Tinder under investigation over alleged breach of GDPR

A European data commissioner has launched a formal inquiry into the data practices at dating site Tinder, owned by parent company MTCH Technology Services Limited.

Announcing the investigation, the Irish Data Protection Commission, said the app, which is used in the UK, may be breaching the rights of EU citizens under the General Data Protection Regulation (GDPR).

Under the new laws, businesses are required to take steps to protect the privacy and security of consumer data, with a focus on transparency, consent and cybersecurity. Failure to follow the new rules can result in significant fines – up to 20 million euros or four per cent of annual global turnover, whichever is highest.

According to the report, the regulator has been “actively monitoring complaints received from individuals” since GDPR came into effect.

“A number of issues have been identified from concerns raised by individuals both in Ireland and across the EU,” said the regulator.

“The identified issues pertain to MTCH Technology Services Limited’s ongoing processing of users’ personal data with regard to its processing activities in relation to the Tinder platform, the transparency surrounding the ongoing processing, and the company’s compliance with its obligations with regard to data subject right’s requests.”

Commenting on the investigation, a spokesperson for MTCH Technology Services Limited said: “Transparency and protecting our users’ personal data is of utmost importance to us.

“We are fully cooperating with the Data Protection Commission, and will continue to abide by GDPR and all applicable laws.”

Despite the growing threat of cybercrime and increased regulation, a recent study found that four in 10 businesses still fail GDPR tests. According to data analysts Talend, businesses “failed to address requests” made from individuals seeking to obtain a copy of their personal data as required by GDPR within the one-month time limit set out in the regulation.

Kate Boguslawska, a Partner at CLC, said: “A dangerous number of companies still do not understand and therefore are not able to navigate safely through complicated GDPR laws. We encourage them to get advice as ignorance can prove very expensive.”

For help and advice complying with GDPR and data protection legislation, get in touch with our expert team today.