Privacy Policy

Welcome to VerifiedPhilippines ("we", "our", "us")

This Privacy Policy explains how we collect, use, disclose, and protect your personal data when you use our website, app, and related services (the "Services"). Please read it carefully.

1. Who We Are

VerifiedPhilippines is a company organized under the laws of the State of Rhode Island, with its principal place of business at 131 Lafayette Road, North Kingstown, RI 02852, USA. For privacy inquiries, contact us at [email protected]. This Policy applies when we act as a "controller" under GDPR/UK GDPR or a "business" under CCPA/CPRA in processing your personal data.

2. Scope

This Policy applies to personal data collected:

• when you use our Services via the website or app,
• when you create an account,
• during payments and transactions, and
• through communications with us (for example, support requests).

3. What We Collect

We collect the following categories of personal data:

• Identification and Contact Data – name, email address, age range, nationality. We do not collect your phone number.
• Account Data – login credentials, profile information, and preferences.
• Verification Data – identity documents, photos, confirmations of marital status, and, where lawful, background check confirmations and eligibility questionnaire responses.
• Transaction Data – purchases, subscriptions, invoices, and billing history.
  • Website and Direct APK: Payments are processed by PayPal. We do not store full payment card numbers on our servers.
  • Google Play Store (Android App): Payments are processed by Google Play Billing. Google handles payment card data; we receive only transaction identifiers (purchase tokens, order IDs) and subscription status from Google.
• Usage Data – pages visited, clicks, time spent, device/OS type, and approximate location. Your IP address is hashed and anonymized before storage — we do not store raw IP addresses.
• Communications – support requests, complaints, and any messages you send to us. Messages sent between users within the app are encrypted in transit and at rest. When you report a user, you may choose to export and submit parts of your conversation to our team.
• Sensitive Data – we may request government IDs or other sensitive documents only where lawful and strictly necessary for verification, with enhanced safeguards. We do not currently process biometric identifiers or biometric templates (such as facial recognition maps).
• Uploaded Media Screening – profile pictures and gallery photos you upload are automatically analyzed by our systems to detect inappropriate or policy-violating content (for example, nudity or sexually explicit material). This screening uses algorithmic image classification. Images flagged by automated screening may be blocked, queued for human review, or removed. Verification documents (such as government-issued IDs) are reviewed by staff only and are not subject to automated content screening.

4. Sources of Data

We collect data from:

• You directly – when you sign up, complete verification, purchase a plan, or contact support.
• Automatically – via your device/browser when you use our website.
• Third parties – payment processors (PayPal, Google Play Billing), analytics providers, ID verification vendors, and background check providers, where applicable and lawful.

5. Purposes and Legal Bases for Processing

We use your personal data for the following purposes and legal bases:

• Provide Services & Support – to operate the platform, manage accounts, and provide customer support (contract performance).
• Create & Manage Accounts / Identity Verification – to verify user authenticity, manage access tiers, and protect community safety (contract performance; legitimate interests; consent where required).
• Personalize Experience – to tailor recommendations and interactions (legitimate interests; consent where needed).
• Payments & Fraud Prevention – to process subscriptions and prevent fraud or abuse (contract necessity; legal obligation; legitimate interests).
• Marketing & Communications – to send offers, updates, and service information (consent or legitimate interests; opt-out available at any time).
• Security & Compliance – to comply with legal obligations, enforce our Terms, and protect the rights and safety of users (legal obligation; legitimate interests).
• Analytics & Improvement – to understand how the Services are used and improve features (legitimate interests; consent where applicable).

Under GDPR/UK GDPR, our lawful bases include: consent, contract necessity, legitimate interests, legal obligation, and, where relevant, substantial public interest. We apply data minimization and proportionality principles.

6. Sharing and Disclosure

We may share personal data with:

• Service Providers / Processors – hosting providers, infrastructure vendors, analytics services, payment processors (e.g. PayPal, Google Play Billing), ID verification and background check providers acting on our instructions.
• Business Partners – where you explicitly consent or where permitted by law.
• Authorities and Regulators – when required by law, to protect safety and rights, or to respond to lawful requests and legal processes.
• Corporate Transactions – if we are involved in a merger, acquisition, or sale of assets, data may be transferred under appropriate safeguards.

We do not sell personal data.

7. International Transfers

Your data may be transferred to and processed in countries with different data protection standards from your own. Where required, we use appropriate safeguards such as EU/UK Standard Contractual Clauses (SCCs) or equivalent lawful mechanisms to protect your personal data during such transfers.

