Effective date: January 17, 2022
At Masked, your privacy is a top priority. Your privacy is at the core of the way we design and build the services and products you know and love, so that you can fully trust them and focus on building meaningful connections.
We appreciate that you put your trust in us when you provide us with your information and we do not take this lightly.
Our commitment to privacy. We design all of our products and services with your privacy in mind. We involve experts from various fields, including legal, security, engineering, product design and others to make sure that our decisions are taken with the utmost respect for your privacy.
Our commitment to security. We have teams dedicated to keeping your data safe and secure. We constantly update our security practices and invest in our security efforts to enhance the safety of your information.
We appreciate that you trust us with your information and we intend to always keep that trust. This starts with making sure you understand the information we collect, why we collect it, how it is used and your choices regarding your information. This Policy describes our privacy practices in plain language, keeping legal and technical jargon to a minimum.
Please see our California Privacy Statement to learn about California privacy rights.
Masked is owned, maintained and developed by Catalyst Tech BV.
It goes without saying, we can’t help you develop meaningful connections without some information about you, such as basic profile details and the types of people you’d like to meet. We also collect information about your use of our services such as access logs, as well as information from third parties, like when you access our services through your social media account or when you upload information from your social media account to complete your profile. If you want additional info, we go into more detail below.
Information you give us
You choose to give us certain information when using our services. This includes:
- When you create an account, you provide us with at least your phone number and email address, as well as some basic details necessary for the service to work, such as your gender and date of birth.
- When you complete your profile, you can share with us additional information, such as details on your bio, interests and other details about you, as well as content such as photos and videos. To add certain content, like pictures or videos, you may allow us to access your camera or photo album.
- When you subscribe to a paid service or make a purchase directly from us (rather than through a platform such as iOS or Android), you provide us or our payment service provider with information, such as your debit or credit card number or other financial information.
- When you participate in surveys, focus groups or market studies, you give us your insights into our products and services, responses to our questions and testimonials.
- When you choose to participate in our promotions, events or contests, we collect the information that you use to register or enter.
- If you contact our customer care team, we collect the information you give us during the interaction.
- If you share with us information about other people (for example, if you use contact details of a friend for a given feature), we process this information on your behalf in order to complete your request.
- Of course, we also process your chats with other members as well as the content you publish, as necessary for the operation of the services.
In addition to the information you may provide us directly, we receive information about you from others, including:
- Members Members may provide information about you as they use our services, for instance as they interact with you or if they submit a report involving you.
- Social Media You may decide to share information with us through your social media account, for instance if you decide to create and log into your Masked account via your social media or other account (e.g., Facebook, Google or Apple) or to upload onto our services information such as photos from one of your social media accounts (e.g., Instagram or Spotify).
- Affiliates Masked is part of Catalyst Tech BV. Catalyst Tech BV considers the safety and security of members a top priority. If you were banned from another Catalyst Tech BV service, your information can be shared with us to allow us to take necessary actions, including closing your account or preventing you from creating an account on our services.
- Other Partners We may receive information about you from our partners where Masked ads are published on a partner’s service (in which case they may pass along details on a campaign’s success). Where legally allowed, we can also receive information about suspected or convicted bad actors from third parties as part of our efforts to ensure our members’ safety and security.
When you use our services, this generates technical data about which features you’ve used, how you’ve used them and the devices you use to access our services. See below for more details:
- Usage Information Using the services generates data about your activity on our services, for instance how you use them (e.g., when you logged in, features you’ve been using, actions taken, information shown to you, referring webpages address and ads that you interacted with) and your interactions with other members (e.g., members you connect and interact with, when you exchanged with them, number of messages you send and receive).
- Device information We collect information from and about the device(s) you use to access our services, including hardware and software information such as IP address, device ID and type, apps settings and characteristics, app crashes, advertising IDs (which are randomly generated numbers that you can reset by going into your device’ settings), identifiers associated with cookies or other technologies that may uniquely identify a device or browser.
- Other information with your consent If you give us permission, we can collect your precise geolocation (latitude and longitude). The collection of your geolocation may occur in the background even when you aren’t using the services if the permission you gave us expressly permits such collection. If you decline permission for us to collect your precise geolocation, we will not collect it. Similarly, if you consent, we may collect photos and videos (for instance, if you want to publish a photo or video or participate in streaming features on our services).
Some web browsers (including Safari, Internet Explorer, Firefox and Chrome) have a “Do Not Track” (“DNT”) feature that tells a website that a user does not want to have his or her online activity tracked. If a website that responds to a DNT signal receives a DNT signal, the browser can block that website from collecting certain information about the browser’s user. Not all browsers offer a DNT option and DNT signals are not yet uniform. For this reason, many businesses, including Masked, do not currently respond to DNT signals.
The main reason we use your information is to deliver and improve our services. Additionally, we use your info to help keep you safe, and to provide you with advertising that may be of interest to you. Read on for a more detailed explanation of the various reasons for which we use your information, together with practical examples.
