Privacy Policy - Chorus
Effective date: April 8, 2026
Last updated: April 8, 2026
1. Introduction
This Privacy Policy (“Policy”) describes how Chorus (“Chorus,” “we,” “us,” or “our”) collects, uses, discloses, retains, and otherwise processes personal information in connection with the Chorus mobile application for iOS (the “App”) and our website at https://www.chorusdating.com/ (collectively, the “Services”).
Chorus is developed and operated by Randy La and Anthony Hua, the founders of Chorus. We are not a corporation. We are accountable under applicable Canadian privacy law for the personal information collected and processed through the Services in Canada - including how it is collected, used, disclosed, and protected as described in this Policy. Randy La and Anthony Hua share this responsibility jointly; either may respond to privacy inquiries at the email in Section 16.
By accessing or using the Services, you acknowledge that you have read this Policy. If you do not agree, do not use the Services.
This Policy is intended to comply with Canada’s Personal Information Protection and Electronic Documents Act (PIPEDA), where applicable, and to reflect common expectations for mobile applications distributed in Canada. Certain provinces (e.g. Alberta, British Columbia, Quebec) have substantially similar or additional requirements; where applicable, we will process personal information in accordance with those laws.
2. Scope and eligibility
The Services are intended for use in Canada by individuals who are at least the age of majority in their province or territory of residence (and in any case not under 18). We do not knowingly collect personal information from minors. If you believe we have collected information from a minor, contact us using the details in Section 16 and we will take appropriate steps to delete it.
3. Personal information we collect
The categories below depend on how you use the Services.
3.1 Account and authentication data
- Mobile telephone number used for account creation and sign-in.
- Authentication records (e.g. verification codes, session identifiers) processed by our authentication providers.
- Device and security signals used for fraud prevention in connection with phone authentication (e.g. reCAPTCHA-related data processed by Google as part of Firebase phone verification).
3.2 Profile and preference data
- Profile content you provide, such as name or display name, photographs, biographical text, and similar fields.
- Date of birth, used to determine eligibility and to display or derive age.
- Dating preferences (e.g. gender-based preferences and related matching criteria).
- Location information that you enter or select (e.g. city or place search). When you choose a place, we may store a text label and, where available, latitude and longitude returned via Google Places APIs to support matching and related features. The App is not designed to collect continuous background GPS solely for the purpose described in this Policy; location is based on your selections unless we introduce separate location functionality and update this Policy.
3.3 Messaging and activity data
- Messages and related metadata between you and other users. Real-time messaging may be processed using Firebase Realtime Database; other profile and structured data may be stored in Cloud Firestore.
- Matching and discovery activity (e.g. likes, passes, or similar interactions) and associated metadata.
- Music-related data if you connect Spotify or use music features (e.g. playlists, artists, tracks, or listening-related information as implemented in the App).
3.4 Media
- Images you upload. Images are stored using Firebase Storage and may be processed on device (e.g. cropping or resizing) before upload.
- Photo library access only where you grant permission on your device to select photos.
3.5 Technical, device, and log data
- Device identifiers and device attributes (e.g. device type, operating system version, app version).
- Push notification token (via Expo) if you enable notifications, used to deliver alerts about messages, matches, or service updates.
- IP address, timestamps, and server logs when you interact with our backend application programming interfaces (APIs) or infrastructure.
3.6 Transaction data (in-app purchases)
- In-app purchases and subscriptions on iOS are processed by Apple under its terms. We receive transaction-related information needed to validate entitlements (e.g. subscription status), not your full payment card number from Apple.
3.7 Support and feedback
- Feedback, support requests, and related content you submit (e.g. category, free-text description).
We do not require you to provide more information than is reasonably necessary for the Services; optional fields remain optional unless we state otherwise for a specific feature.
4. Purposes and legal bases for processing
We process personal information for the following purposes, as permitted under PIPEDA and similar Canadian privacy law:
| Purpose | Examples |
|---|---|
| Providing the Services | Account creation, profiles, matching, messaging, music-related features, location as you provide it. |
| Security and integrity | Authentication, abuse prevention, fraud detection, reCAPTCHA, monitoring for harmful activity. |
| Communications | Push notifications (if enabled), service-related notices. |
| Improvement and analytics | Understanding usage, debugging, and improving features (including aggregated or de-identified data where feasible). |
| Legal and compliance | Complying with applicable law, responding to lawful requests, enforcing our terms. |
Where we rely on consent (e.g. optional marketing communications if we offer them, or certain device permissions), you may withdraw consent subject to contractual and legal limits.
5. Disclosure of personal information
We disclose personal information only as set out below.
