Glow
Privacy Notice
1. About this Notice
This Privacy Notice explains how Glow and the entity operating Glow ("we", "us" or "our") collect, use, share and otherwise process personal data in connection with the Glow adult dating and social discovery service, including the Glow mobile application, related websites, support channels, safety tools and in-app purchase features. It also explains your rights and the main choices available to you.
This Notice should be read together with our Terms of Use, other eventual guidelines (e.g. Community Guidelines) and any feature-specific or just-in-time notices shown inside the app. Where a specific workflow requires an additional disclosure or consent prompt, the in-flow notice supplements this Notice and should be read together with it.
Glow is intended only for adults aged 18 or over. We do not knowingly permit minors to access or use the service. If we have reason to believe that an account holder may be underage, we may request age verification, restrict access, suspend the account, or remove the account from the service.
2. Who We Are and How to Contact Us
Data controller: Flexbox Kereskedelmi és Szolgáltató Korlátolt Felelősségű Társaság (registered seat: 2724 Újlengyel, Nyári Pál utca 15., company registration number: 02-09-084796, EU identifier: HUOCCSZ.02-09-084796, EU tax ID: HU27284450)
General privacy contact: privacy@glow.support
General business contact / website: www.glow.support
Data Protection Officer / dedicated privacy lead (if applicable): privacy@glow.support
3. Personal Data We Process and Where It Comes From
3.1 Data you provide directly
- Account and sign-in data, such as your mobile number, e-mail address, social sign-in details (for example Apple or Google account data made available to us), and related authentication metadata.
- Basic profile data, such as your display name, date of birth, age-related information, spoken languages, biography, relationship goals, work and education details, interests and other profile content you choose to provide.
- Preference, privacy-setting, consent-version and matchmaking data, such as your preferred age range, distance, desired match criteria, special-category consent version records, and other preference settings used to present or rank profiles.
- Communications and support data, such as messages you send to us, appeal requests, help-desk interactions, and evidence or explanations you submit during a report, suspension or review process.
- Media and content you upload or share, such as public profile pictures, private images or videos, audio messages and other user-generated content.
3.2 Data relating to special-category or otherwise highly sensitive profile fields
Depending on what you choose to add to your profile or use in a feature, we may process information revealing or closely linked to sexual orientation, sexual preferences, sexual role or intimate compatibility criteria, sexual-health or safer-sex information, disability or neurodiversity-related information, ethnicity, religious or philosophical beliefs, political views, and similar sensitive profile attributes. Some of these data types are special-category personal data under Article 9 GDPR. Others may not always fall strictly within Article 9, but we still treat them as highly sensitive within Glow because of the service context.
3.3 Data we collect from your device and from use of the service
- Approximate location data and distance-related signals used to show nearby profiles and location-based recommendations while the app is actively used with location permission enabled.
- Session, device and technical data, such as device type, operating system, app version, crash data, IP address, log records, app-instance identifiers, advertising identifiers (where applicable), fraud signals and similar telemetry.
- Usage and interaction data, such as likes, superlikes, matches, unmatches, blocks, reports, subscription status, entitlement events, feature usage, online/active status indicators, and related timestamps.
3.4 Data we receive from other users and third parties
- Other users may create data about you when they like, match, block, report, appeal, mention or otherwise interact with your profile, messages or media.
- App stores and payment platforms may provide us with transaction and entitlement information necessary to activate purchases, validate subscriptions, handle refunds, respond to chargebacks and keep appropriate records.
- Verification and safety providers may provide verification results, liveness or age-check results, and limited metadata required to confirm that the verification step was completed and to enforce adult-only and anti-abuse rules.
- Social sign-in providers may provide us with the basic identity and authentication data necessary to complete sign-in, depending on the login method you choose.
5. Special-Category Data and Explicit Consent
Glow is an adult dating and discovery service. Certain profile fields and features necessarily concern intimate or otherwise highly sensitive matters. Before a user first completes a designated special-category or otherwise highly sensitive profile field, Glow presents a clear, active consent step explaining the nature of the relevant data, the main in-app uses of those data, and how consent can later be withdrawn.
