Privacy Policy
Effective date: June 2026.
By creating an account or submitting information through a scanned card, you acknowledge that you have read and agree to this Privacy Policy and our Terms of Service.
Section 1: Who This Policy Applies To
This policy covers two groups: Members (people who create an account and order physical cards) and Scanners (people who receive a card from a member and submit information through it; scanners do not have an account). Where practices differ, we say so.
Section 2: What We Collect - Members
- Account data. Email, password hash, display name, date of birth, city, photo(s), bio, and profile prompts.
- Government ID. Collected once during onboarding to verify name, likeness, and DOB. Images are encrypted in transit and evaluated by an automated AI verification system (OCR plus face detection). We never record driver's license, passport, or state ID serial numbers. ID images are retained for up to three (3) days after verification or rejection for fraud and dispute review, then automatically and permanently deleted by a daily purge job. If your ID is rejected, you may upload a corrected ID from your dashboard; the prior image is deleted and the new submission is re-run through the same automated verification.
- Selfie / biometric notice. Profile photos and scanner selfies are face images used for visual identification only. We do not generate, store, sell, lease, or share faceprints, face geometry, or other "biometric identifiers" or "biometric information" as defined under the Illinois BIPA, Texas CUBI, or Washington biometric law. We do not run facial recognition, face-matching, or automated face-classification on these images.
- Billing data. Handled entirely by Stripe. We never see or store raw card numbers or bank credentials.
- Scan events. When someone scans your card, we retain a record of the event so the match and reporting tools work.
- Device & usage data. IP address, browser/user-agent, and basic session metadata, used for security, fraud prevention, and service operation.
Section 3: What We Collect - Scanners
- What scanners provide. First and last name, email address, ZIP or postal code, date of birth, a selfie photo, intentions, and short prompts. The email address is verified by a one-time code and is also used to deliver scan-related notifications (chat replies, match status, safety updates). We do not collect or store scanner phone numbers, and the platform does not send SMS or text messages to scanners or members.
- Automatic sex-offender-registry lookup. Every scan automatically triggers a lookup against the U.S. sex offender registry using the scanner's first name, last name, ZIP, and full date of birth. This is free to the member and runs on every scan. Data sent to our provider (offenders.io) is used only to perform the lookup; we do not authorize the provider to retain scanner data for other purposes.
- International scanners. Scanners outside the U.S. may submit a scan and chat with the member who gave them a card. The registry only indexes U.S. records, so non-U.S. scanners cannot be meaningfully screened.
- Data minimization (day-of-DOB scrub). Exact date of birth is used in-flight to run the automatic lookup and is then permanently scrubbed from our database once the lookup completes — pass or flag. Only birth month and birth year are retained so the member can see an approximate age and so we can match against the member's ban list. Name, ZIP, selfie, and the verified email address are retained for the life of the match so the member can recognize their scanner and open chat.
- What the member sees. First name only, approximate age, the selfie, intentions, where you met, and your short answers. Last name, email address, ZIP, and full DOB are never displayed to the member.
- Admin unmasking on report. If a member reports a scanner, an administrator may unmask the scanner's full name, email, and selfie for safety review.
Section 4: How We Use Personal Information
- Operate accounts, render cards, run matches, and send notifications.
- Run optional U.S. sex-offender registry background checks through our screening provider.
- Process payments, ship cards, and manage subscriptions through Stripe and our print/fulfillment partner.
- Prevent fraud, enforce our Terms, investigate reports, and ban abusive accounts.
- Provide AI-powered date-ideation and 24/7 support via third-party LLM providers (currently Google Gemini). Prompts may be transmitted to the provider for processing.
Section 5: Who We Share Personal Information With
We share personal information only with service providers strictly to operate the platform: Stripe (payments), our background-check provider, our LLM provider (date-ideation, support bot, and the AI screening that evaluates IDs and background check results), our print/fulfillment partner, our transactional email delivery provider (used to send account, security, shipment, match, scan, chat-reply, and billing notifications to the email address you provide), our hosting/database provider, and Google (Google Analytics 4 for aggregate site measurement, and Google Ads for ad-click conversion attribution — see Section 6). These vendors process data only on our instructions and only as needed to deliver the service. We do not use any SMS or text-message provider and we do not collect phone numbers.
