Hinge collects face geometry data when you use features like Selfie Verification or Face Check, and acknowledges this may qualify as biometric data depending on where you live.
This analysis describes what Hinge's agreement states, permits, or reserves. It does not constitute a legal determination about enforceability. Regulatory applicability and practical outcomes may vary by jurisdiction, enforcement context, and individual circumstances. Read our methodology
Biometric data is among the most sensitive personal information because it cannot be changed if compromised, and several US states impose strict legal requirements on how companies collect, store, and delete it.
Interpretive note: The policy does not specify which regions require Face Check or detail the consent mechanism used; whether consent is freely given in mandatory-feature contexts and whether jurisdiction-specific BIPA-compliant notices exist remains unclear from the document text alone.
If you use Selfie Verification or are in a region where Face Check is required, Hinge collects your face geometry data. Depending on your state, you may have specific rights regarding how long this data is retained and whether you were properly notified before collection.
How other platforms handle this
At Ledger, earning and maintaining our users' trust is a top priority. That's why we are deeply committed not only to protecting your privacy and securing your personal data, but also to being fully transparent about how we handle it.
If we collect health information from these integrations (such as heart rate), we will not sell or use it for advertising or other similar purposes; we do not disclose it to third parties without your prior consent; and we will only use it for the specific purposes described in this Policy.
We collect your personal data when you use our Services, create a new eBay account, provide us with information via a web form, add or update information in your eBay account, participate in online community discussions or otherwise interact with us.
Monitoring
Hinge has changed this document before.
Receive same-day alerts, structured change summaries, and monitoring for up to 25 platforms.
"You may choose to participate in certain of our features, like Selfie Verification, that involve the collection of face geometry data, which may be considered biometric data in some jurisdictions. Learn more about how we process your face data for Selfie Verification. If you use Hinge in a region where Face Check is required, you may learn more about the Face Check process here.— Excerpt from Hinge's Hinge Privacy Policy
REGULATORY LANDSCAPE: Face geometry data collection implicates Illinois BIPA, Texas CUBI, Washington's My Health MY Data Act, and potentially other state biometric privacy statutes. Illinois BIPA in particular requires a written policy, informed written consent prior to collection, and a defined retention and destruction schedule; violations carry statutory damages of $1,000 to $5,000 per violation. The FTC may also have jurisdiction over deceptive or unfair data practices related to biometric collection under Section 5 of the FTC Act. GOVERNANCE EXPOSURE: High. The policy's hedge that face geometry 'may be considered biometric data in some jurisdictions' rather than affirmatively identifying it as biometric suggests a global rather than jurisdiction-specific disclosure posture, which may be insufficient under BIPA and analogous statutes that require affirmative pre-collection notice and consent. Whether Face Check is 'required' in certain regions raises additional questions about whether consent is freely given when participation is mandatory. JURISDICTION FLAGS: Illinois BIPA creates the most acute exposure given its private right of action. Texas CUBI and Washington state laws create additional state-level obligations. For EEA and UK users, face geometry processed for identity verification may qualify as biometric data under GDPR Article 9 requiring explicit consent and a documented Article 9(2) exemption. In-scope jurisdictions should be mapped and jurisdiction-specific consent flows evaluated. CONTRACT AND VENDOR IMPLICATIONS: Any third-party vendors processing face geometry data on Hinge's behalf would require data processing agreements addressing biometric-specific obligations, retention schedules, and security standards. Procurement teams should assess whether current vendor contracts address BIPA-specific requirements including destruction timelines. COMPLIANCE CONSIDERATIONS: Legal teams should confirm whether a BIPA-compliant written policy and consent mechanism exists for Illinois users specifically, whether Face Check consent flows satisfy 'freely given' standards where the feature is described as required in certain regions, and whether retention and destruction schedules for face geometry data are documented and operationalized.
Full compliance analysis
Regulatory citations, enforcement risk, and due diligence action items.
Free: track 1 platform + weekly digest. Monitor: 25 platforms + same-day alerts. No credit card required.
Ad personalization controls removed. Contact scanning added. Advertiser data partnerships quietly dropped. A timeline of every change.
Compliance Governance Intelligence
Need to monitor specific governance provisions?
Compliance includes provision-level monitoring, governance timelines, regulatory mapping, and audit-ready analysis.
Built from archived source documents, structured governance mappings, and historical version tracking.
Biometric data is among the most sensitive personal information because it cannot be changed if compromised, and several US states impose strict legal requirements on how companies collect, store, and delete it.
If you use Selfie Verification or are in a region where Face Check is required, Hinge collects your face geometry data. Depending on your state, you may have specific rights regarding how long this data is retained and whether you were properly notified before collection.
No. ConductAtlas is an independent monitoring service. We are not affiliated with, endorsed by, or sponsored by Hinge.