Pairoa — Privacy Policy
Last updated: Draft — June 3, 2026 (update to the publication date before launch)
Plain-language summary (not part of the policy). Pairoa is built to keep your need private until it matches. There is no public listing. We hold your contact details in custody and release them only when you match with someone. We are honest about one thing many "private" services hide: to match needs, we send their content to AI providers, so we cannot claim that no one ever sees your content. We use providers that, under their terms, don't train their models on what we send and limit how long they keep it. Content from needs that never match is deleted when the need closes or expires; content involved in a match is kept in both people's match records — like an email you can't unsend. This summary helps you read the full policy below, which is what legally applies.
1. Who is responsible for your data
Pairoa ("Pairoa," "we," "us," or "our") is a personal website and service operated by an individual (the "Operator"), who is the controller of personal data processed through the Service.
- Contact for privacy questions and requests: contact@pairoa.com
- General contact: contact@pairoa.com
- Operator: Pairoa is operated by an individual, who is the data controller. Reach the Operator at contact@pairoa.com; a postal address will be provided on legitimate legal or regulatory request.
This Privacy Policy explains what personal data we collect, why, who we share it with, how long we keep it, and the rights you have. It works together with our Terms of Service. Terms defined there (such as Need, Match, Reveal, Safe Tags, Anonymous Token, and Claimed Identity) have the same meaning here.
2. The information we collect
a) Information you provide in a Need.
- The text of what you are looking for ("i_seek") and what you offer ("i_offer"), plus any constraints, location/remote preferences, and other details you include.
- Contact Information (such as your email address) so a matched person can reach you.
- Anything else you choose to put into a Need. Please do not include more sensitive personal information than necessary (see Section 3).
b) Account and identity information.
- Your email address, used as your unique identifier and for passwordless sign-in (one-time codes).
- If you sign in with a third-party provider (for example, Google), basic profile information that provider shares with us (such as your email and account identifier). We do not receive your third-party password.
- Your Anonymous Token (before you claim an account) and your pseudonymous Claimed Identity.
c) Information we generate.
- Safe Tags — short, non-sensitive labels derived from your Need (which you can edit).
- Embeddings — a mathematical representation of your Need used for matching. Note that producing an embedding requires processing the content of your Need.
- Match records and "why this matched" explanations.
d) Technical and usage information.
- Log and device data such as IP address, browser/client type, timestamps, and actions taken, used for security, anti-abuse, and operating the Service.
- Limited cookies or similar technology needed to keep you signed in and to keep the Service secure (see Section 8).
We do not sell your personal information, and we do not use it for third-party advertising.
3. Sensitive information
We do not intend to collect special categories of personal data (such as health, religion, political views, sexual orientation, or precise biometric data). However, a Need is free text — if you choose to include sensitive information in it, you instruct and consent to us processing that information to provide the Service (including matching and, on a Match, releasing it to the matched person). Because a Reveal cannot be undone, we strongly encourage you to leave sensitive details out of your Needs.
4. How and why we use your information, and our legal bases
| What we do | Why | Legal basis (GDPR, where it applies) |
|---|---|---|
| Accept, store, and process your Need; generate embeddings and Safe Tags; run matching | To provide the core Service you asked for | Performance of a contract; your consent for the matching and Reveal |
| Hold your Contact Information in custody and release it on a Match (the Reveal) | To make the introduction you requested | Performance of a contract; your consent |
| Create and manage your account / Claimed Identity; passwordless sign-in | To let you view matches and manage Needs | Performance of a contract |
| Send service emails (match notifications, sign-in codes, account notices) | To operate the Service | Performance of a contract |
| Security, abuse prevention, rate-limiting, freezing abusive accounts, handling reports | To keep the Service and its Users safe | Legitimate interests; legal obligation where applicable |
| Maintain logs; debug and improve the Service | To keep the Service reliable | Legitimate interests |
| Comply with law; respond to lawful requests; establish or defend legal claims | Legal compliance | Legal obligation; legitimate interests |
Where we rely on consent, you may withdraw it at any time (for example, by closing a Need or your account); withdrawal does not affect processing already carried out, and it cannot recall information already shared in a Reveal.
