Effective Date: January 1, 2024
Welcome to Nomi, India's premier personality-based dating application, owned and operated by Triora Zenith Private Limited (“Company,” “we,” “us,” or “our”), a private limited company incorporated in India. Nomi represents a revolutionary approach to online dating, leveraging advanced personality assessment algorithms and psychological compatibility matching to create meaningful connections between individuals seeking romantic relationships.
At Nomi, we recognize that privacy is a fundamental right and a cornerstone of trust in digital relationships. We are committed to maintaining the highest standards of data protection and privacy practices under Indian laws, including but not limited to the Information Technology Act, 2000, the Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011, and emerging data protection regulations including the Digital Personal Data Protection Act, 2023.
This Privacy Policy ("Policy") governs the collection, processing, storage, sharing, and protection of your personal information when you:
Nomi is exclusively designed for adults aged 18 years and above. By using our services, you represent and warrant that you are at least 18 years of age and have the legal capacity to enter into this privacy agreement. We do not knowingly collect, process, or retain personal information from individuals under the age of 18. If we discover that we have inadvertently collected information from a minor, we will take immediate steps to delete such information from our systems.
Nomi is exclusively designed for adults aged 18 years and above. By using our services, you represent and warrant that you are at least 18 years of age and have the legal capacity to enter into this privacy agreement. We do not knowingly collect, process, or retain personal information from individuals under the age of 18. If we discover that we have inadvertently collected information from a minor, we will take immediate steps to delete such information from our systems.
By creating an account, downloading our application, or using any of our services, you explicitly consent to the collection, processing, and use of your personal information as described in this Policy. Your continued use of Nomi following any modifications to this Policy constitutes your acceptance of such changes. If you do not agree with any aspect of this Policy, you must immediately discontinue use of our services and may request deletion of your account and associated data.
This Policy is written in English and may be translated into other languages for convenience. In case of any discrepancy between the English version and any translated version, the English version shall prevail. Any headings used in this Policy are for convenience only and do not affect the interpretation of the terms.
When you register for Nomi, we collect essential identity verification data, including:
Age and Date of Birth: We require your exact date of birth to verify that you meet our minimum age requirement of 18 years. This information is also used to calculate age-based compatibility factors and ensure compliance with legal requirements. Your age may be displayed to other users as part of your profile, but your exact birth date remains private.
Contact Information: We collect your primary email address, which serves as your account identifier and primary means of communication. We also collect your mobile phone number for account verification, security purposes, and important service notifications. Both email and phone number must be verified through our authentication process.
Gender Identity and Sexual Orientation: We collect detailed information about your gender identity, expression, and sexual orientation preferences. This includes your own gender identity, the gender(s) you are interested in meeting, and any specific preferences for potential matches. This information is critical for our matching algorithm and is handled with the highest level of sensitivity and confidentiality.
Profile Photographs: Users may upload multiple profile photographs (up to nine images), which are securely stored on our servers. These images are reviewed for content moderation purposes to ensure compliance with community guidelines. We do not use facial recognition technology for user identification. Images are compressed and optimized for display while preserving quality.
Biographical Information: Users may provide biographical details such as education, profession, interests, hobbies, lifestyle preferences, relationship goals, and personal descriptions. This information supports our personality-based compatibility assessments and improves match relevance.
Real-Time GPS Coordinates: With your explicit permission, we collect precise location data using GPS, WiFi, and cellular networks. This includes latitude and longitude coordinates accurate to a few meters and enables location-based matching.
Location History: We retain limited historical location data to enhance matching accuracy and generate location-based insights. Location history is automatically deleted after 90 days unless retention is required for legal or security purposes.
Geographic Preferences: Users may specify distance ranges, preferred locations, and geographic boundaries for match discovery. These preferences are used solely to optimize the matching experience.
Scenario-Based Questionnaire Responses: Our proprietary personality assessment includes over 150 scenario-based questions designed by licensed psychologists and relationship experts. These questions evaluate personality traits, emotional intelligence, communication styles, value systems, lifestyle preferences, relationship patterns, decision-making tendencies, and intellectual interests.
Psychological Profile Generation: Based on your responses, we generate a dynamic psychological profile containing personality classifications, compatibility indicators, and behavioral insights. This profile evolves as additional data is collected.
Behavioral Pattern Analysis: We analyze response consistency, timing, and completion patterns to enhance authenticity checks and refine compatibility scoring.
Adaptive Assessment Updates: Users may be periodically invited to update or expand their assessment responses. Participation is optional but improves match accuracy.
