Privacy Policy

HonmeiDate is operated by MensuraMedia ("we," "us," "our"). For the purposes of Japan's Act on the Protection of Personal Information (APPI) and comparable laws elsewhere, MensuraMedia is the data controller for personal data processed through the Service.

This policy describes what personal data we collect when you use the HonmeiDate website and related features (the "Service"), what we do with that data, and the rights you have over it. It should be read alongside our Terms of Service.

Information you give us.

• Account data — email address, password (stored as a one-way hash), birth month and year, and, if you register with a third-party identity provider, the basic profile signals that provider returns.
• Profile data — display name, photos, bio, gender, preferences, location city/region, interests, and any other field you fill in on the profile builder.
• Communications — messages you send through direct messages, chat rooms, Break Out Chat, support tickets, or our feedback form.
• Payment data — if you subscribe to a paid tier, our payment processor collects your card or equivalent payment details. We receive back a customer reference, your subscription status, and the amount billed — not your full card number.
• Identity verification — if you opt in, limited identity-document signals used to grant a verification badge. We retain a verification result and a short-lived document reference; we do not keep a long-term copy of the document.

Information we collect automatically.

• Usage activity — which pages you visit, what you like or favorite, who you message, which chat rooms you join, and timestamps for these events.
• Device and network — IP address, user-agent string, operating system, browser, approximate geolocation derived from IP, and a session identifier.
• Security and moderation signals — rate-limit counters, bot-score components, and abuse-detection metadata used to keep the platform safe.
• Error reports — if something breaks in your browser, the Service may send us a short error message, stack trace, and the page URL so we can fix it.

What we do not collect.

We do not collect precise GPS coordinates. We do not buy supplemental profile data from brokers. We do not read your contacts, calendar, or microphone. We do not build cross-site advertising profiles.

We use personal data to:

• run the Service — create your account, show your profile to other members, match you with people who fit your stated preferences, and carry your messages;
• keep the Service safe — detect spam, scams, harassment, and automated abuse; enforce our community rules; investigate reports; and respond to lawful requests from authorities;
• bill and support you — process subscription payments, send receipts, handle refunds, and respond to support tickets;
• improve the Service — understand which features work, fix bugs, and plan future changes, using aggregated or pseudonymous activity data wherever practical;
• communicate with you — send service notices, security alerts, and (if you opt in) product updates and activity digests;
• comply with law — meet our legal obligations, including tax, accounting, and records-retention requirements.

We do not use your personal data to train general-purpose third-party AI models. We may run our own in-house automated systems (content filters, spam detection, image moderation) on Service data as part of operating the Service.

Under APPI, we process personal information with the consent you provide when you create an account and accept this policy, and for the purposes described above. Where other privacy laws apply to you — for example, GDPR if you are in the EEA — we rely on the following legal bases:

• Contract — to provide the Service you have signed up for.
• Legitimate interests — to keep the Service safe, prevent fraud, improve the product, and run the business, where those interests are not overridden by your rights.
• Consent — for optional features that depend on your choice (for example, identity verification or marketing email).
• Legal obligation — where the law requires us to retain, disclose, or act on information.

We do not sell, rent, or trade your personal data to third parties for marketing.

We share limited personal data with:

• Processors who help us run the Service — our payment processor, transactional-email sender, hosting provider, and error-tracking service. Each is bound by a contract that limits them to processing personal data only on our instructions and for the purposes we specify.
• Other members — profile information you choose to display, and messages you send, are visible to the members you intend them for. Your privacy controls on each field determine how much is visible and to whom.
• Authorities — when we are required to by a valid legal order, or when we reasonably believe disclosure is necessary to protect someone's safety or prevent serious harm.
• A successor in a corporate transaction — if MensuraMedia is involved in a merger, acquisition, or asset sale, personal data may transfer as part of that transaction, subject to the same protections you have now.

We keep personal data only as long as we need it for the purposes described in this policy, plus any period required by law.

• Account and profile data — retained while your account is active. When you delete your account, we begin a deletion process that removes most data promptly; some fields may be retained in a de-identified form for safety, fraud prevention, or legal purposes.
• Messages — retained while at least one participant has a copy; when both participants delete a thread, the underlying record is removed on a rolling schedule.
• IP addresses in audit logs — retained for up to 90 days, then anonymized.
• Billing records — retained for up to seven (7) years to meet tax and accounting requirements.
• Moderation and safety records — retained for up to two (2) years to support investigation of repeat offenders.
• Backups — encrypted backups rotate on their own schedule; data in a backup may persist for a limited period after deletion from our active systems, and is restored only in a disaster-recovery scenario.

HonmeiDate is hosted in Japan. Some of our processors operate infrastructure or support teams in other countries. When personal data moves across a border, we rely on recognized transfer mechanisms (for example, standard contractual clauses, adequacy decisions, or equivalent protections under APPI) and require comparable security and confidentiality.

Depending on where you live and which privacy law applies, you may have the following rights over your personal data:

• Access — request a copy of the personal data we hold about you.
• Correction — correct data that is inaccurate or incomplete.
• Deletion — ask us to delete your account and associated personal data, subject to the retention carve-outs in Section 6.
• Objection and restriction — object to or ask us to restrict certain processing, including direct marketing.
• Portability — receive your data in a machine-readable format where this right applies.
• Withdraw consent — where processing is based on consent, you can withdraw it at any time; withdrawal does not affect processing done before the withdrawal.
• Complaint — lodge a complaint with your local data-protection authority if you believe our handling of your data violates applicable law.

Most of these can be exercised directly from your account settings (profile edit, privacy controls, account deletion). For anything the account settings don't cover, contact us through the support page and we'll respond without undue delay.

We use a small number of cookies and comparable storage mechanisms to keep you signed in, maintain your session, protect against cross-site request forgery, and remember basic preferences (for example, theme or dismissed banners). We do not use third-party advertising cookies.

Most browsers let you block or delete cookies; doing so may prevent parts of the Service from working. We will give you additional cookie controls if and when we introduce any analytics or measurement beyond first-party session handling.

We protect personal data with administrative, technical, and physical safeguards suitable to the sensitivity of the data — for example, TLS in transit, encrypted backups, hashed passwords, access controls, rate limiting, and audit logging.

No system is perfectly secure. If we become aware of a breach that is likely to result in a meaningful risk to your rights, we'll notify you and, where required, the relevant authority, in line with applicable law.

HonmeiDate is for adults. The Service is not intended for anyone under 18 and we do not knowingly collect personal data from minors. If we learn that an account belongs to someone under 18, we will close the account and delete associated personal data. If you believe a minor is using the Service, please contact us.

We may revise this policy from time to time. When we make a material change we'll update the effective date at the top and give you reasonable advance notice — typically by email and a prominent in-app notice.

For privacy questions, to exercise any of the rights in Section 8, or to report a concern about how your data is being handled, contact us through the support page or the feedback form on our About page.

HonmeiDate is operated by MensuraMedia. We take privacy seriously because the whole point of this Service is trust — and trust starts with how carefully we handle what you share with us.