Skip to main content

Legal

Privacy Policy

Bloom Dating, Inc.

Effective Date: March 19, 2026 Last Updated: May 29, 2026

Bloom Dating, Inc. ("Bloom," "we," "us," or "our") operates the Bloom mobile application and website (together, the "Service"). This Privacy Policy explains what personal information we collect, how we use and share it, your rights regarding your information, and how to contact us.

We process some categories of information that are legally classified as "sensitive" — including location data, information that may reveal sexual orientation, and the content of your messages. We take this responsibility seriously and have designed our practices to protect your privacy at every step. We encourage you to read this policy carefully.

1. Who We Are

Bloom Dating, Inc. is a Delaware corporation headquartered in Utah.

Contact Information:

For purposes of applicable data privacy laws, Bloom is the "controller" or "business" responsible for your personal information.

2. Scope of This Policy

This policy applies to all personal information we collect through:

  • The Bloom mobile application (iOS, Android, and web versions)
  • Our website at bloom.date
  • Communications with us (email, in-app support)

This policy does not apply to third-party websites, apps, or services linked from Bloom, even if you access them through our Service. We encourage you to review the privacy practices of any third party before sharing your information with them.

3. Information We Collect

We collect three categories of information: information you provide directly, information collected automatically, and information from third parties.

3.1 Information You Provide

Account & Profile Information

When you create an account and set up your profile, you provide:

  • Name, email address, date of birth, and gender
  • Profile photos (up to 6) and optional photo captions
  • Bio and lifestyle information
  • Location (city or area)
  • Religion preference
  • Dating preferences (age range, gender preferences, distance range)

Waitlist (Website)

Before Bloom launches, you can join our waitlist at bloom.date. When you do, we collect:

  • Your name and email address
  • Your gender (Male or Female), which helps us understand and balance the makeup of the early community before launch
  • Your U.S. state and how you heard about us
  • Basic attribution data about how you reached the site (the referring URL and any campaign parameters in the link you followed)

We use this information to notify you when Bloom is available, to sequence our launch by geography, and to understand the makeup of our early audience. We do not sell it. You can ask us to delete your waitlist entry at any time by emailing privacy@bloom.date.

Communications

When you use our messaging features, we process:

  • Messages you send and receive with matches and partners
  • Date plan suggestions and responses
  • Any content you share in chat (text, future media attachments)

Voice Onboarding Audio

If you choose the voice option to set up your profile, we process:

  • The audio you speak during the onboarding conversation (your voice and any background sound captured by your microphone while a voice session is active)
  • The text transcription of that audio, generated by a third-party voice service so the conversation can move forward
  • The same text transcription is then processed by AI to populate the profile fields you discussed (name, location, bio, prompt responses, etc.)

Voice onboarding is optional. You can complete your profile by text chat or by traditional forms instead, and you can switch between modes at any time. See Section 16.3 for the third-party voice and AI providers involved, and Section 9 for retention periods.

If you use the optional dictation feature in text chat (microphone icon in the message field), the audio is transcribed on your device by the operating system's built-in speech recognition. Bloom only receives the resulting text — your dictation audio is not sent to our servers or to any third party.

Selfie Verification (optional)

If you choose to verify your profile to earn the Verified badge, we process:

  • A live selfie video captured by your device's front camera during a short on-screen challenge (the "liveness check"), used only to confirm that a real person is in front of the camera and not a photo, video replay, or deepfake.
  • A single still image extracted from that video (the "reference image"), which Bloom stores encrypted and which is used to compare against your profile photos so the badge can attest that the same person appears in all of them.
  • Confidence scores and audit entries describing each verification attempt (timestamp, success or failure reason, which profile photos were checked).

Selfie verification is optional. Your profile is fully usable without it; the badge simply makes that verification visible to other users. You can re-verify or remove your reference image at any time by deleting your account or by contacting privacy@bloom.date. Bloom never trains AI models on your selfie video, reference image, or verification audit data. See Section 6.2 for the verification service provider (AWS Rekognition) and Section 9 for retention.

Relationship Mode Data

When you and a partner use Relationship Mode, you provide:

  • Partner pairing information (invite codes)
  • Shared photo album content (photos uploaded by you or your partner)
  • Shared calendar events (dates, anniversaries, activities)
  • Shared lists (restaurants, date ideas, and custom lists you create)
  • Date plans created with your partner
  • Private notes you write about your relationship

Payment Information

If you subscribe to Bloom Premium, your payment is processed by Apple (App Store), Google (Play Store), or our payment processor. We receive confirmation of your subscription status but do not store your credit card number, bank account details, or other payment credentials.

Support & Feedback

If you contact us for support, we collect the information you provide in your message, along with your email address and any attachments you send.

