LGBTQ+ Dating Apps Pivot to Privacy Amid Grindr’s GDPR Fine
Several LGBTQ+ dating apps are adopting privacy-first features after Grindr’s €5.7M GDPR fine in Norway.
Why it matters: Legal professionals face rising compliance risks as dating apps handling sensitive LGBTQ+ data draw regulatory scrutiny. Grindr’s data-sharing violations illustrate the legal, financial, and reputational exposure for companies not in full compliance with data protection laws like the GDPR.
- Grindr was fined €5.7 million in 2021 by Norway's DPA for unlawful sharing of users’ sensitive data, including exact location and sexual orientation.
- Lex, founded in 2019, anonymizes profiles and omits photo and location data by default, minimizing sensitive data collection.
- Hidnn offers anonymous sign-up and gradual disclosure features, meaning less data is exposed early in user relationships.
- Regulatory focus on ‘high-risk’ data sharing in LGBTQ+ apps intensified following complaints filed in late 2020.
Norway’s Data Protection Authority fined Grindr €5.7 million in 2021, citing violations of the General Data Protection Regulation (GDPR). The regulator found Grindr unlawfully shared user data about sexual orientation, GPS location, and device IDs with third-party advertisers—without legally valid consent or informing users about the recipients. The processing of such sensitive information falls under stricter GDPR protections.
Legal scrutiny has since grown, with NGOs lodging complaints against major dating platforms across Europe. This environment has prompted a wave of privacy-first redesigns—especially among LGBTQ+ apps handling highly sensitive, identifying data.
- Lex launched in 2019, prioritizing text-only personal ads. The app takes the unusual step of avoiding user photos and location tracking by default. Its design sharply limits the volume and type of personal information stored, reducing exposure in the event of a breach or regulator inquiry.
- Hidnn was developed in India and implements fully anonymous profiles at sign-up. Users may opt to gradually reveal information as trust develops. This structure minimizes early-stage data exposure. The company states it avoids selling data to third parties or requiring upfront photo uploads.
- Scruff, another major platform, claims to offer users expanded privacy controls and a mature, community-focused experience, although it continues collecting some user data for basic operation. Industry observers note a shift toward transparency and user agency in Scruff’s privacy policies.
Experts say legal teams advising dating apps should closely track evolving definitions of high-risk data and ensure privacy policies are explicit, granular, and GDPR-aligned. Even seemingly minor consent failures can result in multimillion-euro penalties if platforms process data concerning sexual orientation or health status.
By the numbers:
- €5.7 million — size of Grindr’s GDPR fine from Norway’s DPA in 2021
- 15 million — approximate global user base for Scruff, a leading alternative app
- 2019 — launch year of Lex, the minimal-data app for LGBTQ+ communities
Yes, but: Comprehensive independent research on the long-term effectiveness of privacy-first app models is still limited; legal professionals should monitor emerging enforcement and ensure ongoing audits to adapt to evolving risks.
What's next: Several European data protection authorities are conducting coordinated investigations into large dating platforms’ consent practices, with more fines or compliance actions expected in 2024.