Privacy Policy for Gennety
Last Updated: 23 June 2026
This Privacy Policy explains how Gennety ("Gennety", "we", "us", or "our") collects, uses, shares, and protects your personal data when you use the Gennety matchmaking service through our Telegram bot (@gennetybot), our Telegram Mini Apps, our mobile application, and our website at gennety.com (together, the "Service").
Gennety is an AI-first matchmaking service for university students. By design we process more context about you than a traditional dating app — including psychological context and biometric data used for identity verification — so please read this Policy carefully. Where we process special categories of personal data (such as biometric data), we do so only with your explicit consent, as described in Section 9.
1. Data Controller
The data controller responsible for your personal data is:
- Gennety — operated by Gleb Gosha, Kyiv, Ukraine.
- Privacy contact: legal@gennety.com
*To be confirmed before publication: full legal entity name, registration number, and registered address. If a separate EU representative is appointed under Article 27 GDPR, their details will be added here.*
Although Gennety is established in Ukraine, where we offer the Service to users located in the European Economic Area (EEA) or the United Kingdom, we apply the EU General Data Protection Regulation (GDPR) and the UK GDPR to that processing.
2. Scope
This Policy applies to all personal data we process about:
- users and prospective users of the Service (including during onboarding, before an account is fully created);
- people who verify a corporate/university email on our website before opening the bot;
- visitors to
gennety.com.
It does not cover third-party services you reach through our links (for example, your own personal AI assistant such as ChatGPT or Claude). Those services have their own privacy policies.
3. The Data We Collect
We collect data in three ways: data you give us, data generated by your use of the Service, and data we derive or infer to power matchmaking.
3.1 Data you provide
| Category | Examples |
|---|---|
| Account & identity | First name (and optionally surname), age, gender, gender preference, language, your Telegram user ID and public @username (if any), platform (Telegram / mobile). |
| Corporate/university email | The email address you verify and its domain (used to confirm student eligibility). A one-time passcode (OTP) is sent to verify it. |
| Profile details | Height, hobbies/interests, nationality/ethnicity (optional), partner preferences, age range, the city where you want to receive matches, and free-text "vibe" answers (e.g. your ideal Friday night). |
| Photos & video | Profile photos (including the static frame of a Telegram "Live Photo") and an optional short profile video. |
| AI memory export (optional) | If you choose to enrich onboarding, the psychological analysis you paste from your personal AI assistant (the "Magic Prompt" response). |
| Identity verification (biometric) | A liveness selfie captured by our verification provider, used to confirm you are a real person and match your profile photos. See Section 9. |
| Location | The dating city you select; coordinates resolved from your browser geolocation or a place you pick on a map; and, for arranging a date, the departure point you mark and (optionally) a raw location pin you share. |
| Communications & feedback | Messages and voice notes you send to our bot or AI concierge, post-date feedback, free-text reasons (for declining a match, cancelling a date, changing a venue, or reporting a user), and messages you send through the optional pre-date anonymous proxy chat. |
| Payments (premium features) | If you buy a premium Date Ticket, your purchase record. Card/payment-instrument details are handled by our payment processor; we do not store your full card number. |
3.2 Data generated automatically
| Category | Examples |
|---|---|
| Usage & interaction logs | Onboarding progress, actions in the bot and Mini Apps, match decisions (accept/decline), scheduling availability, timestamps. |
| Technical data | IP address, device and operating-system information, and diagnostic logs. |
| Voice transcripts | Text transcriptions of voice notes you send (transcribed by our AI provider). |
3.3 Data we derive or generate
| Category | Examples |
|---|---|
| Psychological summary | A free-text summary of your personality, values, and preferences, generated from your onboarding answers and/or your AI memory export. |
| Vector embedding | A numeric representation (embedding) of your psychological summary, used to compute compatibility. It is derived from your prose, not stored as readable text. |
| Compatibility & rating signals | A "league"/attractiveness score (Elo) seeded from an automated visual assessment of your photos, structured "vibe" axes, match scores, and standby/priority counters. |
| Face-match scores | Similarity scores between your verification selfie and each profile photo. |
| Safety signals | Strikes, reports about you, suspension status. |
We do not create per-message embeddings of your conversations, and we do not sell your data.
4. How We Use Your Data and Legal Bases
We process your data for the following purposes. "Legal basis" refers to GDPR Article 6 (and Article 9 for special-category data).