The first time a user attempts to complete a designated special-category field, the app presents an explicit consent panel and records the consent version accepted by that user. If the user does not consent, the relevant field cannot be completed or used. Glow may maintain a versioned register of designated sensitive fields so that, if new sensitive fields are introduced or an existing field later becomes designated as sensitive, the user can be notified and asked for renewed explicit consent before that field is completed or further used. Once consent is given for the then-current version, Glow does not repeat the same consent gate for other designated fields covered by that same version, but the user can later withdraw consent in the settings area and trigger deletion or deactivation of the active special-category profile fields, subject to any lawful safety, abuse-handling or legal-retention exception.
Ethnicity, religion / religious practice and political views are not used as public Explore filters or ranking inputs.
Where you mark a profile field as private, that field is not shown on your public profile. However, if you have expressly consented to the relevant special-category processing under the then-current consent version, certain private fields may still be used internally for compatibility calculations, profile ranking and core matching logic to the extent described in the app flow and this Notice.
6. How We Use Personal Data and Our Main Legal Bases
The table below summarises the main processing purposes currently contemplated for the launch model. Some workflows combine more than one legal basis (for example, contract plus explicit consent for special-category inputs, or contract plus compliance with device-permission requirements).
| Purpose / activity | Typical data used | Main legal basis |
|---|---|---|
| Create and administer accounts; authenticate users; maintain core account records | Sign-in identifiers, account metadata, device and security data, support records | Contract; legitimate interests for security |
| Operate location-based discovery and nearby-profile presentation | Approximate location, distance signals, session data, onboarding match criteria | Contract; device permission / consent where required |
| Create, display and manage public / private profile content | Profile fields, photos, media, biography, interests, preferences | Contract; explicit consent where special-category data are involved |
| Compatibility scoring, ranking, recommendations and core matchmaking logic | Profile data, private / public preference data, likes and interaction signals | Contract; explicit consent for special-category inputs used in matching |
| Provide messaging, media sharing, likes, matches and related interaction features | Messages, images, videos, audio messages, likes, matches, blocks, timestamps | Contract |
| Moderate content, process reports, prevent fraud and enforce community rules | Reports, evidence, uploaded content, message content, log data, risk signals, verification results | Legitimate interests; legal obligations where applicable; contract where necessary to operate the service safely |
| Provide optional verified status and carry out safety / age checks where required | Selfies, liveness / verification data, age / document data, device-network signals, verification results | Legitimate interests and contract; explicit consent or other applicable basis for specific face / biometric workflows as legally required |
| Administer subscriptions, purchases, refunds, chargebacks and financial records | Purchase status, store transaction data, entitlement data, accounting records | Contract; legal obligations; legitimate interests |
| Send service messages and, where permitted, marketing or re-engagement communications | Notification tokens, account contact details, activity / preference data | Contract or legitimate interests for service messages; consent where required for marketing |
| Operate analytics, crash reporting, service improvement and limited advertising features | Technical identifiers, usage events, ad / device identifiers, analytics data | Legitimate interests for strictly necessary analytics and security telemetry; consent where required for non-essential analytics, advertising or tracking |
| Defend legal claims, answer lawful requests and preserve evidence | Any data reasonably necessary for the relevant claim, request or dispute | Legal obligations; legitimate interests; establishment, exercise or defence of legal claims where relevant |
For the avoidance of doubt, any de-identified or aggregated statistics we generate about the service do not authorise a model in which deleted users’ raw profile content, images, private media or messages are retained for general machine-learning training merely by removing direct identifiers.
7. Location Data and Online / Active Status
Glow is designed as a location-based service. Approximate location is used to show nearby profiles and to support location-sensitive matching and discovery features. The intended launch logic is that location is refreshed during active foreground use, rather than through persistent background location tracking for discovery purposes.
While the app is actively open, the app may send periodic heartbeat signals in order to maintain session state and, where the feature is enabled, an online / active indicator that may be shown to other users and used in availability-related filters. The heartbeat itself does not require GPS data. When location permission is enabled and a foreground update includes approximate location data, Glow may refresh nearby-profile and distance-related presentation accordingly.
