Privacy Policy

We are the organisation responsible for personal data processed through the Service for the purposes of the Singapore Personal Data Protection Act 2012 ("PDPA"), and we honour applicable data-protection laws in the other jurisdictions where the App is made available.

This Policy forms part of, and uses defined terms from, our Terms and Conditions. By creating an account or using the Service, you acknowledge this Policy and, where consent is the applicable basis, consent to the collection, use and disclosure of your personal data as described here.

Data Protection Officer / privacy contact: admin@deployku.com

1. Summary (Read This First)

2. Personal Data We Collect

2.1 Data you provide to us

Category	Examples
Identity & contact	Mobile phone number (your primary login credential, verified by one-time code); country/dialling code; optional email address
Profile	Display name; date of birth (used to verify you are 18+ and to show your age after reveal); gender; city (free-text — we do not collect precise GPS coordinates for your profile); short bio; optional profile photo
Preferences & compatibility	Dating intent; who you are interested in; preferred age range; preferred distance; language preference; answers to the onboarding compatibility quiz
Communications content	Your voice during calls made through the Service; chat messages with matched users; inputs you provide to the AI date-planning feature (e.g., vibe, time, budget)
Safety submissions	Reports you file about other users (reason and details); blocks; post-call ratings and flags
Verification data	If and when identity/liveness verification is introduced, a selfie or short video and the verification result, processed by a specialist verification provider
Support communications	Correspondence when you contact us (e.g., by email)

2.2 Data collected automatically

Category	Examples
Call metadata	Call identifiers, participants, booked and actual duration, start/end times, end reason, whether each participant chose to continue after the call
Call recordings & transcripts	Audio of calls (temporarily, for transcription), the resulting text transcript, automatically generated speaker labels and a short summary
Transaction data	Credit purchases, grants, reservations, spends, refunds and balance (kept in an append-only ledger); purchase identifiers from the relevant app marketplace or payment processor; rewarded-ad completion events
Device & technical data	Device platform and model, app version, push-notification tokens, IP address, time-zone, language settings, crash and diagnostic logs
Usage data	Features used, screens viewed, queue and matching events, in-app events used for analytics and fraud prevention
Derived/inferred data	Internal compatibility indicators, matching-quality and standing/reputation scores derived from your activity, ratings and call outcomes (used for matching, fairness, rate-limiting and safety; not shown to other users)

2.3 Data we receive from others

• App marketplaces and payment processors: confirmation of purchases, transaction identifiers and entitlement events (we do not receive or store your full payment card details).
• Communications providers: delivery status of one-time codes and notifications.
• Other users: reports, ratings and blocks that reference you.
• Verification providers (if/when introduced): verification outcomes and provider session identifiers.

2.4 What we deliberately do not collect

• We do not collect precise GPS location for matching; distance preferences operate on coarse, user-provided information.
• We do not access your contact list or address book.
• We do not collect government-issued identification at sign-up (specialist verification, if introduced, will be separately disclosed in-app).
• We do not store full payment card numbers.

3. How We Use Personal Data (Purposes)

We collect, use and disclose personal data for the following purposes:

3.1 Providing the Service

• Creating and authenticating your account (phone-based one-time codes; optional email);
• Operating matching, queues, calls, profile reveal, chat, the AI date planner, and other features;
• Displaying your profile to a matched user after mutual reveal, as designed;
• Processing Credit purchases, free grants, rewarded-ad credits, reservations, settlements and refunds, and maintaining accurate transaction records;
• Sending service communications (one-time codes, call notifications, match and message alerts, transactional notices).

3.2 Safety of users — including use of conversation data

We may use your personal data — including conversation data such as call recordings, call transcripts and chat messages — for the safety of users. This includes:

• investigating reports filed by or about you, with human review;
• detecting, preventing and acting on harassment, scams, fraud, solicitation, under-age use, impersonation and other violations of our Terms;
• screening profile photos through automated moderation before display;
• applying and reviewing enforcement actions (warnings, cooldowns, suspensions, bans, credit forfeiture) and handling appeals;
• maintaining internal standing and integrity signals that protect the community;
• protecting the rights, property and safety of users, the public and Deployku, and responding to emergencies involving risk of harm.

