Privacy Policy

Your privacy,by design.

Heyzzle is an audio-first dating app - you connect through anonymous voice calls, and your photos stay hidden until you choose to share them. We built everything else the same way. Here’s exactly what we collect, why, and the control you have over it.

Never sold to anyone Calls are never recorded Delete your data anytime

Effective 12 May 2026 · Last updated 12 May 2026

01Introduction

Heyzzle (“we,” “us,” or “our”) provides the Heyzzle mobile app for iOS and Android, related web pages, and the services that power them (together, the “Service”). Heyzzle is an audio-first dating app: people are matched 1-on-1 for live, voice-only calls, and profile photos are shared only if both people choose to reveal them.

This Privacy Policy explains what personal data we collect, why we collect it, how we use and protect it, and the control you have over it. For privacy questions or requests, contact [email protected].

By using Heyzzle, you agree to the practices described in this policy. If you do not agree, please do not use the app.

02Data we collect

2.1 - Account & profile data

When you create an account and set up your profile, we collect:

Email address
Account creation, signing you in, and essential service emails.
Display name
Shown on your profile.
Age
Confirming you are 18 or older, and matchmaking. Cannot be changed once set.
Gender
Matchmaking. Cannot be changed once set.
Bio
Optional short self-description on your profile.
Profile photos
Up to six, optional. Kept separate from the rest of your profile and shown to a match only when you both choose to reveal photos during or after a call.

2.2 - How you sign in

You sign in with your email address, or with “Sign in with Google.” If you use Google sign-in, Google shares your basic Google account information (such as your name, email address and profile picture) with us. We keep you signed in securely.

2.3 - Data we collect automatically when you use the Service

  • Sign-in and session data that keeps you logged in and lets us protect your account: your IP address, basic device or browser information, and when your sessions start and expire.
  • Call records: who took part in a call, whether it used a free or paid credit, and when it started and ended.
  • Post-call feedback you submit: a 1–5 star rating, optional feedback tags, and a like / not-like signal.
  • How many free calls you have left for the day, which resets on a daily basis.
  • If you report and block someone: a record that one account has reported and blocked the other.
  • Technical logs (such as error reports and basic request information) used to keep the Service running and secure.

2.4 - Call audio

Your calls are encrypted, and we do not record, listen to, or store their contents. If a direct connection between participants isn’t possible, your encrypted audio is passed through relay servers that forward the traffic without being able to access what is said. Microphone access is needed only so you can be heard during calls.

2.5 - Approximate country (from your IP address)

To group you with people in a similar region, we derive your approximate country from the IP address your device uses to reach our servers, via our network provider (Cloudflare). This happens at the moment of matchmaking and is not stored against your account. We do not request device-location permission, do not read GPS coordinates, and do not use Wi-Fi or cell-tower positioning. Country-level is the only granularity we use.

2.6 - Device permissions

Microphone
Required to take part in voice calls.
Photo library
Used only if you choose to add a profile photo from your photos. Heyzzle’s calls are audio-only and we do not request camera access.

We do not access your location, contacts, calendar, or messages.

2.7 - In-app purchases

If you buy packs of additional call credits through the Apple App Store or Google Play, we store:

  • Which store you used (Apple or Google)
  • A transaction reference from the store
  • How many call credits you bought, and your remaining balance
  • The date of purchase

We do not receive or store your payment-card details - Apple and Google handle the payment. We pass your purchase receipt back to Apple or Google to confirm it is valid before crediting your account.

2.8 - Sensitive information

Using a dating app, together with your gender and matching preferences, can reveal information about your sexual orientation or sex life. We treat this as sensitive personal data and rely on your explicit consent - given when you create your profile and use the matching features - to process it for the sole purpose of providing the Service. We do not use this information for any other purpose, and we do not sell or share it.

2.9 - What we don’t collect or do

Heyzzle includes no third-party advertising or analytics SDKs, does not build advertising profiles, and does not sell your personal data or use it to train AI models.

03How we use your data & legal basis

We use your data for the purposes below. If you are in the EEA or UK, the GDPR legal basis for each is shown alongside it.

Create and operate your account and profile
Contract Necessary to provide the Service.
Match you with other users and connect your voice calls
Contract Core service function. For data that may reveal your sexual orientation, we also rely on your Explicit consent.
Reveal profile photos on mutual consent
Contract / Consent
Verify you are 18 or older
Legal obligation / Legitimate interests Keeping the Service adults-only.
Process in-app purchases and maintain your credit balance
Contract Fulfilling your transaction.
Safety, anti-abuse, anti-fraud, usage limits, blocking
Legitimate interests Protecting users and platform integrity.
Post-call ratings and feedback; service quality
Legitimate interests Improving the Service.
Send transactional emails (e.g., your sign-in code)
Contract
Microphone and photo library device access
Consent Withdrawable in your device settings at any time.
Keep the Service secure; investigate incidents; comply with law
Legitimate interests / Legal obligation

Our legitimate interests above are in running, securing and improving a trustworthy dating service. You can object to processing based on legitimate interests - see “Your rights”.

We do not use your data for advertising, sell it to third parties, or use it to train AI models.

04Data sharing

We do not sell your data. We share it only with service providers that help us run the Service, under contracts that require them to protect it:

4.1 - Hosting and infrastructure

We rely on third-party cloud hosting and infrastructure providers to run the Service - they host our servers, store your account data and profile photos, help deliver our emails, and keep technical logs. They process this data only on our behalf, under contractual data-protection obligations, on infrastructure that may span several countries.