| Purpose | Data used | Legal basis |
|---|---|---|
| Create and operate your account; deliver onboarding | Account, profile, email | Performance of a contract (Art. 6(1)(b)) |
| Verify student eligibility | Corporate/university email, OTP | Contract; legal/eligibility requirement of the Service |
| Match you with compatible people | Profile, psychological summary, embedding, vibe axes, location, rating signals | Contract; legitimate interests (Art. 6(1)(f)) in providing effective matchmaking |
| Identity & anti-fraud verification (biometric) | Liveness selfie, profile photos, face-match scores | Explicit consent (Art. 9(2)(a)); Art. 6(1)(f) for fraud prevention |
| Generate icebreakers, date hints, pitches, venue choice | Profile, psychological/Profiler answers, location, vibe | Contract; legitimate interests |
| Arrange and confirm dates; venue selection | Availability, departure point, vibe, agreed time | Contract |
| Process premium Date Ticket purchases | Purchase record, processor payment confirmation | Contract |
| Trust & safety, moderation, content validation | Reports, photos/video (safety scan), proxy-chat logs, strikes | Legitimate interests; legal obligation |
| Send service messages, reminders, push/DMs | Account, usage, push token | Contract; legitimate interests |
| Improve and develop the Service using anonymised data | Aggregated/anonymised data | Consent (the optional "research" opt-in) and/or legitimate interests once anonymised |
| Comply with law and respond to lawful requests | As required | Legal obligation (Art. 6(1)(c)) |
You can withdraw any consent at any time (Section 15). Withdrawing consent for biometric verification does not delete data already lawfully processed but stops further processing and may limit your match eligibility.
5. Automated Decision-Making and Profiling
Matchmaking is automated. We use algorithms and AI to:
- build a psychological profile and embedding of you;
- estimate compatibility and a "league"/attractiveness rating from your photos and answers;
- decide which person (if any) you are matched with each week;
- bucket your photos as pass/borderline/fail/no-face during identity verification, which can route your account to verified, manual review, or rejected status.
These automated steps can affect whether and with whom you are matched, and whether your identity verification passes. No automated decision produces a legal or similarly significant effect that you cannot question. You have the right to obtain human intervention, to express your point of view, and to contest these decisions (Section 15). Identity verification failures and safety decisions are subject to human review on request, and our verification pipeline routes infrastructure failures to manual review rather than auto-rejecting you.
6. AI Processing and Your Personal AI Export
To generate your psychological summary and matchmaking signals, we send relevant profile text (and, if you provide it, your pasted AI memory export) to our AI provider for analysis, embedding, transcription, moderation, and visual scoring.
- Providing an AI memory export is optional. If you decline, we generate a fallback summary from your ordinary onboarding answers instead.
- Your pasted export is treated as your personal data and processed only to build your profile and matches.
- We use AI providers on terms that do not permit them to train their public models on our API data.
7. Third-Party Processors (Sub-processors)
We share personal data with the following service providers strictly to operate the Service. Each acts as our processor under a data-processing agreement and may process data outside Ukraine/your country (see Section 8).
| Processor | Purpose | Data shared |
|---|---|---|
| Persona | Identity / liveness (KYC) verification | Verification selfie, basic identity signals |
| Amazon Web Services (AWS Rekognition) | Face comparison, face detection, and content-safety analysis of photos/video | Profile photos, verification selfie, video frames (transient) |
| OpenAI | Psychological analysis, embeddings, voice/video-audio transcription, content moderation, visual attractiveness scoring | Profile text, AI export, voice/video transcripts, photos |
| Google Places | Venue search for arranging dates | Approximate midpoint coordinates of a matched pair |
| Supabase | Database hosting and file storage (selfies, mobile photos, chat images) | Account, profile, photos, embeddings |
| Resend (email provider) | Delivering verification OTP emails | Email address, OTP |
| Expo / Apple (APNs) / Google (FCM) | Mobile push notifications | Push token, notification content |
| Payment processors (currently planned: Fondy and Telegram Payments / Telegram Stars) | Processing premium Date Ticket payments | Purchase amount, payment confirmation, transaction identifiers. The processor (and/or Telegram) — not Gennety — handles payment credentials and card data. |
| Telegram | The messaging platform the bot runs on | Messages and media you exchange with the bot are processed by Telegram under its own policy. |
| DigitalOcean / Vercel (hosting & CDN) | Running our servers, hosting frontend applications, and serving the website/Mini Apps | Technical data |
We update this list as our processors change. A current list is available on request at legal@gennety.com.
8. International Data Transfers
Some processors are located outside Ukraine, the EEA, or the UK (for example, in the United States). Where we transfer personal data internationally, we rely on appropriate safeguards such as the European Commission's Standard Contractual Clauses, UK addenda, or adequacy decisions, as applicable. You can request a copy of the relevant safeguards at legal@gennety.com.
9. Photos, Video, and Biometric Data (Special Category)
Identity verification and face-matching involve biometric data, which is a special category of personal data under GDPR Article 9. We process it only with your explicit consent, which you give when you start verification.
- Liveness selfie. Captured by Persona, stored as your verification reference, and compared against your profile photos using AWS Rekognition.
- Face-match scores. A similarity score is stored per profile photo to decide verification outcome.
- Selfie retention. Your verification selfie is automatically deleted 90 days after verification (GDPR Article 9 minimisation). You remain verified; only the reference image is erased. If you re-verify later, a new selfie is fetched.
- Profile video. An optional profile video is scanned for safety only: a small number of frames and the audio are analysed transiently for prohibited content. The extracted frames, audio, and transcript are not retained — only a validation timestamp/version is kept. The video itself is display-only.
