kita

KITA Privacy Policy

Last updated 25 June 2026

1. Who we are

KITA is a mobile and web dating service operated by B4U SRL, registered at VIA SPAGNA 1, 65015 MONTESILVANO, ITALY ("KITA", "we", "us", "our").

Under Philippine law. KITA is the personal information controller as defined by the Philippine Data Privacy Act of 2012 (Republic Act No. 10173, as amended, and its implementing rules and regulations, together the "DPA"). Our Data Protection Officer, required under the DPA, is Alessandro Mazzocco and can be contacted at dpo@kitadate.net. We have registered our personal data processing system with the National Privacy Commission as required for entities processing sensitive personal information.

Under European law. For users in the European Economic Area, KITA is the controller of personal data as defined by the General Data Protection Regulation (EU) 2016/679 (the "GDPR").

For any privacy question, contact us at hello@kitadate.net or write to our Data Protection Officer at dpo@kitadate.net.

2. Who can use KITA

KITA is for adults only. You must be at least 18 years old, or older where your local law sets a higher age. We do not knowingly collect data from anyone under 18. If we learn that a user is under 18, we delete the account and all associated data without delay.

3. The data we collect

3.1 Account and profile data

This includes your name, email address, phone number, date of birth, gender, and the city you are in. It also includes the content of your profile, which means your photos, your bio, your interests, the relationship intention you declare, your availability such as days, time slots and notice required, and the prompts you answer.

3.2 Identity verification data

KITA requires identity verification before a user can send messages. Depending on the verification level, we process a live selfie to confirm you match your profile photos, a connected social account from which we read only a verification signal, and for the highest tier an identity document. Under Philippine law, identity documents and biometric data such as the selfie are classified as sensitive personal information. Identity documents are deleted promptly after the verification check is complete. We retain only the outcome of the check, the date it was completed, and the verification level reached. The document itself is never stored beyond the check.

3.3 Location data

To show you people near you we process your location. You control whether you share precise location through your device settings. If you disable precise location some matching features will not work. We do not share your exact coordinates with other users. We show only a general distance.

3.4 Activity data

This includes the profiles you like, pass or interact with, the connections you form, the messages you exchange, and how you use the features of the service.

3.5 Sensitive personal information

Under the Philippine DPA and the GDPR, certain categories of data require stronger protection. Because KITA is a dating service, your profile may reveal information about your sex life or sexual orientation. The selfie used for verification is treated as biometric data. Identity documents are sensitive personal information. We process these only with your explicit and informed consent given when you register and complete verification.

3.6 Technical data

This includes your device type, operating system, app version, a device identifier, your internet protocol address, and access logs needed for security and to operate the service.

3.7 Payment data

Premium subscriptions are processed by the Apple App Store and the Google Play Store under their own terms and privacy policies. We receive only confirmation of your subscription status. We never see your card or bank details.

4. Why we collect your data and the legal basis

4.1 Under Philippine law

The DPA requires us to state a lawful criterion for every processing activity.

We collect and use your account, profile, location and activity data to provide the KITA service and to perform our contract with you. We process sensitive personal information including biometric data and data that may reveal sexual orientation with your explicit consent, which you give when you create your profile and complete verification. We process security logs and fraud signals to comply with legal obligations and to protect the safety of users and of the service. We process data for legitimate interests where these do not override your rights, for example to improve the service and to prevent abuse.

4.2 Under the GDPR

For users in the European Economic Area we apply the same purposes as above. The legal bases are performance of contract for account and profile data, explicit consent for special category data including biometric and sexual orientation data, compliance with legal obligations, and legitimate interests where proportionate. Where we rely on legitimate interests you have the right to object as described in Section 10.

5. How identity verification works

Verification is central to KITA. We want the process to be fully transparent.

The selfie check compares a live image with your profile photos to confirm you are real and presenting your own pictures. The social check reads only a confirmation signal from the linked account and never reads private content or stores the link. The document check, available at the premium verification tier, confirms your identity against an official document and is then immediately deleted. Only the outcome and the date are kept. Verification files are stored in a separate restricted environment, never on the public network, and are never shown to other users.

6. Who we share your data with

We do not sell your personal data.

Other users see only what you choose to make visible in your profile, your photos, bio, interests, declared intention, general distance and availability, and your verification badges. They never see your exact location, contact details, or identity documents.

