Privacy Policy

Last updated: May 2026

This Privacy Policy explains how Dinnermate ("we", "us", "our"), owned by Black Cow Group, collects, uses, and protects your personal data. We are committed to handling your data responsibly and in accordance with the UK GDPR and the Data Protection Act 2018.

1. Who We Are

Dinnermate is operated by Black Cow Group, based in the United Kingdom. For data protection queries, contact us at hello@dinner-mate.com.

2. What Data We Collect

We collect the following information when you use Dinnermate:

• Account data: your email address, first name, age, and hometown
• Profile data: your bio, dietary preferences, and languages spoken
• Location data: your approximate city, detected via GPS when you use the app (we do not store your precise coordinates)
• Usage data: availability posts you create, messages you send, and ratings you give or receive
• Payment data: credit purchase history (we do not store card details — these are handled entirely by Stripe)

3. How We Use Your Data

We use your data to:

• Provide and operate the Dinnermate service
• Show your profile to other users near you
• Enable messaging between users
• Process credit purchases and maintain your balance
• Send you sign-in links and important account notifications
• Investigate reports of abuse or policy violations

We do not sell your data to third parties. We do not use your data for advertising.

4. Legal Basis for Processing

We process your data on the following legal bases:

• Contract: to provide the service you signed up for
• Legitimate interests: to keep the platform safe and functioning
• Legal obligation: to comply with applicable laws

5. Third-Party Services

We use the following trusted third-party services to operate Dinnermate:

• Supabase — database and authentication. Data is stored on servers within the EU. Supabase Privacy Policy
• Stripe — payment processing. Card details are handled entirely by Stripe and never touch our servers. Stripe Privacy Policy
• Netlify — website hosting. Netlify Privacy Policy
• BigDataCloud — reverse geocoding to convert GPS coordinates into a city name. No personal data is stored by them. BigDataCloud Privacy Policy

6. Data Retention

We retain your account data for as long as your account is active. If you delete your account, your personal data will be deleted within 30 days, except where we are required to retain it for legal or financial compliance purposes (e.g. payment records, which are retained for 7 years under UK law).

7. Your Rights

Under UK GDPR, you have the right to:

• Access the personal data we hold about you
• Correct inaccurate data
• Delete your account and associated data
• Portability — receive a copy of your data in a machine-readable format
• Object to processing in certain circumstances

To exercise any of these rights, email us at hello@dinner-mate.com. We will respond within 30 days.

You also have the right to lodge a complaint with the Information Commissioner's Office (ICO).

8. Cookies

Dinnermate uses minimal cookies. We use a session cookie to keep you signed in. We do not use tracking, advertising, or analytics cookies.

9. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of significant changes by email. The date at the top of this page shows when it was last updated.

10. Contact

If you have any questions about this Privacy Policy or how we handle your data, please contact us at hello@dinner-mate.com.