FRIENDA MINI APP
PRIVACY POLICY
PRIVACY POLICY
Last Updated: 06.03.2025
This Privacy Policy explains how Frienda collects, uses, and protects your personal data. Frienda is operated by SUMMEET PTY LTD, doing business as FRIENDA and WOWREELS (“we,” “us,” or “our”), as an independent service on the Telegram platform.
Frienda is a Telegram Mini App, meaning it operates within Telegram but is provided by us as a third-party Service Provider (SP). Telegram is not responsible for Frienda’s content or services.
This policy applies to all users of Frienda worldwide and covers all data collected through the Mini App. By using Frienda, you consent to the collection and use of your data as outlined in this Privacy Policy. If you do not agree with this policy, please do not use Frienda.
1. Data Collection & Usage
We collect several types of information when you use Frienda, and we use it for various purposes to operate and improve the service. Here is what we collect and how we use it:
1.1 Personal Data from Telegram Profile: When you use Frienda on Telegram, Telegram shares certain data with us to launch the Mini App. By launching Frienda, you consent to Telegram providing us with: your Telegram user ID, public display name, username, profile photo, your language and Telegram app version info. Telegram may also indicate whether you have a Telegram Premium subscription. We use this data to prefill your Frienda profile during registration and personalize your experience.
1.2 Account Registration Data: To create an account and use Frienda, you must provide certain information to personalize your experience and ensure a safe community. By signing up, you consent to providing the following details: your name, which is automatically taken from your Telegram public display name; your date of birth, used to verify eligibility and tailor your experience; and the city where you live, which helps connect you with potential friends in your area. You must also provide your email, which is required for account management and support. Your Telegram username will be visible to your friends once they accept your friend request, and if you choose to add your Instagram username. This is completely optional and user-provided – we do not automatically fetch any data from Instagram. Instagram username will also be visible to your friends after they accept your request.
1.2.1 To complete your profile, you must upload at least three photos and select your personality type (introvert or extrovert). Additionally, you need to fill out three personal description sections, select your friendship goals from a predefined list to indicate what kind of friendships you are looking for, and provide a self-description using up to 20 emojis.
1.3 Location Data: Frienda may collect location information to provide location-based features:
1.3.1 If you choose to share your live location through Telegram’s Location Manager (Telegram will ask your permission), we receive your geographic coordinates. We use these to show you nearby users or relevant local content.
1.3.2 If you do not explicitly share location, we may use IP-to-Geo lookup to estimate your general location to show you nearby users or relevant local content. This IP-based detection is coarse and not precise. Therefore, you have an option to edit the location during registration.
1.3.3 Optional: Sharing live location through Telegram’s Location Manager is voluntary. You can always decline a location request or disable location sharing, and the core of Frienda will still work using IP-to-Geo approach.
1.4 Face Verification: For trust and safety, Face Verification is mandatory during registration to ensure account authenticity and prevent fraud. When you sign up for Frienda, we will ask you to go through AWS Rekognition Face Liveness. This photo is securely processed using AWS Rekognition, a facial recognition service, to verify that you are a real person and that your uploaded profile photos match your identity. We store your verification selfie securely and use it to verify your profile now and in the future (for example, if you update your photos, we might re-verify).
The selfie is used only for fraud prevention and account authenticity checks. We retain your verification photo as long as your account is active so that you don’t have to re-submit selfies each time verification is needed. If you delete your account, we delete the selfie from our records. We do not use your selfie for any other purpose, and we do not share it except with our verification service as needed to perform the match.
1.5 Usage Data & Analytics: When you use Frienda, we automatically collect certain information about your device and how you interact with the app:
1.5.1 We use Amplitude (a third-party analytics platform) to gather data on app usage. This may include events like screen views, button clicks, features used, and timing of actions. We also collect device identifiers, app version, and technical info (like device model, OS, and language settings) to help us understand usage patterns. This data helps us improve features and user experience. Analytics data is generally viewed in aggregated or pseudonymized form (we look at trends, not at individual behavior except as needed to troubleshoot).
1.5.2 We use Sentry (an error monitoring service) to report app errors or crashes. When something goes wrong (say the app encounters a bug), Sentry logs technical details about the error and the context. This can include device info, the state of the app when the error happened, and a sequence of user actions leading up to the issue. Session Replay: Sentry may also capture a short “session replay,” essentially a recording of your interactions (touches, screen transitions) around the time of an error. This replay helps our developers reproduce and fix the problem. These error reports and replays are used strictly for debugging and product improvement, not for marketing or profiling.
1.6 Messaging Data: Frienda itself does not store your personal chats or messages with other users. When you connect with someone on Frienda and decide to chat, the messaging actually occurs through Telegram’s infrastructure. We do not have access to or save the content of those messages, since they are handled by Telegram. Our system might log the fact that two users became connected or initiated a chat, but the substance of your conversations remains private to you and governed by Telegram’s privacy policy. In short, Frienda acts as a facilitator to help you meet, but your one-on-one messages stay on Telegram.
1.7 Subscription & Payment Data: Frienda offer Frienda Premium subscription. We do not process or store your payment card information directly; instead, we rely on trusted payment processors:
1.7.1 Telegram Stars: For subscriptions and purchases made via Telegram, Frienda supports Telegram Stars, Telegram’s virtual items that allow users to purchase digital goods and services from bots and mini apps inside the Telegram ecosystem. When you purchase something in Frienda using Telegram Stars, the transaction is processed entirely by Telegram’s payment system, not Frienda’s servers.
Telegram will deduct the required Stars from your balance and notify us of your purchase. We do not receive your credit card or financial details—any real-money purchase of Stars or management of your Stars balance is handled between you and Telegram, subject to Telegram’s Terms of Service for Telegram Stars.
We only receive confirmation of the Stars spent and the associated purchase details to deliver the service and maintain an internal record. All Telegram Stars transactions are governed by Telegram’s payment policies and privacy safeguards.
1.7.2 Third-Party Payments: For subscriptions and purchases made via credit/debit card, we use third-party payment processors. When you make a payment, your payment details (e.g., card number, billing name, etc.) are processed securely by the payment provider, not Frienda’s servers.
We receive only the necessary data to activate your purchase, such as a confirmation of successful payment, the type of subscription or item purchased, the last few digits of your card (or a transaction identifier), and your subscription status (e.g., active, expiration date). This information is used solely to provide the services you paid for and to maintain records like receipts and account history.
Our payment providers may also collect additional information for fraud prevention or receipts. Any such data is handled under their respective privacy policies. We encourage you to review their policies for further details.
We only use payment and subscription data to manage your Frienda Premium subscriptions. We do not use your payment information for anything unrelated to your purchase (like profiling or advertising), and we do not share it with third parties except the processors involved (as described above) or as required for legal/accounting compliance.
2. Legal Basis for Data Processing
We process personal data only when we have a valid legal reason to do so. Given Frienda’s global user base, we comply with various privacy laws including the GDPR in Europe and the CCPA in California. Our legal bases for handling your data include:
2.1 Consent: In many cases, we rely on your consent. For instance, before accessing your precise location via Telegram Location Manager, using your data for face verification during registration, or sending you promotional messages via Telegram Bot or email, we will ask for your permission. You have the right to withdraw consent at any time. For example, you can revoke location access via Telegram’s settings, remove optional profile info you provided (such as your Instagram handle), or contact us through Telegram Bot or support@frienda.au to withdraw consent for a particular feature. Withdrawing consent will stop further processing of the data for that specific purpose (however, it won’t affect processing already done).
2.2 Contractual Necessity: When you use Frienda, you are agreeing to our Terms of Service, which forms a contract between you and us. We need to process certain basic data to fulfill our obligations under that contract – i.e., to provide you with the Frienda services you expect. For example, we must use your Telegram ID and profile data to create your account and connect you with other users; if you make a purchase, we must process that transaction to deliver the paid features. In short, much of the data used described above is necessary for us to provide the service you have requested.
2.3 Legitimate Interests: We also process data as needed to pursue our legitimate interests in running and improving Frienda, provided such use is fair and does not override your own rights and freedoms. For example, it is in our interest (and yours) to keep Frienda secure and free of fraud – so we might use data to detect fake accounts or enforce our rules. It’s also our legitimate interest to analyze how the app is used, to improve the user experience and fix issues, which we do via analytics and error tracking (in ways that respect your privacy). When we rely on this basis, we ensure that we consider any potential impact on you (for instance, if a particular use of data could be unexpected or intrusive, we will either seek consent or not proceed unless we are confident it’s low-impact and necessary).