We share data with trusted service providers who process it only on our instructions and under contractual safeguards. These include OVHcloud, whose servers for KITA are in Singapore, Cloudflare for content delivery and storage, Firebase by Google for push notifications, Resend for email, and the Apple App Store and Google Play Store for distribution and payments.

We may disclose data to courts, the National Privacy Commission, or other authorities where the law requires, or to protect the rights, safety and security of our users and of KITA.

7. International transfers

KITA processes data on servers in Singapore. Some service providers may process data in other countries.

For users in the Philippines. Data processed outside the Philippines is protected by contractual arrangements that require our providers to apply standards equivalent to those of the DPA. KITA remains accountable for data transferred abroad on its behalf, as required by the DPA and its implementing rules.

For users in the European Economic Area. Transfers outside the EEA are protected by Standard Contractual Clauses approved by the European Commission. You can request a copy from us at hello@kitadate.net.

8. How long we keep your data

We keep your account and profile data for as long as your account is active and for a short period after deletion to complete the removal process. Identity documents are deleted immediately after verification. The outcome and date of the check are kept for the life of the account. Security and access logs are kept for a limited period necessary for safety and legal compliance. When you delete your account we remove your personal data as described in Section 10, subject to any retention required by law, to resolve disputes, or to enforce our terms.

9. Your rights under Philippine law

Under the DPA you have the following rights regarding your personal data.

You have the right to be informed about what data we collect, why, and how we use it. You have the right to access a copy of your personal data we hold. You have the right to correct inaccurate or incomplete data. You have the right to object to processing where we rely on legitimate interests, or to processing for direct marketing. You have the right to erase or block data that is incomplete, outdated, false, or unlawfully obtained. You have the right to data portability, to receive your data in a structured format. You have the right to claim damages for any violation of your rights under the DPA.

To exercise any of these rights, contact us at hello@kitadate.net. We will respond within the period required by the DPA, generally within 15 business days for access requests. If you are not satisfied with our response you have the right to file a complaint with the National Privacy Commission at www.privacy.gov.ph.

10. Your rights under the GDPR

If you are in the European Economic Area you have the right to access your data, to have inaccurate data corrected, to have your data erased where the law allows, to restrict processing in certain circumstances, to object to processing based on legitimate interests, to receive your data in a portable format, and to withdraw consent at any time without affecting processing already carried out on the basis of that consent.

To exercise these rights, contact us at hello@kitadate.net. You also have the right to lodge a complaint with your local data protection authority.

11. How to exercise your rights in the app

Most rights can be exercised directly in the KITA app. You can download a copy of your profile data, edit or delete your photos and bio, and delete your account. When you delete your account we run a process that removes your photos, verification outcome, messages, matches, location data and account information. Deletion is permanent and cannot be undone.

12. Security

We use technical and organisational measures appropriate to the sensitivity of the data we process. These include encryption in transit, restricted access to verification data, separation of sensitive verification files from public profile data, manual review before profile photos are shown to other users, and immediate deletion of identity documents after verification. We maintain procedures to detect, contain and report security incidents. If a breach affecting your data occurs, we will notify you and the relevant authorities, including the National Privacy Commission, within the timeframes required by applicable law.

13. Other jurisdictions

KITA is a service designed for Southeast Asia and may expand to additional markets. Each launch in a new country will be accompanied by a review of applicable local law. Key frameworks relevant to our planned expansion include the Singapore Personal Data Protection Act, the Indonesian Personal Data Protection Law, the Thai Personal Data Protection Act, and the Vietnamese Law on Cybersecurity and personal data protection decree. We will update this policy and seek appropriate legal review before entering each new market.

14. Cookies and similar technologies

Our website uses cookies and similar technologies to keep you signed in, remember your preferences, and understand how the service is used. Where the law requires consent for non essential technologies, we ask for it before placing them.

15. Changes to this policy

We may update this policy as the service or the law changes. When we make a material change we will notify you in the app or by email before the change takes effect. The date at the top shows when the policy was last revised. Continued use of KITA after a notified change constitutes acceptance of the updated policy.

16. How to contact us

Privacy team: hello@kitadate.net Data Protection Officer: Alessandro Mazzocco dpo@kitadate.net Postal address: B4U SRL, VIA SPAGNA 1, 65015 MONTESILVANO, ITALY

Philippine regulator. National Privacy Commission, 3rd Floor, Core G, GSIS Headquarters, Financial Center, Pasay City, Metro Manila. www.privacy.gov.ph

European regulator. Your local data protection authority in the European Economic Area.

PrivacyTermsHome