Privacy Policy

Arvelune (“we”, “our”, or “us”) is committed to protecting your personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard your data when you use our platform.

By creating an account or using Arvelune, you agree to the collection and use of information as described in this policy. If you do not agree, please do not use our services.

Account information: Your email address, and optionally a display name and date of birth. We never require a phone number.

Profile information: Photos, bio, interests, date preferences, and approximate location (city level). Profile photos are stored securely and blurred for other users until a verified in-person meeting.

Usage data: How you interact with the app, which features you use, and connection metadata. We do not sell this data.

Location: We collect approximate location to surface nearby matches and suggest date venues. Precise GPS is only used momentarily to verify date arrival and is not stored.

Communications: Messages sent between matched users. These are stored to deliver the service and are not read by Arvelune staff except when investigating reported violations.

We use your information solely to operate and improve Arvelune. Specifically:

• To create and manage your account
• To compute compatibility scores and surface relevant matches
• To suggest date venues based on shared interests and location
• To deliver and store messages between matched users
• To verify in-person date arrivals via OTP exchange
• To send transactional emails (verification codes, important notices)
• To detect and prevent fraud, abuse, and policy violations

We do not use your data for advertising, nor do we sell or rent it to third parties.

We share data only in the following limited circumstances:

• With matched users: Your profile (blurred until in-person verification), interests, and messages are visible to your matches as intended by the service.
• Service providers: Infrastructure partners (hosting, email delivery) who process data on our behalf under strict data processing agreements.
• Legal obligations: When required by law, regulation, or valid legal process.
• Safety: When we believe disclosure is necessary to protect the rights, safety, or property of Arvelune or others.

Profile photos are a core part of how Arvelune works. All photos are stored with encryption at rest. They are displayed in a blurred state to all users by default and only become fully visible after both parties have verified their physical presence at an agreed date location via OTP exchange.

We do not use your photos to train AI models, and we do not share them with third parties outside the scope described above.

We retain your personal data for as long as your account is active. If you delete your account, we begin deletion of your personal information within 30 days, except where we are required to retain it for legal or safety reasons.

Messages sent to other users may remain in their chat history for a reasonable period after you delete your account.

Depending on your location, you may have the following rights:

• Access: Request a copy of the personal data we hold about you
• Correction: Request correction of inaccurate data
• Deletion: Request deletion of your account and personal data
• Portability: Request your data in a structured, machine-readable format
• Objection: Object to certain types of processing

To exercise any of these rights, contact us at privacy@arvelune.com.

We use industry-standard security measures including encryption in transit (TLS), encryption at rest, hashed credentials (Argon2id), and JWT-based authentication with short-lived tokens. We conduct regular security reviews.

No system is completely secure. If you become aware of a security vulnerability, please disclose it responsibly to security@arvelune.com.

Arvelune uses minimal cookies strictly necessary for authentication and session management. We do not use tracking cookies, advertising pixels, or third-party analytics that identify you personally.

Arvelune is not intended for users under 18 years of age. We do not knowingly collect personal information from minors. If you believe we have inadvertently collected such data, contact us immediately and we will delete it.

We may update this Privacy Policy from time to time. We will notify you of material changes via email or a prominent notice on the platform. Your continued use of Arvelune after changes become effective constitutes acceptance of the updated policy.

For questions about this policy or your personal data, contact us at privacy@arvelune.com