3.2 Information Collected Automatically

When you use the Service, we automatically collect:

Device & Technical Information

  • Device type, operating system, and version
  • App version
  • Device identifiers (for push notification delivery)
  • IP address
  • Browser type (for web access)

Fraud Prevention and Safety Signals

To detect and prevent fake accounts, scams, and ban evasion, we collect and analyze:

  • A privacy-preserving device signal: an app-scoped device identifier that we store only in a hashed, non-reversible form. This is not an advertising identifier, and we never use it for advertising or to track you across other companies' apps or websites.
  • The IP address associated with your account at sign-up.
  • A device-integrity check (Apple App Attest or Google Play Integrity) that confirms the app is running on a genuine, unmodified device.

We use these signals only for trust and safety purposes, such as preventing fraud, fake profiles, and abuse. They are first-party safety data, not advertising or cross-app tracking.

Usage Information

  • Features you use and actions you take (such as profiles viewed, likes sent, matches made)
  • Date and time of your activity
  • Time spent in the app

Location Information

  • General location inferred from your IP address
  • Precise location if you grant location permission (used for showing your area on your profile and for date planning features)

You can control precise location access through your device settings at any time. If you disable location access, some features (such as location-based date suggestions) may be limited.

3.3 Information From Third Parties

Social Login Providers

If you choose to create your account or sign in using a third-party social login provider, we receive limited information from that provider to authenticate you and set up your account:

Provider Information Received
Apple (Sign in with Apple) Name (if you choose to share it), email address (or Apple's private relay email), and a unique account identifier
Google (Sign in with Google) Name, email address, and profile photo URL
Facebook (Continue with Facebook) Name and email address

We use this information only to create and authenticate your Bloom account. We do not access your contacts, friends lists, posts, or any other data from these providers. You can choose to use email/password registration instead of social login.

Each provider's data practices are governed by their own privacy policies: Apple, Google, and Facebook.

4. Sensitive Personal Information

Several categories of information we collect are classified as "sensitive" under US state privacy laws. We want to be transparent about this:

Sensitive Data Category How It Arises in Bloom
Precise geolocation GPS-based location for profiles and date planning
Sexual orientation Inherently revealed by your gender and matching preferences
Contents of communications Your messages with matches and partners
Sex life or dating activity Relationship status, dating history, date plans
Biometric information Only if you opt in to selfie verification. Bloom stores a single still reference image (a photograph) of you, captured by the AWS Rekognition Face Liveness check. We do not derive or store a face vector, face geometry scan, or biometric template — a face photograph is not a "biometric identifier" under Illinois BIPA, Texas CUBI, or Washington RCW 19.375. We classify it here as biometric out of conservative practice and to give you full notice. See Section 9 for retention.

Your consent matters. Before we process your sensitive personal information, we ask for your explicit opt-in consent during account setup. You can review and update your consent choices at any time in Settings > Privacy.

Limiting use of sensitive information. California residents have the right to limit our use of sensitive personal information to what is necessary to provide the Service. You can exercise this right in Settings > Privacy or by contacting us at privacy@bloom.date. When you exercise this right, we restrict processing of your sensitive data to core service functions only (matching, messaging, and relationship features you have activated).

5. How We Use Your Information

We use your information for the following purposes:

To Provide and Operate the Service

  • Create and maintain your account
  • Display your profile to potential matches (Single Mode)
  • Deliver messages between you and your matches or partner
  • Enable partner pairing and shared features in Relationship Mode
  • Process date plan suggestions and shared calendars, lists, and photos
  • Deliver push notifications about matches, messages, and relationship updates
  • Process your subscription and manage billing through our payment partners

To Improve and Personalize the Service

  • Suggest potential matches based on your preferences and profile
  • Improve our matching algorithms and features
  • Analyze how users interact with the Service to identify improvements
  • Troubleshoot bugs and technical issues
  • Power AI-assisted features including conversational onboarding, personalized conversation starters, date suggestions, and contextual personalization (see Section 16 for details and opt-out options)

To Keep You and Others Safe

  • Detect and prevent fraud, fake profiles, and scam activity
  • Enforce our Terms of Service and Community Guidelines
  • Respond to reports of harassment, abuse, or policy violations
  • Verify user age (18+ requirement)
  • Comply with legal obligations, including the Utah Online Dating Safety Act

To Communicate With You

  • Respond to your support requests and inquiries
  • Send administrative messages about your account or the Service
  • With your consent, send promotional messages about new features (you can opt out at any time)

We do not use your personal information for automated decision-making that produces legal or similarly significant effects without human involvement. If we introduce automated matching or profiling features that could have significant effects, we will provide notice and, where required by law, obtain your consent or offer an opt-out.