3.3 Enhancing your experience — including use of conversation data

We may use your personal data, including conversation data, to enhance your own experience of the Service — for example: improving the relevance of your matches; personalising features, prompts and suggestions for you (such as AI date plans built from inputs you and your match provide); surfacing your own call summaries and transcripts back to you; remembering your preferences; and tailoring in-app content to your usage.

3.4 Improving the platform — anonymized and aggregated data

We may anonymize, de-identify and/or aggregate personal data so that it can no longer reasonably be used to identify you, and use that data to enhance the platform experience for all users — for example: analysing usage trends; improving matching algorithms, queue fairness and safety systems; developing, testing and evaluating features; and producing statistics and business analytics. Anonymized data is no longer personal data and may be retained and used without restriction under this Policy.

3.5 Other purposes

• Fraud and abuse prevention: verifying purchases, enforcing daily and monthly limits, detecting multi-account and ban evasion, preventing payment and promotional abuse;
• Analytics and diagnostics: measuring performance, diagnosing crashes and errors, and understanding feature usage (via third-party analytics and error-tracking providers acting on our behalf);
• Legal compliance: complying with applicable laws, regulations, codes of practice, court orders, and lawful requests by authorities; establishing, exercising or defending legal claims;
• Business operations: audits, record-keeping, corporate transactions (see Section 6.3), and enforcing our agreements;
• With your separate consent, where required: marketing communications and any new purpose not covered above. We will notify you and, where required by law, obtain consent before using personal data for materially new purposes.

We do not use your personal data to train our own machine-learning models in a way that identifies you, and we do not permit our AI service providers to use your data to train their models except as needed to provide their service to us.

4. Call Recording and Transcription — How It Works

Because voice is the core of the Service, we are specific about this:

1. Disclosure and consent. Before every call, the App reminds you that calls are recorded and that audio is transcribed for safety review. Joining the call constitutes consent.
2. Recording. Call audio is captured by our recording infrastructure and stored temporarily in secure cloud storage.
3. Transcription. The audio is transcribed by an automated speech-to-text service, then processed by a language-model service to label speakers and produce a short summary. These providers act on our behalf under contractual confidentiality and data-protection obligations.
4. Deletion of audio. The raw audio recording is deleted promptly after transcription is complete. We do not maintain a long-term archive of call audio.
5. Retention of transcripts. The text transcript, speaker labels and summary are retained and linked to the call.
6. Access. Transcripts are accessible only to (a) the two participants of that call, and (b) a limited number of authorised personnel, strictly for the safety, moderation, fraud-prevention, legal-compliance and experience purposes described in Section 3. Transcripts are never shown to other users.

5. Legal Bases and Consent (PDPA)

We rely on the following bases under the PDPA and equivalent provisions of other applicable laws:

• Consent, given when you create an account, accept in-app disclosures (such as the pre-call recording notice), upload content, or enable device permissions;
• Deemed consent, where you voluntarily provide personal data for an obvious purpose (e.g., providing your phone number to receive a login code) or where processing is reasonably necessary to perform our contract with you;
• Legitimate interests and other statutory exceptions, where permitted — for example for fraud detection and prevention, network and information security, and protecting the safety of individuals — where our interests are not overridden by adverse effects on you;
• Legal obligations, where processing is necessary to comply with applicable law.

Withdrawing consent. You may withdraw consent at any time by adjusting in-app/device settings (e.g., disabling notifications or photo access) or by contacting admin@deployku.com. We will explain the likely consequences: because core features depend on certain data (for example, calls cannot be offered without recording-and-transcription for safety, and accounts cannot exist without a verified phone number), withdrawing certain consents may require us to limit or terminate your use of the Service. Withdrawal does not affect processing already carried out, or processing permitted without consent under applicable law.