5.1 Service providers and processors
We use third-party service providers that process personal information on our instructions and under contractual safeguards appropriate to the sensitivity of the information, including:
- Google (Firebase: Authentication - including phone sign-in - Cloud Firestore, Firebase Realtime Database, Firebase Storage, Firebase Analytics, Firebase Crashlytics, and related infrastructure; Google Places APIs used through our servers for location search and place details; reCAPTCHA in connection with phone authentication).
- Expo (push notification delivery infrastructure).
- Spotify (if you connect an account - subject to Spotify’s authorization screens and policies).
- Apple (App Store, In-App Purchase, and related services).
These providers may process personal information in Canada, the United States, and other jurisdictions where they operate. Such processing may involve cross-border transfers of personal information. We take steps that are reasonable in the circumstances to ensure a comparable level of protection, including contractual measures where appropriate.
5.2 Other users
Certain information you place on your public or semi-public profile (as designed in the App) may be visible to other users in accordance with the App’s functionality (e.g. profile fields, photos, age or age range, location label).
5.3 Legal requirements and protection of rights
We may disclose personal information if required to do so by law, regulation, legal process, or governmental request, or where we believe disclosure is necessary to protect the rights, safety, or property of users, the public, or Chorus.
5.4 Business transactions
If Chorus or its assets are involved in a merger, acquisition, reorganization, or sale of assets, personal information may be transferred as part of that transaction, subject to confidentiality and this Policy or a successor policy that is no less protective, where required by law.
We do not sell personal information to third parties for monetary consideration in the conventional sense. We do not share the content of your private messages with advertisers for their independent marketing use.
6. Analytics and crash reporting
We use Firebase Analytics and Firebase Crashlytics in the App to measure engagement, understand how features are used, and diagnose crashes and stability issues. Those tools may collect usage, diagnostic, and device-related data in accordance with Google’s documentation. We may adjust configuration (e.g. data collection settings) from time to time; material changes will be reflected in this Policy or otherwise communicated as required by law.
7. Retention
We retain personal information only as long as reasonably necessary to fulfill the purposes described in this Policy, including:
- Account data for the duration of your account.
- Messaging and profile data as needed to operate the Services and as required by law.
- Limited residual copies in backups for a reasonable period.
Upon account deletion (where offered), we will delete or de-identify personal information within a reasonable time, subject to legal obligations and legitimate interests (e.g. security, dispute resolution, enforcement of terms).
8. Security
We implement reasonable physical, organizational, and technical safeguards appropriate to the sensitivity of the personal information we process. No method of transmission or storage is completely secure; we cannot guarantee absolute security.
9. Your rights and choices
Subject to applicable law, you may have the right to:
- Access personal information we hold about you.
- Correct inaccurate or incomplete information.
- Withdraw consent where processing is based on consent, subject to legal or contractual restrictions.
- Delete your account or request deletion of personal information, where applicable.
- Opt out of non-essential push notifications via device or in-app settings.
To exercise these rights, contact us using Section 16. We may need to verify your identity before responding. We will respond within timelines required by applicable law, generally 30 days for requests under PIPEDA where applicable, unless an extension is permitted.
If you are in Quebec, you may have additional rights under Law 25 and related regulations; contact us for Quebec-specific requests.
10. Cookies and similar technologies
Our website may use cookies or similar technologies as described in any separate cookie notice we post. The App may use local storage on your device (e.g. for session or preference data) as implemented in the application.
11. Third-party links and services
The Services may contain links to third-party websites or services (e.g. Spotify, Apple). Their privacy practices are governed by their own policies. We encourage you to read those policies before providing information to them.
12. Automated decision-making
We may use automated processes (including matching algorithms) to suggest or rank potential connections. These processes use information you provide and activity on the Services. You may contact us if you have questions about how matching works at a high level; we do not guarantee human review of every automated outcome.
13. Changes to this Policy
We may amend this Policy from time to time. We will post the updated Policy in the App and/or on our website and revise the “Last updated” date. Where required by law or where changes are material, we will provide additional notice (e.g. in-app notification or email). Your continued use of the Services after the effective date of changes constitutes your acceptance of the updated Policy, except where prohibited by law.
14. Language
The English version of this Policy prevails unless otherwise required by law.
15. Dispute resolution
If you have a concern about our privacy practices, contact us first at the email below. If we cannot resolve your concern, you may file a complaint with the Office of the Privacy Commissioner of Canada (OPC) or, where applicable, your provincial privacy commissioner or ombudsman.
16. Contact
For privacy inquiries, requests, or complaints:
Chorus
Founders: Randy La and Anthony Hua, Ontario, Canada.
Email: chorusdatingapp@gmail.com
Send privacy and data-protection requests to this address. Randy La and Anthony Hua are jointly available to respond. We do not maintain a public mailing address for privacy requests; contact is by email only.
This Policy is provided for general information and does not constitute legal advice. Randy La and Anthony Hua recommend obtaining independent legal advice regarding compliance with PIPEDA, provincial privacy statutes, and App Store requirements.