Legal
Privacy Policy
Effective date: May 1, 2026 · Last updated: May 1, 2026
Who we are
The Only One (“we,” “us,” or “our”) is a relationship and friendship matching application designed to help people build meaningful, long-term connections. This Privacy Policy explains how we collect, use, disclose, and protect your personal information when you use our website, mobile application, or any related services (collectively, the “Service”).
By accessing or using the Service, you agree to the practices described in this policy. If you do not agree, please do not use the Service.
We built The Only One around safety and trust. We collect only what we need to match you well and keep you safe — and we never sell your personal data to advertisers or third parties.
Information we collect
Information you provide directly
- Account information: name, email address, date of birth, and password when you register.
- Profile information: photos, gender identity, location (city or region), and a short biography.
- Compatibility assessment responses: answers to our psychology-based questionnaire, including questions about values, relationship goals, attachment style, conflict resolution preferences, and communication style. This information is treated as sensitive and used exclusively for matching.
- Identity verification data: a government-issued ID document and a real-time selfie, collected solely to verify your identity. We do not store raw ID document images after verification is complete.
- Communications: messages you send to other members through the Service, and any feedback or support requests you submit to us.
Information collected automatically
- Device information: device type, operating system, app version, and unique device identifiers.
- Usage data: pages or screens viewed, features used, time spent in the app, and interaction events (such as completing an assessment or opening an introduction).
- Log data: IP address, browser type, referring URLs, and error reports.
- Location data: approximate location derived from your IP address. We do not collect precise GPS location unless you explicitly grant permission.
Information from third parties
If you choose to sign up using a third-party account (such as Apple or Google), we receive your name and email address from that provider. We do not receive your password.
How we use your information
| Purpose | Data used | Legal basis |
|---|---|---|
| Creating and managing your account | Name, email, password | Contract performance |
| Generating compatibility matches | Assessment responses, preferences, profile data | Contract performance / legitimate interest |
| Verifying your identity | ID document, selfie | Legitimate interest (safety) |
| Delivering guided connection activities | Profile data, match history | Contract performance |
| Sending service notifications | Email address, push token | Contract performance / consent |
| Improving the Service | Aggregated, de-identified usage data | Legitimate interest |
| Fraud prevention and safety | Device data, IP address, usage patterns | Legitimate interest / legal obligation |
| Responding to support requests | Communications, account information | Contract performance |
We do not use your compatibility assessment responses for advertising, profiling outside the Service, or any purpose unrelated to matching.
How we share your information
We do not sell your personal information. We share data only in the following limited circumstances:
With other members
When you are introduced to another member, we share the profile information you have made visible — such as your name, photos, and a summary of compatibility dimensions. Your assessment responses are never shared verbatim; we share only curated compatibility insights.
With service providers
We work with trusted third-party vendors who help us operate the Service, including cloud hosting providers, identity verification partners, and analytics services. These vendors access your data only to perform services on our behalf and are contractually prohibited from using it for any other purpose.
For legal compliance and safety
We may disclose information if required to do so by law, court order, or government request, or if we believe in good faith that disclosure is necessary to protect the safety of any person, prevent fraud, or enforce our Terms of Service.
In connection with a business transaction
If The Only One is acquired by or merged with another company, your information may be transferred as part of that transaction. We will notify you via email or a prominent notice on our website before your information becomes subject to a different privacy policy.
Data retention
We retain your personal information for as long as your account is active or as needed to provide the Service. Specifically:
- Account and profile data is retained until you delete your account.
- Compatibility assessment responses are retained to power your matching experience and are deleted within 30 days of account deletion.
- Identity verification records are retained for up to 12 months after account deletion, as required by our fraud prevention obligations.
- Messages exchanged between members are stored for 90 days after the conversation ends, after which they are permanently deleted.
- Aggregated, de-identified analytics data may be retained indefinitely for research and product improvement purposes.
You may request deletion of your data at any time by contacting us (see Section 10). We will fulfill verified requests within 30 days.
Your rights and choices
Depending on your location, you may have the following rights regarding your personal information:
Access and portability
You may request a copy of the personal information we hold about you in a structured, machine-readable format.
Correction
You may update or correct inaccurate information at any time through your account settings or by contacting us.
Deletion
You may request that we delete your personal information. Certain data may be retained to comply with legal obligations or legitimate business interests (such as fraud prevention).
Withdrawal of consent
Where we process your data based on consent (such as marketing communications), you may withdraw that consent at any time. Withdrawal does not affect the lawfulness of processing prior to withdrawal.
Do Not Track
We do not currently respond to browser “Do Not Track” signals, as there is no universally accepted standard for how to honor them. We do not use cross-site tracking for advertising.
California residents (CCPA / CPRA)
If you are a California resident, you have the right to know what personal information we collect and how it is used, the right to delete your personal information, the right to opt out of the sale or sharing of personal information (we do not sell or share personal information), and the right to non-discrimination for exercising your privacy rights. To submit a request, contact us using the information in Section 10.
To exercise any of these rights, email us at privacy@meet-only.one. We will respond within 30 days. We may ask you to verify your identity before processing your request.
Data security
We take the security of your personal information seriously. We implement industry-standard safeguards including:
- Encryption of data in transit (TLS) and at rest (AES-256).
- Strict access controls — only authorized personnel can access personal data, and only to the extent necessary for their role.
- Regular security assessments and penetration testing.
- Prompt incident response procedures, including breach notification as required by applicable law.
No method of electronic transmission or storage is 100% secure. While we strive to use commercially acceptable means to protect your information, we cannot guarantee absolute security. If you believe your account has been compromised, please contact us immediately at privacy@meet-only.one.
Children's privacy
The Only One is intended exclusively for adults aged 18 and older. We do not knowingly collect personal information from anyone under the age of 18. Our identity verification process is designed to enforce this requirement.
If we learn that we have inadvertently collected personal information from a minor, we will delete it promptly. If you believe a minor has created an account on our Service, please contact us at privacy@meet-only.one.
Changes to this policy
We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or for other legitimate business reasons.
When we make material changes, we will notify you by email (at the address associated with your account) and by posting a prominent notice on our website at least 14 days before the changes take effect. Your continued use of the Service after the effective date constitutes your acceptance of the updated policy.
We encourage you to review this page periodically. The “Last updated” date at the top of this page indicates when the policy was most recently revised.
Contact us
If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please reach out to us.
Privacy inquiries
We aim to respond to all privacy-related inquiries within 5 business days. For data rights requests (access, deletion, portability), we will respond within 30 days.
Website
www.meet-only.one