A. To administer your account and provide our services to you
- Create and manage your account
- Provide you with customer support and respond to your requests
- Complete your transactions
- Communicate with you about our services
For information on how we process personal information through profiling and automated decision-making, please see our FAQ.
- Provide our service to you: The reason we process your information for purposes A, B and C above is to perform the contract that you have with us. For instance, as you go about using our service to build meaningful connections, we use your information to maintain your account and your profile, make it viewable to other members and recommend other members to you and to otherwise provide our free and paid features to you and other members.
- Legitimate interests: We process your information for purposes D, E and F above, based on our legitimate interest. For instance, we analyze users’ behavior on our services to continuously improve our offerings, we suggest offers we think might interest you and promote our own services, we process information to help keep our members safe and we process data where necessary to enforce our rights, assist law enforcement and enable us to defend ourselves in the event of a legal action.
- Comply with applicable laws and regulations: We process your information for purpose G above where it is necessary for us to comply with applicable laws and regulations and evidence our compliance with applicable laws and regulations. For example, we retain traffic data and data about transactions in line with our accounting, tax and other statutory data retention obligations and to be able to respond to valid access requests from law enforcement. We also keep data evidencing consents members give us and decisions they may have taken to opt-out of a given feature or processing.
Since our goal is to help you make meaningful connections, the main sharing of members’ information is, of course, with other members. We also share some members’ information with service providers and partners who assist us in operating the services, with other Catalyst Tech BV companies for specified reasons as laid out below and, in some cases, legal authorities. Read on for more details about how your information is shared with others.
With other members
You share information with other members when you voluntarily disclose information on the service (including your public profile). Please be careful with your information and make sure that the content you share is stuff that you’re comfortable being visible.
If you choose to limit the audience for all or part of your profile or for certain content or information about you, then it will be visible according to your settings.
We use third parties to help us operate and improve our services. These third parties assist us with various tasks, including data hosting and maintenance, analytics, customer care, marketing, advertising, payment processing and security operations. We also share information with partners who distribute and assist us in advertising our services. For instance, we may share limited information on you in hashed, non-human readable form to advertising partners.
We follow a strict vetting process prior to engaging any service provider or working with any partner. Our service providers and partners must agree to strict confidentiality obligations.
Masked is part of Catalyst Tech BV.
We share your information with affiliates for limited legitimate purposes as laid out below:
- to make all Catalyst Tech BV platforms safer and enable us to address (e.g., ban) bad actors found on one platform also on the others; for them to assist us in data processing operations, as service providers, upon our instructions and on our behalf. Their assistance may include technical processing operations, such as data hosting and maintenance, customer care, marketing and targeted advertising, analytics, finance and accounting assistance, improving our service, securing our data and systems and fighting against spam, abuse, fraud, infringement and other wrongdoings.
- We may also share information with other Catalyst Tech BV companies for other legitimate business purposes including corporate audit, analysis and consolidated reporting, where and as allowed under applicable law.
You may share other members’ profiles and they may share yours with people outside of our services, using the sharing functionality.
We may transfer your information if we are involved, whether in whole or in part, in a merger, sale, acquisition, divestiture, restructuring, reorganization, dissolution, bankruptcy or other change of ownership or control.
We may disclose your information if reasonably necessary: (i) to comply with a legal process, such as a court order, subpoena or search warrant, government / law enforcement investigation or other legal requirements; (ii) to assist in the prevention or detection of crime (subject in each case to applicable law); or (iii) to protect the safety of any person.
We may also share information: (i) if disclosure would mitigate our liability in an actual or threatened lawsuit; (ii) as necessary to protect our legal rights and legal rights of our members, business partners or other interested parties; (iii) to enforce our agreements with you; and (iv) to investigate, prevent, or take other action regarding illegal activity, suspected fraud or other wrongdoing.
We may ask for your consent to share your information with third parties. In any such case, we will make it clear why we want to share the information.
Sharing of information laid out in Section 6 involves cross-border data transfers to the United States of America and other jurisdictions that may have different laws about data processing. When we transfer personal information outside of the EEA, the United Kingdom, Switzerland or other countries which data protection laws have been deemed adequate by the European Commission or other competent governmental body, we use standard contract clauses (standard contractual clauses are commitments between companies transferring personal data, binding them to protect the privacy and security of your data) or other appropriate transfer mechanism. We are currently in the process of reviewing transfers to our vendors and associated legal basis further to the recent Court of Justice for the European Union’s ruling on transfers of personal data to the USA.
We want you to be in control of your information, so we want to remind you of the following options and tools available to you:
- Access / Update tools in the service. Tools and account settings can help you access, rectify or remove information that you provided to us and that’s associated with your account directly within the service. If you have any question on those tools and settings, please contact our customer care team for help here.
