MERYDIA Privacy Policy
Effective date: 1 July 2026 | Last updated: 1 July 2026 | Version 2.1
Operator: Merydia Digital Pty Ltd (ACN 698 772 315) | privacy@merydia.app


1. About This Policy

This Privacy Policy explains how Merydia ('we', 'us', 'our') collects, uses, stores, and discloses your personal information when you use the Merydia application and related services ('the Service').

We are bound by the Australian Privacy Principles (APPs) under the Privacy Act 1988 (Cth). This policy is written to satisfy our APP 1 transparency obligation.

If you have questions about this policy or your personal information, contact our Privacy Officer at privacy@merydia.app.


2. Personal Information We Collect

2.1 Registration and Identity Data

When you register, we collect your name, email address, and professional information via LinkedIn OAuth. We receive only the information you authorise LinkedIn to share. We do not receive or store your LinkedIn password.

2.2 Profile Data

We collect the information you provide during onboarding, including your age, suburb, relationship goals, lifestyle preferences, and profile photographs. We also collect your responses to preference and compatibility questions.

2.3 Matching and Preference Data

We use your profile data to generate a compatibility score and select introduction candidates. We do not disclose the specific weighting applied to individual preference dimensions — this is proprietary — but we disclose that a weighted compatibility scoring model is used. Your preference data is not used for any purpose other than generating introductions within the Service.

Where you complete an attractiveness rating exercise during onboarding, those ratings are used solely to calibrate aesthetic compatibility matching and are not disclosed to other users or used for any other purpose. You have consented to this collection separately at the point of collection.

2.4 Family Circumstances

As part of your onboarding questionnaire, we collect whether you currently have children (a yes/no answer). This information is used to apply your matching preferences accurately — specifically, to ensure that members who have indicated they are not open to a partner with children are not introduced to members who have children. Your answer is used solely for this matching purpose and is not displayed on your profile or shared with other members.

2.5 Ethnic Background Preference

As part of your onboarding questionnaire, we offer you the option to express a preference about the ethnic background of your matches. This question is entirely optional. The default is 'No preference', and you may skip the question entirely.

What we collect. If you choose to express a preference, we collect: (a) your selected ethnic background preference (the ethnic backgrounds you prefer to be matched with); and (b) your own self-identified ethnic background (which is used to operate the filter in other members' queues, as described below). Self-identification includes a 'Prefer not to say' option — you are never required to disclose your own ethnic background.

Why this is sensitive information. Your ethnic background preference, and your self-identified ethnic background, constitute information about racial or ethnic origin. This is sensitive information under the Privacy Act 1988 (Cth), APP 3.3. We collect it only with your explicit consent, recorded at the point of collection.

How the preference is applied. Your ethnic background preference affects which candidates our algorithm considers when selecting your weekly introduction. If you express a preference, candidates whose self-identified ethnic background does not match your selection will not be considered for your introduction that week. The preference operates in one direction only: when you are being considered as a candidate for another member's introduction, your own ethnic background preference plays no role in whether you are selected for them — only their preference governs their matching. No other user is notified that you have expressed a preference.

Withdrawal. You may withdraw your ethnic background preference at any time via Profile Settings → Privacy & Data → Ethnic background preference. Withdrawal resets your preference to 'No preference' immediately and takes effect from your next matching cycle. You may also change your preference at any time; each change is logged as a consent event.

Retention. Your ethnic background preference and self-identified ethnic background are retained while your account is active and your consent is in place. They are deleted within 30 days of account deletion or immediately upon withdrawal of your preference (reset to 'No preference'). Consent log records associated with this preference are retained for 7 years per our legal record-keeping obligations.

2.6 Gender Identity

During onboarding, we ask you to select your gender from three options: Male, Female, or Other. This information is sensitive information under the Privacy Act 1988 (Cth) because it relates to your gender identity. We collect your gender identity with your express consent, for the purpose of enabling the gender preference filter in our matching service. It is used as a hard matching filter, meaning that you will only be shown as a candidate to members whose gender preference includes your gender, and vice versa. It is not used for any other purpose, disclosed to third parties, or made visible on your profile to other members. You may update your gender identity at any time in Settings > Profile. Changes take effect from the next matching cycle. Your gender identity data is retained while your account is active. It is deleted within 30 days of account deletion, and consent_log records are retained for 7 years as required by our legal obligations.