Contextual Personality Variations: Our assessment framework captures variations in personality across social, professional, and romantic contexts to improve romantic compatibility predictions.
We collect detailed analytics related to your use of the platform, including session duration, navigation behavior, feature usage, message response times, profile update frequency, and premium feature engagement.
We also analyze matching behavior such as profiles viewed, likes, passes, reports, time spent per profile, preference changes, and conversation initiation patterns.
Message Content and Patterns: Messages exchanged on the platform, including text, emojis, and shared media, are securely stored. Message content is not routinely monitored except for safety, moderation, or legal compliance purposes.
Conversation Analytics: We analyze communication patterns such as frequency, response times, and conversation progression to improve matching quality and identify potentially harmful behavior.
Relationship Outcomes Tracking: With user consent, we track outcomes such as successful matches, dates arranged, relationship duration, and feedback to enhance platform effectiveness.
All payments are processed through Razorpay, a PCI DSS–compliant payment gateway that adheres to RBI regulations. We do not store full card numbers or sensitive banking credentials on our servers.
We maintain transaction records including purchase amounts, subscription periods, billing cycles, refunds, and invoice-related information as required for legal and accounting purposes.
For premium subscribers, we analyze feature usage patterns to optimize service offerings and provide personalized recommendations.
We also assess the relationship between premium feature usage and successful match outcomes to continuously improve value delivery.
Profile Development: Your personal information forms the foundation of your Nomi profile, which represents you to potential matches. We use identity details, photographs, and biographical information to create a rich and authentic profile that accurately reflects your personality and relationship preferences.
Dynamic Profile Optimization: Our systems analyze profile performance metrics such as views, matches, and engagement to generate personalized recommendations. These may include photo ordering suggestions, profile text enhancements, and preference refinements to improve visibility and compatibility.
Profile Authenticity Verification: We use phone verification, email confirmation, and behavioral pattern analysis to verify profile authenticity and prevent impersonation, fake accounts, and deceptive activity.
Sophisticated Compatibility Algorithms: Personality assessment data is processed using proprietary machine learning models trained on successful relationship patterns. Compatibility analysis includes psychological traits, lifestyle alignment, communication styles, emotional intelligence, and attraction indicators.
Continuous Algorithm Refinement: Aggregated interaction data, match outcomes, and user feedback are used to improve accuracy and relevance of our matching systems for all users.
Personalized Recommendation Engine: We provide personalized suggestions such as conversation starters, date ideas, and relationship development tips based on your personality profile and match characteristics.
Secure Messaging Platform: We offer a secure messaging system that enables communication between matched users. Messages may include text, emojis, images, and multimedia content and are stored securely.
Conversation Quality Enhancement: Communication patterns are analyzed to offer insights and suggestions aimed at improving conversation flow, timing, and engagement based on shared interests and compatibility indicators.
Safety and Moderation: Communications are monitored for safety purposes, including detection of harassment, inappropriate content, spam, or fraud, using a combination of automated systems and human review.
Continuous Learning Systems: We use anonymized and aggregated user data to train machine learning models that improve matching accuracy, safety mechanisms, and overall platform performance.
Feature Development and Testing: Aggregated behavioral data supports feature development, interface improvements, and A/B testing initiatives.
Predictive Analytics: Predictive models help anticipate user needs, optimize notification timing, reduce churn, and identify opportunities for service enhancement.
Relationship Science Research: We conduct anonymized and aggregated research on dating behaviors, compatibility factors, and relationship success to improve our services and contribute to broader relationship insights.
User Experience Research: Interaction data is analyzed to identify usability challenges, improve workflows, and enhance overall user satisfaction.
Market Analysis and Trend Identification: Aggregated demographic and usage data helps us understand evolving user needs and market trends within the online dating ecosystem.
Multi-Layer Identity Verification: We combine identity data with behavioral analytics to prevent fraud, impersonation, and malicious activity.
Real-Time Risk Assessment: User behavior is continuously evaluated to identify abnormal patterns such as suspicious logins or messaging behavior.
Automated Threat Detection: Machine learning systems proactively detect scams, spam, harassment, and other harmful activity.
Proactive Content Monitoring: Automated systems review uploaded images, profiles, and messages for violations including explicit content, hate speech, or harassment.
User Safety Tools: Features such as blocking, reporting, and privacy controls rely on personal data to function effectively and ensure user protection.
Incident Response and Investigation: Reported incidents are reviewed using relevant interaction data to take appropriate enforcement action.