2.4 Legal Obligation: (Additional basis) On occasion, we may need to process or disclose data to comply with a legal obligation — for example, retaining certain records for tax law, or responding to lawful requests by authorities (see “Third-Party Sharing” below). In such cases, the legal obligation is our basis for processing.
In jurisdictions that require it (such as the EU), SUMMEET PTY LTD is the “data controller” responsible for your personal data on Frienda. We adhere to principles of transparency, purpose limitation, and data minimization in line with GDPR.
CCPA (California) Compliance: If you are a California resident, we handle your personal information in accordance with the California Consumer Privacy Act (CCPA) and other applicable laws:
2.5 We do not “sell” your personal information as defined by the CCPA (i.e., we do not exchange your data for money or other valuable consideration to third parties for their own marketing). We also do not share your data with third-party advertisers.
2.6 We only use and share your information for purposes that would be considered “business purposes” under CCPA – such as providing the Frienda service, preventing fraud, analytics, and other operational needs as described in this policy.
2.7 California users have specific rights to access and delete their data and to opt-out of any future sale of their data. We honor those rights — see the “User Rights & Control” section below for details on how to exercise them.
2.8 We will not discriminate against you for exercising your privacy rights (meaning we won’t deny you the service or charge you differently just because you made a data request).
3. Data Retention & Deletion
We retain your personal data only for as long as necessary to fulfill the purposes for which it was collected, or as required by law. In general, this means we keep your information for as long as you have a Frienda account:
3.1 Active Account: All the personal data described above is stored and maintained while your account is active so that we can provide the service to you. This includes your Telegram account data, any profile details you’ve added, and any records of interactions or transactions.
3.2 Verification Selfie: As noted, if you completed the face verification, we keep your verification selfie as long as your profile remains active. This allows us to re-verify quickly when needed (for example, if you update your profile photo). This photo data is treated with high security and only used for verification purposes. It will be deleted when it’s no longer needed or if you remove your account.
3.3 Account Deletion: You have the right to delete your Frienda account at any time. We provide an option in Frienda’s Settings to delete your account. You may also request account deletion by contacting our support via Telegram Bot or support@frienda.au. We may take steps to verify that you are the account owner before proceeding. Once deletion is confirmed, we will:
3.3.1 Remove your Frienda profile from the app so other users can no longer see you or search for you.
3.3.2 Permanently delete the personal data we have about you in our production databases. This includes your profile data, and any personal identifiers linking the account to you.
3.3.3 Cease processing your data going forward. If you were in any match lists or pending connections, you will disappear from those.
3.3.4 Delete your verification selfie and inform AWS Rekognition (our processor) to delete any data they hold for that verification.
3.3.5 Instruct our third-party service providers to delete or de-identify your data that they were processing on our behalf (subject to their retention policies). For example, we will remove your user identifiers from Amplitude and Sentry, so they no longer retain data tied to your account.
3.3.6 Retention of Minimal Records: We will not keep your personal profile content after deletion. However, we may retain very limited information as necessary for specific reasons:
3.3.6.1 Legal and Compliance: We might retain records of transactions (payments) for financial reporting, or certain communications if needed for legal compliance or resolving disputes.
3.3.6.2 Preventing Abuse: We may keep a basic log that an account with your Telegram ID was deleted or banned on a certain date. This helps us enforce one-account rules and prevent users who violate our terms from immediately rejoining. These logs do not contain your profile data or messages – just an identifier and a note. We protect this information and only use it for security/admin purposes.
3.3.6.3 Backup Systems: It’s possible that some of your data could persist for a short period in our encrypted backups or cache. If so, we will continue to protect it and delete it in the normal course of our backup retention schedule.
Important: Simply removing the Frienda Mini App or blocking Telegram Bot in your Telegram account, or uninstalling Telegram, will not automatically delete your Frienda account. Account deletion requires using the in-app option or contacting us, as described. If you just stop using Frienda, your data will remain until you actively delete (or possibly if we have a policy to purge inactive accounts after a long period, which we would announce if implemented).
After we process an account deletion request, we will, upon request, confirm with you that your personal data has been deleted. Under GDPR, we typically complete deletions within 30 days of verification of the request (and usually much sooner). Under CCPA, deletions are usually completed within 45 days of receiving a verifiable request.
4. Third-Party Data Sharing
We do not sell your personal information to anyone, and we do not share your data with ad networks or for advertising purposes. However, we do rely on a few trusted third-party services to operate Frienda. We share data with these providers only to the extent necessary for them to perform their functions, and each is bound by contractual privacy obligations to protect your data. Our main data-sharing partners are:
4.1 Telegram: Telegram itself is a crucial “partner” because Frienda runs on Telegram’s platform. When you use Frienda, some data inherently passes through Telegram:
4.1.1 Data from Telegram to Frienda: Telegram provides us with your profile basics (as described in Data Collection) to start the Mini App. If you share location via Telegram, that data comes through Telegram Mini App’s APIs to us.
4.1.2 Data from Frienda to Telegram: If Frienda triggers an action like opening a chat or sending a message/invitation via Telegram, Telegram handles that communication. Telegram will know that your account is using Frienda (e.g., for its analytics or to show Frienda in your list of connected apps). We minimize data sent to Telegram, but obviously if you initiate chats or send content via Telegram, that content goes through Telegram.
4.1.3 Telegram’s Policies: Any data that resides with Telegram (like your messages, or the fact you use Frienda) is governed by Telegram’s Privacy Policy. Telegram is a separate entity; for questions about how Telegram handles your data, please refer to their policy. We only share information with Telegram as needed to make Frienda work (and primarily, Telegram is sharing data with us). We will comply with Telegram’s platform rules as well, which might require us to report back certain information in cases of abuse or to cooperate with Telegram’s own fraud prevention.
4.2 Hosting and Storage (Amazon Web Services): Frienda’s servers and databases are hosted on Amazon Web Services (AWS) infrastructure. That means personal data you provide is stored on AWS cloud servers. AWS acts as our data processor, storing data on our behalf. AWS maintains industry-standard security certifications and is GDPR-compliant as a processor. Additionally, we use AWS Rekognition for the face verification feature. AWS may temporarily process or store the biometric data for this matching, but they do not use it for any purpose other than providing results to us. We ensure this transfer to AWS is protected (encrypted in transit, limited access), and we handle the results according to this Privacy Policy.
4.3 Analytics (Amplitude): We share certain usage data with Amplitude to help us analyze user behavior and improve Frienda. Amplitude will receive data like a unique user identifier, event data (such as “opened app,” “viewed profile,” “sent friend request”), timestamps, and device information. This helps us understand usage patterns and metrics (for example, how often features are used, or where users drop off). Amplitude does not get sensitive personal content like your messages or profile text, only metadata and events. Amplitude acts as a data processor for us – they are not allowed to use your data for their own purposes, only to provide insights to us. They maintain their own strict security measures. We may view aggregated analytics or individual event logs to diagnose issues or identify trends, but this information is primarily used in bulk form.
4.4 Error Monitoring (Sentry): We send application error data to Sentry. When the app crashes or encounters an error, Sentry gets information about the error and the app’s state so we can debug. This may include your user identifier, device details, and a snapshot of recent actions (stack traces, logs, and possibly a UI replay around the error event). Sentry uses this data solely to present us with debugging information (like showing where in the code the error happened and what led to it). Like Amplitude, Sentry is contractually prohibited from using the data for anything other than providing this service to us. Error reports may incidentally include some user-provided data (for example, if a crash happened right after you entered text in a field, the logs might show that input in context). We treat all data in Sentry with the same care as our own systems. We scrub or minimize personal data in error logs wherever feasible.
4.5 Content Moderation (OpenAI): Frienda strives to maintain a safe community. To assist with content moderation, we use automated AI intelligence provided by OpenAI. This means that certain user-generated content or other text content within Frienda may be automatically analyzed by OpenAI’s API. The AI checks for things like hate speech, sexual content, harassment, or other violations of our community guidelines. When content is flagged, our team may review it (so ultimately, human moderators may see the content if it’s reported or flagged by AI). What we share: We send only the necessary text to OpenAI for analysis. OpenAI returns a moderation decision or score. This processing happens in seconds and helps us keep Frienda safe. OpenAI, as a processor, does not use your content for any purpose except providing the moderation analysis to us. They may retain the data briefly to monitor for abuse of their API, but they have policies in place to protect privacy (OpenAI’s systems are also bound by confidentiality and security obligations). We do not use AI to make any legally significant decisions about users without human oversight; it’s purely a helper tool for our moderation team.
