Privacy Policy
Privacy is the product. Subtle is built to know as little as possible about you and to expose nothing to other members without your explicit approval.
What we collect
Account: an anonymous session identifier and your membership/consent status. Profile: the preferences you provide so your agent can negotiate (e.g. what you're into, hard limits, safer-sex practices). Location: a coarse, ~150-metre fuzzed point used only for proximity matching; exact coordinates are never stored at rest and are auto-deleted within 30 minutes.
Images — metadata only, never stored
If you complete a visual vetting check, your agent extracts only non-identifying attributes (e.g. general build, presentation) into structured data. The raw image is processed transiently and is NOT stored, transmitted to other members, or retained. There is no photo gallery and no face to leak. Other members never see an image of you unless you choose to share one yourselves, off-protocol, after a mutual match.
What we never do
We do not sell your data. We do not run advertising. We do not show a browsable grid of members. We do not expose your identity, exact location, or any image to another member without mutual approval.
Identity verification (optional)
If you choose identity verification for a trust badge, it is performed by a third-party provider. We receive only a pass/fail result and an opaque, one-way token to prevent duplicate accounts — never your document, name, or biometric data.
Retention
We retain the minimum necessary. Exact location self-destructs within 30 minutes; cancelled matches leave no trace; compliance logs are identity-free one-way hashes that cannot be reversed to a person or pairing.
Your rights (GDPR / CCPA)
You can delete your account and associated data at any time from the app; deletion is immediate and irreversible. You may request access to or correction of your data. Contact: privacy@entersubtle.com.