaccurate or incomplete data
  • Erase your personal data ("right to be forgotten")
  • Port your data to another service in a structured, machine-readable format
  • Object to processing based on legitimate interest
  • Withdraw consent at any time, without affecting the lawfulness of prior processing

CCPA/CPRA Rights (California Residents)

You have the right to:

  • Know what personal information we collect and how it is used
  • Delete your personal information
  • Opt out of the "sharing" or "selling" of personal information — we do not sell or share your personal information for cross-context behavioral advertising
  • Limit the use of sensitive personal information, including biometric data and photos, to what is necessary for providing the Service
  • Non-discrimination for exercising your privacy rights

How to Exercise Your Rights

To make a privacy request, email us at adam.lahmadi@flirtapp.ai or use the in-app account deletion feature (Settings → Delete Account). We will respond within 45 days (or sooner if required by applicable law).

11. Biometric Data

Our AI photo generation process involves facial analysis of photos you upload, including detection of facial geometry, feature measurements, and expressions. This section serves as our written disclosure required under applicable biometric privacy laws.

What We Collect

Biometric identifiers including facial geometry, feature measurements, and expression data extracted from selfies you upload.

Purpose

Biometric data is used solely for AI photo generation — to create realistic photos that resemble you. It is not used for identification, advertising, data mining, or any other purpose.

Retention & Destruction

Biometric data is destroyed when the purpose for which it was collected is fulfilled, or within 3 years of your last interaction with the Service, whichever comes first.

No Sale of Biometric Data

We do not sell, lease, trade, or otherwise profit from your biometric identifiers or biometric information.

Consent

By uploading photos to the Service, you provide explicit, informed, written consent for biometric data collection and processing as described in this section. You may withdraw consent at any time by deleting your photos or your account, or by contacting us at adam.lahmadi@flirtapp.ai.

This disclosure is provided in compliance with the Illinois Biometric Information Privacy Act (BIPA), the Texas Capture or Use of Biometric Identifier Act (CUBI), and Washington state biometric privacy law.

12. Children's Privacy

The Service is intended for users aged 18 and older. We implement age-gating in our mobile app and do not knowingly collect personal information from anyone under 18 in compliance with the Children's Online Privacy Protection Act (COPPA) and applicable state laws.

If we discover that a user is under 18, we will immediately terminate their account and delete all associated data. If you believe a minor has provided us with personal information, please contact us at adam.lahmadi@flirtapp.ai.

13. Cookies & Tracking Technologies

  • First-party cookies: UTM attribution cookies that track how you arrived at our site.
  • Meta Pixel: A third-party tracking pixel used for conversion measurement and advertising audience creation on Meta platforms.
  • localStorage / sessionStorage: Used to store session state including A/B test variant assignment, funnel progress, countdown timers, and device fingerprint identifiers. This data remains on your device.

You can manage cookies through your browser settings. Disabling cookies may affect certain features of the Service.

14. Do Not Track Signals

We do not currently respond to Do Not Track (DNT) browser signals. There is no uniform standard for how DNT signals should be interpreted, and we will update this policy if a standard is established.

15. Data Breach Notification

In the event of a data breach affecting your personal information, we will notify you and applicable regulatory authorities in accordance with applicable law. This includes notification within 72 hours as required by GDPR and within 30–60 days as required by applicable US state breach notification laws.

16. International Privacy Laws

Brazil (LGPD)

If you are located in Brazil, you have rights under the Lei Geral de Proteção de Dados (LGPD), including the right to access, correct, delete, and port your data, and to withdraw consent.

United Kingdom (UK GDPR)

If you are located in the United Kingdom, your data is protected under the UK General Data Protection Regulation. You have the same rights as described in the GDPR section above.

Canada (PIPEDA)

If you are located in Canada, you have rights under the Personal Information Protection and Electronic Documents Act (PIPEDA), including the right to access and correct your personal information and to withdraw consent for its collection, use, or disclosure.

17. App Store & Platform Disclosures

Our data practices are disclosed in the Apple App Privacy Details and the Google Play Data Safety section for the Flirt app. In the event of any conflict, this Privacy Policy governs.

In accordance with Apple App Store Guideline 5.1.2(i), we obtain explicit user consent before transmitting any data to third-party AI services for processing.

18. Security

We implement industry-standard security measures to protect your data, including encryption in transit (TLS) and at rest, access controls, Firebase security rules, Google Cloud security infrastructure, and regular security reviews. However, no method of electronic storage or transmission is 100% secure, and we cannot guarantee absolute security.

19. Changes to This Policy

We may update this Privacy Policy from time to time. Changes will be posted on this page with an updated "Last updated" date. Your continued use of the Service after changes are posted constitutes acceptance of the updated policy. We encourage you to review this page periodically.

20. Contact Us

If you have any questions about this Privacy Policy, please contact us at:

Flirt
Email: adam.lahmadi@flirtapp.ai
Website: flirtapp.ai