4.6 Payment Processors: As noted, if you make payments for Frienda Premium, we rely on trusted third-party payment processors to handle transactions securely.
4.6.1 Telegram Stars: When processing payments using Telegram Stars, Telegram and its payment partners will process your payment data. We do not see your financial info in that case. Telegram will inform us of the outcome. Any personal data that Telegram or its payment providers collect for payment will be governed by Telegram’s terms and the payment provider’s privacy policy.
4.6.2 Third-Party Payments: When processing payments via third-party payment processors, certain data is shared with the payment provider (such as payment information and billing email, if provided). These payment processors act as independent controllers of the payment information and handle it in accordance with their respective privacy policies.
We only share the data necessary to complete the payment transaction and receive limited information back, such as confirmation of successful payment, transaction identifiers, and subscription status. Our payment processors may be required to retain transaction records for regulatory or financial compliance purposes.
4.7 Other Service Providers: We may use additional third-party services to help run Frienda, such as:
4.7.1 Cloud Services & Database Management: (Besides AWS) if we use any backups or additional cloud tools.
4.7.2 Email or Notification Services: If we send email newsletters or verification codes outside of Telegram, we might use an email service provider (in which case, if you give us an email, that provider processes your email and the content of the message we send).
4.7.3 Customer Support Tools: If you contact support, your communication will be stored in our support system (which could be a third-party platform) so we can respond.
We will update this policy or provide notice if we introduce any significant new data processors.
In all cases, our service providers are bound to protect your data. We sign data processing agreements as needed (for GDPR compliance) and ensure they implement security measures.
4.8 No Advertising or Sales: We want to reiterate that we do not share your personal info with any advertisers, advertising networks, or social media companies for marketing purposes. We do not rent or sell your information to third parties. Any data sharing is only with the categories of partners listed above, and only so we can deliver or improve Frienda for you.
4.9 Legal Compliance and Protection: Apart from the above partners, we may also disclose user data in a few exceptional circumstances:
4.9.1 If we are required to by law or legal process. For example, if we receive a valid subpoena, court order, or government request demanding certain data, we may be obligated to comply after verifying the request’s legitimacy. Wherever possible and lawful, we would inform the affected users of such requests.
4.9.2 To enforce our Terms of Service or other agreements, or to investigate potential violations (e.g., fraud, harassment, threats). For instance, if needed to address a situation where someone’s safety is at risk, we might provide info to law enforcement.
4.9.3 To protect the rights, property, or safety of SUMMEET PTY LTD, our users, or the public. For example, exchanging information with other companies and organizations for fraud protection and to prevent cybercrime (in compliance with privacy laws).
4.10 Business Transfers: If our company (SUMMEET PTY LTD) is involved in a merger, acquisition, investment, reorganization, or sale of all or part of our assets, your data may be transferred to the successor or new owner as part of that transaction. If such a change of ownership happens, we will ensure that your personal data remains subject to protections consistent with this policy. We will provide notice (for example, via the app or email) if your data will become subject to a different privacy policy or if your data might be handled in a materially different way, giving you an opportunity to delete your data if you choose before the transfer.
5. Security Measures
We take the security of your personal data very seriously. We implement a variety of technical and organizational measures to protect your information from unauthorized access, alteration, disclosure, or destruction. These include:
5.1 Encryption: All communication between your device, Telegram, and our servers is encrypted. When data is in transit, we rely on Telegram’s secure protocol for data passed through the Telegram app, and we use HTTPS/TLS for any data sent to our servers. This means things like your profile or sensitive data are encrypted while being sent. We also encrypt sensitive data at rest (for example, our databases and storage buckets are encrypted using industry-standard encryption). Photos (including verification selfies) and personal details are stored in secure, access-controlled environments.
5.2 Authentication & Access Control: Frienda does not have a separate password (it uses your Telegram login for authentication), which reduces the risk of a separate password breach. Access to personal data within our own systems is restricted to authorized personnel who need that data to perform their job (for example, customer support or engineers investigating a user-reported issue). Our staff and contractors are bound by confidentiality obligations. We employ measures like role-based access control, two-factor authentication for administrative access, and regular review of who has access to what data.
5.3 Security Testing & Protocols: We keep our software and infrastructure updated with the latest security patches. We use firewalls and network security monitoring to protect our servers. We may run security audits or penetration tests on our systems to find and fix vulnerabilities. We also follow secure coding practices to prevent common vulnerabilities. For example, we protect against SQL injection, cross-site scripting, and other exploits in our development process.
5.4 Payment Security: For financial transactions, we defer to Stripe and Telegram’s secure systems so that sensitive financial data (like credit card numbers) never passes through our servers. These payment providers are PCI-DSS compliant and specialize in secure payment processing.
5.5 Anonymization & Pseudonymization: Where possible, we minimize the use of personally identifiable information in our internal analytics and logs. For example, we might refer to users by an internal ID rather than by name in logs, and we might aggregate data so it can’t be tied back to an individual except when necessary.
5.6 Monitoring: We monitor our systems for suspicious activity and have intrusion detection systems in place. If we detect unusual activity on an account (e.g., many failed logins or access from a new location), we may investigate or take precautionary measures (such as notifying you or temporarily locking access to prevent harm).
5.7 Incident Response: Despite all precautions, no platform is 100% immune to security risks. We have a data breach response plan in case of any security incident. If there is a breach of Frienda’s systems that poses a risk to your personal information, we will notify affected users and relevant authorities as required by law. We would communicate with you via Telegram (through the Frienda Bot) or email with information on steps you should take to protect yourself.
5.8 User Responsibilities: We also remind you that you play a role in keeping your data secure. Since Frienda relies on your Telegram account, securing your Telegram is very important. Use a strong passcode for your Telegram app and enable Two-Step Verification in Telegram to prevent others from using your account. Do not share your phone verification codes or Telegram login credentials with anyone. If someone gains access to your Telegram account, they could impersonate you on Frienda. If you believe your Telegram or Frienda account has been compromised, please contact us immediately.
We are continuously improving our security practices to adapt to new threats. If you have any questions about security or if you believe you have discovered a vulnerability in Frienda, please reach out to us at our support email.
6. User Rights & Control
You have rights and choices regarding your personal data. Frienda is committed to enabling you to exercise those rights:
6.1 Accessing and Updating Your Information: You can view and edit the personal data in your Frienda profile at any time via the app interface. We encourage you to keep your information up-to-date. If you need any assistance accessing or correcting data that is not directly editable in the app, you can contact us for help.
6.2 Privacy Settings: You have control over certain data-sharing features:
6.2.1 You can choose whether or not to share your location with Frienda.
6.2.2 You can decide whether to provide optional info like Instagram username.
6.2.3 If we ever introduce notifications or email communications, you will have the ability to opt-in or opt-out of things like marketing emails or non-critical notifications.
6.3 GDPR Data Subject Rights (For Users in the EEA, UK, and similar jurisdictions): If you are located in a jurisdiction with data protection laws like the EU General Data Protection Regulation (GDPR) or UK Data Protection Act, you have the following rights regarding your personal data:
6.3.1 Right to Access: You can request a copy of the personal data we hold about you, as well as information on how we use it, who we share it with, and how long we retain it. This is sometimes called a Subject Access Request. We will provide this information in a concise and transparent manner.
6.3.2 Right to Rectification: If any of your personal data is inaccurate or incomplete, you have the right to ask us to correct or update it. You can do most profile edits yourself in-app, but you can also contact us to ensure data like your date of birth or other details are correct.
6.3.3 Right to Erasure: You have the right to request deletion of your personal data (“right to be forgotten”). You can achieve this by deleting your Frienda account as described above, or you can ask us to delete certain data. We will erase the requested data unless an exception applies (for example, we may keep data if required for a legal obligation or if the data is needed to establish or defend legal claims).
6.3.4 Right to Restrict Processing: You can ask us to restrict or pause the processing of your data in certain circumstances – for example, if you contest the accuracy of the data or if you object to us processing it under legitimate interests, we will consider temporarily limiting processing while we address your concern.
6.3.5 Right to Object: You have the right to object to certain processing activities. For instance, if we were sending you marketing messages (which we currently only do with opt-in), you can object or unsubscribe and we will stop. You can also object to processing based on legitimate interests in some cases; we will then re-evaluate our reasons for processing and either stop or explain why we need to continue (for example, if it’s necessary for safety).