6. How We Share Your Information

We share your information only in the following circumstances:

6.1 With Other Users

  • Single Mode: Your profile information (photos, name, age, location, bio, and lifestyle details) is visible to other users browsing profiles. Your dating preferences are used for matching but are not displayed to other users. Messages are visible only to you and the person you are communicating with.
  • Relationship Mode: Shared content (photos, calendar events, lists, date plans) is visible to both you and your connected partner. Private notes are visible only to you.

6.2 With Service Providers

We use the following third-party service providers who process your information on our behalf under strict contractual obligations:

Provider Purpose Data Processed
Supabase (via AWS, US) Database, authentication, file storage, real-time messaging All account data, messages, photos, shared content
Firebase Cloud Messaging (Google LLC, US) Push notification delivery Device tokens, notification content, IP address
Apple / Google In-app subscription billing Subscription status, transaction IDs (not payment credentials)
Apple / Google / Facebook Social login authentication Name, email address, account identifier (only if you use social login)
Anthropic (Claude) AI-powered conversational onboarding (text and voice) Profile data provided during onboarding, conversation messages exchanged during AI onboarding chat or voice session
Google (Gemini) AI-powered conversation starters, date suggestions, contextual personalization, journey session generation Structured profile data (interests, preferences, relationship goals), couple context data (shared interests, relationship stage), behavioral signals (feature engagement patterns, preference indicators)
ElevenLabs (US) Voice transport for the optional voice onboarding mode — speech-to-text transcription, text-to-speech for Bloom's spoken replies, and real-time conversation turn-taking Microphone audio captured during a voice onboarding session, text transcripts of that audio, and the agent's spoken replies (synthesized from text generated by Anthropic via Bloom's servers)
PostHog, Inc. (US) Product analytics, feature flag delivery, and sampled session replay (see Section 8.1) Pseudonymous user identifier, event names and timestamps, screen names, masked input fields, blurred images
Google AdMob (Google LLC, US) Serving non-personalized (contextual) banner ads to free-tier users in the mobile app Approximate location (from IP address) and coarse app context, used to serve and frequency-cap contextual ads. No advertising identifier is collected and no cross-context profile is built — see Section 7
Amazon Web Services — Rekognition (Amazon Web Services, Inc., US) Optional selfie verification: a Face Liveness check (anti-spoof) and CompareFaces similarity scoring between your live reference image and each of your profile photos. Only runs if you opt in to verification. The live selfie video frames you record during the liveness challenge, the resulting reference image, and your profile photos. AWS Rekognition processes each call statelessly — it does not retain images between calls and does not use customer data to train models.

Each service provider is contractually prohibited from using your data for any purpose other than providing their service to us. We maintain data processing agreements with each provider that meet the requirements of applicable privacy laws. Neither Anthropic nor Google uses your data to train, improve, or fine-tune their AI models. Both AI providers operate under API data processing terms that prohibit training on customer data. ElevenLabs likewise does not use your audio or transcripts to train, improve, or fine-tune its models, and processes audio under its enterprise API terms (see Section 16.3 for retention details specific to voice).

We may disclose your information if we believe in good faith that disclosure is necessary to:

  • Comply with applicable law, regulation, or valid legal process (such as a subpoena or court order)
  • Protect the safety, rights, or property of Bloom, our users, or the public
  • Detect, prevent, or address fraud, security, or technical issues
  • Enforce our Terms of Service

Government and Law Enforcement Requests. When we receive a request from a government, law enforcement agency, or other public authority for user data, we follow these practices:

  • Legal review. We review every request for legal validity and confirm that it is supported by an appropriate legal basis (such as a valid subpoena, search warrant, court order, or other lawful process applicable to the request) before responding.
  • Data minimization. We disclose only the minimum information specifically required to satisfy the request. We do not voluntarily provide additional data beyond what the request lawfully compels.
  • Right to challenge. We reserve the right to challenge or refuse requests that we believe are unlawful, overbroad, vague, or inconsistent with applicable privacy laws or constitutional protections. Where appropriate, we will work with counsel to formally object to or narrow such requests.
  • Documentation. We maintain internal records of any government or law enforcement requests we receive and our responses, including the requesting agency, the legal basis claimed, the scope of data requested, and the action we took.

We will notify affected users of a request for their personal information when we are legally permitted to do so, unless we believe notice would create a risk of harm to a person or impede an active investigation.

6.4 Business Transfers

If Bloom is involved in a merger, acquisition, bankruptcy, or sale of assets, your information may be transferred as part of that transaction. We will notify you by email or prominent notice in the app before your information is transferred and becomes subject to a different privacy policy.

We may share your information in other ways if you give us specific, informed consent.

7. Sale and Sharing of Personal Information

We do not sell your personal information. We have not sold personal information in the preceding 12 months, and we do not plan to sell personal information.

We do not "share" your personal information for cross-context behavioral advertising as that term is defined under the California Consumer Privacy Act. We do not use your data to serve targeted advertising based on your activity across other websites or applications.

