Version 1, updated April 19, 2026

Contents

1. Overview
2. Information We Collect
3. Information We Treat With Extra Care
4. How We Use Your Information
5. How Matching, Assessments, and Trust Systems Work
6. What Other Members Can See
7. How We Share Your Information
8. Cookies, Local Storage, and Similar Technologies
9. Data Retention
10. Your Choices and Rights
11. Security
12. International Transfers
13. Children
14. Changes to This Policy
15. Contact

Privacy Policy

Version 1 | Effective April 12, 2026

Northgiven is a dating app for adults seeking long-term partnership. We built our matching system around privacy. Not because the law requires it, but because it produces better matches. Your compatibility data, psychometric responses, and openness settings belong to you.

This policy describes what we collect, why, and what you control.

1. Overview

Northgiven (northgiven.polsia.app) operates this app and website. Questions about this policy: legal@northgiven.polsia.app

2. Information We Collect

A. Information You Provide

Account details: Your display name, email address, and date of birth.
Profile information: Gender identity, pronouns, relationship intent, location (city only, typed by you), bio, and photos.
Preferences: Children preference, smoking and drinking habits, courtship bandwidth, and relationship structure.
Psychometric responses: Sixteen questions about attachment style, conflict approach, emotional awareness, and values. Stored encrypted. See Section 3.
Openness and disclosure settings: Whether you are open to partners whose gender history may differ from sex assigned at birth, and what level of disclosure you prefer for your own history. These fields are private and never visible to other members.
Messages: Content of messages you send inside the app.
Reports: Safety reports you file, and the details you submit with them.
Linked profile data: If you use linked profiles for CNM or poly connections: link invitations, consent records, and relationship type.

B. Information Created Through Your Use

Session data: Login timestamps, session duration, and idle activity patterns.
Trust events: Behavioral signals that feed our trust scoring system, including check-in completions, report events, message patterns, and account activity consistency.
Device identifiers: Browser type and user agent string, stored in truncated, hashed form per session.
IP addresses: Stored in truncated, hashed form in session records. Not used for geolocation.

C. Information From Others

When another member files a safety report involving your account, that report becomes part of your record. We use it for moderation and account status decisions.

3. Information We Treat With Extra Care

Psychometric responses: Encrypted at rest using AES-256-GCM with a dedicated key separate from other application secrets.
Gender history and openness settings: Private fields (openness_to_trans, disclosure_level, is_trans_or_gender_expansive) are never returned in any API response visible to other members. Matching logic uses them internally.
Bodies and Boundaries answers: Stored in isolated JSONB per conversation pair. Deleted when your account is deleted. Never visible to other users or general profile views.
Linked profile audit logs and coercion risk flags: Visible to moderators only.

4. How We Use Your Information

To run the app: Account creation, authentication, messaging, profile display, and support.
To match you: Your preferences, psychometric scores, trust signals, and compatibility dimensions feed our matching engine. We do not sell matches or use your data for advertising.
To score trust: Behavioral signals produce a trust score visible to other members as a badge (verified/good/new/limited). The underlying signals are not visible to other members.
To enforce safety: Reports, moderation reviews, account status changes, and access revocations.
To communicate with you: Transactional email (verification, password resets, notifications) via Postmark.
To measure landing page performance: A visitor ID stored in your browser is used to send a single pixel beacon to our hosting platform when you visit the landing page. This does not track behavior inside the app.

5. How Matching, Assessments, and Trust Systems Work

Matching uses four layers:

Layer 1: Hard boolean filters (dealbreakers, relationship structure, children preference, orientation gates).
Layer 2: Weighted compatibility across four psychometric dimensions (attachment style 30%, conflict approach 25%, emotional awareness 25%, values 20%).
Layer 3: Trust score multiplier based on seven behavioral dimensions.
Layer 4: Account status and access gates (affirming-access eligibility and bilateral openness settings).

Psychometric data:

Responses are encrypted before storage. The system uses scoring output for matching. Your raw responses are available only through your own data export. They are not shared with other members or third parties.

Trust scoring:

Your score is computed from behavioral signals: honesty indicators, message stability, reports filed and received, date check-in follow-through, activity consistency, and scam-risk signals. Scores decay 0.3 points per day during active use, with a 14-day grace period after signup. Accounts in non-active states (Hidden, Paused, Focused, Partnered) are exempt from decay. Other members see only your badge tier, not the underlying event log.

Affirming Access eligibility:

If you identify as trans or gender-expansive and have completed the Affirming Access module, a bilateral gate restricts your matches to members who have also completed it and hold active status. Conduct violations can result in access suspension or revocation (warning, then 30-day suspension, then permanent revocation). All enforcement decisions go through human moderator review.

Automated decisions:

The matching engine and trust scoring are automated. Safety reports that reach certain thresholds (three or more coordinated reports, or two or more high-severity reports) escalate to a human moderation queue. No account is permanently actioned without human review.