6.3.6 Right to Data Portability: You can request to receive the personal data you have provided to us in a structured, commonly used, machine-readable format, and you have the right to transmit that data to another service (this typically applies to data processed based on consent or contract). In practice, if you need a copy of the core information you gave us (like your profile answers or friends list), we can provide a JSON or CSV export on request.
6.3.7 Right not to be subject to Automated Decisions: Frienda does not make any legally significant decisions about you based solely on automated processing without human involvement. But if that were to change, you would have the right not to be subject to such decision-making without safeguards. (For example, we don’t ban accounts purely via AI — any ban for content is reviewed by a human.)
To exercise any of these GDPR rights, please contact us at our support email with your request. We may need to verify your identity (to protect your privacy by ensuring it’s really you making the request). We will respond to your request as soon as possible, typically within 30 days. If we cannot fulfill your request (due to a legal exception), we will explain the reason.
6.4 CCPA Rights (For California Residents): If you are a resident of California, you have the following rights under the CCPA (in addition to the generally applicable rights above):
6.4.1 Right to Know: You can request that we disclose the categories of personal information we have collected about you, the categories of sources of that information, the business or commercial purpose for collecting it, the categories of third parties with whom we share it, and specific pieces of personal information we hold about you. (In this Privacy Policy, we have outlined the types of data we collect and how we use/share it. Upon request, we can provide you with a report of your personal data in our systems.)
6.4.2 Right to Delete: You can request that we delete any personal information we have collected from you and retained, subject to certain exceptions. As noted above, deleting your account will remove your data. If you send a separate deletion request, we will treat it the same way. If a legal exception applies (for example, if we must keep some data for legal compliance), we will let you know.
6.4.3 Right to Opt-Out of Sale: You have the right to direct us not to sell your personal information. As stated, Frienda does not sell personal data. Therefore, we do not have a “Do Not Sell My Info” link because we don’t share data in a way that constitutes a sale under CCPA. If we ever consider selling data, we will update our practices and provide a means to opt-out. In the meantime, you can be assured we aren’t selling your info. If you still want to formally request to opt-out of any potential sale or disclosure of your data, you can contact us and we will record your preference and confirm that we do not sell data.
6.4.4 Right to Non-Discrimination: We will not deny you our services, charge you a different price, or provide a lesser quality of service just because you exercised your privacy rights. (However, note that deleting certain data or opting out of certain uses might affect service functionality, e.g., if you deny location, a location-based feature won’t work—but that’s a direct consequence of the feature, not a punitive action from us.)
6.4.5 Authorized Agent: You can designate an authorized agent to make requests on your behalf. We will take steps to verify the agent’s authority and your identity before processing the request to ensure security.
To exercise your CCPA rights, you can contact us at the email provided in the Contact section. Please indicate you are a California resident making a "CCPA request." We may ask for some information to verify your identity (and if through an agent, we’ll need proof of their authority and your identity). We will respond within 45 days of receiving your request (or let you know if we need an extension of up to 45 more days as permitted by CCPA). Any information we provide in response will cover the 12 months preceding your request, as required by law.
6.5 Opting Out of Communications: Separately from these formal rights, if you have opted in to any promotional communications from Frienda (for example, if we send optional updates or newsletters via Telegram or email), you can opt out at any time. Just follow the unsubscribe instructions in the message or adjust your settings in the app if available. (This does not include essential service or legal notices, which we may still send as part of our contract with you.)
We are committed to honoring your rights. If you have any questions about your privacy choices or need assistance with a privacy request, please contact us. Regulators: If you are in the EU/UK, you also have the right to lodge a complaint with your local Data Protection Authority. However, we encourage you to contact us first so we can address your concerns directly.
7. Children’s Privacy
No Users Under 18: Frienda is not intended for children. You must be at least 18 years old (or the age of majority in your country, if higher) to use Frienda. We do not knowingly collect personal information from anyone under the age of 18. Our Terms of Service also explicitly prohibit minors from using the platform.
If you are under 18, do not use Frienda or provide any personal data to us. If we discover that we have inadvertently collected information from a user who is underage, we will take prompt steps to delete that information from our records and terminate the account.
If you are a parent or guardian and you believe that your child (under 18) has used Frienda and provided personal information, please contact us immediately (see Contact Information below). We will help you remove your child’s data and account from our platform.
8. International Data Transfers
Frienda is a global service, and using it will involve international transfer of your data. We are an Australian company, and our infrastructure and partners are located in multiple countries. Here’s what that means for your data:
8.1 Data Storage Locations: The personal data you provide to Frienda may be stored and processed on servers located in multiple jurisdictions. Currently, our primary server infrastructure is in the European Union (we chose EU servers to help comply with strict EU privacy standards). However, some of our service providers are located in other countries — for example, Amplitude, Sentry, and OpenAI operate servers in the United States, and our company (SUMMEET PTY LTD) is based in Australia. Telegram’s infrastructure is also global.
8.2 Transfers from the EU/EEA: If you are in the European Economic Area (EEA) or United Kingdom, and your data is transferred out of the EEA (for example, to the U.S. or Australia), we will ensure a proper legal mechanism is in place for that transfer. Typically, this means:
8.2.1 We have Standard Contractual Clauses (SCCs) in our agreements with service providers outside the EEA, obligating them to protect EU personal data to EU standards.
8.2.2 Some providers may rely on adequacy decisions (for instance, if any country is deemed by the EU to have adequate data protection laws, data can flow there freely — note: Australia and the U.S. are not currently on the EU’s adequacy list, so SCCs or other measures are used).
8.2.3 In all cases, we only transfer the minimum data necessary and we encrypt data during transfer.
8.3 Transfers to Other Regions: If you are outside the EEA, your data will likely be processed in the country of our server (EU) and possibly in the United States or other locations where our partners operate. Regardless of where your data is processed, we apply the same level of security and privacy protections described in this policy. We also comply with local data protection laws to the extent they apply to us. For example, if you are in Australia, we follow the Australian Privacy Principles; if you’re in California, we comply with CCPA.
8.4 Your Acknowledgement: By using Frienda, you understand that your information may be transferred to and stored on servers in countries other than your own. Different countries have different data protection laws, and your data may be subject to lawful access by courts, law enforcement, or other authorities in those jurisdictions. However, our practices will remain governed by this Privacy Policy and by any applicable data transfer agreements.
8.5 Protection Measures: We use encryption and other security measures (detailed above) universally, so your data has technical protection no matter where it is. We also limit access to your data to authorized personnel in Australia and (occasionally) other countries where our support or development team might be located. All such access is remote and secure. If we engage staff or contractors in other countries, they will be subject to confidentiality agreements and data protection training.
If you have questions about international data transfers or require more information about the safeguards in place, please contact us. We can provide copies of relevant contractual clauses upon request (subject to confidentiality).
9. Updates to the Privacy Policy
We may update this Privacy Policy from time to time to reflect changes in our practices, technologies, legal requirements, or for other operational reasons. When we make changes, we will do the following:
9.1 Posting the Revised Policy: We will post the updated Privacy Policy within the Frienda Mini App interface and on the official Frienda website https://frienda.au. The “Last Updated” date at the top will be revised to the effective date of the new policy.
9.2 Notification: If the changes are significant, we will provide a more prominent notice or notification of the update. For example, we might send a message through the Frienda app, Telegram Bot or email letting you know that the policy has changed, or we might prompt you to review and accept the new policy upon your next use of Frienda. In some cases (where required by law or at our discretion), we might ask for your explicit consent to changes.
9.3 Your Continued Use: We encourage you to review this Privacy Policy periodically. If you continue to use Frienda after a Privacy Policy update takes effect, that will constitute your acceptance of the revised policy. If you do not agree to the changes, you should stop using Frienda and may delete your account as described above.
We will archive prior versions of this policy and will make them available for review upon request, so you can see how our practices have evolved.
10. Contact Information
If you have any questions, concerns, or requests regarding this Privacy Policy or your personal data, please contact us. We are here to help and address any issues:
SUMMEET PTY LTD (Operator of Frienda)
Address: Level 35, One International Towers, 100 Barangaroo Avenue, Sydney, NSW, 2000, Australia
Email: support@frienda.au
Our support team can assist with general inquiries, and we will route privacy-specific questions to our privacy officer or appropriate staff. We prefer contact via email for privacy queries, but if you need an alternative method, you may also reach out to us through the Frienda Telegram Bot.
For users in the European Union/EEA or United Kingdom: If you have any privacy-related grievances that we cannot resolve together, you have the right to lodge a complaint with your country’s data protection authority or the UK Information Commissioner’s Office (ICO), as applicable. We sincerely hope to resolve any concern directly and promptly.