- Photo safety & duplicate checks. Uploaded photos are checked for safety, for the presence of a usable face, and for duplicates (using a perceptual hash). Rejections are logged without retaining the rejected media or biometric material.
- Partner photo protection. When you are matched, your photos are shown to your match in a forward/save-protected form, and shareable date cards blur the partner's face before they can leave the platform. (Note: operating-system screenshots cannot be technically blocked in a normal chat.)
Skipping verification is allowed but carries a rating penalty and limits match eligibility, as described in our Terms.
10. Location Data
We use location data to find matches in your city and to arrange convenient date venues:
- Your selected dating city and its coordinates determine your match pool.
- For a confirmed date, the departure point you mark (and any raw location pin you choose to share) is used to compute a fair midpoint and search for a venue near both of you.
We do not continuously track your location. A raw coordinate alone does not make you eligible for matching — you must set a dating city.
11. Payments
Premium Date Tickets are an optional paid feature. When you make a purchase:
- Payment is processed by our third-party payment processor. We do not receive or store your full card number.
- We retain a record of the transaction (amount, status, time, and which match/bundle it relates to) for accounting, support, and fraud prevention.
- Refunds are handled as described in our Terms of Service.
12. Communications and the No-Chat Model
Gennety does not provide open user-to-user chat. Your conversations are with our bot and AI concierge, plus the structured pitch, scheduling, safety, and report flows.
There is one narrow, optional exception: a pre-date anonymous proxy chat that relays text between an already-matched, already-scheduled pair to help you find each other. When enabled and used:
- it is time-boxed (opens shortly before the date, auto-closes after it);
- it is text-only (media is rejected);
- every relayed message is logged to provide a moderation/safety trail and to support the in-line report function;
- those logs are deleted if the related match is deleted.
13. Data Retention
We keep personal data only as long as necessary for the purposes above.
| Data | Retention |
|---|---|
| Account & profile data | While your account exists; deleted on account deletion |
| Verification selfie | 90 days after verification, then auto-deleted |
| Profile video frames/audio/transcript | Not retained (transient validation only) |
| Rejected-media records | Minimal audit record (reason, type, time) — no media kept |
| Proxy-chat message logs | While the related match exists; deleted with the match |
| Payment records | As required for accounting/legal obligations |
| Frozen accounts (soft-delete) | Retained intact while frozen; reactivated on your next start, or deleted on request |
| Diagnostic/technical logs | Short-term, then rotated |
On account deletion, we perform a cascading deletion of your data across our database. Some records may be retained where required by law (e.g. financial records) or in anonymised form.
14. Data Security
We apply technical and organisational measures appropriate to the sensitivity of the data, including: encrypted transport (TLS), access controls, signed/verified requests for sensitive endpoints, private storage buckets with short-lived signed access, hashing of one-time codes, and minimisation of biometric retention. No system is perfectly secure, but we work to protect your data and to notify you and the relevant authority of a qualifying personal-data breach where the law requires.
15. Your Rights
Subject to applicable law (and in full where GDPR/UK GDPR applies), you have the right to:
- Access the personal data we hold about you;
- Rectify inaccurate or incomplete data (note: some identity fields are fixed after onboarding);
- Erase your data ("right to be forgotten");
- Restrict or object to certain processing, including processing based on legitimate interests;
- Data portability — receive your data in a portable format;
- Withdraw consent at any time (including biometric-verification and the research opt-in), without affecting prior lawful processing;
- Not be subject to solely automated decisions that significantly affect you without human review — you may request human intervention and contest a decision (Section 5);
- Lodge a complaint with a supervisory authority (Section 20).
To exercise any right, contact legal@gennety.com. We will respond within the timeframes required by law (generally within one month under GDPR). You can also delete your account directly in the app; a softer freeze (soft-delete) option is also available in Telegram.
16. Children's Privacy
The Service is intended only for users who are at least 18 years old and enrolled at, or affiliated with, an eligible institution. We do not knowingly collect data from anyone under 18. If we learn that we have, we will delete it.
17. Cookies and Website Tracking
Our website and Mini Apps use only the cookies/local storage necessary to make them work (for example, to remember your language or hold an unsent form draft). Inside the bot, we operate a no-third-party-tracking model. If we introduce any analytics or non-essential cookies, we will update this Policy and request consent where required.
18. Account Freeze vs Deletion
- Freeze (soft-delete): removes you from matching and hides your status, but keeps your profile, photos, verification, and embedding so you can return instantly. You are silently reactivated when you next open the bot.
- Deletion (hard-delete): permanently and irreversibly removes your account and cascades deletion across your data. This cannot be undone.
19. Changes to This Policy
We may update this Policy as the Service evolves. When we make material changes, we will update the "Last Updated" date and, where appropriate, notify you in the app. Continued use after an update means you accept the revised Policy, except where new consent is legally required.
20. Complaints and Contact
For any privacy question, request, or complaint, contact us at legal@gennety.com.
If you are in the EEA or UK and believe we have not handled your data lawfully, you may lodge a complaint with your local data-protection supervisory authority. We would, however, appreciate the chance to address your concern first.