Privacy Policy

Last updated: March 8, 2026

1. Information We Collect

Platypus Match collects the following data:

  • Account details — name, email address, password (hashed), date of birth, gender, preferences
  • Profile content — display name, bio, photos, interests, location (city/state/country), profile prompts and answers
  • Activity data — matches, messages, community memberships, reports, blocks, last active timestamp
  • Security data — IP address (at registration and each login), failed login attempts, two-factor authentication status
  • Consent records — timestamped logs of your acceptance of terms, privacy policy, and disclaimer (with IP address for legal compliance)
  • Session data — session tokens stored in the database for authentication
  • Optional data — emergency contact information (encrypted), Bluesky social handle

We do not sell personal data. We do not run ads. We do not share data with third-party advertisers.

2. How We Use Your Information

We use data to:

  • Provide and personalize the service (matching, discovery, messaging)
  • Calculate compatibility scores based on shared interests, communities, and profile content
  • Display your profile to potential matches (respecting your privacy settings)
  • Maintain safety — IP logging for abuse prevention, photo moderation, trust scoring
  • Send account-related emails (verification, password reset, security alerts)
  • Enforce our Terms of Service and investigate reports

3. Sharing of Information

We may share data only with:

  • Vendors supporting platform operations
  • Law enforcement when legally required
  • Other users, only with what you choose to reveal

We never share unnecessary personal information.

4. Data Security

We protect your data through:

  • Passwords are securely hashed (bcrypt) — we never store plaintext passwords
  • Two-factor authentication (TOTP) available for all accounts
  • CSRF protection on all forms
  • Rate limiting on login and registration to prevent brute-force attacks
  • reCAPTCHA, honeypot fields, and timing analysis to prevent automated abuse
  • Emergency contact information is encrypted at rest
  • IP addresses are logged for security purposes and stored separately from public profile data

No system is completely secure. Users share information at their own risk.

5. User Rights

Depending on your region, rights may include:

  • Accessing or editing your data
  • Requesting deletion
  • Exporting your information

Requests can be made through the My Data page or by contacting support.

6. Data Retention

Data is retained only as long as necessary for platform operation, compliance, or user account activity.

7. Children

Platypus Match is strictly 18+. We do not knowingly collect data from minors.

8. IP Address Logging

We log your IP address in the following situations:

  • At registration — stored on your user record
  • At each login — your user record is updated with the latest IP
  • When granting consent (terms/privacy/disclaimer) — logged with the consent record for legal compliance
  • When submitting data requests (export/deletion) — logged for audit purposes

IP addresses are used for abuse prevention, account security, and cooperation with law enforcement when legally required. They are not shared publicly or displayed to other users.

9. Cookies & Sessions

PlatypusMatch uses essential cookies only — specifically a session cookie to keep you logged in. We do not use tracking cookies, analytics cookies, or advertising cookies. Your session data is stored securely in our database, not in the cookie itself.

10. Open Source Transparency

PlatypusMatch is open source. You can review exactly what data is collected and how it is processed by examining our source code. We believe transparency is the foundation of trust.