4.2 - Apple and Google (purchases & sign-in)

Apple and Google process in-app payments and confirm that your purchases are valid. Google also provides “Sign in with Google.” We don’t share your personal data with them beyond what is needed for these functions.

4.3 - Call relay providers

When your device can’t connect directly to the other person’s, your encrypted call audio is passed through relay servers run by specialist providers. These servers only forward the traffic and cannot access what is said; the provider’s handling of connection data is governed by its own privacy policy.

4.4 - Other users

Other users see only the profile information you choose to make visible - for example, your name and bio during a match, and your photos if you choose to reveal them.

4.5 - Legal requirements and business transfers

We may disclose your data where required by law, court order, or to protect the rights, property or safety of Heyzzle, our users, or others. If Heyzzle is ever involved in a merger, acquisition or asset sale, data may be transferred as part of that transaction, subject to this Policy.

We do not sell, rent, or share your personal data with advertisers, data brokers, or any other commercial third parties.

05International data transfers

Our hosting and infrastructure providers, and the app stores (Apple, Google), operate globally, so your data may be processed in the United States and other countries outside the EEA/UK. Where we transfer personal data of EEA/UK users outside those regions, we rely on appropriate safeguards - principally the European Commission’s Standard Contractual Clauses (and the UK Addendum / IDTA), together with the supplementary measures our providers apply. You can request a copy of the relevant safeguards by emailing [email protected].

06Data retention

Account & profile, including photos
Until you delete your account.
Login sessions
Up to 30 days.
Email sign-in codes
Short-lived; expire automatically.
Free-call counter
About 24 hours (auto-expires).
Call records & ratings
Kept while your account exists; disconnected from your identity when you delete your account.
Purchase records
Retained for accounting, tax and audit; disconnected from your account when you delete it.
Technical logs
Short-term only.

When you delete your account, we delete your profile and all stored profile photos and clear your daily-usage data.

07Your rights

Depending on where you live, you may have some or all of these rights:

Access
Get a copy of the personal data we hold about you.
Rectification
Correct inaccurate data. You can edit most profile fields in the app; age and gender are fixed once set - email us if either is wrong.
Erasure
Delete your account in the app - this removes your profile and photos (how to delete your account) - or ask us to delete your data.
Restriction
Ask us to limit processing in certain cases.
Objection
Object to processing based on our legitimate interests.
Data portability
Receive certain data in a portable, machine-readable format.
Withdraw consent
Turn off microphone or photo library access in your device settings at any time; this doesn’t affect processing already carried out.

We do not make decisions producing legal or similarly significant effects about you solely by automated means; our matching uses the basic preferences you set, not automated profiling.

To exercise any of these rights, contact [email protected]. We will respond within 30 days (extendable where the law allows; we’ll tell you if we need more time), and we may need to verify your identity first. EEA/UK users may also lodge a complaint with their local supervisory authority - in the EEA, your national Data Protection Authority; in the UK, the ICO.

Note: call records that have been disconnected from your identity, and purchase records kept for financial compliance, may be retained after account deletion.

08California privacy rights (CCPA/CPRA)

In the past 12 months we have collected these categories of personal information: identifiers (email, name, account/user IDs, IP address); customer records (age, gender, bio, profile photos); commercial information (in-app purchase records); internet/network activity (app usage tied to calls and feedback, technical logs); approximate country derived from your IP address (used only at the moment of matchmaking); and audio information (live call audio, which we do not record). We do not build inferences for advertising.

Some of this - data that may reveal sexual orientation - is “sensitive personal information”; we use it only to provide the Service and do not use or disclose it to infer characteristics. We do not “sell” or “share” (for cross-context behavioral advertising) personal information, and have not done so in the past 12 months.

California residents have the right to know, the right to delete, the right to correct, the right to limit the use of sensitive personal information, and the right not to be discriminated against for exercising these rights. Submit requests to [email protected]; you may use an authorized agent, and we will verify the request as the law permits.

09Children’s privacy

Heyzzle is strictly for adults. You must be at least 18 years old to use it. We collect your age at sign-up to enforce this and do not knowingly collect personal data from anyone under 18 (or under 13 in the United States). If you believe a minor has created an account, please contact us and we will remove it.

10Data security

We use technical and organizational measures appropriate to the risk, including:

  • Encryption of your data while it travels over the internet
  • Calls encrypted between devices; call audio is never recorded or stored by us
  • Sign-in credentials kept in your device’s protected storage
  • Access controls so your data is available only to your account
  • Limits and abuse protections on sensitive actions like signing in and making purchases
  • Profile photos stored separately and not listed or indexed publicly

No method of transmission or storage is 100% secure, so we cannot guarantee absolute security.

11Data breach notification

If a personal data breach occurs that is likely to result in a risk to your rights and freedoms, we will notify the competent supervisory authority without undue delay and, where required, within 72 hours of becoming aware of it, and we will inform affected users without undue delay where the breach is likely to result in a high risk to them.

12Changes to this policy

We may update this Privacy Policy from time to time. We will revise the “Last updated” date at the top, and for significant changes we will take reasonable steps to let you know - for example, a notice in the app or an email. Continued use of Heyzzle after an update constitutes acceptance of the revised policy.

13Contact us

Questions about this policy or your data? Reach us anytime.

[email protected]

This privacy policy was last updated on 12 May 2026.