Biometric Data Retention & Destruction Schedule

Last updated: May 7, 2026

This Schedule is published in compliance with the Illinois Biometric Information Privacy Act (740 ILCS 14/15(a)), the Texas Capture or Use of Biometric Identifier Act, the Washington My Health My Data Act, and equivalent laws.

What we collect

If — and only if — you provide separate written consent, Matchome collects:

• A photograph you upload, used as your profile avatar.
• A face embedding: a mathematical vector derived from facial features.

Why we collect it

• To display your avatar in matched chats (after you reveal it).
• To detect duplicate or fraudulent accounts.

We do not use biometric data for marketing, advertising, automated decision-making with legal effects, or to identify you outside the Service.

Retention

Photos and face embeddings are destroyed at the earliest of the following triggers:

1. You delete your avatar in the app.
2. You close your account.
3. Three (3) years have elapsed since your last interaction with the Service.
4. The initial purpose for collection has been satisfied.

Destruction method

• The original photo file is overwritten and deleted from primary storage and from all backups within 35 days of the trigger event.
• The face embedding is overwritten with random data and removed from the database.
• An audit-log entry is written documenting the destruction event, retained for 13 months.

Sharing

We do not sell, lease, trade, or otherwise profit from biometric information. We do not disclose biometric information to any third party except: (i) with your separate written consent; (ii) to complete a financial transaction you authorized; (iii) as required by law or valid warrant; or (iv) to a subprocessor under written contract that prohibits further disclosure and requires equivalent protections.

Security

Photos are encrypted at rest (AES-256) and in transit (TLS 1.2+). Embeddings are stored separately from PII, keyed by a salted hash. Access is logged and limited to engineering staff with a documented need.

Your rights

You can withdraw biometric consent and trigger destruction at any time in the app or by emailing privacy@matchome.ai. We respond within 30 days.