2.7 In-App Messaging Data

When you exchange messages with an introduction, message content is stored in our database and is retained for the period set out in Section 6 below. Messages are subject to automated content moderation for safety purposes — see Section 2.8 below.

2.8 Automated Safety Processing of Message Content

Merydia operates automated safety systems that scan message content in real time for the purpose of detecting scam activity, romance scam indicators, and other prohibited content as defined in our Community Standards. This scanning occurs on all messages sent through the Merydia platform. This processing is a secondary use of your personal information under the Privacy Act 1988 (Cth).

The basis for this processing is our legitimate safety obligation to protect users from harm, and our obligations as a platform operator under the Online Safety Act 2021 (Cth). You would reasonably expect, as a user of a professional dating platform, that message content is monitored for safety purposes.

Where automated scanning detects content that may indicate scam activity, the relevant message may be held pending review by our Trust & Safety team. A soft warning notice may also be displayed to the message recipient.

If our Trust & Safety team determines that a confirmed scam has occurred, account details and message evidence relevant to the scam may be shared with the Australian Competition & Consumer Commission's National Anti-Scam Centre (ACCC NASC) for the purpose of protecting other potential victims. This sharing is a disclosure of personal information to a third party under APP 6.1 and is made on the basis that it is in the public interest and directly related to the safety purpose for which the information was processed.

Automated safety scanning does not involve sharing your message content with third-party advertisers, data brokers, or any party other than the ACCC NASC in the circumstances described above. Message content reviewed by our Trust & Safety team is accessed only by authorised personnel through our secured operations platform.

You have the right to make a privacy complaint about this processing by contacting us at privacy@merydia.app. If you are dissatisfied with our response, you may complain to the Office of the Australian Information Commissioner (OAIC) at www.oaic.gov.au.

2.9 Credit Transaction Data

We maintain an immutable ledger of credit transactions associated with your account, including credits purchased, credits consumed, and credits returned. Payment processing is handled by Apple (App Store) or Google (Google Play) and by RevenueCat as our subscription management intermediary. We do not hold your payment card data at any point.

2.10 Consent Records

We maintain an immutable record of every consent you have granted within the Service, including the consent type, the exact text displayed to you at the time of consent, a cryptographic hash of that text, and the timestamp. This record is retained for 7 years. You may withdraw consent at any time via Profile Settings → Manage Consents.

2.11 Audit Log Records

Our system maintains an immutable audit log of significant events associated with your account for compliance and safety purposes. Audit log records are retained for 7 years and are not disclosed to you as part of a Data Subject Access Request except to the extent required by law.

2.12 Analytics Data

We use PostHog for product analytics. PostHog is configured without personally identifiable information — we do not transmit your name, email, or profile data to PostHog. Analytics data is used to improve the Service and is not used for targeted advertising.

2.13 Error Monitoring Data

We use Sentry for application error monitoring. Sentry is configured with personal information scrubbing: profile fields, message content, matching scores, photo data, and user identifiers are excluded from all error payloads before transmission to Sentry.

2.14 Push Notification Data

We use Expo Push Notification Service to deliver push notifications to your device. We transmit your device push token to Expo for this purpose only. We do not transmit profile content or matching data to Expo.

2.15 Email Data

We use Postmark to deliver transactional and lifecycle emails. We transmit your email address and relevant account data to Postmark for delivery purposes only.

2.16 Document Verification Data

See Section 3 below.


3. Document Verification (Age Assurance)

This section is effective from 29 May 2026.

Australian law requires us to confirm that you are 18 or older before you can access Merydia. To do this, we use a secure identity verification service provided by Veriff OÜ (Estonia).

What happens during verification. You will be asked to photograph your government-issued ID document and take a selfie. Veriff compares these to confirm your identity and age. This process takes approximately 2 minutes.

Where your information is processed. Veriff processes verification data on servers located in Australia (AWS ap-southeast-2, Sydney). Some ancillary fraud-model processing may occur on servers located in the European Union. This cross-border disclosure is governed by Standard Contractual Clauses that provide protections equivalent to the Australian Privacy Principles. Veriff retains captured ID images and facial images for up to 6 months for operational and fraud-prevention purposes, after which they are permanently deleted. Veriff retains the verification reference and outcome for audit purposes.

What Merydia retains. We retain the verification reference number and outcome (pass/fail) in our records for 7 years, consistent with our legal record-keeping obligations. This reference number is used solely to confirm that age verification was completed. It is not used in matching, recommendations, or any other computation, and is not disclosed to any third party other than as required by law.