- Device permissions. Mobile platforms can have permission systems for specific types of device data and notifications, such as phone contacts, pictures, location services, push notifications and advertising identifiers. You can change your settings on your device to either consent or oppose the collection or processing of the corresponding information or the display of the corresponding notifications. Of course, if you do that, certain services may lose functionality.
- Uninstall. You can stop all information collection by an app by uninstalling it using the standard uninstall process for your device. Remember that uninstalling an app does NOT close your account. To close your account, please use the corresponding functionality on the service.
- Account closure. You can close your account by using the corresponding functionality directly on the service.
We also want you to be aware of your privacy rights. Here are a few key points to remember:
- Reviewing your information. Applicable privacy laws may give you the right to review the personal information we keep about you (depending on the jurisdiction, this may be called right of access, right of portability, right to know or variations of those terms). You can exercise this right by putting in such a request here.
- Updating your information. If you believe that the information we hold about you is inaccurate or that we are no longer entitled to use it and want to request its rectification, deletion, object to or restrict its processing, please contact us here.
For your protection and the protection of all of our members, we may ask you to provide proof of identity before we can answer the above requests.
Keep in mind, we may reject requests, including if we are unable to authenticate you, if the request is unlawful or invalid, or if it may infringe on trade secrets or intellectual property or the privacy or other rights of someone else. If you wish to receive information relating to another member, such as a copy of any messages you received from them through our service, the other member will have to contact us to provide their written consent before the information is released. We may also ask them to provide proof of identity before we can answer the request.
Also, we may not be able to accommodate certain requests to object to or restrict the processing of personal information, notably where such requests would not allow us to provide our service to you anymore. For instance, we cannot provide our service if we do not have your date of birth and thus cannot ensure that you are 18 years of age or older.
In certain countries, including in the European Economic Area and the United Kingdom, you have a right to lodge a complaint with the appropriate data protection authority if you have concerns about how we process your personal information. You can find information about your data protection regulator in the European Economic Area here, and in the United Kingdom here. The data protection authority you can lodge a complaint with may be that of your habitual residence, where you work or where an alleged infringement took place.
We keep your personal information only as long as we need it for legitimate business purposes (as laid out in Section 5) and as permitted by applicable law. If you decide to stop using our services, you can close your account and your profile will stop being visible to other members. Note that we will close your account automatically if you are inactive for a period of two years. After your account is closed, we will delete your personal information, as laid out below:
- To protect the safety and security of our members, we implement a safety retention window of three months following account closure, or one year following an account ban. During this period, we keep your information in the event that it might be necessary to investigate unlawful or harmful conducts. The retention of information during this safety retention window is based on our legitimate interest as well as that of potential third-party victims.
Once the safety retention window elapses, we delete your data and only keep limited information for specified purposes, as laid out below:
- a) We maintain limited data to comply with legal data retention obligations: in particular, we keep transaction data for 10 years to comply with tax and accounting legal requirements, credit card information for the duration the user may challenge the transaction and “traffic data” / logs for one year to comply with legal data retention obligations. We also keep records of consents members give us for five years to evidence our compliance with applicable law.
- b) We maintain limited information on the basis of our legitimate interest: we keep customer care records and supporting data as well as imprecise location of download/purchase for five years to support our customer care decisions, enforce our rights and enable us to defend ourselves in the event of a claim, information on the existence of past accounts and subscriptions, which we delete three years after the closure of your last account to ensure proper and accurate financial forecasting and reporting, profile data for one year in anticipation of potential litigation, for the establishment, exercise or defence of legal claims, and data necessary to prevent members who were banned from opening a new account, for as long as necessary to ensure the safety and vital interests of our members.
- c) Finally, we maintain information on the basis of our legitimate interest where there is an outstanding or potential issue, claim or dispute requiring us to keep information (in particular if we receive a valid legal subpoena or request asking us to preserve data (in which case we would need to keep the data to comply with our legal obligations) or if data would otherwise be necessary as part of legal proceedings).
Our services are restricted to individuals who are 18 years of age or older. We do not permit individuals under the age of 18 on our platform. If you suspect that a member is under the age of 18, please use the reporting mechanism available on the service.
If you are a job applicant, the personal information we process about you may vary depending on the job you seek but typically includes what you provide to us as part of your job application as well as professional qualifications, background and reference information that recruiters or other third parties share with us. We use this information to support the recruitment process, which may lead to an employment contract. For contractors and vendor representatives, we may process identification information and work-related information, as necessary to manage our relationship with you and your employer, which is necessary for the performance of the services agreement, and to establish, exercise or defend potential legal claims. We may share personal information with service providers that assist us with recruitment and technical data processing operations as well as with Catalyst Tech BV companies (for instance if you have a business relationship with employees of an affiliate). We keep your personal information only as long as necessary for those purposes.
Because we’re always looking for new and innovative ways to help you build meaningful connections and strive on making sure explanations about our data practices remain up-to-date, this policy may change over time. We will notify you before any material changes take effect so that you have time to review the changes.