TheGreyLens ("we", "our", or "us") is a voice-first dating application. This Privacy Policy describes how we collect, use, store, share, and protect your personal information when you use the TheGreyLens mobile application and website at social.thegreylens.com (collectively, the "Service"). By accessing or using the Service, you agree to the terms of this Privacy Policy. If you do not agree, please do not use the Service.
This Privacy Policy is compliant with the Information Technology Act, 2000, the Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011, and the Digital Personal Data Protection Act, 2023 ("DPDP Act") of India.
1. Information We Collect
Information You Provide Directly
- Name, display name, and date of birth (to verify you are 18+)
- Email address used for account authentication
- Profile photograph uploaded voluntarily by you
- Voice note recordings — your profile echo and chat voice messages
- Bio, vibe tags, and other profile information you choose to share
- City and general area for geographic matching
- Messages and media you exchange with other users
- Reports, feedback, or support requests you submit to us
Information Collected Automatically
- Device push notification token for in-app and web notifications
- Web push subscription data (endpoint URL and encryption keys) when you opt in to browser notifications on our website
- Online presence and last-active timestamps
- Voice note listen events — which profiles you have listened to
- App usage patterns such as swipes and match interactions — aggregated and anonymised
- Approximate GPS coordinates (geohash) when you set or update your location
- Device type, operating system version, and app version for diagnostics
Information From Third Parties
- If you sign in with Google, we receive your name, email address, and profile picture in accordance with your Google account permissions
- Purchase verification data from Google Play — subscription status and transaction ID only; we never receive or store payment card details
2. How We Use Your Information
- To create, verify, and manage your account
- To match you with compatible users based on location, preferences, and affinity learning
- To deliver voice notes, messages, and real-time call notifications
- To process in-app purchases and verify subscription status via Google Play
- To enforce our community guidelines, investigate reports, and take moderation actions
- To detect and prevent fraud, abuse, spam, and safety threats
- To send service-related communications such as match alerts, reveals, and system notifications
- To send browser push notifications to users who have explicitly opted in
- To diagnose technical problems and improve the stability and performance of the Service
- To comply with applicable laws and legal obligations
We do not use your personal data for advertising to third parties, and we do not sell your data to any third party.
3. Voice Recordings
Voice notes you record are stored securely on Google Firebase Storage using industry-standard encryption. Your profile voice note is accessible to other registered users as part of the discovery feed. Chat voice messages are accessible only to the two participants of that match and are automatically deleted after 24 hours. We do not use your voice recordings for advertising, AI training on third-party models, or sale to third parties.
4. Location Data
We collect your city and approximate GPS coordinates to show you nearby users and calculate match distances. We store a geohash — a precision-reduced coordinate hash — rather than your exact address. We do not continuously track your location in the background. You can update your city at any time from within the app. Location data is used solely for matching purposes and is never sold.
5. Photo Reveal
Profile photographs are stored privately on Firebase Storage and are never directly accessible to other users. Photos are only revealed to a matched partner after both users have independently and voluntarily consented to a reveal, which requires at least 50 messages exchanged. Access to photos is delivered via short-lived signed URLs generated server-side — the underlying storage path is never exposed to other users.
6. Web Push Notifications
If you visit social.thegreylens.com and grant browser notification permission, we collect a Web Push subscription comprising your browser's push service endpoint URL and cryptographic keys. This subscription is used solely to deliver notifications about the TheGreyLens launch. You may revoke permission at any time via your browser settings. We do not share web push subscription data with any third party.
7. Cookies and Local Storage
Our website uses browser local storage — not cookies — to remember your notification preference and avoid repeatedly prompting you. No tracking cookies or advertising pixels are used on our website. The mobile app does not use cookies.
8. Third-Party Services
We use the following third-party service providers. We only share the minimum data necessary for each service to function:
- Google Firebase — authentication, Firestore database, Storage, and Cloud Functions
- Google Sign-In — optional OAuth login, governed by Google's Privacy Policy
- Google Play — in-app subscription billing; we receive only subscription status, not payment card details
- Cloudflare — TURN server relay credentials for encrypted peer-to-peer voice and video calls
- Google Cloud Vision AI — automated scanning of uploaded photographs to detect guideline violations; images are not retained by this service beyond the API call
9. Data Sharing
We do not sell, rent, or trade your personal information. We may share information only in the following limited circumstances:
- With other users: only the profile information you have chosen to make visible is shown to others. Photos are shared only upon mutual reveal consent.
- Service providers: with third-party processors listed in Section 8, under contractual data protection obligations.
- Legal compliance: if required by applicable law, court order, or governmental authority, or to protect the safety of our users or the public.
- Business transfers: if the Company is acquired or merges with another entity, your data may be transferred as part of that transaction, subject to equivalent privacy protections.
10. Data Retention
- Chat voice messages are permanently deleted after 24 hours
- Voice status posts expire after 24 hours
- Your account and profile data are retained while your account is active
- Upon account deletion, your profile, voice notes, photos, messages, and records are permanently deleted within 30 days
- Anonymised, aggregated usage statistics may be retained indefinitely as they cannot identify you
- We may retain certain data for longer where required by applicable law or legal proceedings
11. Security
We implement industry-standard technical and organisational security measures including Firebase security rules, TLS-encrypted data in transit, server-side validation for all writes, rate limiting on all Cloud Functions, and time-limited signed URLs for sensitive media. While we implement strong safeguards, no system is completely immune to incidents. In the event of a data breach affecting your rights, we will notify affected users as required by applicable law.
12. Children's Privacy
TheGreyLens is strictly for users aged 18 years and above. We do not knowingly collect personal information from anyone under 18. If we discover that a user is underage, we will immediately terminate their account and delete their data. If you believe a minor is using the Service, please contact us.
13. Your Rights
- Access: request a copy of the personal data we hold about you
- Correction: update inaccurate information directly within app settings
- Deletion: delete your account via the in-app "Delete Account" feature or by contacting us
- Portability: request your personal data in a structured, machine-readable format
- Withdrawal of Consent: revoke notifications at any time via device or browser settings
- Grievance Redressal: raise a complaint with our Grievance Officer at the contact below
We will respond to valid requests within 30 days. We may need to verify your identity before processing certain requests.
14. International Transfers
Your data is stored on Google Cloud infrastructure, which may involve storage and processing in data centres outside India, including the United States. Google Cloud maintains appropriate safeguards for cross-border data transfers. By using the Service, you consent to this transfer in accordance with applicable Indian law.
15. Changes to This Policy
We may update this Privacy Policy from time to time. We will notify you of material changes via an in-app notification or email. The "Last updated" date at the top reflects the most recent revision. Continued use of the Service after changes are posted constitutes acceptance.