Legal

Privacy Policy

We handle your personal details with the same care we'd want for our own families. Here's exactly what we collect, why, and how.

Last updated: April 2026

Plain English first. This page covers the legal details, but the short version is: your information is only ever used to find you a genuinely good match. We don't sell data, we don't run ads, and we don't share anything without a reason.
01

Who we are

Deshi Cupid is a human-led matchmaking service for Bangladeshis around the world. We are the data controller for the personal information you share with us through this website.

All matching is reviewed by a real person — your profile is never shown publicly, and no automated decision-making determines who you are introduced to without human oversight.

02

What we collect

When you submit your profile, we collect the information you provide in the form. This includes:

  • Name and age
  • Gender and preference
  • Location and relocation openness
  • Religion and faith description
  • Education and occupation
  • Height, drinking and smoking habits
  • Readiness for marriage
  • Views on children
  • Age range preference
  • Non-negotiables and personal catches
  • Instagram, LinkedIn, WhatsApp
  • Email address
  • Photos
  • Biodata document
  • Voice note

We also collect payment confirmation details via bKash (currently our only payment method — we may add card payments in the future), and standard server logs (IP address, browser type, timestamp) for security purposes.

03

Why we collect it

  • Matchmaking. Your profile details are used to find and score compatible matches. This process uses OpenAI's GPT-4o to generate compatibility narratives, which are reviewed by a human before any introduction is made.
  • Communication. We use your email address and WhatsApp number to send confirmation messages, updates, and — when a match is approved — introduction messages to both members.
  • Payments. If you upgrade to a paid tier, we currently process payments via bKash. We may add card payments through Stripe or similar providers in the future. Your membership tier is stored alongside your profile.
  • Service improvement. Anonymised, aggregated data may be used internally to understand how well our matching works.
04

Who we share it with

We do not sell your data. We share information only with the third-party services needed to run the platform:

Supabase
Our database and file storage provider. All profile data and uploaded media is stored on Supabase (PostgreSQL + Storage), hosted in the EU.
OpenAI
Used to generate compatibility summaries during the matching process. Profile text is sent to OpenAI's API; we do not opt in to training data use.
bKash
Our current payment method. Payment confirmation details are processed through bKash. We may add card payment providers in the future, in which case this policy will be updated.
Resend
Used to send transactional emails (confirmations, introductions). Your email address and name are shared only when sending a message to you.
WhatsApp
We may contact you via WhatsApp using the number you provided, for updates and introductions. Messages are sent directly by the Deshi Cupid team — no third-party automation.

We may also disclose information if required to do so by law or to protect the safety of our members.

05

How long we keep it

We keep your profile for as long as your membership is active. If your account is closed or paused, your data is retained for up to 12 months in case you return, then permanently removed from our systems.

Payment records are kept for 7 years to comply with financial reporting obligations.

Uploaded files (photos, biodata, voice notes) are stored in private Supabase Storage buckets and accessed only by the Deshi Cupid team.

06

Security

We take reasonable technical and organisational measures to protect your data:

  • All data is transmitted over HTTPS
  • The admin panel is protected by JWT authentication
  • File storage buckets are private — no direct public access
  • Access to the database is restricted to the service backend only
  • Row-level security is enabled on all database tables

No system is perfectly secure. If you believe your data has been compromised, please contact us immediately at the address below.

07

Your rights

There's no self-service portal — but we're a small, human team and happy to handle any request personally. Just get in touch and we'll sort it out.

See your data

Want to know exactly what we hold on you? Drop us a message and we'll send it over.

Make changes

Need to update something on your profile — a detail that's changed, or something you'd rather not have on file? Just let us know.

Remove your profile

If you want your information removed from our system, reach out and we'll delete it. We'll confirm once it's done.

Pause matching

Not ready right now? We can put your profile on hold without deleting anything, and pick back up when you're ready.

Email us at thedeshicupid@gmail.com and we'll get back to you within a few days.

08

Cookies

This website does not use tracking or advertising cookies. We may use a minimal session cookie to keep you logged in to the admin panel if you are a team member. No third-party analytics scripts are loaded on this site.

09

Changes to this policy

We may update this policy from time to time. If we make significant changes, we'll let you know by email if you have an active profile. The "last updated" date at the top of this page will always reflect the current version.

10

Contact & questions

Got a question about your data, or want to exercise one of your rights? Get in touch and we'll get back to you promptly.

Reach us directly

We respond to all privacy-related queries personally, usually within a few days.

thedeshicupid@gmail.com