Summary: We collect only what we need, protect it with industry-leading security, and never sell your personal data. You have full control over your information, including the right to access, correct, or delete it at any time.
1. Who We Are
BestGirl is operated by RETRO PASSION OTO 85, a company registered in France with its registered office at ZI de Montifaut, rue de l'industrie, 85700 POUZAUGES, France.
We are the data controller responsible for your personal information under the EU General Data Protection Regulation (GDPR), the e-Privacy Directive, and French data protection law (Law No. 78-17 of 6 January 1978 as amended).
Data Protection Officer (DPO): dpo@bestgirl.app
2. Information We Collect
2.1 Information You Provide Directly
- Account Information: Email address, password, date of birth, gender, and phone number (optional);
- Profile Information: Photos, bio, interests, preferences, location, and relationship goals;
- Communication Content: Messages, voice notes, and video calls exchanged with other users;
- Verification Data: Real-time selfies captured during our photo verification process;
- Payment Information: Billing address and transaction details (processed by PCI-DSS compliant providers);
- Support Requests: Information you provide when contacting our support or safety teams.
2.2 Information Collected Automatically
- Device & Technical Data: IP address, device type, operating system, browser type, unique device identifiers, and language settings;
- Usage Data: Features used, pages visited, time spent, clicks, matches, and interactions;
- Location Data: Approximate location derived from IP address, or precise GPS location only if you explicitly grant permission;
- Cookies & Tracking: Session cookies, preference cookies, and analytics cookies. See Section 9 for details.
3. Legal Basis for Processing (GDPR)
We process your personal data only where we have a valid legal basis:
- Contractual Necessity: To provide the Service and fulfill our contract with you;
- Consent: For marketing communications, precise location, and non-essential cookies;
- Legitimate Interests: For fraud prevention, security, analytics, and service improvement;
- Legal Obligation: To comply with applicable laws and regulatory requirements.
4. How We Use Your Information
- Service Provision: To create your account, match you with other users, enable messaging, and personalize your experience;
- Verification & Safety: To verify your identity, detect fake profiles, prevent fraud, and enforce our Terms;
- Communication: To send service updates, security alerts, and respond to your inquiries;
- Marketing: To send promotional offers and updates (only with your explicit consent);
- Analytics & Improvement: To understand usage patterns, troubleshoot issues, and develop new features;
- Legal Compliance: To respond to legal requests and prevent illegal activity.
5. How We Share Your Information
We do not sell your personal data. We share information only in these limited circumstances:
- With Other Users: Your profile information is visible to other users as part of the Service functionality;
- Service Providers: Trusted third parties who assist us with hosting (AWS EU), payment processing, analytics, and customer support, bound by strict confidentiality agreements;
- Legal Authorities: When required by law, court order, or to protect the safety of our users and the public;
- Business Transfers: In connection with a merger, acquisition, or asset sale, with appropriate data protection safeguards.
6. Data Security
We implement robust technical and organizational security measures:
- TLS 1.3 encryption for all data in transit;
- AES-256 encryption for data at rest;
- Regular penetration testing and vulnerability assessments;
- Strict role-based access controls;
- Employee confidentiality agreements and data protection training;
- Incident response plan and 24/7 security monitoring.
While we take every precaution, no internet transmission is 100% secure. We encourage you to use strong, unique passwords and enable two-factor authentication where available.
7. Your Rights Under GDPR
If you are in the European Economic Area (EEA), you have the following rights:
- Right to Access: Request a copy of all personal data we hold about you;
- Right to Rectification: Request correction of inaccurate or incomplete data;
- Right to Erasure ("Right to be Forgotten"): Request deletion of your personal data;
- Right to Restrict Processing: Request limitation on how we process your data;
- Right to Data Portability: Receive your data in a structured, commonly used format;
- Right to Object: Object to processing based on legitimate interests or direct marketing;
- Right to Withdraw Consent: Withdraw consent at any time without affecting the lawfulness of prior processing;
- Right to Complain: Lodge a complaint with a supervisory authority.
To exercise any of these rights, email dpo@bestgirl.app. We will respond within 30 days.
8. Data Retention
We retain your personal data only as long as necessary for the purposes outlined in this policy:
- Active Accounts: For the duration of your membership plus 2 years;
- Deleted Accounts: We delete or anonymize personal data within 30 days of account deletion, except where retention is required for legal compliance, dispute resolution, or fraud prevention;
- Payment Records: Retained for 10 years as required by French tax law;
- Log Data: Retained for 12 months for security and analytics purposes.
9. Cookies & Similar Technologies
We use the following categories of cookies:
- Essential Cookies: Required for the Service to function (e.g., authentication, session management);
- Preference Cookies: Remember your settings and preferences;
- Analytics Cookies: Help us understand how visitors interact with the Service;
- Marketing Cookies: Used to deliver relevant advertisements (only with consent).
You can manage your cookie preferences at any time through your browser settings or our cookie banner. Disabling essential cookies may affect Service functionality.
10. International Data Transfers
Your data is stored on servers located in the European Union (Frankfurt, Germany). If we transfer data outside the EEA, we ensure appropriate safeguards are in place, such as Standard Contractual Clauses (SCCs) approved by the European Commission.
11. Children's Privacy
BestGirl is strictly for users aged 18 and over. We do not knowingly collect data from children. If we discover that a minor has provided personal information, we will delete it immediately and terminate the account.
12. Changes to This Policy
We may update this Privacy Policy periodically. Material changes will be communicated via email or through the Service at least 30 days before taking effect. The "Last updated" date at the top of this page indicates when revisions were made.
13. Contact Us
For privacy-related questions, data requests, or concerns:
RETRO PASSION OTO 85
ZI de Montifaut, rue de l'industrie
85700 POUZAUGES
France
DPO: dpo@bestgirl.app
Support: support@bestgirl.app
You also have the right to lodge a complaint with the French data protection authority:
Commission Nationale de l'Informatique et des Libertés (CNIL)
3 Place de Fontenoy, TSA 80715, 75334 Paris Cedex 07, France