If this changes in the future, we will update this policy, provide notice, and offer you the ability to opt out before any sale or sharing occurs.

8. Cookies and Tracking Technologies

In-App: The Bloom mobile application does not use cookies. We use standard mobile analytics to understand how users interact with the app, as described in Section 3.2.

Website (bloom.date): Our website uses essential cookies required for the site to function. We do not use advertising or tracking cookies on our website. We use PostHog for first-party product analytics on the website (page views, button clicks, waitlist signups), routed through our own domain to respect ad-blockers. We do not use this data for cross-site advertising.

Global Privacy Control (GPC). We recognize and honor Global Privacy Control signals. If your browser sends a GPC signal, we treat it as a valid opt-out of any future sale or sharing of personal information and a request to limit the use of sensitive personal information, to the extent applicable.

Do Not Track. There is no universal standard for how companies should respond to Do Not Track browser signals. We treat DNT signals the same as GPC signals.

8.1 Session Replay

To diagnose product bugs and identify confusing flows, we record a small, randomly sampled fraction of user sessions in the Bloom mobile app and on the bloom.date website. These recordings reconstruct the screens you saw and the interactions you took (taps, scrolls, navigation), so our engineers can replay a session and see what went wrong without asking you to reproduce the issue.

What is recorded.

  • Screen layouts and the sequence of screens you visited
  • The actions you took on each screen (taps, scrolls, swipes, page navigations)
  • Anonymous device-level metadata (device model, OS version, app version) already covered in Section 3.2

What is NOT recorded — by default and by configuration.

  • Every text input is masked. What you type into any field — name, email, password, message body, profile bio, search query, payment information — is replaced with redaction marks before the recording leaves your device. We never see the actual characters.
  • Every image is blurred. Profile photos, shared album photos, message attachments, and any other image rendered on screen are visually obscured in the recording before transmission.
  • Sensitive surfaces are excluded entirely. No recording is captured on the authentication callback page, the AI onboarding chat screen, or any one-on-one chat conversation. If your session enters one of these surfaces, recording stops; if it leaves, recording does not resume.
  • Session recordings do not include audio, video, or any biometric data. (Microphone audio captured during the optional voice onboarding mode is processed separately and is not part of session-replay recordings — see Section 3.1 and Section 16.3.)

How sampling works. Recording is enabled for a small percentage of sessions selected at random. Most users will never have a session recorded. We do not target any individual user, demographic, or sensitive category for recording.

Retention. Session recordings are retained for 30 days from the date of capture and then automatically deleted. We do not export or back up recordings beyond this window.

Use. Recordings are used solely for internal product debugging, bug reproduction, and usability research. We do not sell recordings, share them with advertisers, or use them to train AI models.

Provider. Session replay is provided by PostHog, Inc., operating in the United States. PostHog processes recordings as our service provider under a written data processing agreement. PostHog's DPA and privacy practices are at posthog.com/dpa and posthog.com/privacy.

Your choice.

  • Bloom mobile app. The Bloom mobile app does not record sessions in production today. Before we enable production recording, we will give you advance notice. You will then be able to exclude your sessions from recording at any time by emailing privacy@bloom.date, and we will add your account identifier to PostHog's exclusion list.
  • bloom.date website. Sampled session recording is active. We honor Global Privacy Control and Do Not Track signals — if your browser sends either, we will not record your session. To exclude your sessions independently of browser signals, email privacy@bloom.date and we will add your distinct identifier to PostHog's exclusion list.

Recordings already captured before you opted out are deleted at the end of their 30-day retention window.

9. Data Retention

We retain your information only as long as necessary for the purposes described in this policy, or as required by law. Here are our retention practices by data category:

Data Category Retention Period
Account & profile data Until you delete your account, plus 30 days for processing
Voice onboarding audio & transcripts Up to 30 days at ElevenLabs (our voice transport provider); the resulting profile fields written into your Bloom account are retained per the "Account & profile data" row above
Selfie verification reference image Stored encrypted in Bloom's private storage for as long as your verified status remains active. Deleted within 30 days of account deletion. Replaced (not appended) when you re-verify. AWS Rekognition itself retains nothing across calls.
Verification audit log (attempt timestamps, outcomes, confidence scores) Until you delete your account, then 30 days for fraud-investigation purposes
Messages Until you delete your account (see Section 14 for shared data details)
Shared content (photos, calendars, lists) Until both partners have deleted or the retention period ends (see Section 14)
Keepsake archive 2 years after relationship ends, unless you request earlier deletion or choose to retain
Date plans Until you delete your account
Private notes Until you delete your account
Usage & analytics data 24 months from collection, then aggregated or deleted
Device tokens Until you uninstall the app or revoke notification permissions
Support communications 3 years from resolution
Payment/subscription records As required by tax and financial regulations (typically 7 years for transaction records)
Consent records 3 years from the date of consent (required by California law)
Safety & fraud records Up to 5 years for enforcing bans and complying with legal obligations

When your data is no longer needed, we delete or securely anonymize it. Anonymized data (from which you cannot be identified) may be retained indefinitely for aggregate analytics.