No sale of data. We do not sell, rent, or commercially license member or scanner data, email addresses, or metadata to third-party ad networks, data brokers, or any other commercial third party - under any definition of "sale" or "sharing" used by U.S. state privacy laws. Sharing aggregated, pseudonymous conversion signals with Google solely to measure our own ad performance is not a "sale" and is not used to build advertising audiences.
We may also disclose information when required by law, valid legal process, or to protect the safety of users or the public.
Section 6: Cookies, Tracking, Analytics, and Advertising
- Geographic scope & cookie consent. The platform is intended for users located in the United States. By accessing the site from the U.S. and continuing to use it, you consent to our use of the cookies and tags described in this section (strictly necessary cookies, Google Analytics 4, and Google Ads conversion tracking). We do not display a separate cookie banner for U.S. visitors because we do not engage in the "sale" or "sharing" of personal information, do not run remarketing or targeted advertising, and honor browser-level Global Privacy Control signals as described in Section 9. If you are visiting from the European Economic Area, the United Kingdom, or Switzerland, our site is not directed to you, we do not currently operate a GDPR/ePrivacy-compliant consent management platform, and you should not use the service; if you do, you acknowledge that non-essential cookies (GA4 and Google Ads tags) may be set on your device and you may block them in your browser at any time.
- Strictly necessary cookies. Used to keep you signed in, maintain your session, and protect against CSRF and fraud. These cannot be disabled while using the service.
- Google Analytics 4 (measurement ID G-RZKG9CDSKR). We use Google Analytics to understand aggregate site usage (pages visited, referral source, approximate region, device type). IP addresses are anonymized before logging. Analytics cookies set by Google are _ga and _ga_*. No advertising features, demographics/interests reporting, Google Signals, cross-device tracking, or remarketing audiences are enabled in our GA4 property.
- Google Ads conversion tracking. When we run Google Ads campaigns, Google may set a _gcl_* cookie to attribute ad clicks to on-site actions (e.g., sign-up, card order). We share only aggregated, hashed, or pseudonymous conversion signals with Google for ad measurement. We do not run Google Ads remarketing or upload customer lists, and we do not build or share advertising audiences.
- Your choices. You can opt out of Google Analytics at any time using the official Google Analytics opt-out browser add-on, by enabling Global Privacy Control (GPC) in a supported browser, or by clearing/blocking cookies for this site. Opting out does not affect your ability to use the service.
- Local storage. Used to remember preferences and short-lived tokens (e.g., a referenced promo code).
- Inactivity auto-signout. As a security measure, authenticated sessions are automatically signed out after approximately three (3) minutes of inactivity. You will need to sign in again to resume.
Section 7: Retention
- Member account data is retained while your account is active. On deletion, profile data is removed and remaining scan records are anonymized.
- Government ID images are retained for up to three (3) days after verification or rejection, then automatically deleted by a daily purge job. We never store ID document numbers.
- Scanner full date of birth is scrubbed the moment the automatic sex-offender-registry lookup completes on each scan (typically seconds after submission). Only birth month and year are retained.
- Scanner name, ZIP, selfie, and verified email are retained for the life of the match thread — the member needs them to recognize the person who scanned them and to communicate. On account deletion or match removal, these are deleted with the rest of the match record.
- Billing records retained as long as required for tax, accounting, dispute, and fraud-prevention purposes.
Section 8: Security
We use industry-standard safeguards including TLS in transit, encryption at rest for sensitive fields, role-scoped database access, and mandatory multi-factor authentication for administrators. No system is perfectly secure; you use the platform at your own risk.
Breach notification. If we become aware of a breach of personal information affecting you, we will notify affected users and applicable regulators as required by U.S. state breach-notification laws and the GDPR/UK GDPR where applicable.
Section 9: Your Privacy Rights (U.S. State Laws)
Residents of U.S. states with comprehensive privacy laws have rights to access, correct, delete, and (where applicable) port their personal information, and to opt out of targeted advertising, the "sale" or "sharing" of personal information, and profiling that produces legal or similarly significant effects. We do not engage in sale, targeted advertising, or that type of profiling, and we are not a registered data broker in any state. These rights are available to residents of California (CCPA/CPRA), Colorado (CPA), Connecticut (CTDPA), Virginia (VCDPA), Utah (UCPA), Texas (TDPSA), Oregon (OCPA), Montana (MCDPA), Iowa (ICDPA), Delaware (DPDPA), New Hampshire (NHPA), New Jersey (NJDPA), Tennessee (TIPA), Indiana (ICDPA), Kentucky (KCDPA), Rhode Island (RIDTPPA), Minnesota (MCDPA), and Maryland (MODPA), plus any other state law as it takes effect. To exercise any of these rights, contact hello@no-regrets-dating.com. You will not be discriminated against for exercising a privacy right, and you may designate an authorized agent to submit requests on your behalf. If we deny a request you may appeal by replying to our decision email; we will respond within the statutory window for your state.