6. Disclosure of Personal Data

We do not sell personal data. We disclose personal data only as follows:

6.1 To other users — by design

• Before mutual reveal: other users see only an abstract system-generated avatar and limited non-identifying signals (such as a compatibility indicator). Your name, photo, and identifying details are not shown.
• After mutual reveal: your matched user can see your profile (display name, age derived from your date of birth, gender, city, bio, photo) and exchange messages with you.
• Participants of a call can each access the transcript of that call.

6.2 To service providers (data intermediaries / processors)

We use carefully selected third-party providers who process personal data only on our documented instructions and under contractual confidentiality, security and data-protection obligations. These providers fall into the following categories:

• cloud hosting, database and storage providers;
• real-time voice-call infrastructure providers;
• SMS and email delivery providers (for one-time codes and notices);
• push-notification delivery providers;
• in-app purchase platforms and payment processors;
• advertising networks (for optional rewarded advertisements);
• automated content-moderation providers (e.g., photo screening);
• AI speech-to-text and language-model providers (for call transcription, labelling, summaries and date-plan generation);
• analytics, crash-reporting and error-tracking providers;
• identity/liveness verification providers (if and when such verification is introduced); and
• alternative or local payment providers (if and when such payment options are introduced).

A list of our current providers in each category is available on request to admin@deployku.com.

6.3 Other disclosures

• Legal and safety: to law-enforcement agencies, regulators, courts or other authorities where required or permitted by law; to investigate or prevent suspected fraud, threats to safety, or illegal activity; or to establish, exercise or defend legal claims;
• Corporate transactions: to an actual or prospective acquirer, successor or assignee in connection with a merger, acquisition, financing, reorganisation or sale of assets, subject to confidentiality obligations and to this Policy continuing to apply;
• With your consent or at your direction, in other cases.

7. International Transfers

Our service providers may store or process personal data on infrastructure located outside the jurisdiction in which you reside. Where personal data is transferred out of Singapore, we comply with the PDPA's transfer-limitation obligation by ensuring the recipient provides a standard of protection comparable to the PDPA — through contractual safeguards, the recipient's binding policies, or other legally recognised mechanisms. Where the laws of your jurisdiction impose additional transfer requirements, we honour them.

8. Data Retention

We retain personal data only as long as necessary for the purposes described in this Policy, to comply with legal obligations, to resolve disputes, and to enforce agreements. Indicative retention practices:

Data	Retention
Raw call audio	Deleted promptly after transcription (typically immediately upon successful processing)
Call transcripts, labels, summaries	Retained while your account is active; deleted or anonymized within a reasonable period after account deletion, except where retention is required for safety investigations, disputes or legal obligations
Chat messages	Retained while your account is active; removed from the Service upon account deletion (the other participant's copy of a conversation may persist in de-identified form)
Profile data and photos	Retained while your account is active; deleted upon account deletion. Photos rejected by moderation are deleted
One-time login codes	Minutes (expire shortly after issuance)
Credit/transaction ledger	Retained for the life of the account and thereafter as required for accounting, tax, audit, fraud-prevention and legal purposes (the ledger is append-only by design)
Reports, blocks, ratings, enforcement records	Retained as long as necessary for safety and legal purposes, including after account deletion where needed to prevent banned users from returning or to address ongoing investigations
Device tokens and technical logs	Short, rolling retention periods appropriate to their diagnostic and security purpose
Anonymized/aggregated data	May be retained indefinitely (no longer personal data)

When retention ends, we delete or irreversibly anonymize the data. Residual copies may persist for a limited time in encrypted backups before being overwritten in the ordinary course.

