Grindr collects highly sensitive personal information including your HIV status, sexual preferences, and precise location as part of creating and maintaining your profile and using the service.
This analysis describes what Grindr's agreement states, permits, or reserves. It does not constitute a legal determination about enforceability. Regulatory applicability and practical outcomes may vary by jurisdiction, enforcement context, and individual circumstances. Read our methodology
HIV status and sexual orientation are among the most sensitive categories of personal data, and their collection and potential disclosure can create significant real-world risks for users including discrimination, outing, and safety threats.
By using Grindr and completing your profile, you consent to the collection of health data (HIV status) and sexual orientation data, which are special category data under GDPR and carry heightened sensitivity; mishandling or unauthorized disclosure of this information could have serious personal consequences.
How other platforms handle this
We collect information you provide directly to us, such as when you create an account, contact us for support, sign up for marketing emails, or otherwise communicate with us. The types of information we may collect include your name, email address, postal address, phone number, company name, job tit...
We collect information you provide directly to us, such as when you create an account, use our Services, make a purchase, or contact us for support. The types of information we may collect include your name, email address, password, phone number, credit card and other payment information, and any ot...
At Ledger, earning and maintaining our users' trust is a top priority. That's why we are deeply committed not only to protecting your privacy and securing your personal data, but also to being fully transparent about how we handle it.
Monitoring
Grindr has changed this document before.
Receive same-day alerts, structured change summaries, and monitoring for up to 10 platforms.
"We collect information you give us when you use our Services. This includes: profile information such as your name, username, email, phone number, date of birth, HIV status, sexual preferences, relationship status, ethnicity, and photos. We use your precise geolocation information to show your distance to other users and to provide location-based features of our Services.— Excerpt from Grindr's Grindr Terms of Service
REGULATORY LANDSCAPE: GDPR Article 9 designates health data and data concerning sexual orientation as special category data requiring explicit consent under Article 9(2)(a) or another enumerated legal basis. The Norwegian Data Protection Authority fined Grindr approximately 65 million NOK in 2021 for sharing user data including HIV status with advertising partners without valid GDPR consent. The FTC Act Section 5 prohibits unfair or deceptive practices, and the FTC has signaled that mishandling of sensitive health data by consumer apps constitutes an unfair practice. CCPA/CPRA classifies sensitive personal information including health data and sexual orientation as a distinct category requiring additional disclosure and opt-out rights. GOVERNANCE EXPOSURE: High. The collection of HIV status is a documented regulatory risk area for Grindr specifically, with prior enforcement action. The adequacy of the consent mechanism for special category data under GDPR must meet the standard of being freely given, specific, informed, and unambiguous, and conditioning core service access on providing this data may not satisfy the freely given requirement under GDPR Recital 43. JURISDICTION FLAGS: EU/EEA users have the strongest protections under GDPR Article 9, and any onward transfer of this data to third countries must comply with Chapter V transfer mechanisms. California users have CPRA rights to limit use of sensitive personal information. Illinois users should be aware that location data practices may intersect with state privacy discussions. Users in jurisdictions where homosexuality is criminalized face acute safety risks from any data exposure. CONTRACT AND VENDOR IMPLICATIONS: Any vendor or partner receiving HIV status or sexual orientation data must be assessed under GDPR Article 28 data processor agreements or Article 26 joint controller arrangements. Advertising technology partners in particular require scrutiny given the prior enforcement history. Data sharing agreements should explicitly restrict onward transfer and re-identification. COMPLIANCE CONSIDERATIONS: Compliance teams should audit whether the consent mechanism for HIV status and sexual orientation data meets GDPR Article 9 explicit consent standards, including granularity and the ability to withdraw consent without detriment. A data mapping exercise should confirm which third parties receive special category data. CPRA compliance requires publishing a clear notice of the right to limit use of sensitive personal information. Security assessments should address the specific risk profile of storing health and orientation data given the sensitivity of the user population.
Full compliance analysis
Regulatory citations, enforcement risk, and due diligence action items.
Free: track 1 platform + weekly digest. Watcher: 10 platforms + same-day alerts. No credit card required.
Netflix updated its Privacy Statement on April 18, 2026, disclosing voice recording collection and expanded household ad profiling for the first time.
Google's Privacy Policy covers Search, Gmail, YouTube, Maps, and every site running Google Analytics. Here is what it actually authorizes.
Professional Governance Intelligence
Need to monitor specific governance provisions?
Professional includes provision-level monitoring, governance timelines, regulatory mapping, and audit-ready analysis.
Built from archived source documents, structured governance mappings, and historical version tracking.
HIV status and sexual orientation are among the most sensitive categories of personal data, and their collection and potential disclosure can create significant real-world risks for users including discrimination, outing, and safety threats.
By using Grindr and completing your profile, you consent to the collection of health data (HIV status) and sexual orientation data, which are special category data under GDPR and carry heightened sensitivity; mishandling or unauthorized disclosure of this information could have serious personal consequences.
No. ConductAtlas is an independent monitoring service. We are not affiliated with, endorsed by, or sponsored by Grindr.