Your consent and withdrawal rights. Age verification requires your consent. Your consent is recorded when you tick the checkbox on the age verification screen. You may withdraw this consent at any time via Settings → Privacy & Data. If you withdraw consent, you will be removed from the matching pool and will not receive introductions. Withdrawal of consent does not result in deletion of the verification reference number already held, as that record is required for our legal compliance obligations under the Online Safety Act 2021 (Cth). Requests for deletion of ID images and facial images held by Veriff should be directed to privacy@veriff.com.

Sensitive information. Your facial image, as processed by Veriff, constitutes biometric information under the Privacy Act 1988 (Cth). We collect this information with your explicit consent for the sole purpose of age verification.


4. How We Use Your Information

We use your personal information for the following purposes:

To create and manage your account
To generate compatibility scores and select introduction candidates
To deliver your weekly introduction
To enable in-app messaging with your introduction match
To process credit purchases and maintain your credit ledger
To comply with our obligations under the Online Safety Act 2021 (Cth), including age assurance and content moderation
To respond to safety reports and cooperate with law enforcement and regulatory authorities
To improve the Service through anonymised analytics
To send you transactional and service communications by email and push notification

We do not use your personal information for targeted advertising. We do not sell, rent, or lease your personal information to any third party.

4.1 Aesthetic preference data

When you complete the attractiveness rating exercise, we use your ratings to compute numerical representations of your aesthetic preferences — specifically, mathematical vectors (called your "preference profile") that capture the facial characteristics you tend to find attractive or unattractive. This preference profile is used exclusively to calculate compatibility scores between members and is not shared with other members or used for any other purpose.

Your preference profile is sensitive information under the Privacy Act 1988 (Cth). It is stored securely and accessible only to system processes involved in the matching calculation.

Your preference profile is deleted within 24 hours if you withdraw your consent to attractiveness scoring (which you can do at any time in Settings → Privacy & Data). It is also deleted within 30 days of account deletion. You may request a copy of your preference profile data through the data access process described in the 'Your Data Rights' section below.


5. Disclosure of Personal Information

5.1 Service Providers

We disclose personal information to the following third-party service providers for the purposes described in Section 2: Veriff OÜ (age verification), RevenueCat (subscription management), Postmark (email delivery), Expo (push notifications), PostHog (analytics — no PII), Sentry (error monitoring — PII scrubbed), AWS via Supabase (database and storage hosting, Sydney).

5.2 Introduction Recipients

When a mutual introduction is made, each party receives the other's profile information including their name, photographs, professional headline, and About me text. This disclosure is the core function of the Service and is consented to when you register.

5.3 Law Enforcement and Regulatory Authorities

We may disclose personal information to law enforcement agencies, the eSafety Commissioner, the OAIC, the ACCC National Anti-Scam Centre, or other regulatory authorities where required or authorised by law, including mandatory reporting obligations under the Online Safety Act 2021 (Cth) with respect to child sexual abuse material and confirmed scam cases.

5.4 We Do Not Sell Your Data

We do not sell, rent, or lease your personal information to any third party for marketing purposes.


6. Retention of Personal Information

We retain personal information for the following periods:

Consent records and audit log: 7 years from the date of the record
Credit transaction records: 7 years (tax and accounting obligations)
Document verification reference number: 7 years (regulatory compliance)
Profile data: for the life of your account, and purged within 30 days of account deletion
Profile photographs and facial embeddings: purged within 30 days of account deletion
Ethnic background preference and self-identified ethnic background: retained while your account is active and your consent is in place; deleted within 30 days of account deletion or upon withdrawal of preference; consent log records retained 7 years
Message content: retained for 2 years from the date of last activity in the relevant chat conversation. Messages associated with an open safety report, an active law enforcement data preservation notice, or a pending CSAM referral are retained until the relevant matter is formally closed, regardless of whether this period extends beyond 2 years. Following account deletion, message content is not accessible to users but is retained for the period described above for regulatory, safety, and law enforcement cooperation purposes. At the end of the applicable retention period, message content is purged within 30 days.
NPS survey and feedback responses: 24 months
Matching cycle scores: accessible for 12 months, then moved to cold storage
Aesthetic preference profile (preference vector data): retained while your account is active and you have given consent to attractiveness scoring. Deleted within 24 hours of consent withdrawal. Deleted within 30 days of account deletion.
Backups: When you request deletion of your account, we remove your personal information from our active systems within 30 days. In addition, our infrastructure provider retains daily encrypted snapshot backups of our database for disaster recovery purposes, with each snapshot kept for 7 days before it is automatically deleted. This means your personal information may remain in an encrypted backup snapshot for up to 7 days following its removal from our active systems. These backups can only be used to restore the database to the point of a daily snapshot — not to any specific time you choose — and are accessible only to authorised technical personnel, under dual-authorisation controls, for disaster recovery purposes only. They are not used for any other purpose.