9. Your Rights and Choices

Subject to applicable law (including the PDPA and any additional rights granted by the data-protection laws of your jurisdiction), you have the right to:

• Access — request a copy of, and information about the use and disclosure of, your personal data within the preceding year;
• Correction — request correction of inaccurate or incomplete personal data (you can edit most profile data directly in the App);
• Deletion — request deletion of your account and associated personal data, via the App's settings or by emailing admin@deployku.com, subject to the retention exceptions in Section 8;
• Withdraw consent — as described in Section 5;
• Portability — where applicable law provides a data-portability right, request transmission of applicable data in a commonly used machine-readable format;
• Complain — raise concerns with us first (we will respond promptly), and, if unresolved, lodge a complaint with the Personal Data Protection Commission of Singapore or the data-protection authority of your jurisdiction.

To exercise any right, contact admin@deployku.com from your registered email, or include your registered phone number, so we can verify your identity before acting. We respond within the timelines required by applicable law and will inform you if a statutory exception applies (for example, where access would reveal personal data about another individual, such as the other side of a conversation, or would compromise an ongoing safety investigation). We will not discriminate against you for exercising your rights.

Other choices:

• Push notifications — disable in device or in-app settings (you may miss call and match alerts);
• Microphone, photo and other permissions — manage in device settings (calls require microphone access);
• Advertising — rewarded ads are optional; you can also limit ad personalisation through your device's advertising settings;
• Blocking — block any user at any time to prevent further contact and matching.

10. Security

We implement administrative, technical and organisational measures appropriate to the sensitivity of the data we hold, including:

• encryption of data in transit;
• database-level access rules that restrict each user's access to their own records (for example, transcripts readable only by call participants);
• security credentials and call/session tokens issued only server-side, never embedded in the App;
• an append-only financial ledger that cannot be retroactively edited;
• least-privilege access controls, secrets management, and logging for our personnel and systems;
• automated screening of uploaded photos before display;
• vendor due-diligence and contractual data-protection obligations for all service providers.

No method of transmission or storage is completely secure, and we cannot guarantee absolute security. If a data breach occurs that is notifiable under applicable law, we will notify the relevant authority and affected users as required.

11. Children

The Service is strictly for users aged 18 and over. We do not knowingly collect personal data from anyone under 18. Date of birth is collected at onboarding to enforce this. If we learn that an account belongs to a person under 18, we will terminate the account and delete its personal data, subject only to retention needed for legal and safety purposes. If you believe a minor is using the Service, please report it in-app or to admin@deployku.com.

12. Cookies, Local Storage and Tracking

The App is a mobile application and does not use browser cookies. It stores on your device: authentication tokens (to keep you signed in), and local preferences/settings. Third-party software components within the App (for example, analytics, advertising and purchase libraries) may generate device-level identifiers used for the purposes described in Sections 3 and 6.2. You can reset or limit advertising identifiers in your device settings. If we operate websites, any cookie practices will be disclosed on those sites.

13. Automated Processing

The Service uses automated systems to: match users; compute internal compatibility, standing and matching-quality scores; enforce usage caps; screen photos; transcribe and summarise calls; and flag potential Terms violations for human review. Significant enforcement decisions (such as suspensions and bans arising from reports) incorporate human review. If you believe an automated decision affecting you is wrong, contact admin@deployku.com and we will review it.

14. Changes to This Policy

We may update this Policy from time to time. If we make material changes, we will notify you through the App or by other reasonable means before the changes take effect, and update the Effective Date above. Where a change involves a new purpose for which consent is required by law, we will seek that consent. Your continued use of the Service after the effective date constitutes acknowledgement of the updated Policy.

15. Contact Us

Deployku Pte Ltd
Data Protection Officer
Email: admin@deployku.com

Please include your registered phone number or email so we can locate your account, and a description of your request. We aim to acknowledge privacy requests promptly and to resolve them within the timelines required by applicable law.

This Privacy Policy should be read together with the Heqiyou Terms and Conditions.