- Universal opt-out / Global Privacy Control. We honor browser-level opt-out signals (including the Global Privacy Control / "GPC" signal) as a valid opt-out of sale, sharing, and targeted advertising for residents of states that recognize them (currently CA, CO, CT, TX, OR, and others as they take effect). Because we do not sell or share personal information in the first place, the practical effect of a GPC signal is to confirm and document that posture.
- Sensitive data and consent. Some state laws (notably CO, CT, VA, OR, MT, DE, NH, NJ, MD, MN) treat information revealing sex life, sexual orientation, immigration status, precise geolocation, and biometric data as "sensitive data" requiring opt-in consent. By creating an account or submitting a scan, you consent to our processing of the limited sensitive data necessary to operate the service (e.g., a profile photo, stated intentions, and DOB used to run an optional U.S. sex-offender-registry check). We do not collect precise geolocation, immigration status, or biometric identifiers as defined under state biometric laws, and we do not use sensitive data for advertising or profiling. You may withdraw consent at any time by deleting your account from Settings → Delete Account.
- Washington "My Health My Data" Act (and similar consumer-health laws in Nevada and Connecticut). To the extent any information you provide could be interpreted as "consumer health data" under RCW 19.373 (Washington) or the Nevada/Connecticut consumer-health analogs, you affirmatively consent to our limited use of that information solely to operate the service. We do not sell consumer health data, do not share it for targeted advertising, and do not use it to geofence any healthcare facility. Washington residents may request access to and deletion of any consumer health data we hold by emailing hello@no-regrets-dating.com.
- Automated decision-making (ADMT) and human review. We use automated systems for (a) ID verification (OCR + face detection) during onboarding and (b) evaluating U.S. sex-offender-registry results for scanners and members. These automated decisions can affect whether you are approved or banned. If an automated decision rejects your ID or your account, you have the right to request human review by replying to the rejection email or contacting hello@no-regrets-dating.com; a human administrator will re-evaluate your case and you may submit additional information.
- EU/UK residents (GDPR/UK GDPR). You have rights of access, rectification, erasure, restriction, portability, objection, and not to be subject to solely-automated decisions with legal effect. Our lawful bases are contract performance, legitimate interests (safety, fraud prevention), and consent where required.
- Account deletion. Delete your account at any time from Settings → Delete Account, or email hello@no-regrets-dating.com.
Section 10: Communications
- Transactional. Account, security, shipment, match, scan, and billing emails are required to operate the service and cannot be opted out of while your account is active. We do not send SMS or text messages, and we do not collect phone numbers from members or scanners.
- Marketing. Opt-in only. Unsubscribe from any marketing email at any time. We comply with CAN-SPAM for U.S. recipients.
Section 11: International Users and Data Transfers
The platform is operated from and intended for use in the United States. Cards ship within the United States only. If you access the platform from outside the U.S., your information will be transferred to and processed in the U.S. Where we transfer EU/UK personal data to vendors outside the EEA/UK, we rely on standard contractual clauses or equivalent safeguards.
Section 12: Children
The platform is strictly for users eighteen (18) and older. We do not knowingly collect personal information from anyone under 18. If we learn we have collected such information, we will delete it promptly. If you believe a minor has provided information to us, contact hello@no-regrets-dating.com.
Section 13: Changes, Contact, and Legal Notices
We may update this Privacy Policy from time to time. Material changes will be highlighted on this page and, where appropriate, notified by email. Continued use after an update constitutes acceptance.
Privacy questions, rights requests, and data-deletion requests: hello@no-regrets-dating.com.
Formal legal notices (including service of process) must be sent in writing to our mailing address for legal notices: No.Regrets.Dating., PO Box #2032, USPS Short Beach, 5 Court St, Branford, CT 06405-9991, with a courtesy copy to hello@no-regrets-dating.com.