yenn
Privacy Policy

The full account of what we hold. Which is almost nothing.

This is the formal Privacy Policy required by law. If you'd rather read the plain-language version of the same promise, see our privacy page. This policy explains, in GDPR terms, who the controller is, what we process, why, on what legal basis, for how long, and the rights you have.

Last updated: 29 June 2026

This Privacy Policy explains how Yenn Labs B.V. ("Yenn", "we", "us") processes personal data in connection with the Yenn mobile application and the website at yenn.dating (together, the "Service"). It is written to meet the EU General Data Protection Regulation (GDPR) and Dutch data-protection law. Yenn is an 18+ service; it is not intended for and may not be used by anyone under 18.

1. Who is responsible (controller) · 2. Our privacy-by-design model · 3. What we process, why, and the legal basis · 4. What we deliberately do NOT collect · 5. End-to-end encrypted content · 6. Who else is involved (processors & recipients) · 7. International transfers · 8. How long we keep data · 9. Your rights · 10. Security · 11. Children · 12. Automated decisions · 13. Changes · 14. Contact & complaints

1. Who is responsible (the data controller)

The controller for the personal data described here is:

Yenn Labs B.V.
Keizerstraat 10C, 4811 HL Breda, the Netherlands
KvK (Chamber of Commerce) no.: 95818979
VAT (BTW) no.: NL867320023B01
Contact: info@yenn.dating

We have not appointed a Data Protection Officer because we are not required to; you can raise any data-protection question at the address above and a person responsible for privacy will handle it.

2. Our privacy-by-design model

Yenn is built so that the sensitive parts of you are sealed away from us by design, not by promise. Three principles shape everything below:

  • We don't ask for identifying data. No phone number, no email, no legal name, no ID or face scan. Your identity on Yenn is a pseudonymous cryptographic key generated on your device.
  • The private planes are end-to-end encrypted. Your conversations and your private (Tier-B) photos are encrypted on your device with keys we never hold, and they travel directly by way of public relays and storage servers we do not operate. We are not in the path of that content at all; the servers that carry it see only ciphertext.
  • What does leave your device is minimised. Location is reduced to a coarse area on your device before it is sent; photos have their hidden metadata stripped on your device before upload.

3. What we process, why, and the legal basis

Under the GDPR we must tell you each category of data we process, the purpose, and the legal basis (GDPR Art. 6). Because Yenn is a dating service, some profile data can reveal information about your sex life or sexual orientation, which is a "special category" under Art. 9 — where that is so, our basis is your explicit consent, which you can withdraw at any time by editing or deleting that content or your account.

DataPurposeLegal basis
Pseudonymous account key (Nostr public key) + chosen display nameTo create and operate your account and identify your profile to potential matchesPerformance of the contract (Art. 6(1)(b))
Coarse location (a grid-snapped area, ~5 km; never your exact position)To show you people nearby and order matches by approximate distanceConsent (Art. 6(1)(a)) — you grant the location permission
Profile content: short bio, public (Tier-A, SFW) photo, interest and gender facets, a rough whole-number ageTo build your discoverable profile and matchmakingPerformance of the contract (Art. 6(1)(b)); and, for facets that reveal sexual orientation, explicit consent (Art. 9(2)(a))
Age (a single integer derived on your device from the birth date you enter; the birth date itself is not stored)To confirm you are 18+ and match within an age rangeLegal obligation / legitimate interest in keeping the service adults-only (Art. 6(1)(c)/(f)); contract (Art. 6(1)(b))
Trust signals (referrals, in-person QR vouches, event check-ins, deposits) and the derived trust scoreTo keep the network real and reduce bots, fakes and abuse; the derived score is published as a signed assertion tied to your keyLegitimate interest in platform integrity and user safety (Art. 6(1)(f))
Reports you make about other users (and the fact you blocked someone)Trust & safety, moderation and abuse handlingLegitimate interest in safety (Art. 6(1)(f)); legal obligation where reporting is required (Art. 6(1)(c))
End-to-end encrypted message and private-photo content (ciphertext only). We do not store or route this on infrastructure we operate; it is carried directly by public, third-party relays and storage servers (see Section 6). We cannot read it and hold no keys to it.To let you and your match exchange messages and private photos that only the two of you can openPerformance of the contract (Art. 6(1)(b)), as the technical means of delivering the Service you signed up for

4. What we deliberately do NOT collect

  • No phone number, email address, or legal name.
  • No government ID, passport, or face/biometric scan.
  • No precise/GPS location — it is coarsened to a ~5 km area on your device before anything is sent.
  • No date of birth is stored — only a derived integer age.
  • No advertising identifiers, no analytics SDKs, no third-party trackers, and no crash-reporting SDK. We do not track you across other apps or websites, and we do not build advertising profiles.
  • No contact-book access, browsing history, financial data, or health data.
  • We do not sell your data, and we do not use your content to train AI models.

5. End-to-end encrypted content (we cannot read it)

Your one-to-one chats and your private (Tier-B) photos are end-to-end encrypted using the Marmot / MLS standard (built on OpenMLS). The encryption keys are generated and held on the devices of you and the person you matched with — never by Yenn. Private photos are exchanged only after a mutual match. The public relays and Blossom storage servers that carry and back up this content — which we do not operate — receive only ciphertext. We therefore cannot read, hand over, or sell the contents of your private conversations or private photos; we could not do so even if compelled, because we do not hold the keys.