Essential Service Notifications: We send security alerts, match updates, message notifications, subscription reminders, and policy updates using your contact information.
Personalized Engagement: Notifications and recommendations are tailored based on usage patterns and preferences to improve user success and engagement.
Customer Support: Personal information allows our support team to provide efficient assistance and resolve issues or disputes.
Targeted Marketing (With Consent): With your explicit consent, we send promotional communications related to new features, premium offerings, and special campaigns.
Event and Community Notifications: Location and interest data may be used to inform users about relevant events or community activities.
Feedback and Survey Requests: We request feedback and survey participation to improve services and user satisfaction.
Controlled Profile Visibility: Your basic profile information, including display name, age, selected photographs, biographical details, and general location (city or area level only), is visible to other users within your matching preferences. Exact location coordinates are never shared. You maintain granular control over profile visibility through privacy settings.
Personality Compatibility Insights: We share compatibility indicators such as shared traits, mutual interests, and compatibility percentages with matched users. Your specific personality assessment responses remain confidential and are not disclosed to other users.
Selective Information Disclosure: Users may control visibility of certain profile elements, including photo blurring prior to matching, hiding specific biographical details, or limiting visibility to premium users only.
Message Exchange Platform: When users match, the platform facilitates the exchange of messages, photos, and content chosen to be shared by each party. This information becomes accessible to both participants and is stored securely.
Read Receipts and Activity Status: Subject to your privacy controls, we may display message read indicators, online activity status, and response patterns to enhance communication clarity.
Mutual Interest Indicators: We may display shared interests, common preferences, or mutual indicators to facilitate meaningful engagement between matched users.
Verification Status: Verification badges and authenticity indicators may be displayed to other users once you complete identity or account verification processes.
Safety Alerts: In situations involving potential safety risks, we may share limited safety-related information with affected users while maintaining appropriate privacy safeguards.
Razorpay Integration: Payment and billing information required to process transactions is shared with Razorpay. Razorpay operates under its own privacy policy and is contractually obligated to maintain strict confidentiality and security standards.
Financial Compliance Data: Transaction-related information may be shared with banks, regulators, or compliance partners to meet AML, KYC, taxation, and other statutory obligations.
Cloud Storage Providers: We use secure cloud infrastructure to store user data. These providers are bound by contractual obligations to protect data and are prohibited from using it for independent purposes.
Analytics and Performance Monitoring: Aggregated and anonymized usage data may be shared with analytics partners to improve app stability, performance, and user experience. Personally identifiable information is not shared.
Customer Support Platforms: Relevant account and interaction data may be shared with customer support tools to enable efficient issue resolution.
Email and SMS Service Providers: Contact details may be shared with trusted communication providers solely for delivering service messages and marketing communications where consent has been provided.
Push Notification Services: We use platform notification services such as Apple Push Notification Service (APNs) and Firebase Cloud Messaging (FCM), which receive device identifiers and message payloads required for delivery.
Compliance with Legal Orders: Personal information may be disclosed pursuant to court orders, subpoenas, warrants, or other lawful requests from authorized authorities.
Criminal Investigation Support: Where necessary to prevent harm or investigate criminal activity, we may share relevant information with law enforcement agencies.
Regulatory Reporting: Certain information may be reported to regulatory bodies as required under applicable laws and regulations.
Intellectual Property Protection: Information may be disclosed to investigate or respond to claims involving copyright, trademark infringement, or misuse of proprietary content.
Contract Enforcement: We may disclose information necessary to enforce our Terms of Service, investigate policy violations, or protect legal rights.
Litigation and Dispute Resolution: Relevant information may be used in legal proceedings, arbitration, or dispute resolution processes.
Preventing Illegal Activities: We may report suspected illegal behavior such as fraud, harassment, stalking, or threats of violence to appropriate authorities.
Child Safety Protection: If evidence of underage usage or threats to child safety is identified, we will immediately report such incidents and cooperate with investigations.
Public Health and Safety: In extraordinary situations, information may be shared with public health or emergency authorities where legally required or ethically necessary.
Asset Transfer Preparation: During potential mergers, acquisitions, or asset sales, user data may be shared with prospective parties under strict confidentiality agreements.
Completed Transaction Transfers: If a transaction is finalized, personal information may be transferred to the acquiring entity, which will be bound by equivalent privacy obligations unless users are notified of material changes.
Bankruptcy or Insolvency: In rare insolvency scenarios, user data may be treated as a transferable business asset, subject to applicable legal safeguards.
