← Home

Yuan — Privacy Policy

Last updated: 17 May 2026 · Contact: [email protected]

The short version

What gets collected

From you, directly: email and hashed password; your date of birth (collected at sign-up to confirm you’re 18 or over); the profile you fill in (display name, gender, photos, university, hometown, bio, questionnaire answers); messages to other users; reports and feedback; and, if you choose to support the project, the WeChat reference, screenshot, and the note you add (your sign-up email) so the contribution can be matched to your account. Optional postcode is used only to estimate distance.

From your browser, automatically: IP address (held only in memory for a short window to rate-limit sign-ups and abuse, not stored against your account; a hashed form is kept on feedback messages so repeat abuse can be spotted), last-seen timestamp (used by the matcher to favour recently-active users), and basic device/browser info.

Not collected: your real name (unless you put it in your display name — please don’t), race, religion, politics, health, or biometrics, and never live location.

What it’s used for

Matching, mostly — your questionnaire and activity feed the compatibility algorithm. Beyond that: delivering messages between matches, matching a supporter contribution to your account once it’s confirmed by hand, screening chat for abuse and scams, and tracking how the matcher itself is performing so it can improve over time.

Your data isn’t sold, isn’t shared with advertisers, and isn’t used to train machine-learning or generative AI. The only exception is a valid police request or a copyright takedown.

Cloudflare handles DNS and the secure connection to the site. No advertising network, no analytics provider, no AI vendor.

Algorithm telemetry

To tell whether the matching is actually working, the app records a few signals about how matches play out:

These signals are per-match, not anonymised, and they sit in the same database as the rest of your data — they get wiped when your account does.

Chat screening

Messages are scanned for spam, scams, and contact handovers (phone numbers, WeChat IDs, etc.). When a message trips the screen, a short excerpt of it goes into a moderation queue that only the Yuan team can read. The team uses this to decide whether to act on the account — the excerpt isn’t shown to the other user. Excerpts of flagged messages are kept after the account is deleted only when they relate to an open or escalated report; otherwise they’re scrubbed.

Who sees what

Cookies and local storage

One session cookie so you stay signed in, plus a little browser-side storage for UI bits like unread badge counts. No third-party tracking cookies. No ads. That’s why there’s no cookie banner.

How long things stick around

Active accounts: as long as the account exists. Soft-deleted accounts: 30-day grace window to restore, then wiped. Hard delete: profile, photos, and messages erased from active systems within 30 days; old backups roll over within roughly two weeks. On a routine schedule, feedback messages older than 180 days and notifications older than 90 days are deleted; the per-profile records the matcher uses to gauge its own accuracy are deleted after 90 days, and the longer-lived match-outcome signals are stripped of any link to your account after 180 days. Password-reset codes expire after 30 minutes.

Your rights

Ask for a copy of your data, correct it, export it as JSON, delete it, restrict or object to certain processing, or withdraw consent for optional fields. The fastest way to download your data is Settings → “Download my data”. For anything else, email [email protected].

Under-18s

Yuan is for adults. Accounts from anyone under 18 aren’t welcome here — if you think a minor has registered, email [email protected] and the account will be removed.

Security

Passwords are hashed with argon2id (never stored as plain text), session cookies are signed and encrypted, and sign-up requires solving a server-checked verification question (no third-party CAPTCHA, no tracking). No system is perfectly secure — if a breach affecting your data happens, you’ll be notified.

Changes

Material changes to this policy get at least 14 days’ notice, in-app or by email, before they take effect.

Questions, requests, or complaints: [email protected].