[Georgii007]

Thank you so much for bringing this up — I really appreciate it, and you're absolutely right.

Right now, the app is still in pre-MVP stage — no real user data is being collected or processed yet. But as I build this, GDPR compliance is something I’m absolutely planning for before any public launch, especially if the app is ever made available in the EU or UK.

Here’s what I intend to do before launch:

The app won’t allow full names or uniquely identifying info like phone numbers or social links.

Reviews will be pseudonymous and moderated, with clear rules to avoid doxxing or identifiable posts.

I plan to implement a “Right to Erasure” mechanism, so anyone mentioned can request complete removal — and I’m also exploring a way for individuals to opt out preemptively, so future mentions get blocked automatically.

If proper GDPR compliance can’t be guaranteed by launch, I’ll restrict access from EU/UK regions until it’s fully ready.

I want this to be a tool that helps people feel safer — not one that puts others at risk. Privacy and ethics are core to this, and I’m grateful for feedback like yours that keeps the vision grounded and responsible.

[cherryteastain]

> If proper GDPR compliance can’t be guaranteed by launch, I’ll restrict access from EU/UK regions until it’s fully ready.

This is not enough. A US IP adding an EU/UK resident is also against GDPR if the added person's PII is involved. I am unsure how you can conclusively check if an added person is a UK/EU resident without committing an even worse GDPR violation, but just IP geoblocking EU/UK regions is not a solution here.

[Georgii007]

You're right: just geo-blocking by IP is not enough to reliably protect you under GDPR, especially if any user uploads potentially identifiable information about an EU/UK resident, even from outside those regions. It doesn't solve the problem. I recognize that such a system requires a much more precise mechanism for identifying and filtering data, as well as a process for handling deletion requests and protecting against re-additions.

Right now, the project is in its early stages, and these discussions help us understand exactly where the boundaries of what is acceptable and how to build in legal and ethical compliance from the start.

Here's what I plan to put in place: Strict content moderation and technical filters to exclude PII (personally identifiable information).

The right to remove and revoke, with as simple a process as possible, including the ability to auto-alert when you try to post again.

A separate legal page explaining restrictions, moderation principles and responsibilities.

As we develop, consultation with GDPR and digital rights experts before launching anything in the EU/UK.

[discordance]

It's a nice idea but curious how will you get around the following:

1. If people with an unsafe reputation can opt themselves out, then won't women still be exposed to that unsafe match?

2. Breakups can be messy. How do you prevent false information being reported in?

3. If someone requests their information through GDPR and finds false reports on them, how will you handle the risk of defamation lawsuits?

[Georgii007]

1.Yes, people with bad reputations may try to "unsubscribe" from the system, and it is true that this creates a potential blind spot. But the right to opt-out and defamation defense is more important. Here there will be a balancing act between private security and public harm.

2. The risks of false information are real. This is one of the most difficult parts of the project. I envision:

- Multi-stage moderation - Plausibility signals (AI filtering, account activity) - Ability to "reply" or mark as "challenged"

3. If someone requests data via GDPR and finds false accusations - they should be able to challenge, track, get a response and get it removed. I plan to build in a dispute resolution mechanism to not only comply with the law, but to ensure fairness for all parties.

I repeat: the project was conceived with good intentions, but these risks are not just hypothetical - they are structural. I am grateful that you have voiced them at this stage. If you have ideas or experience in similar systems - I would be very happy to dialog.

[dns_snek]

> Multi-stage moderation - Plausibility signals (AI filtering, account activity) - Ability to "reply" or mark as "challenged"

Will you require hard evidence as a matter of policy before publishing any allegations? That's the only thing that would set you apart from many previous implementations of this idea which always seem to turn into hateful and defamatory platforms.

"Plausibility signals" like AI filtering are only good for filtering outright spam and bot activity, they're useless for determining truthfulness of claims being made. If your goal is to publish truthful information then please take some lessons from the legal system because truth can only be ascertained by analyzing evidence, not by evaluating the accuser's social standing ("account activity") and asking a random village idiot for their opinion on one side of the story ("AI filtering").

And the whole process of "people can respond and ask for it to be taken down" is not good enough because by that time the damage could already be done. People who have done nothing wrong have no reason to proactively monitor and "curate" their public image on sites like these, so they're unlikely to discover false accusations against them until they either experience social consequences of those false allegations or they're lucky enough that someone who knows them well discovers it early and sticks up for them.

[discordance]

Thanks for the thoughtful responses and best of luck with this.

[Georgii007]

Thank you!