Subsidiary and Affiliate Sharing: Information may be shared with affiliated entities for internal operations, provided equivalent privacy standards are maintained.
Service Provider Transitions: Data may be transferred to new vendors or partners to ensure continuity of service, subject to contractual safeguards.
Advance Notice Requirements: Users will receive reasonable advance notice of material business changes affecting personal information.
User Choice and Data Portability: Where feasible, users will be provided options to export data, delete accounts, or exercise applicable rights prior to data transfer.
Transport Layer Security (TLS): All data transmitted between your device and our servers is protected using TLS 1.3 encryption, safeguarding login credentials, profile updates, messages, and payment-related interactions from unauthorized interception.
Database Security: Our databases implement layered security controls including encrypted connections, certificate-based authentication, access logging, query monitoring, and automated intrusion detection mechanisms.
API Security: Our APIs are protected using OAuth 2.0 authentication, strict rate limiting, and comprehensive input validation to prevent abuse and common security vulnerabilities.
Cloud Infrastructure Protection: Our systems are hosted on enterprise-grade cloud platforms with SOC 2 Type II and ISO 27001 compliance, incorporating DDoS protection, automated patching, and continuous monitoring.
Access Control Systems: User data access is governed by strict role-based access control (RBAC). As the sole developer, administrative access is limited to essential maintenance functions, with all access events logged and audited.
Development Environment Security: Development and testing environments are isolated from production and contain no real user data. Only anonymized or synthetic datasets are used for testing and feature development.
Backup and Recovery: Encrypted backups are maintained across multiple geographically distributed locations within India and are routinely tested for integrity and disaster recovery readiness.
Real-Time Threat Detection: Automated systems continuously monitor suspicious activities such as unauthorized access attempts, abnormal usage patterns, and malware indicators.
Vulnerability Management: Regular security scans and assessments are conducted, with critical vulnerabilities addressed within 24 hours of identification.
Incident Response Procedures: Our incident response framework includes containment, investigation, impact assessment, user notification where required, and cooperation with authorities when necessary.
Security Updates and Patching: All system components are kept current with security patches, with critical updates applied immediately.
Profile Information Lifecycle: Profile details, photographs, biographical data, and personality assessment results are retained for the duration of your active account to ensure continuity of service.
Communication History: Messages are retained while your account remains active. You may delete messages or conversations at any time via the app.
Usage Analytics: Anonymized behavioral and usage analytics are retained for up to 24 months for service optimization and algorithm refinement.
Location Data: Precise location data is retained for no longer than 90 days, after which it is automatically deleted. Generalized location data may remain as part of your profile.
Immediate Deletion Process: Upon account deletion, your profile is immediately removed from public visibility and matching systems.
30-Day Grace Period: A 30-day recovery window is provided during which your data is stored in isolated, secure systems.
Complete Data Purging: After the grace period, all personally identifiable data is permanently deleted and cannot be recovered.
Legal Retention Requirements: Certain records may be retained longer where required by law, limited strictly to statutory obligations.
Automatic Data Cleanup: Expired sessions, temporary files, and unnecessary logs are automatically purged.
Retention Policy Reviews: Retention practices are periodically reviewed to align with legal updates and privacy best practices.
All user data is primarily stored and processed within India to comply with the Digital Personal Data Protection Act, 2023, and related regulations.
Limited encrypted or anonymized data may be processed by international service providers under strict contractual safeguards and regulatory compliance.
International transfers are governed by adequacy assessments, contractual safeguards, and continuous monitoring of regulatory developments.
You may update profile details, photos, preferences, and personality information at any time, with changes reflected in matching systems almost immediately.
Privacy settings allow granular control over profile visibility, photo access, and audience restrictions.
You control notification frequency, message previews, matching preferences, and can block or report users instantly.
You decide what information is shared, manage third-party integrations, and may opt out of anonymized research participation.
You may request a complete copy of your personal data and detailed explanations of processing logic affecting your experience.
Verified inaccuracies are corrected within 72 hours, with explanations of how changes affect matching outcomes.
You may request full or partial deletion of your data, including removal from algorithm training and analytical datasets.
Data exports are available in standard formats such as JSON and CSV, with selective export options where feasible.
You can control location precision, temporarily disable sharing, and manage location history retention.
Advanced features such as location masking, emergency overrides, and geographic boundary controls enhance safety without compromising privacy.
Session Management Cookies: These strictly necessary cookies maintain login sessions, preserve application state, and ensure consistent navigation across features. Session cookies are automatically deleted when you log out or close the app and do not store identifiable data beyond session identifiers.
