Legal

Privacy Policy

Last updated: June 14, 2026 · MSEcom LLC ("we," "us," or "our")

Contents

1. Data We Collect
2. How We Use Your Data
3. Data Sharing
4. AI Features and Personas
5. Cookies and Tracking
6. Data Retention
7. Your Rights (GDPR / CCPA)
8. Deleting Your Account
9. Security
10. Children
11. Changes to This Policy
12. Contact

1. Data We Collect

We collect information you provide directly when you create an account, complete your profile, and use the Service. This includes:

Account information: Name, email address, and password (hashed)
Profile information: Photos, bio, gender, date of birth, location, relationship intent, and answers to profile prompts
Location data: Latitude/longitude and search radius for matching purposes; approximate location only
Messages: Content of messages you send to matched users within the app
Subscription and payment information: Subscription tier, status, and billing dates. Full payment card data is handled by Stripe — we do not store card numbers or CVV
Usage data: Swipes, matches, profile views, and feature interactions

2. How We Use Your Data

We use your data to:

Operate the matching algorithm and display compatible profiles
Process and manage subscriptions via Stripe
Facilitate messaging between matched users
Display AI personas in the swipe queue and power AI conversation features
Send transactional emails (account verification, subscription updates, match notifications)
Detect and prevent fraud, bot accounts, and Terms of Service violations
Comply with legal obligations

We do not use your personal data for advertising or sell your data to third parties.

We do not sell your personal data. We share data only in these limited circumstances:

Stripe: To process payments, we share subscription-related data with Stripe, Inc. Their use of your data is governed by Stripe's Privacy Policy.
Polsia platform: OneShot is built and operated on the Polsia platform. Polsia processes data on our behalf under a data processing agreement.
Legal requirements: We may disclose data if required by law, court order, or government request, or if we believe disclosure is necessary to prevent harm.
Business transfer: In the event of a merger, acquisition, or sale of assets, your data may be transferred as part of that transaction under the same privacy protections.

Matched users see your name, photos, and profile information within the app. We do not share your email, precise location, or payment information with other users.

4. AI Features and Personas

OneShot includes AI-generated personas that appear in your swipe queue. Swiping right on an AI persona creates an instant match and triggers an AI chat engine. AI personas are clearly labeled so you always know when you're interacting with AI.

AI persona interactions are stored to operate the feature. If you delete your account, AI persona conversation history is also deleted.

Once you have two or more human matches, AI personas stop appearing in your swipe queue.

5. Cookies and Tracking

OneShot uses the following cookies and tracking technologies:

Essential session cookies: Required to maintain your logged-in session and app functionality. These cannot be disabled without breaking the Service.
Analytics: We use Polsia's analytics pixel to understand usage patterns and aggregate app performance. It sets a first-party cookie to track unique visitors (with a randomly generated ID stored in localStorage — no PII). You can opt out by disabling cookies in your browser settings.
No third-party advertising cookies: We do not use third-party ad networks or track you across other sites.

6. Data Retention

We retain your data as follows:

Active accounts: Retained while your account is active and for 90 days after you delete it
Deleted accounts: Account data is purged within 90 days of deletion; messages between matched users may be retained longer in backups
Subscription records: Financial records are retained for 7 years per tax and accounting requirements
AI persona messages: Retained until account deletion

7. Your Rights (GDPR / CCPA)

Depending on your jurisdiction, you may have the following rights:

Access: Request a copy of all personal data we hold about you
Rectification: Request correction of inaccurate data
Erasure: Request deletion of your account and data ("right to be forgotten")
Restriction: Request limited processing in certain circumstances
Data portability: Request your data in a machine-readable format
Objection: Opt out of certain processing activities

California (CCPA/CPRA): We do not sell your personal information. You have the right to know what data we collect, request deletion, and not be discriminated against for exercising your rights.

European Union (GDPR): Our legal basis for processing is your consent (account creation) and performance of the contract (providing the Service). You may contact us to exercise any of these rights. You also have the right to lodge a complaint with your local data protection authority.

8. Deleting Your Account

You can delete your account at any time from the Settings screen in the app. Deletion is irreversible. We will remove your profile, photos, messages, and match history from our active systems within 90 days. Backup copies may persist for up to 90 additional days.

Deleting your Stripe subscription separately does not delete your OneShot account — you must delete the account through the app.

9. Security

We use industry-standard encryption (TLS/HTTPS) for all data in transit. Passwords are hashed using bcrypt — we never store plaintext passwords. Sensitive data at rest is encrypted on our hosting provider's infrastructure.

No system is 100% secure. If you become aware of a data breach, contact us immediately at Mitchell@MSEcomLLC.com.

10. Children

OneShot is not intended for users under 18 and we do not knowingly collect data from anyone under 18. If we learn that we have collected data from a minor, we will delete it promptly.

11. Changes to This Policy

We may update this Privacy Policy from time to time. When we make material changes, we will update the "Last updated" date and, for significant changes, notify you via email or in-app notice. Your continued use of the Service after any update constitutes acceptance of the revised policy.

12. Contact

For privacy-related questions or to exercise your rights, contact us at:

MSEcom LLC
Email: Mitchell@MSEcomLLC.com

We will respond to all privacy-related requests within 30 days.