This Privacy Policy explains how Frienda collects, uses, and protects your personal data. Frienda is operated by SUMMEET PTY LTD, doing business as FRIENDA and WOWREELS (“we,” “us,” or “our”), as an independent service on the Telegram platform.
Frienda is a Telegram Mini App, meaning it operates within Telegram but is provided by us as a third-party Service Provider (SP). Telegram is not responsible for Frienda’s content or services.
This policy applies to all users of Frienda worldwide and covers all data collected through the Mini App. By using Frienda, you consent to the collection and use of your data as outlined in this Privacy Policy. If you do not agree with this policy, please do not use Frienda.
1. Data Collection & Usage
We collect several types of information when you use Frienda, and we use it for various purposes to operate and improve the service. Here is what we collect and how we use it:
1.1 Personal Data from Telegram Profile: When you use Frienda on Telegram, Telegram shares certain data with us to launch the Mini App. By launching Frienda, you consent to Telegram providing us with: your Telegram user ID, public display name, username, profile photo, your language and Telegram app version info. Telegram may also indicate whether you have a Telegram Premium subscription. We use this data to prefill your Frienda profile during registration and personalize your experience.
1.2 Account Registration Data: To create an account and use Frienda, you must provide certain information to personalize your experience and ensure a safe community. By signing up, you consent to providing the following details: your name, which is automatically taken from your Telegram public display name; your date of birth, used to verify eligibility and tailor your experience; and the city where you live, which helps connect you with potential friends in your area. You must also provide your email, which is required for account management and support. Your Telegram username will be visible to your friends once they accept your friend request, and if you choose to add your Instagram username. This is completely optional and user-provided – we do not automatically fetch any data from Instagram. Instagram username will also be visible to your friends after they accept your request.
1.2.1 To complete your profile, you must upload at least three photos and select your personality type (introvert or extrovert). Additionally, you need to fill out three personal description sections, select your friendship goals from a predefined list to indicate what kind of friendships you are looking for, and provide a self-description using up to 20 emojis.
1.3 Location Data: Frienda may collect location information to provide location-based features:
1.3.1 If you choose to share your live location through Telegram’s Location Manager (Telegram will ask your permission), we receive your geographic coordinates. We use these to show you nearby users or relevant local content.
1.3.2 If you do not explicitly share location, we may use IP-to-Geo lookup to estimate your general location to show you nearby users or relevant local content. This IP-based detection is coarse and not precise. Therefore, you have an option to edit the location during registration.
1.3.3 Optional: Sharing live location through Telegram’s Location Manager is voluntary. You can always decline a location request or disable location sharing, and the core of Frienda will still work using IP-to-Geo approach.
1.4 Face Verification: For trust and safety, Face Verification is mandatory during registration to ensure account authenticity and prevent fraud. When you sign up for Frienda, we will ask you to go through AWS Rekognition Face Liveness. This photo is securely processed using AWS Rekognition, a facial recognition service, to verify that you are a real person and that your uploaded profile photos match your identity. We store your verification selfie securely and use it to verify your profile now and in the future (for example, if you update your photos, we might re-verify).
The selfie is used only for fraud prevention and account authenticity checks. We retain your verification photo as long as your account is active so that you don’t have to re-submit selfies each time verification is needed. If you delete your account, we delete the selfie from our records. We do not use your selfie for any other purpose, and we do not share it except with our verification service as needed to perform the match.
1.5 Usage Data & Analytics: When you use Frienda, we automatically collect certain information about your device and how you interact with the app:
1.5.1 We use Amplitude (a third-party analytics platform) to gather data on app usage. This may include events like screen views, button clicks, features used, and timing of actions. We also collect device identifiers, app version, and technical info (like device model, OS, and language settings) to help us understand usage patterns. This data helps us improve features and user experience. Analytics data is generally viewed in aggregated or pseudonymized form (we look at trends, not at individual behavior except as needed to troubleshoot).
1.5.2 We use Sentry (an error monitoring service) to report app errors or crashes. When something goes wrong (say the app encounters a bug), Sentry logs technical details about the error and the context. This can include device info, the state of the app when the error happened, and a sequence of user actions leading up to the issue. Session Replay: Sentry may also capture a short “session replay,” essentially a recording of your interactions (touches, screen transitions) around the time of an error. This replay helps our developers reproduce and fix the problem. These error reports and replays are used strictly for debugging and product improvement, not for marketing or profiling.
1.6 Messaging Data: Frienda itself does not store your personal chats or messages with other users. When you connect with someone on Frienda and decide to chat, the messaging actually occurs through Telegram’s infrastructure. We do not have access to or save the content of those messages, since they are handled by Telegram. Our system might log the fact that two users became connected or initiated a chat, but the substance of your conversations remains private to you and governed by Telegram’s privacy policy. In short, Frienda acts as a facilitator to help you meet, but your one-on-one messages stay on Telegram.
1.7 Subscription & Payment Data: Frienda offer Frienda Premium subscription. We do not process or store your payment card information directly; instead, we rely on trusted payment processors:
1.7.1 Telegram Stars: For subscriptions and purchases made via Telegram, Frienda supports Telegram Stars, Telegram’s virtual items that allow users to purchase digital goods and services from bots and mini apps inside the Telegram ecosystem. When you purchase something in Frienda using Telegram Stars, the transaction is processed entirely by Telegram’s payment system, not Frienda’s servers.
Telegram will deduct the required Stars from your balance and notify us of your purchase. We do not receive your credit card or financial details—any real-money purchase of Stars or management of your Stars balance is handled between you and Telegram, subject to Telegram’s Terms of Service for Telegram Stars.
We only receive confirmation of the Stars spent and the associated purchase details to deliver the service and maintain an internal record. All Telegram Stars transactions are governed by Telegram’s payment policies and privacy safeguards.
1.7.2 Third-Party Payments: For subscriptions and purchases made via credit/debit card, we use third-party payment processors. When you make a payment, your payment details (e.g., card number, billing name, etc.) are processed securely by the payment provider, not Frienda’s servers.
We receive only the necessary data to activate your purchase, such as a confirmation of successful payment, the type of subscription or item purchased, the last few digits of your card (or a transaction identifier), and your subscription status (e.g., active, expiration date). This information is used solely to provide the services you paid for and to maintain records like receipts and account history.
Our payment providers may also collect additional information for fraud prevention or receipts. Any such data is handled under their respective privacy policies. We encourage you to review their policies for further details.
We only use payment and subscription data to manage your Frienda Premium subscriptions. We do not use your payment information for anything unrelated to your purchase (like profiling or advertising), and we do not share it with third parties except the processors involved (as described above) or as required for legal/accounting compliance.
2. Legal Basis for Data Processing
We process personal data only when we have a valid legal reason to do so. Given Frienda’s global user base, we comply with various privacy laws including the GDPR in Europe and the CCPA in California. Our legal bases for handling your data include:
2.1 Consent: In many cases, we rely on your consent. For instance, before accessing your precise location via Telegram Location Manager, using your data for face verification during registration, or sending you promotional messages via Telegram Bot or email, we will ask for your permission. You have the right to withdraw consent at any time. For example, you can revoke location access via Telegram’s settings, remove optional profile info you provided (such as your Instagram handle), or contact us through Telegram Bot or support@frienda.au to withdraw consent for a particular feature. Withdrawing consent will stop further processing of the data for that specific purpose (however, it won’t affect processing already done).
2.2 Contractual Necessity: When you use Frienda, you are agreeing to our Terms of Service, which forms a contract between you and us. We need to process certain basic data to fulfill our obligations under that contract – i.e., to provide you with the Frienda services you expect. For example, we must use your Telegram ID and profile data to create your account and connect you with other users; if you make a purchase, we must process that transaction to deliver the paid features. In short, much of the data used described above is necessary for us to provide the service you have requested.
2.3 Legitimate Interests: We also process data as needed to pursue our legitimate interests in running and improving Frienda, provided such use is fair and does not override your own rights and freedoms. For example, it is in our interest (and yours) to keep Frienda secure and free of fraud – so we might use data to detect fake accounts or enforce our rules. It’s also our legitimate interest to analyze how the app is used, to improve the user experience and fix issues, which we do via analytics and error tracking (in ways that respect your privacy). When we rely on this basis, we ensure that we consider any potential impact on you (for instance, if a particular use of data could be unexpected or intrusive, we will either seek consent or not proceed unless we are confident it’s low-impact and necessary).