If you disable location permission, certain nearby-discovery features may not work or may be substantially limited. The online / active indicator may still rely on heartbeat or session data even where no location data are sent. The in-app information shown when location access is requested should explain this clearly.
8. Matching, Recommendations, Filters and Automated Processing
Glow uses automated systems to organise discovery and recommendation features, including Explore, For You, likes / matches, content ordering and safety pre-screening. The exact inputs vary by feature. Some onboarding criteria relating to who you are and whom you are looking for may function as basic eligibility criteria for profile presentation. Other preferences usually affect ordering, scoring or prominence rather than creating a complete exclusion.
Public Explore filters are intended to act only on values that the other user has chosen to make public. Ethnicity, religion / religious practice and political views are not used as public search filters or as ranking inputs.
The For You / compatibility logic may use both public profile data and, where you have chosen to provide them and have expressly consented where necessary under the then-current sensitive-field consent version, certain private profile fields for internal compatibility scoring and ordering. These private fields are not shown to other users merely because they are used internally for ranking.
Glow also uses automated tools for moderation and fraud-detection purposes, including screening of certain media uploads and other content for prohibited material, safety indicators or integrity risks. We do not currently describe the launch model as involving solely automated decisions that produce legal effects or similarly significant effects within the meaning of Article 22 GDPR. However, certain uploads may be automatically blocked when they clearly breach the technical or safety rules applied to that upload type. Account-level restrictions and safety actions may involve automated triage combined with human review under our moderation processes.
9. Messages, Media Uploads and Moderation
Glow enables one-to-one interaction after a mutual match. Users may exchange text messages, images, videos, audio messages and other supported content types. We process this content to provide the messaging service, to deliver and display it to the relevant participants, and to keep the service safe and functional.
Uploaded media and certain messages may be analysed using automated tools to detect prohibited content, harmful content patterns, apparent minors, spoofing or impersonation indicators, multi-face images where not allowed, text overlays, nudity / NSFW classification and similar moderation signals. Public profile photos are subject to stricter rules than private media. Certain clearly prohibited uploads may be rejected automatically at upload stage.
Users can also block and report others. Reports may include structured report categories, free-text explanations and optional evidence such as screenshots or other files. Report records, moderation evidence and related account-risk signals are used for safety, abuse prevention, community-rule enforcement, appeals handling and, where necessary, legal defence.
Where legally required and operationally appropriate, users may request review of account-level restrictions through the review channel identified in the app or this Notice. Automatic rejection of a specific upload does not necessarily create the same review pathway as an account-level suspension or removal.
10. Verification, Liveness and Age / Safety Checks
Glow contemplates optional and mandatory verification workflows. An optional liveness or verification step may be offered so that a user can obtain a verified-profile badge. In addition, Glow may request or require a verification or age-check step where this is necessary for fraud prevention, bot reduction, impersonation control, underage concerns or other trust-and-safety reasons.
Depending on the workflow, verification may involve face images, short video / selfie data, liveness analysis, date-of-birth information, identity-document information, device or network signals and the resulting pass / fail or confidence output returned by the verification provider. Glow uses this data only for the relevant verification, safety and access-control purpose and not for marketing.
11. Service Messages, Push Notifications and Marketing
We may send operational notifications and service communications such as security alerts, sign-in confirmations, new-message notices, match notifications, purchase and entitlement notices, policy updates, support replies and other service-related messages.
We may also send marketing or re-engagement communications, including promotional push notifications, only where we have a valid legal basis, including consent where required by law. You can usually control push notifications through your device settings and, where offered, through relevant in-app preference settings. Turning off marketing messages does not prevent us from sending essential service messages.
12. Analytics, Advertising, Cookies and Similar Technologies
Glow and its related websites may use cookies, local storage, device identifiers and similar technologies (for example Firebase Analytics, Microsoft Clarity and Google AdMob) for authentication, security, fraud prevention, crash reporting, service analytics, ad delivery, measurement and related operational purposes. Where applicable law requires consent for non-essential technologies, those technologies are activated only after the required consent has been obtained.
The free tier of Glow may display advertising. Paid tiers may be ad-free. If Glow later enables personalised advertising, additional transparency and consent controls may be required inside the app and this Notice shall be updated before that change goes live.
