Rate My Ex

Compliance

Last updated: September 14, 2025

Our Compliance Commitment

Rate My Ex is committed to complying with all applicable data protection and privacy laws. We regularly review and update our practices to ensure we meet or exceed regulatory requirements.

General Data Protection Regulation (GDPR)

We comply with the GDPR, which applies to users in the European Union and European Economic Area.

Legal Basis for Processing

We process your data based on the following legal grounds:

  • Legitimate Interest: Providing our anonymous review platform
  • Consent: For optional features and analytics
  • Legal Obligation: When required by law

Your GDPR Rights

Under GDPR, you have the following rights:

  • Right to Access: Request a copy of your personal data
  • Right to Rectification: Correct inaccurate data
  • Right to Erasure: Request deletion of your data
  • Right to Portability: Receive your data in a portable format
  • Right to Object: Object to processing of your data
  • Right to Restriction: Limit how we process your data
  • Right to Withdraw Consent: Withdraw consent at any time

Data Protection Officer

For GDPR-related inquiries, please contact our Data Protection Officer at:

Email: [email protected]

California Consumer Privacy Act (CCPA)

We comply with the CCPA, which provides privacy rights to California residents.

CCPA Rights

California residents have the following rights:

  • Right to Know: Request information about personal data collected
  • Right to Delete: Request deletion of personal data
  • Right to Opt-Out: Opt out of sale of personal data
  • Right to Non-Discrimination: Not be discriminated against for exercising rights

Data Categories

We collect the following categories of personal information:

  • Identifiers (IP address, device information)
  • Internet activity (usage analytics)
  • User-generated content (reviews, comments)

Children's Online Privacy Protection Act (COPPA)

We comply with COPPA, which protects the privacy of children under 13.

Age Restriction

Our service is not intended for children under 18. We do not knowingly collect personal information from children under 13. If we become aware that we have collected such information, we will take steps to delete it promptly.

Data Retention and Deletion

Retention Periods

We retain data for the following periods:

  • User Reviews: Until deletion is requested or content is removed for policy violations
  • Analytics Data: 26 months (Google Analytics standard)
  • Server Logs: 90 days for security purposes
  • Backup Data: 30 days

Deletion Process

When you request data deletion, we will:

  • Remove your data from active systems within 30 days
  • Delete data from backups within 90 days
  • Provide confirmation of deletion
  • Maintain records of deletion for compliance purposes

International Data Transfers

We may transfer your data internationally. When we do, we ensure appropriate safeguards are in place:

  • Adequacy decisions by relevant authorities
  • Standard contractual clauses
  • Certification schemes
  • Other appropriate safeguards

Data Breach Notification

In the event of a data breach that affects your personal data, we will:

  • Notify relevant authorities within 72 hours (GDPR requirement)
  • Notify affected users without undue delay
  • Provide information about the breach and potential impact
  • Take steps to mitigate any harm
  • Document the incident and our response

Third-Party Compliance

We work with third-party service providers who also comply with applicable privacy laws:

Our Service Providers

  • Supabase: Database and authentication services
  • Google Analytics: Website analytics
  • Microsoft Clarity: User behavior analytics
  • Vercel: Hosting and CDN services

Compliance Monitoring

We regularly monitor our compliance through:

  • Regular privacy impact assessments
  • Compliance audits and reviews
  • Staff training on privacy and data protection
  • Monitoring of regulatory changes
  • Incident response testing

Exercising Your Rights

To exercise your privacy rights, please contact us:

Email: [email protected]
Subject: [PRIVACY REQUEST] Your Request Type
Response Time: We aim to respond within 30 days

Required Information

  • Your name and contact information
  • Specific request (access, deletion, etc.)
  • Any relevant identifiers
  • Verification of your identity

Updates to Compliance

We may update this compliance information as regulations change or our practices evolve. We will notify users of any material changes through our website or email notifications.

Contact Information

For compliance-related questions or to exercise your rights, please contact us:

Privacy Team: [email protected]
DPO: [email protected]
Legal Team: [email protected]
Website: https://www.ratemyex.online