6. What Other Members Can See

Visible to matched members:

Display name, age, gender identity and pronouns, location (city, if set), bio, photos
Relationship intent and structure, courtship bandwidth
Account state badge (Open, Selective, Focused, Partnered)
Trust badge tier (verified/good/new/limited)
Linked profile indicator (if applicable)

Not visible to other members:

Email address, exact date of birth
Psychometric responses or raw dimension scores
Openness-to-trans setting, disclosure level, or trans/gender-expansive status
Bodies and Boundaries answers
IP address or device details
Trust event log
Reports filed or received

Service providers:

We share data with vendors who help operate the platform. See northgiven.polsia.app/subprocessors for a current list.

Other members:

Your profile information, messages, and trust badge are visible to matched members as described in Section 6.

Safety and legal:

We share data with law enforcement, courts, or safety authorities when required by law, or when we have a good-faith belief that sharing is necessary to prevent serious harm, respond to a NCMEC report, or protect a person's safety. We do not share data for commercial or advertising purposes.

Corporate transaction:

If Northgiven is acquired, merged, or sold, user data would transfer as part of that transaction. We would notify you in advance.

With your consent:

We share data in other ways only when you explicitly ask us to.

8. Cookies, Local Storage, and Similar Technologies

We do not use cookies.

Local storage (your browser):

polsia_vid (visitor ID): A random ID generated when you visit the landing page. Used to send a single pixel beacon to our platform for page-view analytics. Does not track behavior inside the app.
Consent dismissal flags: Whether you have dismissed certain in-app notices. Prevents notices from reappearing after you have already seen them.

Your authentication token is passed as a header in API requests and is not stored in local storage or a cookie.

9. Data Retention

While your account is active: All account data is retained.

After account deletion:

Photos: deleted from storage immediately.
Psychometric responses: deleted immediately.
Bodies and Boundaries answers: deleted immediately.
Most profile and preference data: deleted immediately.
Messages you sent: sender ID is removed; message text is preserved for moderation continuity (shown as from a deleted account).
Messages you soft-deleted: content is hidden to both parties; the row is preserved for moderation.
Email hash (SHA-256), user ID, deletion timestamp, and whether your account had reports: retained for 2 years.

The two-year record is used to enforce re-registration rules for accounts that received safety reports. It cannot be used to re-identify you. The hash is one-way, with no other personal data retained alongside it.

10. Your Choices and Rights

From Settings, you can:

Edit or delete your profile information and photos.
Export all your data as a JSON file (once every 24 hours).
Delete your account (requires confirmation; cascades immediately).
Adjust your account state (Hidden, Paused, Focused, Partnered).
Manage linked profile connections.

By email:

Send requests to legal@northgiven.polsia.app to correct inaccurate data, request deletion if you cannot access your account, or ask any question about your data.

Jurisdiction-specific rights:

If you are in California (CCPA), the European Economic Area (GDPR), or the UK (UK GDPR), you have rights including access, correction, deletion, portability, objection, and restriction. Contact legal@northgiven.polsia.app to exercise any of them. We do not sell personal data.

11. Security

Controls in place:

Psychometric responses: AES-256-GCM encryption at rest, with a key separate from application secrets.
Session tokens: SHA-256 hashed in the database; 24-hour absolute expiry, 30-minute idle timeout.
Password reset tokens: 64-byte cryptographically random tokens, SHA-256 hashed, 1-hour expiry. Reset invalidates all active sessions.
Login rate limiting: 10 failures per 15 minutes per account before lockout; 50 failures per 15 minutes per IP.
Photo storage: Private Cloudflare R2 bucket, accessible only via a permission-gated server proxy. Photos are never served directly from storage URLs. EXIF metadata is stripped on upload.
IP addresses: Stored as truncated SHA-256 hashes in session records.
Reauthentication: Required for sensitive actions (data export, account deletion, linked profile changes, affirming disclosure).

No system is completely secure. If you believe your account has been compromised, contact us at legal@northgiven.polsia.app.

12. International Transfers

Northgiven uses the following infrastructure. Data processed by these services may be stored and transferred internationally.

Render (application hosting): United States.

Neon PostgreSQL (primary database): United States.

Cloudflare R2 (photo storage): Global Cloudflare network.

Postmark (transactional email): United States.

See northgiven.polsia.app/subprocessors for a complete vendor list.

If you are located in the EEA or UK, your data is transferred to the United States. We rely on standard contractual clauses or other approved transfer mechanisms where required by applicable law.

13. Children

Northgiven is for adults 18 and older. We do not knowingly collect data from anyone under 18. If we discover a minor has created an account, we delete it immediately. If you believe a minor is using the app, email safety@northgiven.polsia.app.

14. Changes to This Policy

When we make material changes to this policy, we notify you in-app before the changes take effect and give you time to review. Continued use after the effective date constitutes acceptance. For minor changes (typos, formatting, contact updates), we update without prior notice.

15. Contact

Privacy questions and rights requests: legal@northgiven.polsia.app
Safety reports and abuse: safety@northgiven.polsia.app
Child safety concerns: safety@northgiven.polsia.app
General support: support@northgiven.polsia.app

Previous Versions

Version 1:April 12, 2026

Initial Privacy Policy.