6. Who else is involved (processors and recipients)

We keep our infrastructure minimal and we don't share your data for anyone else's purposes. Data may be handled by:

  • Nostr relays — receive your minimal public discovery profile (pseudonymous key, display name, coarse area, SFW photo reference, facets) so other users can find matches, and carry your encrypted messages as ciphertext. These are independent, public, third-party servers that the app broadcasts to; we do not operate any relay ourselves. The protocol is open, and your public profile plane is, by design, publicly readable.
  • Blossom storage servers — store your photo blobs. Public photos are stored; private photos are stored as ciphertext. We use public/redundant servers and encrypt on the client; we do not run a private blob host.
  • Our key gateway and trust engine — process the pseudonymous key registration and the private trust signals to compute your trust score.
  • Your device maker (Apple / Google) — if you keep your device's standard settings, your account key is backed up to the device's secure keychain (iCloud Keychain / Google keychain). This is a backup on your own device account, under Apple's or Google's terms, not a transfer to us.
  • App stores (Apple App Store / Google Play) — process any in-app purchases, under their own privacy terms. We do not receive your payment details.
  • Authorities — where we are legally required to act (for example, reporting child sexual abuse material to the competent authorities).

Where any of these acts as our processor, we put an appropriate data-processing agreement in place.

7. International transfers

We aim to keep processing within the EU/EEA. Where a relay, storage server, or service provider we use is located outside the EEA, or where your device's keychain backup involves a transfer (for example, to Apple or Google infrastructure outside the EEA), such transfers are protected by an appropriate safeguard under the GDPR — typically the European Commission's Standard Contractual Clauses or an adequacy decision. You can ask us for details of the safeguards that apply.

8. How long we keep data

  • Profile and account data — kept while your account is active.
  • Encrypted messages/photos — we do not store these on infrastructure we operate. They are end-to-end encrypted on your device and carried by public, third-party Nostr relays and Blossom storage servers we do not control, which set their own retention. On account deletion we issue a protocol-level (NIP-09) delete request for your published events, but content already replicated to relays or storage we do not control is outside our reach (see Section 9).
  • Trust signals / score — kept while your account is active to keep the network's integrity meaningful.
  • Reports / safety records — kept only as long as needed for safety and to meet legal obligations.
  • On account deletion — we erase the data on the systems we operate as described in Section 9.

9. Your rights

Under the GDPR you have the right to: access your data; rectify it; erase it ("right to be forgotten"); restrict or object to processing; data portability; and to withdraw consent at any time (without affecting processing already carried out). Because of Yenn's design, much of this is in your hands directly:

  • Access & portability: your content lives on your device and on the open Nostr network keyed to your account; you can also contact us to exercise these rights.
  • Rectification: edit your profile in the app at any time.
  • Erasure: use Settings → Delete account. This performs genuine erasure on the systems we operate — a protocol-level (NIP-09) delete of your published events, removal of your associated keys at our gateway, and a cryptographic wipe of local data. Note the inherent limits of a decentralised protocol: content already delivered to a person you matched with, or replicated to relays we do not control, is outside our reach and cannot be guaranteed to disappear everywhere.
  • Withdraw consent / object: turn off location, remove content, or delete your account.

To make any request, email info@yenn.dating. We respond within one month, as the GDPR requires, and we won't charge you for exercising your rights in the ordinary case.

10. How we protect your data

Beyond the end-to-end encryption of private content, we use transport encryption (TLS) for data in transit, store the account key in your device's secure keychain, strip all hidden EXIF metadata from photos — including GPS location and capture timestamps — on your device before upload, coarsen location on your device, and minimise what we collect in the first place. The single most effective protection is structural: data we never hold cannot be leaked, subpoenaed, or sold.

11. Children

Yenn is exclusively for adults aged 18 and over. We do not knowingly process the data of anyone under 18. If you believe a minor is using the Service, contact us at info@yenn.dating and we will act.

12. Automated decision-making

The trust score is computed automatically and influences how visible you are within the network, but it does not produce a legal or similarly significant effect on you within the meaning of GDPR Art. 22, and it is not used to profile you for advertising. If you have a concern about how the trust system has affected your experience, contact us and a person will review it.

13. Changes to this policy

We may update this policy from time to time — for example, when features or the law change. When we make a material change, we will update the "Last updated" date above and, where significant, give reasonable notice in the app. Please check back so you stay informed.

14. Contact and complaints

For any privacy question or to exercise your rights — access, deletion, or any other request that needs a reply — contact us at info@yenn.dating. Email is the right channel for these, because we need a way to respond to you.

To report another user or raise a safety concern, you can also use the in-app Report action, which files an abuse signal to our trust & safety system and blocks that person for you. Reporting is a one-way safety tool — the person is not told, and it is not a way to contact us about your own data or to receive a reply; for anything that needs a response, please email us.

You also have the right to lodge a complaint with a supervisory authority. In the Netherlands this is the Autoriteit Persoonsgegevens (autoriteitpersoonsgegevens.nl); in Belgium, the Gegevensbeschermingsautoriteit / Autorité de protection des données (gegevensbeschermingsautoriteit.be). You may also complain to the authority in your own EU country of residence.

This Privacy Policy forms part of, and should be read together with, Yenn's Terms of Use. Where a plain-language summary and a legal requirement ever appear to differ, the requirement of applicable Dutch and EU law prevails.