13. Sharing and Recipients
We share personal data only where this is necessary for the operation of Glow, required by law, needed for safety or fraud prevention, or otherwise justified on a proper legal basis. Depending on the workflow, we may disclose data to the following categories of recipients:
| Recipient category | Typical examples and reason for sharing |
|---|---|
| Cloud hosting, infrastructure and content delivery | Hosting, databases, storage, backup, CDN and website infrastructure providers (for example Fly.io and Amazon Web Services services such as Cognito, S3, CloudFront or Amplify) used to run the service. |
| Authentication and social sign-in providers | Login providers and identity services (for example Apple, Google and authentication vendors) used to enable account access and sign-in security. |
| Messaging and communications providers | Messaging infrastructure, notification and chat-service providers (for example Stream and Firebase) used to deliver chats, notifications and related communication features. |
| Verification, moderation and safety providers | Verification, age-check, liveness, content screening and safety vendors (for example Microsoft services, Veriff, and image / content-analysis tools) used to validate users, reduce abuse and moderate uploads. |
| AI or compatibility-support vendors | If used in the live configuration, specialised vendors assisting compatibility analysis, ranking support or content tooling (for example API-based AI service providers). |
| App stores, payment partners and financial counterparties | Apple App Store, Google Play and related payment or chargeback counterparties for purchase processing, entitlements, refunds, tax or accounting records. |
| Analytics and advertising partners | Providers used for analytics, measurement, ad delivery or consent management where lawfully enabled. |
| Professional advisers, auditors, insurers and authorities | Lawyers, auditors, insurers, law-enforcement bodies, courts, regulators or other parties where disclosure is required or reasonably necessary for claims, safety, fraud prevention or compliance. |
| Corporate transaction counterparties | A buyer, investor, financing source or transaction adviser, to the extent relevant in a corporate reorganisation, investment, merger or sale, subject to appropriate confidentiality protections. |
When you use third-party sign-in or purchase through an app store, those third parties also process your data under their own terms and privacy notices. Their processing is not governed solely by this Notice.
14. International Data Transfers
Some of our service providers or group / operational arrangements may involve processing outside the European Economic Area, the United Kingdom or Switzerland. Where this happens, we rely on an adequacy decision, the European Commission’s Standard Contractual Clauses, or another lawful transfer mechanism available under applicable data-protection law. You can request more information about the transfer mechanism relevant to your data by contacting us.
15. How Long We Keep Data
We keep personal data only for as long as necessary for the purpose for which it was collected, unless a longer period is required or justified by law, safety needs, abuse handling, evidence preservation, legal claims, financial record-keeping or a documented legal hold. We also apply differentiated retention rules because not every data type is used for the same purpose or has the same risk profile.
If you delete your account, your profile should cease to be available in ordinary use without undue delay. Residual copies may remain for a limited time in protected systems, backups and operational queues, including protected backup copies retained for up to 10 days under the current draft model, and some data may need to be retained longer where there is an unresolved report, safety issue, fraud concern, chargeback, legal claim or similar matter.
The retention schedule otherwise is set out in Annex 1.
16. Security
We use appropriate technical and organisational measures designed to protect personal data against accidental or unlawful destruction, loss, alteration, unauthorised disclosure or access. These measures include access controls, environment separation where appropriate, logging, authentication safeguards, vendor controls and other security practices proportionate to the nature of the service and the sensitivity of the data involved. No service can guarantee absolute security, but we aim to reduce risk and respond quickly where a problem is identified.