5. Sharing on a Match (the Reveal)
When the Service makes a Match, it shares with the matched person the relevant content of your Need and your Contact Information, and shares theirs with you. This is at your direction and with your consent, and it cannot be undone. We have no control over what a matched person does with the information after a Reveal, and we cannot make them delete or forget it. Treat anything you publish as something the matched person will keep — like an email you have already sent. See Section 7 of the Terms of Service.
A single Need may match more than one person over its lifetime; each Match results in a separate Reveal to that one matched person.
Match-notification emails are designed only to prompt you to sign in. They do not contain the full content of a Need or any Contact Information; they may include your Safe Tags and a short-lived, single-use sign-in link (a "magic link") that brings you to your dashboard but reveals no content by itself. Full content is shown only after you sign in.
6. Third-party providers, sub-processors, and AI processing
We use a small number of third-party providers ("sub-processors") to run the Service. They process personal data on our behalf and under our instructions, only to provide their service to us. Current categories include:
| Category | What they process | Example provider(s) — confirm/maintain before launch |
|---|---|---|
| Hosting & database (incl. vector storage) | Stored Needs, account data, logs | Supabase |
| Application hosting / delivery | Requests and technical data | Vercel |
| Email delivery | Email address; notification and sign-in emails | Resend |
| Sign-in / authentication | Email and account identifier | |
| AI model provider(s) — embeddings and LLM matching/judging | The content of your Need | Google (Gemini API) |
Honest disclosure about AI. Operating an AI-assisted matching service means the content of your Need is sent to one or more third-party AI/LLM providers to generate embeddings and to judge matches. We therefore cannot claim that no one ever sees your content. What we do instead: we seek to use AI providers under terms that do not use the content we send them to train their models and that limit how long they retain it (for example, zero- or short-retention API terms). We aim to send the minimum content necessary and to delete unmatched content promptly (see Section 7).
We may also disclose information (a) to comply with law or a valid legal request, (b) to protect the rights, safety, and security of Users, the public, or the Operator, including investigating abuse or fraud, and (c) in connection with a transfer of the Service (for example, if the Operator forms a company or transfers the project), in which case we will require the recipient to honor this Policy or notify you.
We keep our current list of sub-processors available on request and will take reasonable steps to notify Users of material changes to AI providers that handle Need content.
7. How long we keep information (data lifecycle)
The Service is designed around data minimization and deletion of content that never matched.
| Data | Retention |
|---|---|
| Content of a Need that never matched (i_seek/i_offer text, embeddings, distilled fields) | Held in minimized form while the Need is live; deleted when the Need is closed or expires (whichever comes first). We do not keep a permanent record of unmatched Need content. |
| Content of a Need that has matched (the Need text, Contact Information, and match explanation involved in that Match) | Retained in the match records of you and the matched person so both can refer back to the introduction, until you delete your account or request deletion (subject to legal limits and to content already revealed, which we cannot recall). |
| Contact Information (in custody, pre-match) | Held to enable the Reveal; deleted with the associated Need/account per the rows above. |
| Safe Tags | Kept with the Need; subject to the same lifecycle. |
| Account / Claimed Identity (email, identifier) | Kept while your account is active; deleted or anonymized after you delete your account, subject to legal limits. |
| Logs and security data | Kept for a limited period for security and abuse prevention, then deleted or anonymized. |
When a Need expires or is closed, its unmatched content, embeddings, and distilled data are deleted. A Match is the one event that makes content persist — because the introduction has already happened.
8. Cookies and similar technologies
We use only the cookies or similar storage needed to operate the Service — chiefly to keep you signed in and to protect against abuse. We do not use advertising or cross-site tracking cookies. Where required by law, we will request consent for any non-essential cookies before setting them.
9. International data transfers
The Operator and our providers may process your data in countries other than where you live, including outside the EU/EEA and the UK. Where we transfer personal data internationally and the law requires safeguards, we rely on an appropriate transfer mechanism (such as the European Commission's Standard Contractual Clauses, the UK Addendum, or an adequacy decision) and apply appropriate measures. You can ask us for more information using the contact details in Section 12.
