Last updated: 2026-02-16
This Privacy Policy ("Policy") describes how E-Raiden collects, uses, shares and protects users' personal data in compliance with Regulation (EU) 2016/679 (GDPR) and applicable data protection laws.
1. Data Controller
The Data Controller for the processing of personal data is:
GiBSeS OÜ
[Estonia registered address – TO VERIFY]
Registrikood: [EE registry code – TO VERIFY]
VAT: [EE VAT – TO VERIFY]
Email: privacy@e-raiden.vip
2. Data Collected
E-Raiden collects the following categories of personal data:
2.1 Data provided directly by the user
- Registration data: email address, password (hashed), name, date of birth, gender
- Profile data: photos, personal description, interests, search preferences
- Messages: content of conversations between users
- Reports: information provided through reports or support requests
2.2 Data collected automatically
- Location data: approximate geographic location (if authorized by the user)
- Device data: device type, operating system, browser, unique identifiers
- Usage data: pages visited, features used, session times
- IP address: used for security and fraud prevention
- Cookies and similar technologies: as described in our Cookie Policy.
2.3 Special categories of data
E-Raiden may process data relating to sexual orientation and relationship preferences, as they are necessary for the operation of the dating service. Processing is based on the user's explicit consent given at the time of registration.
3. Purposes of Processing
Personal data is processed for the following purposes:
- Service provision: creating and managing the account, matching between users, displaying profiles
- Communication: sending Service-related notifications, user messages, support communications
- Security: fraud prevention, identity verification, content moderation, detection of abusive behaviour
- Service improvement: anonymous statistical analysis, research and development of new features
- Advertising (with consent only): sending promotional communications, personalized ads via Google AdSense
- Legal obligations: compliance with legal, tax or regulatory obligations
4. Legal Basis
The processing of personal data is based on the following legal grounds under Article 6 GDPR:
- Performance of a contract (Art. 6(1)(b)): processing is necessary for the provision of the Service requested by the user
- Consent (Art. 6(1)(a)): for the processing of special categories of data, geolocation, promotional communications and non-essential cookies
- Legitimate interest (Art. 6(1)(f)): for the security of the Service, fraud prevention and Service improvement
- Legal obligation (Art. 6(1)(c)): to comply with regulatory obligations
5. Data Recipients
Personal data may be shared with:
- Other users: profile information publicly visible to other users of the Service
- Service providers: hosting providers, email services, analytics services, payment processors
- Advertising partners: with user consent only, for ad personalization (e.g. Google AdSense)
- Competent authorities: when required by law or to protect E-Raiden's rights or user safety
All service providers are bound by contractual agreements that ensure an adequate level of personal data protection (Data Processing Agreement under Art. 28 GDPR).
6. Transfers Outside the EU
Some of our service providers may be located outside the European Economic Area (EEA). In such cases, data transfers take place on the basis of:
- European Commission adequacy decisions
- Standard Contractual Clauses (SCC) approved by the European Commission
- EU-US Data Privacy Framework (for transfers to the United States)
Users may request a copy of the safeguards adopted by contacting the DPO at the address indicated in section 10.
7. Retention Period
Personal data is retained only for the period strictly necessary to achieve the purposes for which it was collected:
| Type of Data | Retention Period |
|---|---|
| Account data | Until account deletion + 30 days |
| Messages | Until account deletion |
| Profile photos | Until account deletion + 7 days |
| Location data | Updated each session, not stored historically |
| Security logs | 12 months |
| Tax/accounting data | 7 years (legal obligation – Estonia) |
8. User Rights
In accordance with the GDPR, users have the following rights:
- Right of access (Art. 15): obtain confirmation of processing and access their data
- Right of rectification (Art. 16): correct inaccurate or incomplete data
- Right to erasure (Art. 17): request deletion of their data ("right to be forgotten")
- Right to data portability (Art. 20): receive their data in a structured, commonly used and machine-readable format
- Right to object (Art. 21): object to processing for direct marketing purposes
- Right to restriction (Art. 18): request restriction of processing in specific circumstances
- Right to withdraw consent: withdraw consent at any time, without affecting the lawfulness of prior processing
To exercise your rights, visit the GDPR Rights page or contact the DPO.
You also have the right to lodge a complaint with the competent supervisory authority, in Estonia the Eesti Andmekaitse Inspektsioon (Estonian Data Protection Inspectorate, www.aki.ee), or with the authority of the EU Member State of your residence (e.g. Garante per la Protezione dei Dati Personali in Italy, www.garanteprivacy.it).
9. Cookies
E-Raiden uses cookies and similar technologies for the operation of the Service, traffic analysis and ad personalization. For detailed information on the cookies used, their purposes and how to manage them, please see our Cookie Policy.
10. DPO Contact
The E-Raiden Data Protection Officer (DPO) can be contacted using the following details:
Data Protection Officer
Email: privacy@e-raiden.vip
Address: GiBSeS OÜ - Attn. DPO, [Estonia registered address – TO VERIFY]
The DPO will respond within 30 days of receipt of the request, as required by Art. 12(3) GDPR.