8. Data Retention

We retain personal data only as long as necessary or legally required. Typical retention periods are:

• Account data: Retained for the lifetime of the account and deleted upon account deletion, subject to limited legal and security exceptions described in our Deletion Terms.
• Transaction & billing data: 7 years, as required for tax and audit compliance.
• Chat photos and videos: 90 days (3 months) from upload, then permanently deleted.
• Verification data: 30 days after verification is completed or rejected.
• Support & ticket data: 7 days after the support case is closed.
• Marketing & communications data: Until you opt out of marketing communications.
• Consent records: Retained permanently. Records of your consent (e.g., registration, payments, account deletion confirmations, and other significant actions) are retained so we can demonstrate compliance, even if you later delete your account.

Important: Transaction and billing data (including invoices) are retained for 7 years and cannot be deleted upon account deletion. Download your invoices before deleting your account if you need them for your records.

9. Consent Records

We maintain permanent records of consents you give while using the Services, including:

• Agreement to the Terms of Service and this Privacy Policy at registration.
• Consent to payment processing at each transaction.
• Confirmation of account deletion requests.
• Consent to or withdrawal from marketing communications.
• Any other significant consent actions captured through the website or app.

These consent records are retained even if you delete your account, to meet legal and regulatory obligations.

10. Your Rights

Depending on your location and applicable law (e.g. GDPR, UK GDPR, CCPA/CPRA), you may have rights to:

• Access your personal data and obtain a copy.
• Rectify inaccurate or incomplete data.
• Request deletion of your data in certain circumstances.
• Restrict or object to certain processing.
• Withdraw consent where processing is based on consent.
• Exercise data portability rights, where applicable.
• Opt out of profiling or "sale/sharing" of personal information where such concepts apply.

To exercise these rights, contact us at [email protected]. You also have the right to lodge a complaint with your local data protection authority.

11. Children's Privacy

Our Services are not intended for individuals under 18 years of age. We do not knowingly collect personal data from children. If we become aware that a child has provided data, we will delete it.

12. Security

We use reasonable technical and organizational measures to protect your data, including encryption in transit and at rest for sensitive data (such as user messages), hashed/anonymized IP addresses, access controls, and vendor security reviews. However, no method of transmission or storage is completely secure, and we cannot guarantee absolute security.

13. Data Breach Notification

In the event of a personal data breach that is likely to result in a risk to your rights and freedoms, we will notify you and the relevant supervisory authority without undue delay and, where feasible, no later than 72 hours after becoming aware of the breach, in accordance with applicable law.

14. Cookies and Similar Technologies

Cookies and similar browser-based tracking technologies apply to our website only. Our mobile and desktop apps do not use browser cookies.

On the website, we may use cookies for:

• site functionality (e.g., keeping you logged in),
• security and fraud prevention,
• analytics to understand and improve usage, and
• personalization and, where applicable, advertising.

Where required by law, we obtain your consent before setting non-essential cookies. You can manage your cookie preferences via your browser settings at any time. Full details are in our Cookie Policy.

15. Automated Decision-Making and Profiling

We may use automated systems to detect fraud, spam, and policy violations or to support internal safety and access models. If automated decisions produce legal or similarly significant effects on you, you will be informed and may request human review where required by law.

16. Regional Notices

• EEA/UK/Switzerland: VerifiedPhilippines is the controller of your personal data. You have rights under GDPR/UK GDPR as described above. For cross-border transfers, we rely on SCCs and other lawful mechanisms.
• California (CCPA/CPRA): We do not "sell" personal information as defined by CCPA/CPRA. You have rights to know, delete, and correct your data, to limit use of sensitive personal information, and to be free from discrimination for exercising your rights.
• Canada (PIPEDA): You have rights to access and correct your personal information and to challenge our compliance with PIPEDA.
• Australia: We handle personal information in accordance with the Australian Privacy Principles.
• Brazil (LGPD): You have rights of confirmation, access, correction, anonymization, portability, deletion, and review of automated decisions.
• Singapore (PDPA): You may request access and correction of your personal data. Where required, we obtain consent and allow withdrawal of consent.

17. Third-Party Links and Services

The Services may contain links to third-party websites or services that are not operated by us. We are not responsible for the privacy practices of such third parties. We recommend reviewing their privacy policies separately.

18. Changes to This Policy

We may update this Privacy Policy from time to time. When we do, we will post the updated version with a new "Last updated" date. For significant changes, we may also provide additional notice via email or in-app notification.

19. Contact

Questions or requests regarding this Policy can be sent to: [email protected].

If you are in the EU, you may also contact your local supervisory authority. In the UK, you may contact the Information Commissioner's Office (ICO). In California, you may contact the California Privacy Protection Agency.