Note (remove before launch): Confirm where the Operator and each provider process data, and put the correct transfer mechanism(s) in place. See the fill-before-launch checklist.
10. Security
We take reasonable technical and organizational measures to protect personal data — including encrypting data in transit, holding live Need content in minimized form, releasing Contact Information only on a Match, passwordless sign-in (so there is no password database to leak), and deleting unmatched content on close or expiry. However, no method of transmission or storage is completely secure, and we cannot guarantee absolute security. You share information through the Service, and with matched people, at your own risk.
11. Your privacy rights
Depending on where you live, you may have some or all of the following rights. We aim to make the core of these rights — access, correction, and deletion — available to all Users as a matter of policy regardless of location, and will make reasonable efforts to honor such requests.
Under the GDPR / UK GDPR (EU/EEA/UK residents): access; rectification; erasure ("right to be forgotten"); restriction; objection; data portability; withdrawal of consent; and the right to lodge a complaint with your supervisory authority.
Under the CCPA/CPRA (California residents): the right to know what personal information we collect and how we use and disclose it; the right to delete; the right to correct; the right to opt out of "sale" or "sharing" (we do not sell or share your personal information as those terms are defined); and the right to non-discrimination for exercising your rights. We do not use sensitive personal information for purposes that would trigger the right to limit, beyond providing the Service you requested.
For California residents, the categories of personal information we have collected in the last 12 months map to the CCPA categories as follows:
| CCPA category | Do we collect it? | Source | Disclosed to (business purpose only) |
|---|---|---|---|
| Identifiers (e.g., email address, account identifier, IP address) | Yes | You; your sign-in provider; automatically | Service providers (Section 6); the matched person, on a Match |
| Internet/network activity (logs, actions on the Service) | Yes | Automatically | Service providers (Section 6) |
| Professional/commercial or other information you place in a Need | Yes (free text) | You | Service providers (Section 6); the matched person, on a Match |
| Inferences (embeddings, Safe Tags derived from your Need) | Yes | Generated by us | Service providers (Section 6) |
| Sensitive personal information | Only if you put it in a Need | You | Used only to provide the Service (Section 3) |
We collect this information for the business purposes in Section 4. We have not sold or "shared" (for cross-context behavioral advertising) any personal information, and we do not do so.
Important limits specific to Pairoa:
- We cannot recall information already revealed to a matched person. Deletion applies to our systems, not to copies a matched person already received.
- Some data may be retained where we have a legal obligation or need it to establish or defend legal claims, or to keep the Service secure.
How to exercise your rights. Email us at contact@pairoa.com. We will verify your request using reasonable measures (for example, control of the email address tied to your account) and respond within the timeframes required by applicable law — generally within 30 days (GDPR/UK GDPR) or 45 days (CCPA/CPRA), with an extension where permitted and with notice. We will not discriminate against you for exercising your rights.
12. How to contact us / make a request
- Privacy requests and questions: contact@pairoa.com
- General: contact@pairoa.com
- Operator / legal notices: Pairoa is operated by an individual; reach the Operator at contact@pairoa.com. A postal address will be provided on legitimate legal or regulatory request.
If you are in the EU/EEA or UK and believe we have not handled your data properly, you may also complain to your local data protection authority.
13. Children
The Service is for adults (18+). We do not knowingly collect personal data from anyone under 18. If you believe a minor has provided us personal data, contact us and we will delete it.
14. Changes to this Policy
We may update this Policy from time to time. If we make material changes, we will update the "Last updated" date and take reasonable steps to notify you (for example, by a notice on the website or, if you have a Claimed Identity, by email). Your continued use of the Service after the changes take effect means you accept the updated Policy.
This Privacy Policy is provided for the operation of a personal website and does not constitute legal advice. It should be reviewed by a qualified privacy/data-protection lawyer in the relevant jurisdiction(s) before the Service launches, and the sub-processor list and transfer mechanisms must be confirmed. See the accompanying fill-before-launch checklist.