The UK’s Information Commissioner’s Office (ICO), an independent body that upholds information rights, has reprimanded LGBTQ+ dating app Grindr for not complying with data protection rules.
The ICO states that one issue is the confusion over whether Grindr shares users’ information with ad partners. The office found that Grindr states it both does, and does not, share user information with advertisers, leading to confusion over data privacy and protection.
The office also found that Grindr does not define a user’s IP address as personal data, while the ICO does.
Additionally, the ICO concluded that Grindr does not share clear privacy information with users regarding the full list of third parties the dating app shares personal data with, the restriction of data flows by Grindr with its advertising partners, and other issues.
The reprimand statements says “Based on the findings of this investigation, the ICO deems that Grindr has failed to provide effective and transparent privacy information to its UK data subjects in relation to the processing of their personal data”.
The ICO recommends the dating app adopt a series of new measures to increase its clarity and transparency in regards to its data protection and data privacy. The office asks Grindr to provide a progress report on these changes by 26 January 2023.
“Whilst the above measures are suggestions, I would like to point out that if further information, incidents or complaints relating to this matter come to light, we will revisit this matter and formal regulatory action may be considered as a result”, the document states.