17. Your Rights
Depending on applicable law and the circumstances of the particular processing, you may have the following rights:
| Right | What it generally means | Important limits / notes |
|---|---|---|
| Access | Ask whether we process your data and receive a copy of the personal data relating to you, together with the information required by law. | We may redact information that would adversely affect the rights of other users, reveal reporter identities, or undermine fraud-prevention and safety controls. |
| Rectification | Ask us to correct inaccurate or incomplete personal data about you. | We may ask for evidence where a correction request concerns disputed factual matters. |
| Erasure | Ask us to delete your data in circumstances where the law provides that right. | We may keep data that is still needed for safety, legal claims, transaction records, fraud prevention or another lawful retention reason. |
| Restriction | Ask us to limit certain processing while a dispute is assessed. | Restriction is not an absolute right and depends on the legal grounds applicable to the request. |
| Objection | Object to processing based on legitimate interests, including certain profiling or direct marketing uses. | Where we have compelling overriding grounds or a separate lawful basis, the processing may continue to that extent. |
| Data portability | Receive certain data you provided to us in a structured, commonly used, machine-readable format, and where technically feasible have it transmitted to another controller. | This applies only in the cases provided by law, mainly where processing is based on consent or contract and carried out by automated means. |
| Withdraw consent | Withdraw any consent you previously gave, including special-category profile consent or optional marketing consent. | Withdrawal does not affect processing already carried out before the withdrawal and may mean that certain features become unavailable. |
| Complaint | Lodge a complaint with a competent supervisory authority. | You may also contact us first so that we can try to resolve the matter directly. |
You can also delete your account directly in the app where that functionality is available. Rights requests, appeal requests and privacy-related questions can also be sent to privacy@glow.support. We may need to verify your identity before acting on a request, and we may request clarification where a request is unusually broad or technically complex. Where a request concerns interactions with other users, we may respond in event-log or metadata form - for example by providing the timestamp, activity type and, where appropriate, a display name or other limited context already visible to you - while withholding or redacting unique identifiers, reporter status and other information that would directly reveal another user's account beyond what was already available to you. We will normally respond within the period required by applicable law.
18. Changes to this Notice
We may update this Notice from time to time to reflect legal, operational, technical or product changes. Where the change is material, we will take appropriate steps to bring the update to your attention, for example through the app, by e-mail, or through another suitable communication channel.
Annex 1 — Current Draft Retention Schedule
| Data / record type | Draft retention rule | Key note |
|---|---|---|
| Active account records | For as long as the account remains active. | Includes core sign-in, profile and service records needed to run the account. |
| Inactive accounts | Review, deactivate or remove after 12 months of inactivity unless a longer retention need exists. | The inactivity period is reset upon any successful sign-in. Accounts with active paid services or pending legal holds are exempt from automatic removal. |
| User-requested account deletion | Profile removed from ordinary use without undue delay; active-system deletion completed within the period reasonably necessary to process the request; protected backup copies up to 10 days; residual administrative or evidence records longer where justified. | Aligns with standard GDPR right-to-erasure handling; residual administrative records should be strictly minimised and access-controlled. |
| Messages and chat attachments | Kept for as long as the conversation remains available to participants and for the period reasonably necessary for service continuity, backups, safety, appeals and legal claims. | Deleting an account does not necessarily remove content already delivered to another user’s conversation history. |
| Public and private uploaded media outside chat | Kept while relevant to the active profile, album or feature and removed after closure / deletion subject to backup, report and legal-hold rules. | Public profile photos are moderated more strictly than private media. |
| Reports, moderation files and evidence bundles | Normally up to 6 months after ordinary case closure; up to 12 months for serious safety, fraud, impersonation or underage matters; longer for a documented legal hold or ongoing dispute. | This reflects the current legal recommendation previously discussed with the client. |
| Verification / liveness / age-check data | For the shortest period necessary for the verification workflow, badge maintenance or enforcement decision, and no longer than the account lifecycle unless safety or legal retention requires otherwise. | Represents a high-risk data category; strict data minimization and access controls must be enforced, particularly regarding biometric or official ID data. |
| Security and technical logs | Generally up to 12 months, unless longer retention is needed for incident investigation, fraud handling or legal compliance. | Longer retention should be documented if used. |
| Ban-prevention or exclusion identifiers | Normally up to 12 months after the ban / restriction ends or the last relevant safety event, unless a longer period is required to prevent repeated abuse or defend legal claims. | May include login identifiers, IP data, device / technical identifiers and ban metadata. |
| Financial, tax and transaction-supporting records | For the period required by applicable accounting, tax or consumer-law obligations. | App-store purchase processing remains subject to the relevant platform’s own records and notices. |
| De-identified or aggregate statistics | May be kept longer if they no longer identify any individual. | This does not authorise keeping raw deleted-user content for general ML training merely by removing direct identifiers. |