2.4 Legal Obligation: (Additional basis) On occasion, we may need to process or disclose data to comply with a legal obligation — for example, retaining certain records for tax law, or responding to lawful requests by authorities (see “Third-Party Sharing” below). In such cases, the legal obligation is our basis for processing.
In jurisdictions that require it (such as the EU), SUMMEET PTY LTD is the “data controller” responsible for your personal data on Frienda. We adhere to principles of transparency, purpose limitation, and data minimization in line with GDPR.
CCPA (California) Compliance: If you are a California resident, we handle your personal information in accordance with the California Consumer Privacy Act (CCPA) and other applicable laws:
2.5 We do not “sell” your personal information as defined by the CCPA (i.e., we do not exchange your data for money or other valuable consideration to third parties for their own marketing). We also do not share your data with third-party advertisers.
2.6 We only use and share your information for purposes that would be considered “business purposes” under CCPA – such as providing the Frienda service, preventing fraud, analytics, and other operational needs as described in this policy.
2.7 California users have specific rights to access and delete their data and to opt-out of any future sale of their data. We honor those rights — see the “User Rights & Control” section below for details on how to exercise them.
2.8 We will not discriminate against you for exercising your privacy rights (meaning we won’t deny you the service or charge you differently just because you made a data request).
3. Data Retention & Deletion
We retain your personal data only for as long as necessary to fulfill the purposes for which it was collected, or as required by law. In general, this means we keep your information for as long as you have a Frienda account:
3.1 Active Account: All the personal data described above is stored and maintained while your account is active so that we can provide the service to you. This includes your Telegram account data, any profile details you’ve added, and any records of interactions or transactions.
3.2 Verification Selfie: As noted, if you completed the face verification, we keep your verification selfie as long as your profile remains active. This allows us to re-verify quickly when needed (for example, if you update your profile photo). This photo data is treated with high security and only used for verification purposes. It will be deleted when it’s no longer needed or if you remove your account.
3.3 Account Deletion: You have the right to delete your Frienda account at any time. We provide an option in Frienda’s Settings to delete your account. You may also request account deletion by contacting our support via Telegram Bot or support@frienda.au. We may take steps to verify that you are the account owner before proceeding. Once deletion is confirmed, we will:
3.3.1 Remove your Frienda profile from the app so other users can no longer see you or search for you.
3.3.2 Permanently delete the personal data we have about you in our production databases. This includes your profile data, and any personal identifiers linking the account to you.
3.3.3 Cease processing your data going forward. If you were in any match lists or pending connections, you will disappear from those.
3.3.4 Delete your verification selfie and inform AWS Rekognition (our processor) to delete any data they hold for that verification.
3.3.5 Instruct our third-party service providers to delete or de-identify your data that they were processing on our behalf (subject to their retention policies). For example, we will remove your user identifiers from Amplitude and Sentry, so they no longer retain data tied to your account.
3.3.6 Retention of Minimal Records: We will not keep your personal profile content after deletion. However, we may retain very limited information as necessary for specific reasons:
3.3.6.1 Legal and Compliance: We might retain records of transactions (payments) for financial reporting, or certain communications if needed for legal compliance or resolving disputes.
3.3.6.2 Preventing Abuse: We may keep a basic log that an account with your Telegram ID was deleted or banned on a certain date. This helps us enforce one-account rules and prevent users who violate our terms from immediately rejoining. These logs do not contain your profile data or messages – just an identifier and a note. We protect this information and only use it for security/admin purposes.
3.3.6.3 Backup Systems: It’s possible that some of your data could persist for a short period in our encrypted backups or cache. If so, we will continue to protect it and delete it in the normal course of our backup retention schedule.
Important: Simply removing the Frienda Mini App or blocking Telegram Bot in your Telegram account, or uninstalling Telegram, will not automatically delete your Frienda account. Account deletion requires using the in-app option or contacting us, as described. If you just stop using Frienda, your data will remain until you actively delete (or possibly if we have a policy to purge inactive accounts after a long period, which we would announce if implemented).
After we process an account deletion request, we will, upon request, confirm with you that your personal data has been deleted. Under GDPR, we typically complete deletions within 30 days of verification of the request (and usually much sooner). Under CCPA, deletions are usually completed within 45 days of receiving a verifiable request.
4. Third-Party Data Sharing
We do not sell your personal information to anyone, and we do not share your data with ad networks or for advertising purposes. However, we do rely on a few trusted third-party services to operate Frienda. We share data with these providers only to the extent necessary for them to perform their functions, and each is bound by contractual privacy obligations to protect your data. Our main data-sharing partners are:
4.1 Telegram: Telegram itself is a crucial “partner” because Frienda runs on Telegram’s platform. When you use Frienda, some data inherently passes through Telegram:
4.1.1 Data from Telegram to Frienda: Telegram provides us with your profile basics (as described in Data Collection) to start the Mini App. If you share location via Telegram, that data comes through Telegram Mini App’s APIs to us.
4.1.2 Data from Frienda to Telegram: If Frienda triggers an action like opening a chat or sending a message/invitation via Telegram, Telegram handles that communication. Telegram will know that your account is using Frienda (e.g., for its analytics or to show Frienda in your list of connected apps). We minimize data sent to Telegram, but obviously if you initiate chats or send content via Telegram, that content goes through Telegram.
4.1.3 Telegram’s Policies: Any data that resides with Telegram (like your messages, or the fact you use Frienda) is governed by Telegram’s Privacy Policy. Telegram is a separate entity; for questions about how Telegram handles your data, please refer to their policy. We only share information with Telegram as needed to make Frienda work (and primarily, Telegram is sharing data with us). We will comply with Telegram’s platform rules as well, which might require us to report back certain information in cases of abuse or to cooperate with Telegram’s own fraud prevention.
4.2 Hosting and Storage (Amazon Web Services): Frienda’s servers and databases are hosted on Amazon Web Services (AWS) infrastructure. That means personal data you provide is stored on AWS cloud servers. AWS acts as our data processor, storing data on our behalf. AWS maintains industry-standard security certifications and is GDPR-compliant as a processor. Additionally, we use AWS Rekognition for the face verification feature. AWS may temporarily process or store the biometric data for this matching, but they do not use it for any purpose other than providing results to us. We ensure this transfer to AWS is protected (encrypted in transit, limited access), and we handle the results according to this Privacy Policy.
4.3 Analytics (Amplitude): We share certain usage data with Amplitude to help us analyze user behavior and improve Frienda. Amplitude will receive data like a unique user identifier, event data (such as “opened app,” “viewed profile,” “sent friend request”), timestamps, and device information. This helps us understand usage patterns and metrics (for example, how often features are used, or where users drop off). Amplitude does not get sensitive personal content like your messages or profile text, only metadata and events. Amplitude acts as a data processor for us – they are not allowed to use your data for their own purposes, only to provide insights to us. They maintain their own strict security measures. We may view aggregated analytics or individual event logs to diagnose issues or identify trends, but this information is primarily used in bulk form.
4.4 Error Monitoring (Sentry): We send application error data to Sentry. When the app crashes or encounters an error, Sentry gets information about the error and the app’s state so we can debug. This may include your user identifier, device details, and a snapshot of recent actions (stack traces, logs, and possibly a UI replay around the error event). Sentry uses this data solely to present us with debugging information (like showing where in the code the error happened and what led to it). Like Amplitude, Sentry is contractually prohibited from using the data for anything other than providing this service to us. Error reports may incidentally include some user-provided data (for example, if a crash happened right after you entered text in a field, the logs might show that input in context). We treat all data in Sentry with the same care as our own systems. We scrub or minimize personal data in error logs wherever feasible.
4.5 Content Moderation (OpenAI): Frienda strives to maintain a safe community. To assist with content moderation, we use automated AI intelligence provided by OpenAI. This means that certain user-generated content or other text content within Frienda may be automatically analyzed by OpenAI’s API. The AI checks for things like hate speech, sexual content, harassment, or other violations of our community guidelines. When content is flagged, our team may review it (so ultimately, human moderators may see the content if it’s reported or flagged by AI). What we share: We send only the necessary text to OpenAI for analysis. OpenAI returns a moderation decision or score. This processing happens in seconds and helps us keep Frienda safe. OpenAI, as a processor, does not use your content for any purpose except providing the moderation analysis to us. They may retain the data briefly to monitor for abuse of their API, but they have policies in place to protect privacy (OpenAI’s systems are also bound by confidentiality and security obligations). We do not use AI to make any legally significant decisions about users without human oversight; it’s purely a helper tool for our moderation team.