Fraud-ban records and account deletion. There is one narrow exception to deletion. If we ban an account for fraudulent activity, we keep a minimal, non-identifying record of the device and sign-up signals tied to that account even after the account is deleted. This record contains only irreversible hashes and the fact of the ban, with no name, email, photos, or other profile information. We keep it for one reason only: to detect and prevent the banned person from returning under a new account (ban evasion). We rely on our legitimate interest in protecting our community and preventing fraud, which applicable privacy laws recognize as an exception to the right to deletion. This is the only information we retain beyond account deletion, and only for accounts banned for fraud. Accounts deleted for any other reason leave no such record.

10. Data Security

We implement reasonable administrative, technical, and physical safeguards to protect your personal information, including:

  • Encryption of data in transit (TLS/SSL) and at rest
  • Access controls limiting who within our organization can access user data
  • Regular review of our data collection, storage, and processing practices
  • Secure authentication through Supabase Auth

No method of transmission over the internet or electronic storage is 100% secure. While we strive to protect your information, we cannot guarantee absolute security. If you become aware of a security vulnerability, please contact us immediately at security@bloom.date.

11. Your Privacy Rights

Depending on where you live, you may have some or all of the following rights regarding your personal information. We honor these rights for all users regardless of location, except where noted:

Right to Know / Access. You can request a copy of the personal information we hold about you, including the categories and specific pieces of information, the sources, the purposes for processing, and the categories of third parties with whom we share it.

Right to Delete. You can request that we delete your personal information, subject to certain legal exceptions (such as data needed to complete a transaction, comply with a legal obligation, or detect security incidents). See Section 14 for how deletion works with shared data.

Right to Correct. You can request that we correct inaccurate personal information. You can also correct most profile information directly in the app.

Right to Portability. You can request a copy of your personal information in a structured, commonly used, machine-readable format.

Right to Opt Out of Sale/Sharing. We do not sell or share your personal information, but if we ever do, you will have the right to opt out.

Right to Limit Sensitive Data Use. You can request that we limit our use of your sensitive personal information to what is necessary to provide the Service.

Right to Non-Discrimination. We will not discriminate against you for exercising your privacy rights. You will not receive different pricing, a different quality of service, or be denied service for making a privacy request.

Right to Appeal. If we deny your privacy request, you may appeal by contacting us at privacy@bloom.date with the subject line "Privacy Appeal." We will respond within the timeframe required by applicable law. If you are unsatisfied with our response, you may contact your state's Attorney General.

12. How to Exercise Your Rights

You can exercise your privacy rights in any of the following ways:

  • In-app: Settings > Privacy > Manage My Data
  • Email: privacy@bloom.date
  • Mail: Bloom Dating, Inc., 10102 S Redwood Rd #95177, South Jordan, UT 84095

We will verify your identity before processing your request. For requests made via email, we will ask you to confirm your account email address and may ask you to verify through your Bloom account. We will respond to verified requests within 45 days (or sooner where required by your state's law). If we need more time, we will notify you of the extension and the reason.

You may designate an authorized agent to make requests on your behalf. Authorized agents must provide proof of authorization (such as a signed letter or power of attorney) and we may still verify your identity directly.

13. State-Specific Disclosures

California Residents

Under the California Consumer Privacy Act (CCPA), as amended by the California Privacy Rights Act (CPRA), you have additional rights as described in Section 11 above. Here is a summary of our data practices in the format required by California law:

Categories of personal information collected in the preceding 12 months:

  • Identifiers (name, email, device identifiers)
  • Characteristics of protected classifications (age, gender, religion)
  • Internet or electronic network activity (usage data, messages)
  • Geolocation data (precise and general location)
  • Audio, electronic, or visual information (photos)
  • Inferences (matching preferences, relationship status)
  • Sensitive personal information (precise geolocation, sexual orientation, contents of communications, sex life/dating activity)

Sources: Directly from you; automatically from your device.

Business purposes for collection: Providing the Service, personalization, safety, communications, and legal compliance (as detailed in Section 5).

Categories shared with service providers: All categories listed above are shared with our service providers (Supabase, Firebase) solely for the purpose of operating the Service.

Sale or sharing: We have not sold or shared (as those terms are defined under the CCPA) any personal information in the preceding 12 months.

Retention: As specified in Section 9.

California "Shine the Light" (Civil Code §1798.83): California residents may request information about disclosures to third parties for direct marketing purposes. We do not disclose personal information to third parties for their direct marketing purposes.

