← Back to Home

Privacy Policy

Last updated: March 1, 2026

1. Who We Are

Soulmate ("we", "us", "our") operates this matrimony platform. We are committed to protecting your privacy in accordance with the EU General Data Protection Regulation (GDPR), Sri Lanka Personal Data Protection Act (PDPA) 2022, and other applicable data protection laws.

You must be 18 or older to use Soulmate. If we discover a user is under 18, we will delete their account and data immediately.

For privacy inquiries, contact:

2. What We Collect

Information you provide

  • Account: Email and password (securely encrypted, never stored as plain text)
  • Profile: Name, gender, date of birth, time of birth, location, education, profession, height, marital status, about you, and partner preferences
  • Sensitive profile data: Religion, caste, and horoscope details — see Section 4
  • Contact details: Phone, WhatsApp, and social media links (encrypted separately for extra protection)
  • Photos: Profile photos, avatar, and cover image
  • Messages: Conversations with other users
  • Payments: Handled by our payment partners — we never see or store your card details

Information collected automatically

  • Usage: Pages visited and features used (only with your consent)
  • Device: Browser type, operating system, and IP address
  • Cookies: Keep you logged in and save your preferences; analytics cookies require your consent

Information from third parties

If you sign in using Google or another social login, we receive your name and email from that provider. We do not access your contacts, posts, or other account data.

3. How & Why We Use Your Data

We only process your data when we have a valid legal basis:

  • To provide our service (contractual necessity): Creating your profile, showing it to potential matches, enabling messaging, calculating horoscope compatibility, and processing payments
  • With your explicit consent: Processing sensitive data (religion, caste, horoscope), sending marketing emails, and enabling analytics cookies
  • For security (legitimate interest): Preventing fraud and abuse, enforcing our terms, and protecting the platform
  • Legal obligation: Complying with applicable laws, responding to legal requests

We also send transactional emails (verification, connection requests, new messages) and weekly match digests. You can unsubscribe from digests anytime.

4. Sensitive Personal Data

To provide matrimony matching, we collect data that is classified as "special category" under GDPR Article 9:

  • Religion & caste: Used to match you with compatible profiles based on your preferences
  • Horoscope details: Birth date, time, and place — used for compatibility calculations

We process this data only with your explicit consent, which you provide during registration. You can withdraw this consent at any time by deleting your account or contacting us. Withdrawing consent does not affect any processing that occurred before withdrawal.

5. Matching & Profile Visibility

Our matching system suggests profiles based on your preferences (age, religion, location, education, etc.). This is an automated process, but it does not make legally binding decisions — it only suggests potential matches for you to review.

Your profile is visible to other registered users. You can control your visibility through Settings > Privacy. Unregistered visitors cannot see your full profile.

6. Who We Share Your Data With

We never sell your personal data. We share it only with:

  • Other users: Your profile, photos, and messages are visible to users you interact with
  • Service providers: Trusted companies that help us with cloud hosting, photo storage, email delivery, payment processing, error monitoring, and analytics — all contractually bound to protect your data
  • Law enforcement: Only when required by law, court order, or to protect user safety
  • Business transfers: If Soulmate is acquired or merged, your data may transfer to the new entity under the same privacy protections

7. How Long We Keep Your Data

  • Active accounts: Kept while your account is open
  • Deleted accounts: 30-day grace period, then permanently deleted
  • Messages: Kept for the recipient; your name is anonymized if you delete your account
  • Stories: Automatically deleted after 24 hours
  • Payment records: 3 years (tax and legal requirement)
  • Security logs: 1 year

8. Your Rights

Under GDPR and applicable laws, you have the right to:

  • Access — Download a copy of your data
  • Rectification — Correct inaccurate information
  • Erasure — Delete your account and data
  • Portability — Export your data in a portable format
  • Restrict processing — Hide your profile from search
  • Object — Opt out of marketing communications
  • Withdraw consent — Change your cookie or data processing preferences at any time

You can exercise most of these directly from your account:

  • Settings > Data & Privacy > Download My Data
  • Settings > Danger Zone > Delete Account
  • Settings > Data & Privacy > Cookie Preferences
  • Settings > Notifications (email preferences)

For anything else, email and we'll respond within 30 days. You also have the right to lodge a complaint with your local data protection authority if you believe your data has been mishandled.

9. What Happens If You Don't Provide Data

Some data is required to use the platform. Without an email and password, you cannot create an account. Without profile information, we cannot show you matches. Contact details and photos are optional but improve your experience. You can choose not to provide sensitive data (religion, caste), but this may limit matching accuracy.

10. Cookies

  • Essential (always on): Keep you logged in, protect your account, and remember your preferences
  • Analytics (your choice): Help us understand how the platform is used so we can improve it
  • Marketing (your choice): Not currently used — we'll ask for consent if introduced

Manage your preferences anytime via the cookie banner or Settings > Data & Privacy.

11. How We Protect Your Data

All data is transmitted over secure, encrypted connections. Passwords are encrypted using industry-standard methods — we can never see your password. Sensitive contact details are stored with additional encryption for extra protection.

No system is 100% secure. In the unlikely event of a data breach that poses a risk to your rights, we will notify the relevant authorities within 72 hours and inform affected users as quickly as possible.

12. International Data Transfers

Your data may be processed outside your country, including in the US and EU. All transfers are protected by Standard Contractual Clauses approved by the European Commission, the EU-U.S. Data Privacy Framework where applicable, and safeguards under the Sri Lanka PDPA 2022.

13. Third-Party Links

Our platform may contain links to external websites or services. We are not responsible for the privacy practices of those third parties. We encourage you to read their privacy policies before sharing any personal information.

14. Changes & Contact

We may update this policy from time to time. If we make significant changes, we'll notify you via the platform or email. The "Last updated" date above shows when this policy was last revised.

Questions about your privacy? Contact us at:

Cookie Preferences

We use cookies to improve your experience. Essential cookies are always active. You can choose which optional cookies to allow. Privacy Policy