4.6 Payment Processors: As noted, if you make payments for Frienda Premium, we rely on trusted third-party payment processors to handle transactions securely.
4.6.1 Telegram Stars: When processing payments using Telegram Stars, Telegram and its payment partners will process your payment data. We do not see your financial info in that case. Telegram will inform us of the outcome. Any personal data that Telegram or its payment providers collect for payment will be governed by Telegram’s terms and the payment provider’s privacy policy.
4.6.2 Third-Party Payments: When processing payments via third-party payment processors, certain data is shared with the payment provider (such as payment information and billing email, if provided). These payment processors act as independent controllers of the payment information and handle it in accordance with their respective privacy policies.
We only share the data necessary to complete the payment transaction and receive limited information back, such as confirmation of successful payment, transaction identifiers, and subscription status. Our payment processors may be required to retain transaction records for regulatory or financial compliance purposes.
4.7 Other Service Providers: We may use additional third-party services to help run Frienda, such as:
4.7.1 Cloud Services & Database Management: (Besides AWS) if we use any backups or additional cloud tools.
4.7.2 Email or Notification Services: If we send email newsletters or verification codes outside of Telegram, we might use an email service provider (in which case, if you give us an email, that provider processes your email and the content of the message we send).
4.7.3 Customer Support Tools: If you contact support, your communication will be stored in our support system (which could be a third-party platform) so we can respond.
We will update this policy or provide notice if we introduce any significant new data processors.
In all cases, our service providers are bound to protect your data. We sign data processing agreements as needed (for GDPR compliance) and ensure they implement security measures.
4.8 No Advertising or Sales: We want to reiterate that we do not share your personal info with any advertisers, advertising networks, or social media companies for marketing purposes. We do not rent or sell your information to third parties. Any data sharing is only with the categories of partners listed above, and only so we can deliver or improve Frienda for you.
4.9 Legal Compliance and Protection: Apart from the above partners, we may also disclose user data in a few exceptional circumstances:
4.9.1 If we are required to by law or legal process. For example, if we receive a valid subpoena, court order, or government request demanding certain data, we may be obligated to comply after verifying the request’s legitimacy. Wherever possible and lawful, we would inform the affected users of such requests.
4.9.2 To enforce our Terms of Service or other agreements, or to investigate potential violations (e.g., fraud, harassment, threats). For instance, if needed to address a situation where someone’s safety is at risk, we might provide info to law enforcement.
4.9.3 To protect the rights, property, or safety of SUMMEET PTY LTD, our users, or the public. For example, exchanging information with other companies and organizations for fraud protection and to prevent cybercrime (in compliance with privacy laws).
4.10 Business Transfers: If our company (SUMMEET PTY LTD) is involved in a merger, acquisition, investment, reorganization, or sale of all or part of our assets, your data may be transferred to the successor or new owner as part of that transaction. If such a change of ownership happens, we will ensure that your personal data remains subject to protections consistent with this policy. We will provide notice (for example, via the app or email) if your data will become subject to a different privacy policy or if your data might be handled in a materially different way, giving you an opportunity to delete your data if you choose before the transfer.
5. Security Measures
We take the security of your personal data very seriously. We implement a variety of technical and organizational measures to protect your information from unauthorized access, alteration, disclosure, or destruction. These include:
5.1 Encryption: All communication between your device, Telegram, and our servers is encrypted. When data is in transit, we rely on Telegram’s secure protocol for data passed through the Telegram app, and we use HTTPS/TLS for any data sent to our servers. This means things like your profile or sensitive data are encrypted while being sent. We also encrypt sensitive data at rest (for example, our databases and storage buckets are encrypted using industry-standard encryption). Photos (including verification selfies) and personal details are stored in secure, access-controlled environments.
5.2 Authentication & Access Control: Frienda does not have a separate password (it uses your Telegram login for authentication), which reduces the risk of a separate password breach. Access to personal data within our own systems is restricted to authorized personnel who need that data to perform their job (for example, customer support or engineers investigating a user-reported issue). Our staff and contractors are bound by confidentiality obligations. We employ measures like role-based access control, two-factor authentication for administrative access, and regular review of who has access to what data.
5.3 Security Testing & Protocols: We keep our software and infrastructure updated with the latest security patches. We use firewalls and network security monitoring to protect our servers. We may run security audits or penetration tests on our systems to find and fix vulnerabilities. We also follow secure coding practices to prevent common vulnerabilities. For example, we protect against SQL injection, cross-site scripting, and other exploits in our development process.
5.4 Payment Security: For financial transactions, we defer to Stripe and Telegram’s secure systems so that sensitive financial data (like credit card numbers) never passes through our servers. These payment providers are PCI-DSS compliant and specialize in secure payment processing.
5.5 Anonymization & Pseudonymization: Where possible, we minimize the use of personally identifiable information in our internal analytics and logs. For example, we might refer to users by an internal ID rather than by name in logs, and we might aggregate data so it can’t be tied back to an individual except when necessary.
5.6 Monitoring: We monitor our systems for suspicious activity and have intrusion detection systems in place. If we detect unusual activity on an account (e.g., many failed logins or access from a new location), we may investigate or take precautionary measures (such as notifying you or temporarily locking access to prevent harm).
5.7 Incident Response: Despite all precautions, no platform is 100% immune to security risks. We have a data breach response plan in case of any security incident. If there is a breach of Frienda’s systems that poses a risk to your personal information, we will notify affected users and relevant authorities as required by law. We would communicate with you via Telegram (through the Frienda Bot) or email with information on steps you should take to protect yourself.
5.8 User Responsibilities: We also remind you that you play a role in keeping your data secure. Since Frienda relies on your Telegram account, securing your Telegram is very important. Use a strong passcode for your Telegram app and enable Two-Step Verification in Telegram to prevent others from using your account. Do not share your phone verification codes or Telegram login credentials with anyone. If someone gains access to your Telegram account, they could impersonate you on Frienda. If you believe your Telegram or Frienda account has been compromised, please contact us immediately.
We are continuously improving our security practices to adapt to new threats. If you have any questions about security or if you believe you have discovered a vulnerability in Frienda, please reach out to us at our support email.
6. User Rights & Control
You have rights and choices regarding your personal data. Frienda is committed to enabling you to exercise those rights:
6.1 Accessing and Updating Your Information: You can view and edit the personal data in your Frienda profile at any time via the app interface. We encourage you to keep your information up-to-date. If you need any assistance accessing or correcting data that is not directly editable in the app, you can contact us for help.
6.2 Privacy Settings: You have control over certain data-sharing features:
6.2.1 You can choose whether or not to share your location with Frienda.
6.2.2 You can decide whether to provide optional info like Instagram username.
6.2.3 If we ever introduce notifications or email communications, you will have the ability to opt-in or opt-out of things like marketing emails or non-critical notifications.
6.3 GDPR Data Subject Rights (For Users in the EEA, UK, and similar jurisdictions): If you are located in a jurisdiction with data protection laws like the EU General Data Protection Regulation (GDPR) or UK Data Protection Act, you have the following rights regarding your personal data:
6.3.1 Right to Access: You can request a copy of the personal data we hold about you, as well as information on how we use it, who we share it with, and how long we retain it. This is sometimes called a Subject Access Request. We will provide this information in a concise and transparent manner.
6.3.2 Right to Rectification: If any of your personal data is inaccurate or incomplete, you have the right to ask us to correct or update it. You can do most profile edits yourself in-app, but you can also contact us to ensure data like your date of birth or other details are correct.
6.3.3 Right to Erasure: You have the right to request deletion of your personal data (“right to be forgotten”). You can achieve this by deleting your Frienda account as described above, or you can ask us to delete certain data. We will erase the requested data unless an exception applies (for example, we may keep data if required for a legal obligation or if the data is needed to establish or defend legal claims).
6.3.4 Right to Restrict Processing: You can ask us to restrict or pause the processing of your data in certain circumstances – for example, if you contest the accuracy of the data or if you object to us processing it under legitimate interests, we will consider temporarily limiting processing while we address your concern.
6.3.5 Right to Object: You have the right to object to certain processing activities. For instance, if we were sending you marketing messages (which we currently only do with opt-in), you can object or unsubscribe and we will stop. You can also object to processing based on legitimate interests in some cases; we will then re-evaluate our reasons for processing and either stop or explain why we need to continue (for example, if it’s necessary for safety).