7. Your Right to Access Your Personal Information (Privacy Act — APP 12)

How to access your data

Under the Privacy Act 1988 (Cth) (Australian Privacy Principle 12), you have the right to access personal information that Merydia holds about you. You may download a copy of your personal information at any time from Profile → Privacy & Data → Your Data Rights → Request a copy of my data. Your export is generated immediately and delivered to your device. No email or waiting period is required.

Format of your export

Your data export is provided in JSON format. You can save it to your device, share it, or open it with any application that reads JSON files.

What your export contains

Your export includes all personal information we hold about you, including:

Profile information: your name, age, profession, photos, questionnaire responses (including whether you have children), and preferences as entered during onboarding and updated in Settings.

Ethnic background data: your ethnic background preference (if set) and your self-identified ethnic background (if provided). These are sensitive information under the Privacy Act and are included in your export. Consent log records for consent_type 'ethnicity_preference' are also included.

Matching scores: your attract_score (a measure of how closely your profile matches other members' preferences, assessed by our AI model) and your total_score (a composite compatibility score). These are personal information about you and are included in your export.

Biometric data: a composite_embedding — a mathematical representation of your facial geometry derived from your profile photos by our AI model. This is sensitive information under the Privacy Act. It is stored securely and is included in your export.

Preference vector data: numerical representations of your aesthetic preferences learned from your rating activity (tier1_centroid, tier3_centroid, tier1_std_dev, tier2_band_radius). These are personal information about you and are included in your export.

Message content: messages you have sent within the Service, subject to our retention periods set out in Section 6. Only messages you sent are included; messages sent to you by other members are not included in your export.

Document verification records: your verification reference number and outcome (pass/fail) held by Merydia. ID images and facial images held by Veriff are not held by us and are not part of this export — requests for those should be directed to privacy@veriff.com.

Consent and interaction records: your consent log, introduction history, credit transaction history, NPS survey responses (if provided), and feedback submissions.

Partial withholding — formula weights

Certain formula weights and component values used to compute your matching scores are withheld from your export. We withhold these on the basis that they constitute commercially sensitive information whose disclosure would be likely to prejudice our commercial interests (Privacy Act 1988 (Cth), APP 12.3(b)). We provide the following general description of the scoring methodology so you understand how your scores are produced: your attract_score reflects the degree of similarity between your profile photos (as analysed by our AI model) and another member's stated aesthetic preferences, adjusted by a questionnaire compatibility factor. Your total_score combines this with broader compatibility considerations. All other personal information, including your full scoring outputs, preference vectors, and biometric data, is included in your export.

If you consider this partial withholding is not justified, you may contact us or make a complaint as set out below.

Download limits

You may download your data up to three times in any 24-hour period. Your download activity and the IP address of the requesting device are logged for fraud detection and account integrity purposes.

Questions and complaints

If you have questions about your export, contact our Privacy Officer at privacy@merydia.app. If you are not satisfied with our response, you may make a complaint to the Office of the Australian Information Commissioner (OAIC): www.oaic.gov.au.


7A. Your Right to Correct Your Personal Information (Privacy Act — APP 13)

You have the right to request correction of personal information that Merydia holds about you if you believe it is inaccurate, out of date, incomplete, irrelevant, or misleading.

Most of your personal information can be corrected directly within the app at Profile → My Profile. For information that cannot be edited directly (such as information sourced from LinkedIn or generated by our system), you can submit a written correction request within the app at Profile → Privacy & Data → Your Data Rights → Correct my data.

We will review your correction request and respond within 30 days. If we correct the information, we will notify you in the app. If we decline to make the correction, we will provide written notice of our reasons and the mechanism for making a complaint to the OAIC (www.oaic.gov.au).

To contact our Privacy Officer directly: privacy@merydia.app.


