1. Who we are
Namore is an independent app. For the purposes of the GDPR, Namore is the data controller for the personal data described in this policy.
Contact: privacy@namore.app
2. Anonymous mode: no account required
You can use Namore fully without providing any personal information.
When you open the app for the first time, we assign you an anonymous ID: a random UUID generated by Supabase Auth. This ID is stored on your device. It lets the app remember your votes and session between launches without knowing anything about who you are. No name, no email, no phone number.
Apple Sign In and Google Sign In are optional. If you choose to sign in, we receive your email address (see Section 3). If you don't, we never learn it.
3. What we collect
3a. Account information (optional)
If you choose to sign in with Apple or Google, or use email magic link, we receive:
- Your email address: used only to authenticate you and, where you opt in, to send app-related notifications. We do not use it for marketing unless you signed up to our waitlist and agreed to receive updates.
- A display name you enter during onboarding (e.g. "Lena" or "Partner A"). This is stored on your session record so your partner can see who they're paired with.
If you use anonymous sign-in, none of the above is collected.
3b. Session data
When you create or join a couples session, we store:
- A session ID and a 6-character join code you share with your partner
- The user IDs of both partners linked to the session
- Your display names (what you type in)
- Your name filters: gender preference, region, style tags, syllable count, etc. (stored as JSON on the session)
- Session status and timestamps
This data is the foundation of the matching mechanic. Without it, the app cannot sync your votes with your partner.
3c. Votes (swipes)
Every swipe you make (love or pass on a name) is saved server-side. We store:
- Which name you voted on
- Your vote result
- The session and your user ID
- A timestamp
Your partner cannot see your individual votes. Row-level security enforces this at the database level: partners can only read their own vote rows. Only mutual matches (both partners voted "love") are ever surfaced to either of you.
3d. Matches
When both partners vote "love" on the same name, a match record is created containing:
- The session ID
- The name
- When it matched
- Whether each partner has opened the reveal yet
- Whether the name was pitched by a partner (see below)
Both partners can read their shared match list.
3e. Pitches (name suggestions)
Either partner can "pitch" a name directly into the other's deck. When this happens, we store the session ID, the pitcher's user ID, the name, whether it's a super-like, and whether the partner has seen it yet.
Pitch authorship is kept blind until a match occurs: your partner doesn't know you suggested a name until you both love it.
3f. App preferences (stored locally on your device)
The following settings are stored in your device's local storage only and are never sent to our servers:
- Language preference
- Surname you enter for name preview
- Notification and haptics preferences
- Daily swipe counter and super-like usage counter
- Style tags you selected during onboarding
These stay on your device. Uninstalling the app removes them.
4. What we do NOT collect
- Location data: we never request or store your location
- Device contacts: we don't access your address book
- Advertising identifiers (IDFA, GAID): we run no ads and collect no ad IDs
- Real names: display names in the app are whatever you type; we never pull your legal name from Apple or Google
- Health or pregnancy data: we don't ask for it and don't infer it
- Browsing history or cross-app tracking
- Crash analytics or third-party tracking SDKs: there are none in the current version
5. How we use your data
| Data | Purpose |
|---|---|
| Email address | Authentication; sign-in links |
| User ID (anonymous or linked) | Identify your votes and session |
| Session data | Pair you with your partner; sync filters |
| Votes | Run the double-blind matching algorithm; prevent re-showing seen names |
| Matches | Show your shared shortlist |
| Pitches | Let you suggest names to your partner |
We do not use any of this data for advertising, profiling, or sale to third parties. We do not train AI models on your swipes.
6. Third-party services
Supabase
All server-side data (sessions, votes, matches, pitches, and authentication) is stored on Supabase infrastructure (supabase.com). Supabase provides Postgres-based database hosting and authentication services.
- Supabase Privacy Policy: supabase.com/privacy
- Supabase processes data under a Data Processing Agreement (DPA) compliant with GDPR.
- Data is stored in the EU region (Frankfurt,
eu-central-1).
Expo / EAS
The app is built with Expo (expo.dev). Expo may process metadata about your device as part of app delivery (e.g. over-the-air updates). No personal app data flows through Expo.
Expo Privacy Policy: expo.dev/privacy
RevenueCat (in-app purchases)
If you buy the €7.99 unlock, the purchase is processed by Apple's App Store or Google Play. Receipt validation and entitlement state run through RevenueCat, which receives the anonymous purchase token from the platform but does not receive your name, email, or any in-app activity.
Apple / Google (Sign In only)
If you use Apple Sign In or Google Sign In, those providers authenticate you and pass us a token and, optionally, your email. We don't receive any other data from them.
- Apple: apple.com/legal/privacy
- Google: policies.google.com/privacy
No other third-party SDKs, analytics services, or advertising networks are present in the app.
7. Data retention
| Data type | Retention period |
|---|---|
| Anonymous sessions with no activity | 90 days |
| Active sessions (votes, matches) | 24 months from last activity |
| Email (authenticated accounts) | Until you delete your account |
| Local device preferences | Until you uninstall the app |
After retention periods expire, data is deleted automatically. You can request earlier deletion at any time (see Section 9).
8. Legal basis for processing (GDPR)
If you are in the European Union or European Economic Area, we process your personal data under the following legal bases:
- Contract performance (Art. 6(1)(b) GDPR): Processing your votes, session data, and matches is necessary to provide the service you asked for.
- Legitimate interest (Art. 6(1)(f) GDPR): Session cleanup and fraud prevention serve our legitimate interest in operating the app securely.
- Consent (Art. 6(1)(a) GDPR): If you provide your email address for sign-in or opted into waitlist emails, processing is based on your consent. You can withdraw consent at any time.
9. Your rights
Under GDPR (and similar laws), you have the right to:
- Access: request a copy of all personal data we hold about you
- Correction: ask us to fix inaccurate data
- Erasure ("right to be forgotten"): ask us to delete your data entirely
- Portability: receive your data in a machine-readable format (JSON)
- Restriction: ask us to pause processing while a dispute is resolved
- Objection: object to processing based on legitimate interest
- Withdraw consent: where processing is based on consent, you can withdraw it at any time
To exercise any of these rights, email privacy@namore.app. We respond within 30 days. No fees, no bureaucracy. Just ask.
If you believe we are handling your data unlawfully, you have the right to lodge a complaint with your national data protection authority. In Germany, this is the Bundesbeauftragter für den Datenschutz und die Informationsfreiheit (BfDI): bfdi.bund.de.
10. Data security
- All data in transit is encrypted via TLS.
- Data at rest is encrypted by Supabase infrastructure.
- Row-level security (RLS) is enforced at the database level: your votes are inaccessible to your partner and to anyone other than you.
- Anonymous sign-in means the default state has no email or identity tied to the account.
If you discover a security issue, please disclose it responsibly to privacy@namore.app before going public.
11. Children
Namore is for expecting couples and is not directed at children under 16. We do not knowingly collect personal information from anyone under 16. If you believe a child has provided us data, contact us and we will delete it promptly.
12. Changes to this policy
If we make material changes, we will update the "Last updated" date at the top and notify users via an in-app notice. The previous version will be available on request. Minor changes (typos, clarifications) may be made without notice. Continued use of Namore after a material change constitutes your acceptance of the revised policy.
13. Contact
Privacy questions: privacy@namore.app
General: hello@namore.app
Namore. Find a name you both love.