6.3.6 Right to Data Portability: You can request to receive the personal data you have provided to us in a structured, commonly used, machine-readable format, and you have the right to transmit that data to another service (this typically applies to data processed based on consent or contract). In practice, if you need a copy of the core information you gave us (like your profile answers or friends list), we can provide a JSON or CSV export on request.
6.3.7 Right not to be subject to Automated Decisions: Frienda does not make any legally significant decisions about you based solely on automated processing without human involvement. But if that were to change, you would have the right not to be subject to such decision-making without safeguards. (For example, we don’t ban accounts purely via AI — any ban for content is reviewed by a human.)
To exercise any of these GDPR rights, please contact us at our support email with your request. We may need to verify your identity (to protect your privacy by ensuring it’s really you making the request). We will respond to your request as soon as possible, typically within 30 days. If we cannot fulfill your request (due to a legal exception), we will explain the reason.
6.4 CCPA Rights (For California Residents): If you are a resident of California, you have the following rights under the CCPA (in addition to the generally applicable rights above):
6.4.1 Right to Know: You can request that we disclose the categories of personal information we have collected about you, the categories of sources of that information, the business or commercial purpose for collecting it, the categories of third parties with whom we share it, and specific pieces of personal information we hold about you. (In this Privacy Policy, we have outlined the types of data we collect and how we use/share it. Upon request, we can provide you with a report of your personal data in our systems.)
6.4.2 Right to Delete: You can request that we delete any personal information we have collected from you and retained, subject to certain exceptions. As noted above, deleting your account will remove your data. If you send a separate deletion request, we will treat it the same way. If a legal exception applies (for example, if we must keep some data for legal compliance), we will let you know.
6.4.3 Right to Opt-Out of Sale: You have the right to direct us not to sell your personal information. As stated, Frienda does not sell personal data. Therefore, we do not have a “Do Not Sell My Info” link because we don’t share data in a way that constitutes a sale under CCPA. If we ever consider selling data, we will update our practices and provide a means to opt-out. In the meantime, you can be assured we aren’t selling your info. If you still want to formally request to opt-out of any potential sale or disclosure of your data, you can contact us and we will record your preference and confirm that we do not sell data.
6.4.4 Right to Non-Discrimination: We will not deny you our services, charge you a different price, or provide a lesser quality of service just because you exercised your privacy rights. (However, note that deleting certain data or opting out of certain uses might affect service functionality, e.g., if you deny location, a location-based feature won’t work—but that’s a direct consequence of the feature, not a punitive action from us.)
6.4.5 Authorized Agent: You can designate an authorized agent to make requests on your behalf. We will take steps to verify the agent’s authority and your identity before processing the request to ensure security.
To exercise your CCPA rights, you can contact us at the email provided in the Contact section. Please indicate you are a California resident making a "CCPA request." We may ask for some information to verify your identity (and if through an agent, we’ll need proof of their authority and your identity). We will respond within 45 days of receiving your request (or let you know if we need an extension of up to 45 more days as permitted by CCPA). Any information we provide in response will cover the 12 months preceding your request, as required by law.
6.5 Opting Out of Communications: Separately from these formal rights, if you have opted in to any promotional communications from Frienda (for example, if we send optional updates or newsletters via Telegram or email), you can opt out at any time. Just follow the unsubscribe instructions in the message or adjust your settings in the app if available. (This does not include essential service or legal notices, which we may still send as part of our contract with you.)
We are committed to honoring your rights. If you have any questions about your privacy choices or need assistance with a privacy request, please contact us. Regulators: If you are in the EU/UK, you also have the right to lodge a complaint with your local Data Protection Authority. However, we encourage you to contact us first so we can address your concerns directly.
7. Children’s Privacy
No Users Under 18: Frienda is not intended for children. You must be at least 18 years old (or the age of majority in your country, if higher) to use Frienda. We do not knowingly collect personal information from anyone under the age of 18. Our Terms of Service also explicitly prohibit minors from using the platform.
If you are under 18, do not use Frienda or provide any personal data to us. If we discover that we have inadvertently collected information from a user who is underage, we will take prompt steps to delete that information from our records and terminate the account.
If you are a parent or guardian and you believe that your child (under 18) has used Frienda and provided personal information, please contact us immediately (see Contact Information below). We will help you remove your child’s data and account from our platform.
8. International Data Transfers
Frienda is a global service, and using it will involve international transfer of your data. We are an Australian company, and our infrastructure and partners are located in multiple countries. Here’s what that means for your data:
8.1 Data Storage Locations: The personal data you provide to Frienda may be stored and processed on servers located in multiple jurisdictions. Currently, our primary server infrastructure is in the European Union (we chose EU servers to help comply with strict EU privacy standards). However, some of our service providers are located in other countries — for example, Amplitude, Sentry, and OpenAI operate servers in the United States, and our company (SUMMEET PTY LTD) is based in Australia. Telegram’s infrastructure is also global.
8.2 Transfers from the EU/EEA: If you are in the European Economic Area (EEA) or United Kingdom, and your data is transferred out of the EEA (for example, to the U.S. or Australia), we will ensure a proper legal mechanism is in place for that transfer. Typically, this means:
8.2.1 We have Standard Contractual Clauses (SCCs) in our agreements with service providers outside the EEA, obligating them to protect EU personal data to EU standards.
8.2.2 Some providers may rely on adequacy decisions (for instance, if any country is deemed by the EU to have adequate data protection laws, data can flow there freely — note: Australia and the U.S. are not currently on the EU’s adequacy list, so SCCs or other measures are used).
8.2.3 In all cases, we only transfer the minimum data necessary and we encrypt data during transfer.
8.3 Transfers to Other Regions: If you are outside the EEA, your data will likely be processed in the country of our server (EU) and possibly in the United States or other locations where our partners operate. Regardless of where your data is processed, we apply the same level of security and privacy protections described in this policy. We also comply with local data protection laws to the extent they apply to us. For example, if you are in Australia, we follow the Australian Privacy Principles; if you’re in California, we comply with CCPA.
8.4 Your Acknowledgement: By using Frienda, you understand that your information may be transferred to and stored on servers in countries other than your own. Different countries have different data protection laws, and your data may be subject to lawful access by courts, law enforcement, or other authorities in those jurisdictions. However, our practices will remain governed by this Privacy Policy and by any applicable data transfer agreements.
8.5 Protection Measures: We use encryption and other security measures (detailed above) universally, so your data has technical protection no matter where it is. We also limit access to your data to authorized personnel in Australia and (occasionally) other countries where our support or development team might be located. All such access is remote and secure. If we engage staff or contractors in other countries, they will be subject to confidentiality agreements and data protection training.
If you have questions about international data transfers or require more information about the safeguards in place, please contact us. We can provide copies of relevant contractual clauses upon request (subject to confidentiality).
9. Updates to the Privacy Policy
We may update this Privacy Policy from time to time to reflect changes in our practices, technologies, legal requirements, or for other operational reasons. When we make changes, we will do the following:
9.1 Posting the Revised Policy: We will post the updated Privacy Policy within the Frienda Mini App interface and on the official Frienda website https://frienda.au. The “Last Updated” date at the top will be revised to the effective date of the new policy.
9.2 Notification: If the changes are significant, we will provide a more prominent notice or notification of the update. For example, we might send a message through the Frienda app, Telegram Bot or email letting you know that the policy has changed, or we might prompt you to review and accept the new policy upon your next use of Frienda. In some cases (where required by law or at our discretion), we might ask for your explicit consent to changes.
9.3 Your Continued Use: We encourage you to review this Privacy Policy periodically. If you continue to use Frienda after a Privacy Policy update takes effect, that will constitute your acceptance of the revised policy. If you do not agree to the changes, you should stop using Frienda and may delete your account as described above.
We will archive prior versions of this policy and will make them available for review upon request, so you can see how our practices have evolved.
10. Contact Information
If you have any questions, concerns, or requests regarding this Privacy Policy or your personal data, please contact us. We are here to help and address any issues:
SUMMEET PTY LTD (Operator of Frienda)
Address: Level 35, One International Towers, 100 Barangaroo Avenue, Sydney, NSW, 2000, Australia
Email: support@frienda.au
Our support team can assist with general inquiries, and we will route privacy-specific questions to our privacy officer or appropriate staff. We prefer contact via email for privacy queries, but if you need an alternative method, you may also reach out to us through the Frienda Telegram Bot.
For users in the European Union/EEA or United Kingdom: If you have any privacy-related grievances that we cannot resolve together, you have the right to lodge a complaint with your country’s data protection authority or the UK Information Commissioner’s Office (ICO), as applicable. We sincerely hope to resolve any concern directly and promptly.