Gays for Iran — LGBTQ+ Community & Dating

G4I

← Back

Last updated: April 10, 2026

Gays for Iran ("G4I", "we", "us") operates the website gaysforiran.com and the G4I dating platform. Privacy is not just a feature for us — it is the foundation of our service. Our users' lives may depend on our ability to protect their information. This policy explains exactly what we collect, why we collect it, how it is protected, and your rights.

The Short Version

• We collect the absolute minimum data needed to operate.

• Messages are end-to-end encrypted. We can never read them.

• We do not sell, rent, or share your data with anyone, ever.

• You can delete your account and all data permanently at any time.

• We use no third-party trackers, analytics, or advertising.

• Photos have all metadata (including location) stripped on upload.

1. Information We Collect

Account Information

When you create an account, we collect:

• Email address — used only for login and account recovery. We support privacy-focused providers like ProtonMail and Tutanota.

• Display name — what other users see. This does not need to be your real name and we encourage pseudonyms.

• Password (hashed) — we never store your actual password. We store a one-way cryptographic hash using bcrypt.

• Account creation date.

Profile Information (Optional)

You may choose to add to your profile:

• Age bracket (we never store an exact birth date — only ranges like 25-34)

• Bio, interests, "looking for" preferences

• Pronouns, languages spoken, body type, height (all optional)

• Profile photos (see "Photos" below)

Location (Optional)

If you grant location permission, we collect approximate location only — coordinates are grid-snapped to roughly 5 km precision before being stored. We never store precise GPS coordinates. You may also enter a city manually instead of using GPS, or opt out of location entirely.

Photos

When you upload photos, we automatically strip ALL metadata including GPS coordinates, camera information, timestamps, and embedded thumbnails before storing the image. The original file is discarded after processing.

Messages

Messages between users are end-to-end encrypted on your device using ECDH (P-256) key exchange and AES-256-GCM encryption. The G4I server transmits ciphertext only and cannot decrypt or read your messages under any circumstances. We retain only minimal metadata (message timestamp, sender/recipient IDs, delivery status) — never message content.

Information We Do NOT Collect

• Phone numbers

• Real names (unless you choose to use one as your display name)

• Date of birth or government IDs

• Contacts, address book, or social graph from other services

• Browsing behavior across other websites

• Cookies for advertising or tracking

• IP addresses for long-term storage (transient logs auto-purge within 72 hours)

2. How We Use Your Information

We use the limited information we collect solely to:

• Authenticate you and keep your account secure

• Show you potential matches based on your stated preferences

• Send transactional emails (verification, password resets, match notifications) — never marketing

• Detect and prevent abuse (spam, harassment, fraud)

• Provide customer support when you contact us

3. Who We Share Data With

We do not sell, rent, or trade your personal information with anyone. Period.

We use a small number of carefully selected service providers who process data on our behalf under strict confidentiality:

• Amazon Web Services (AWS) — hosting our infrastructure (servers, database, storage). Located in the United States. AWS does not have access to message content (which is encrypted end-to-end).

• Amazon SES — sending transactional emails. We send only the minimum needed for verification and notifications.

• Stripe — processing payments for merchandise purchases only. Stripe receives only the information you enter at checkout (name, shipping address, payment method). We never see your full payment details.

We will not voluntarily disclose user information to any government, law enforcement, or third party. We may be legally compelled to disclose limited account metadata under valid US legal process. Because we use end-to-end encryption and do not retain message content, we are unable to provide message content even if compelled. We do not operate in or have data centers in countries that criminalize same-sex relationships.

4. How We Protect Your Information

• End-to-end encryption for all messages (ECDH + AES-256-GCM)

• TLS 1.2+ for all connections between your device and our servers

• Encrypted database at rest using AES-256

• Bcrypt password hashing with strong cost factors

• HttpOnly, Secure, SameSite=Strict cookies for session tokens

• Refresh token rotation with reuse detection to invalidate compromised sessions

• Photo metadata stripping at upload time (GPS, camera, timestamps removed)

• Optional duress PIN that wipes your account if entered at login under coercion

• Optional PIN lock that locks the app after 2 minutes in the background

• Panic button on every screen that exits to an innocuous site

5. Your Rights and Choices

• Access: Request a copy of your data via Settings → Account → Export Data

• Correction: Update your profile information at any time

• Deletion: Delete your account at any time. Deletion is permanent and immediate — there is no 30-day grace period. All your data is purged from our database and storage.

• Opt out of email: Disable notification emails in Settings or via the unsubscribe link in any notification email

• Withdraw consent: You can revoke any optional permission (location, notifications) at any time

6. Data Retention

We retain your data only as long as needed to provide the service:

• Account data: until you delete your account

• Server access logs: auto-purged after 72 hours

• Email verification codes: 15 minutes

• Password reset codes: 15 minutes

• Refresh tokens: 30 days, or until logout

• Order/payment records: 7 years (US tax requirement)

7. Age Restriction

G4I is for adults aged 18 and over. We do not knowingly collect information from anyone under 18. If we discover that we have inadvertently collected information from a minor, we delete it immediately.

8. International Users

Our servers are located in the United States. By using G4I, you consent to your information being transferred to and processed in the US. We comply with applicable privacy laws including GDPR (for EU users) and CCPA (for California residents). EU and California users have additional rights including the right to lodge a complaint with a supervisory authority.

9. Changes to This Policy

We may update this policy from time to time. Any material changes will be announced via in-app notification and email. The "Last updated" date at the top reflects the most recent revision.

10. Contact Us

Questions, concerns, or requests about this privacy policy can be sent to:

privacy@gaysforiran.com