Authentication and Security Cookies: Security cookies detect unusual login behavior, validate device authenticity, and maintain security token integrity. These cookies are essential for account protection and cannot be disabled.
Preference and Customization Cookies: These cookies store display preferences, notification settings, language choices, and interface customizations to maintain a personalized experience across sessions.
Category-Based Control: Our cookie preference controls allow you to accept or reject cookie categories independently, except for essential cookies.
Real-Time Preference Updates: Cookie preferences can be updated at any time through app settings and take effect immediately.
Cookie Transparency: Detailed information is provided for each cookie category, including purpose, retention period, and third-party access.
External Service Integration: Third-party cookies used for analytics or payments are clearly identified, along with links to external privacy policies.
Cross-Site Tracking Prevention: Measures are implemented to prevent unauthorized cross-site tracking beyond intended functionality.
Regular Audits: Third-party cookie usage is periodically reviewed and restricted to approved purposes only.
Payment Processing: Razorpay processes all in-app payments including subscriptions and feature upgrades. Limited billing data is shared solely for transaction execution.
Information Shared: Billing name, email, phone number, address, transaction amount, currency, and timestamp are shared. Dating activity and personality data are never shared.
Payment Security: Transactions are encrypted and tokenized. Card details are never stored on our servers.
Transaction data may be shared with financial institutions and authorities for AML, KYC, GST, and tax compliance as required by Indian law.
Enterprise-grade cloud providers store encrypted user data and operate under strict data processing agreements and Indian data localization requirements.
Aggregated and anonymized analytics data is shared for performance monitoring, crash reporting, and user experience improvements.
Support platforms and messaging providers receive limited data necessary to deliver notifications and resolve support requests.
Optional integrations with Spotify, Instagram, or LinkedIn import limited profile information with your explicit consent and can be disconnected at any time.
Third-party verification and moderation services analyze content for authenticity and safety without retaining personal data beyond analysis.
Nomi is strictly restricted to users aged 18 years and above. Age verification is conducted using government-issued identification or equivalent verification methods where legally permissible.
If minor data is identified, the account is immediately suspended, data permanently deleted within 24 hours, and authorities notified where required.
AI-driven detection, user reports, and behavioral analysis are used to identify and respond to underage usage and child safety risks.
Our practices comply with the Information Technology Act, 2000, SPDI Rules, Digital Personal Data Protection Act, 2023, and RBI payment regulations.
We comply with consumer protection, telecom, anti-spam, and grievance redressal requirements applicable to digital platforms in India.
Where applicable, we adhere to state-level regulations, linguistic requirements, and cultural sensitivities.
Policy changes are classified based on impact. Material changes require explicit consent, while minor updates are notified through standard channels.
Users are provided options to review, accept, reject, or export data before changes take effect. Consent history is documented for compliance.
All historical versions of this Privacy Policy are archived with change logs and made accessible for transparency.
Our primary privacy communication channel, support@triorazenith.com, operates as a monitored and secure system staffed by trained privacy professionals available 24 hours a day, 7 days a week. This channel handles privacy-related inquiries, data subject rights requests, consent management issues, and general privacy concerns with defined escalation procedures for complex matters.
All privacy communications are tracked through a centralized case management system to ensure consistent follow-up, documented resolution, and user satisfaction verification. We support communications in English and Hindi, with additional regional language support available upon request where feasible.
We commit to responding to user communications within legally mandated and internally defined timeframes based on the nature and urgency of the request. Queries related to access, correction, deletion, or portability of personal data are addressed promptly in accordance with applicable law.
Security incidents and potential data breaches receive immediate attention, with initial communication to affected users initiated within one hour of verified incident detection, followed by ongoing updates as investigations progress.
All customer-facing personnel receive regular training on privacy regulations, user rights, secure data handling, and professional communication standards. Our quality assurance program includes periodic review of communication effectiveness, response accuracy, and user satisfaction, with corrective actions implemented where required.
Name: Tejas Gotavade
Email: support@triorazenith.com
Effective Date: May 29, 2025
Last Updated: October 10, 2025
Version: 0.2.0+59
This document represents the Privacy Policy for the Nomi Dating Application, developed and operated by Triora Zenith Private Limited, in compliance with applicable Indian privacy and data protection laws. Users are encouraged to review this Policy periodically and contact our privacy team regarding any questions or concerns related to data handling practices.
© 2025 Triora Zenith Private Limited, Nomi