Virginia, Colorado, Connecticut, Texas, Oregon, Montana, Delaware, Tennessee, Maryland, Minnesota, Indiana, Iowa, Kentucky, Rhode Island, Nebraska, New Hampshire, New Jersey, and Utah Residents

Residents of these states have rights to access, correct, delete, and obtain a copy of their personal information, as well as the right to opt out of the sale of personal information, targeted advertising, and certain profiling. These rights are described in Section 11 and can be exercised as described in Section 12.

For states requiring opt-in consent for sensitive data (Virginia, Colorado, Connecticut, Texas, Oregon, Montana, Delaware, Tennessee, Maryland, Minnesota, Indiana, Kentucky, Rhode Island, Nebraska, New Hampshire, and New Jersey), we obtain your affirmative consent during account setup before processing your sensitive personal information.

For Utah and Iowa residents, we provide notice and an opt-out mechanism for sensitive data processing.

14. Shared Data Between Partners

Bloom's Relationship Mode lets you and your partner create and maintain shared content together — photos, calendars, lists, and date plans. Because this data belongs to your relationship, it requires special privacy rules.

How Shared Data Works

When you and your partner use shared features, both of you contribute to and have access to the shared content. Here is how we handle ownership and control:

Content you upload (such as a photo you add to a shared album or a calendar event you create): You can edit or remove your own uploads at any time. If you remove content you uploaded, it is removed from the shared view for both partners. Your partner will be notified that content was removed.

Content your partner uploads: You cannot delete content your partner uploaded. You can hide specific items from your personal view without affecting your partner's access.

Joint content (such as shared lists or calendar entries with contributions from both partners): Either partner can remove their own participation. The other partner retains their copy.

Messages: If you delete messages from your view, they are removed from your side only. Your partner retains their copy of the conversation.

What Happens When a Relationship Ends

When either partner ends the relationship in Bloom:

  • Both partners retain access to the shared data. Because you both contributed to and maintained the shared content during the relationship, both partners keep a copy of all shared photos, calendar events, lists, and date plans in their personal keepsake archive.
  • Shared features (real-time syncing, adding new content) are deactivated.
  • Each partner's keepsake archive is private and accessible only to them.
  • Each partner can independently download, keep, or delete their archive at any time.
  • The keepsake archive is retained for up to 2 years. You will receive a reminder before the archive expires, giving you the opportunity to download your content or request continued retention.

What Happens When a Partner Deletes Their Account

If your partner deletes their Bloom account:

  • You retain full access to all shared content in your keepsake archive, including content your former partner uploaded.
  • Your former partner's individual profile information (name, photos from their profile) is removed or anonymized in the shared content where feasible, while preserving the content itself.
  • Your former partner's copy is deleted as part of their account deletion.

When you activate Relationship Mode and connect with a partner, both of you acknowledge that:

  • Content contributed to shared features may be retained by the other partner, including after account deletion
  • Shared content is part of the relationship history that belongs to both partners
  • Each partner has independent rights to their own copy of shared content

15. Consumer Health Data

Some information we collect may be considered "consumer health data" under Washington state's My Health My Data Act (RCW 19.373) and similar laws. This includes information that could reveal sexual orientation or gender identity.

For a complete description of how we handle consumer health data, please see our separate Consumer Health Data Privacy Policy.

In summary: we collect consumer health data only with your consent, use it only to provide the Service, do not sell it, and will delete it upon your request.

16. AI-Powered Features, Automated Decision-Making, and Profiling

16.1 Matching Algorithms

Bloom uses algorithms to suggest potential matches based on the preferences and profile information you provide. This matching process:

  • Uses only the preferences you set (age range, gender, distance) and profile compatibility factors
  • Does not produce legal effects or similarly significant effects on you
  • Can be influenced by adjusting your preferences in Settings
  • Does not use automated decision-making to approve or deny your account

16.2 AI-Powered Features

Bloom uses artificial intelligence ("AI") to enhance your experience. Our AI-powered features include:

  • Conversational Onboarding — An AI-guided onboarding experience that helps you build your profile through natural conversation rather than static forms. You can choose between a text-chat conversation or an optional voice conversation; the voice mode adds microphone audio processing (see Section 16.3).
  • Conversation Starters — AI-generated suggested messages and date ideas tailored to you and your match's shared interests.
  • AI Context Layer — Background AI processing that analyzes your usage patterns and preferences to personalize your experience over time, including journey session generation and signal processing.

These features are designed to improve your experience on Bloom. They are optional, and you can disable AI personalization at any time (see Section 16.4 below).

