Privacy Policy

PRIVACY POLICY

Suman Marriage Bureau (“we”, “our”, “us”) is committed to protecting and respecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your personal data when you use our matchmaking services, website, or visit our registered office at 83 South Road, Southall, Middlesex, UB1 1SQ, or meet with us at any other mutually decided venue/location.

For the purposes of the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018, Suman Marriage Bureau is the Data Controller.

1. The Data We Collect About You

Because matchmaking requires deeply personal information, we collect and process various types of data:

• Identity & Contact Data: Full name, date of birth, gender, marital status, address, email address, and telephone number.
• Verification Data: Copies of government-issued ID (passport, driving licence), proof of address, and single-status declarations.
• Matchmaking Profile Data: Professional details, education, income brackets, hobbies, lifestyle preferences, and photographs.
• Special Category Data: Religion, ethnicity, caste/cultural background, and health or disability details (where volunteered by you to assist in finding a compatible match).
• Financial Data: Payment card details, billing addresses, and transaction histories (processed securely via our third-party payment processors).

2. How We Collect Your Data

We collect data from you through different methods:

• Direct Interactions: Information you provide by filling in registration forms, uploading photos, or during your in-person or digital onboarding consultations.
• Third Parties / Public Sources: Verification data obtained from identity check providers or public registries to comply with our KYC (Know Your Customer) obligations.

3. Legal Basis for Processing Your Data

Under the UK GDPR, we rely on the following lawful bases to process your personal data:

• Performance of a Contract: To deliver the matchmaking services you purchased from us.
• Legal Obligation: To conduct necessary identity, anti-fraud, and AML (Anti-Money Laundering) checks.
• Legitimate Interests: To manage our relationship with you, improve our algorithms, and ensure network safety.
• Explicit Consent: For processing Special Category Data (such as religious or ethnic preferences), we may ask for your explicit consent during registration. You can withdraw this consent at any time.

4. How We Use Your Data

We use your data strictly to operate our bureau, including:

• Verifying your identity and eligibility to use our service.
• Creating your matchmaking profile and assessing compatibility.
• Sharing your curated profile details with compatible, verified members.
• Processing payments and managing subscription renewals.
• Preventing, detecting, and reporting fraudulent or illegal activities.

5. Sharing Your Data

We do not sell your personal data. We only share your data with:

• Potential Matches: Selected parts of your profile (excluding direct contact details like phone numbers/addresses until mutually agreed) are shared with compatible members.
• Matchmakers: We occasionally work with other reputed matchmakers and in the interest of finding the right match for you, may share details accordingly, unless specifically requested no to do so.
• Service Providers: Trusted third parties providing IT, verification software, payment processing, or legal/debt recovery services.
• Law Enforcement: UK authorities (e.g., HMRC or the police) if we are legally obligated to report suspicious or fraudulent transactions.

6. International Data Transfers

We store and process your data primarily within the UK. If we share your profile with a potential match or use a service provider located outside the UK, we ensure that appropriate safeguards (such as UK International Data Transfer Agreements) are in place to guarantee your data receives an equivalent level of protection.

7. Data Security

We have put in place appropriate security measures to prevent your personal data from being accidentally lost, altered, disclosed, or accessed in an unauthorised way. We limit access to your personal data to employees and contractors who have a legitimate business need to know.

8. Data Retention

We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for, including satisfying any legal, accounting, or reporting requirements.

• Active Accounts: Data is kept for the duration of your membership.
• Closed Accounts: Basic identity, financial transaction, and contract data are retained for 6 years following account closure to comply with UK statutory limitation periods for legal claims and tax purposes.

9. Your Legal Rights

Under the UK GDPR, you have significant rights regarding your personal data:

• Request Access: Obtain a copy of the personal data we hold about you (a “Subject Access Request”).
• Request Correction: Have any incomplete or inaccurate data we hold about you corrected.
• Request Erasure: Ask us to delete your data when there is no good reason for us to continue processing it.
• Object to Processing: Object to us processing your data based on legitimate interests.
• Request Restriction: Ask us to suspend the processing of your data in specific scenarios.
• Withdraw Consent: Withdraw your consent at any time where we rely on consent to process your data (e.g., religious preferences).

To exercise any of these rights, please contact us at our physical office (by appointment) or via email at [email protected].

10. Complaints

You have the right to make a complaint at any time to the Information Commissioner’s Office (ICO), the UK supervisory authority for data protection issues (www.ico.org.uk). We would, however, appreciate the chance to deal with your concerns before you approach the ICO, so please contact us first.