8. Security of Personal Information

We implement the following security measures to protect your personal information:

All personal data is stored on Supabase (AWS ap-southeast-2, Sydney), which holds SOC 2 Type II and ISO 27001 certifications
Row-level security policies restrict database access so that each user can read only their own data
All data in transit is encrypted using TLS 1.2 or higher
Profile photographs are scanned for child sexual abuse material before storage using PhotoDNA
Error monitoring is configured to scrub personal data before transmission
Access to the operations dashboard is restricted to authorised personnel with separate authentication credentials

No security system is impenetrable. In the event of a data breach likely to result in serious harm, we will notify you and the OAIC as required by the Notifiable Data Breaches scheme under the Privacy Act 1988 (Cth).


9. Your Rights and Choices

9.1 Access

You may download a copy of the personal information we hold about you at any time from Profile → Privacy & Data → Your Data Rights → Request a copy of my data. Your export is generated immediately. See Section 7 for full details of what your export contains.

9.2 Correction

You may update most of your profile information directly within the app at Profile → My Profile. For information that cannot be edited directly, you can submit a written correction request at Profile → Privacy & Data → Your Data Rights → Correct my data. See Section 7A for full details.

9.3 Deletion

You may delete your account at any time from Profile → Privacy & Data → Your Data Rights → Close my account. Profile data and photographs are purged within 30 days. Certain records (consent log, audit log, credit transactions, document verification reference) are retained for the periods set out in Section 6 due to legal obligations.

9.4 Withdrawal of Consent

You may withdraw consent for specific processing activities via Profile Settings → Manage Consents. This includes withdrawal of your ethnic background preference, which resets to 'No preference' immediately and takes effect from your next matching cycle. Withdrawal of consent does not affect the lawfulness of processing prior to withdrawal.

9.5 Data Subject Access Request (DSAR)

You may download a copy of your personal data at any time from Profile → Privacy & Data → Your Data Rights → Request a copy of my data. Your export is generated immediately and delivered to your device in JSON format. See Section 7 for a full description of what your export contains, including matching scores, biometric data, preference vector data, message content, ethnic background data, and the partial withholding of formula weights.

9.6 Complaints

If you believe we have handled your personal information in a way that does not comply with the Australian Privacy Principles, you may lodge a complaint with us at privacy@merydia.app. We will respond within 30 days. If you are not satisfied with our response, you may escalate your complaint to the Office of the Australian Information Commissioner (OAIC) at oaic.gov.au.


10. Cross-Border Disclosure

We disclose personal information to overseas recipients as described in Sections 2 and 5. All cross-border disclosures are governed by contractual arrangements that require overseas recipients to handle personal information consistently with the Australian Privacy Principles (APP 8).


11. Automated Decision-Making

Merydia's matching and delivery process is fully automated. Our algorithm generates compatibility scores and selects introduction pairs automatically. Introductions are delivered to users at 12:00pm AEST every Monday without individual human review or approval of any pair. A Product Owner hold mechanism exists: before 11:30am AEST on delivery day, the Product Owner may place a hold on the entire cycle's delivery if a systemic batch-level issue is identified. This is an exceptional intervention applied to the cycle as a whole and does not constitute individual human review of any introduction pair.

Because Merydia already uses fully automated decision-making in its current form, the disclosure obligation under the Privacy and Other Legislation Amendment Act 2024 (Cth) applies now and is satisfied by this section. We will update this section if the nature of the automated decision-making changes materially, including if algorithmic training methodology changes in a way that affects the basis on which decisions about individuals are made.


12. Children

Merydia is intended exclusively for users aged 18 and over. We do not knowingly collect personal information from anyone under 18. Age assurance (Section 3) is implemented to prevent under-18 access. If you believe we hold personal information about a minor, please contact us immediately at privacy@merydia.app.


13. Changes to This Policy

We may update this Privacy Policy from time to time. Material changes will be notified to you by in-app notice at least 14 days before the change takes effect. The effective date at the top of this policy will be updated. Continued use of the Service after the effective date constitutes acceptance of the updated policy.


14. Contact Us

Privacy Officer: privacy@merydia.app
Merydia, Sydney NSW Australia
ACN: 698 772 315
For document verification enquiries relating to data held by Veriff: privacy@veriff.com


Merydia Privacy Policy v2.1 | Last updated 1 July 2026 | Merydia Digital Pty Ltd (ACN 698 772 315) | merydia.app/privacy