16.3 Third-Party AI Service Providers

To provide our AI-powered features, Bloom shares certain user data with the following third-party AI service providers, who process data on our behalf and under our instructions:

Anthropic (Claude)

  • Service: Powers our AI conversational onboarding feature.
  • Data categories shared: Profile data you provide during onboarding (e.g., name, preferences, interests, responses to onboarding prompts); conversation messages exchanged during the AI onboarding chat.
  • Data use: Anthropic processes this data solely to generate real-time responses during your onboarding conversation. Anthropic does not use your data to train, improve, or fine-tune its AI models.
  • Data retention: Data is transmitted via API for real-time processing and is not stored by Anthropic beyond the duration needed to fulfill the request, subject to Anthropic's API data processing terms.

Google (Gemini)

  • Service: Powers conversation starter generation, date idea suggestions, AI context layer signal processing, and journey session generation.
  • Data categories shared: Structured user profile data (e.g., interests, preferences, relationship goals); structured couple context data (e.g., shared interests, relationship stage) for users in the Couples experience; behavioral signals derived from your app usage (e.g., feature engagement patterns, preference indicators).
  • Data use: Google processes this data solely to generate personalized suggestions and contextual signals within Bloom. Google does not use your data to train, improve, or fine-tune its AI models.
  • Data retention: Data is transmitted via API for real-time processing and is not stored by Google beyond the duration needed to fulfill the request, subject to Google's API data processing terms.

ElevenLabs

  • Service: Powers voice transport for the optional voice onboarding mode — turning your microphone audio into text in real time, speaking Bloom's replies aloud, and managing conversation turn-taking. Voice transport only; the reasoning (deciding what Bloom asks next and how to populate your profile) is performed by Anthropic via Bloom's servers, not by ElevenLabs.
  • Data categories shared: Microphone audio captured during a voice onboarding session, the text transcripts of that audio, and the text of Bloom's replies (sent to ElevenLabs to be synthesized into speech).
  • Data use: ElevenLabs processes this data solely to provide real-time voice transport during your onboarding session. ElevenLabs does not use your audio or transcripts to train, improve, or fine-tune its models.
  • Data retention: ElevenLabs may retain voice audio and transcripts for up to 30 days to support the active session and operational diagnostics, after which they are deleted. (Bloom's Custom-LLM configuration does not currently qualify for ElevenLabs' Zero Retention Mode, which is why some short-term retention applies here.)
  • Your choices: You can choose text chat or traditional forms instead of voice at any time. Bloom asks for your explicit consent before the first voice onboarding session.

The three providers receive data through Bloom's secure server-side infrastructure. Your data is never sent directly from your device to Anthropic or Google. ElevenLabs receives your microphone audio over a secure WebRTC connection negotiated by Bloom's server.

16.4 Your Choices — AI Personalization

You have the right to control whether your data is used for AI-powered personalization:

  • Opt out of AI personalization: You can disable AI personalization at any time by navigating to Settings > Privacy > AI Personalization and turning off the toggle. When disabled, AI-generated conversation starters and date suggestions will no longer be personalized to your profile, and the AI context layer will stop processing your behavioral signals. You may still see generic (non-personalized) suggestions.
  • AI onboarding: The conversational onboarding experience requires AI processing to function. If you prefer not to use AI onboarding, you may complete your profile using the standard form-based setup instead.
  • Data already processed: Disabling AI personalization applies on a go-forward basis. It does not retroactively delete data previously processed by our AI providers, though as noted above, neither provider retains your data beyond real-time processing.

To exercise any privacy rights related to AI processing (including access, deletion, or correction requests), contact us at privacy@bloom.date.

16.5 AI Data Processing Safeguards

We implement the following safeguards for AI data processing:

  • No model training: Neither Anthropic nor Google uses Bloom user data to train, improve, or fine-tune their AI models. Both providers operate under enterprise/API data processing terms that prohibit training on customer data.
  • Server-side processing: All AI requests are routed through Bloom's server-side infrastructure. Your data is never sent directly from your device to a third-party AI provider.
  • Data minimization: We send only the minimum data categories necessary for each AI feature to function. We do not send your full profile to any provider when a subset of data will suffice.
  • No automated decision-making: AI features provide suggestions and personalization only. No consequential decisions about your account, matches, or access to Bloom's services are made solely by AI without human oversight.

17. Children's Privacy

Bloom is intended for users who are 18 years of age or older. We do not knowingly collect personal information from anyone under 18.

Age verification: During account creation, we require you to provide your date of birth through a neutral date-entry field. If the date of birth indicates you are under 18, account creation is blocked.

If we discover a minor: If we learn that we have collected personal information from a user under 18, we will promptly deactivate the account and delete all associated personal information. If you believe a minor has created a Bloom account, please contact us immediately at privacy@bloom.date.

Parents and guardians: If you are a parent or guardian and believe your child has provided personal information to Bloom, please contact us at privacy@bloom.date and we will take steps to delete the information.

18. Biometric Data

Bloom does not currently collect biometric data (such as facial geometry, fingerprints, or voiceprints). The optional voice onboarding mode (Section 3.1, Section 16.3) processes microphone audio only to transcribe the conversation into text — it does not generate or store a voiceprint or any biometric template, and is not used to identify, authenticate, or match users by their voice.

If we introduce features that involve biometric data in the future — such as photo verification using facial recognition — we will:

  • Update this policy with specific details about the biometric data collected, the purpose, and the retention period
  • Provide you with clear written notice before any biometric collection
  • Obtain your explicit, informed consent before collecting any biometric information
  • Publish a biometric data retention and destruction policy as required by applicable law

19. Push Notification Data

If you enable push notifications, we use Firebase Cloud Messaging (operated by Google LLC) to deliver notifications to your device. This involves:

  • Generating a device token (a unique identifier for your device, not tied to your personal identity)
  • Transmitting notification content to Google's servers for delivery
  • Google processing your IP address and device token to route the notification

Device tokens are stored in our database and deleted when you uninstall the app, log out, or disable notifications. You can manage push notifications in your device settings or in Settings > Notifications within Bloom.

20. Data Breach Notification

In the event of a data breach affecting your personal information, we will:

  • Notify affected users without unreasonable delay, and within the timeframe required by applicable state law (which ranges from 30 to 60 days depending on the state)
  • Provide details about the breach, the types of information affected, and steps you can take to protect yourself
  • Notify applicable state authorities and regulators as required by law

21. Dating Safety Disclosures

Your safety is important to us. In accordance with applicable state laws (including Utah Code §13-67-103), we want you to know:

Background checks: Bloom does not currently conduct criminal background screenings on its members. This means we do not verify the criminal history of any user. You should use caution when communicating with or meeting any member of an online dating service, including Bloom.

Safety resources: For detailed dating safety information — including guidance on protecting yourself from sexual assault, dating violence, and financial crimes — please see our Dating Safety page, accessible from Settings > Dating Safety within the app.

Reporting: If a user engages in behavior that makes you feel unsafe, you can report them through their profile or by contacting us at safety@bloom.date. We review all reports and take action in accordance with our Community Guidelines.

Fraud notification: If we ban a user for fraudulent activity, we will notify members who communicated with that user within 24 hours of the ban, as required by Utah law (§13-67-105).

The Service may contain links to third-party websites or services (such as restaurant booking sites suggested during date planning, or external resources in our safety disclosures). We are not responsible for the privacy practices of these third parties. We encourage you to read their privacy policies before providing them with any personal information.

23. International Users

Bloom is currently available in the United States only. Your personal information is stored and processed in the United States. If we expand internationally, we will update this policy to address applicable international privacy laws (including the EU General Data Protection Regulation) and implement appropriate data transfer safeguards.

24. Auto-Renewal Subscription Disclosures

If you subscribe to Bloom Premium:

How auto-renewal works: Your subscription automatically renews at the end of each billing period (monthly or annually, depending on your selection) unless you cancel before the renewal date. The renewal price will be the same as your current subscription price unless we notify you of a price change in advance.

Charges: Subscription fees are charged through Apple (App Store) or Google (Play Store). The charge will appear on the payment method associated with your Apple ID or Google account.

How to cancel: You can cancel your subscription at any time. Cancellation takes effect at the end of your current billing period — you will continue to have access to Premium features until then. To cancel:

  • iOS: Settings > Apple ID > Subscriptions > Bloom > Cancel Subscription
  • Android: Google Play Store > Profile > Payments & subscriptions > Subscriptions > Bloom > Cancel Subscription
  • In Bloom: Settings > Subscription > Manage Subscription

Cancellation is designed to be as simple as the original sign-up process.

Free trials: If we offer a free trial, you will be clearly informed of the trial duration and the subscription price that will apply after the trial ends. We will send you a reminder before the trial converts to a paid subscription. You can cancel at any time during the trial without being charged.

Renewal reminders: For subscriptions longer than one year, we will send you a reminder 15 to 45 days before the renewal date. For free or discounted trials longer than 31 days, we will send a reminder 3 to 21 days before the trial ends.

25. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors.

How we will notify you:

  • For material changes (new categories of data collected, new sharing practices, or changes to your rights), we will notify you by email and/or prominent in-app notice at least 30 days before the changes take effect.
  • For non-material changes (clarifications, formatting, or updated contact information), we will update the "Last Updated" date at the top of this policy.

Your continued use of the Service after the effective date of a revised policy constitutes your acceptance of the changes. If you do not agree with the revised policy, you may delete your account.

26. Contact Us

If you have questions about this Privacy Policy, want to exercise your privacy rights, or have concerns about how we handle your information:

We aim to respond to all privacy-related inquiries within 10 business days and to formal privacy rights requests within 45 days (or sooner as required by your state's law).

© 2026 Bloom Dating, Inc. All rights reserved.