ODDA Standards and Guidance

A full set of our Standards and Guidance can be downloaded here

Data Privacy Guidelines for Services

Dating and social discovery services play a crucial role in managing, protecting, and respecting personal data. Adhering to data laws is paramount, with focus on collection, processing, and security.

By adhering to these guidelines, services ensure data privacy while providing effective and safe user experiences.

Key Laws :

• European GDPR (2016/679)
• EU E-Privacy Directive
• EU Audiovisual Media Services Directive
• United States COPPA
• US State by State Laws including: California, Nevada, Virginia, Colorado, Illinois, Massachusetts and Texas
• UK GDPR 2018 – Soon to be DPDI Act
• UK Electronic Communications Act 2000
• Canada PIPEDA

Understand local regulations in your operational markets, for instance, in the UK the Information Commissioner’s Office (ICO) oversees data privacy and data protection.

Data Usage

Clarity:

• Specify data usage purposes clearly.

Transparency:

• Obtain user consent for sharing user profiles on affiliated apps/sites.
• Be clear how data may be used for advertising or marketing purposes.

Retention Policy:

• Define data retention duration, ensuring necessity.

User Data Rights:

 User Data Access:

• Allow users to access their data upon request.

Right to Erasure:

• Establish a policy for data destruction upon user request.

User Education:

• Encourage responsible user-generated content management and password security.

Blocking & Data Handling:

• Inform users about data handling when blocking other users.

Marketing Communication:

• Clearly inform users about potential data sharing with commercial partners.

 Profiling:

• Use profiling tools responsibly, respecting user rights.

Sale of User Data:

• Do not sell user data without explicit consent.

Children’s Data

• Child Protection: Follow ICO’s children’s code for data protection – the Age Appropriate Design Code where applicable.

Further Guidance:

Guidance Resources: Refer to ICO guidelines for GDPR compliance and data protection

Be sure to check the data protection regulation in all the jurisdictions in which you operate.

You can download these guidelines here

The Online Dating and Discovery Association (ODDA) recognizes the importance of fostering a diverse, equitable, and inclusive environment, along with adhering to responsible Environmental, Social, and Governance (ESG) practices. ODDA recommends it members embrace the following principles:

Diversity, Equality, and Inclusion:

• Promoting Diversity:
  • Celebrate and encourage diversity across all levels of an organisation, including race, gender, age, disability, sexual orientation, and cultural background.
  • Strive to reflect the diverse community of users within organisational structures.
• Ensuring Equality:
  • Provide equal opportunities without discrimination in hiring and staff engagement
  • Implement transparent practices that foster equality and fairness.
• Fostering Inclusion:
  • Create a welcoming environment where all individuals feel valued, respected, and able to contribute.
  • Encourage inclusive dialogue and collaboration, embracing different perspectives and ideas.

ESG Principles:

• Environmental Responsibility:
  • Commit to environmentally friendly practices, such as reducing waste and energy consumption.
  • Support initiatives that protect and sustain the environment.
• Social Responsibility:
  • Respect human rights and promote well-being within the community.
  • Engage with stakeholders and contribute positively to society.
• Governance and Ethics:
  • Uphold the highest standards of ethical conduct, transparency, and accountability.
  • Implement robust governance structures that ensure compliance with laws, regulations, and industry standards.
• Continuous Improvement:
  • Regularly review and update practices related to diversity, equality, inclusion, and ESG.
  • Engage with members, experts, and stakeholders to identify opportunities for growth and enhancement.

You can download these guidelines here

The Online Dating and Discovery Association (ODDA) is dedicated to fostering trust and safety in the sector. To this end, our members commit to the following principles to educate users and the general public:

• Transparency and Clarity:
  • Provide clear information on safety measures, privacy policies, and terms of use.
  • Ensure that users understand how their data is collected, used, and protected.

• Educational Resources:
  • Develop and share educational content on safe online dating and social discovery practices.
  • Offer guidelines on recognising and reporting suspicious activity or misconduct.

• Collaboration with Authorities:
  • Work closely with law enforcement and other agencies to promote safe online behaviours.
  • Share insights to aid in combatting online fraud or abuse.

• User Support and Assistance:
  • Implement easily accessible channels for users to ask questions, raise concerns, or report issues.
  • Provide timely support and guidance in case of any trust or safety-related matters.

• Community Engagement:
  • Involve users and the public in discussions about online safety specific to online dating and social discovery.
  • Utilise feedback to continually improve and update safety measures and educational materials.

• Regular Review and Updates:
  • Continuously review and update educational materials to reflect current best practices and legal requirements.
  • Collaborate with members and experts to ensure that trust and safety education remains effective and relevant.

You can download these guidelines here

User safety is paramount for dating and social discovery services, and both providers and users play a role in creating a secure environment.

By implementing these practices, services can foster a secure and positive environment, enhancing user trust and confidence.

Key Legislation:

• Communications Decency Act (USA)
• Online Safety Act (UK)
• Digital Services Act (EU)
• Online Safety Act (Australia)

Profile Safety:

• Services should actively moderate profiles to block fakes and inappropriate content.
• If utilised, user identity verification should be transparent and user-friendly.
• Members should have clear policies on acceptable profile content and identity issues
• Services should not themselves create fake profiles unless expressly for the testing of proper function of the platform and never for commercial gain e.g. inducing users to subscribe to the service.

Age Verification:

• Services should not accept registrations from those under the age of 18.
• Services should consider age-assurance appropriate to the risk of children accessing their platform. Reference the ICO guidance for further reading.
• Services should comply with all relevant legal and regulatory requirements for age assurance

Behaviour Management:

• Services should define acceptable behaviour guidelines for users through Terms and Conditions and/or Community Guidelines.
• Encourage users to report abuse and provide easily accessible tools to block unwanted interactions.
• Filter tools for contact control and responsive handling of reports.

Safety Advice:

• Offer comprehensive safety guidance for online and offline interactions.
• Cover privacy protection, fraud prevention, and personal safety.
• Promote awareness without causing alarm.

Tailored Safety Approach:

• Customise advice to service nature, whether casual meet-ups, serious relationships or friendships.
• Respond to new risks as they become apparent.

Fraud Prevention:

• Employ tools and processes to identify and remove scammers.
• Highlight risks of moving conversations away from secure in-service channels.
• Provide reporting channels and prompt response to user concerns.

Victim Support:

• Advise victims of scams to report to relevant law enforcement agencies.
• Offer clear signposting to support bodies and law enforcement agencies.

Law Enforcement Cooperation:

• Cooperate with law enforcement agencies and follow proper procedures.
• Engage with law enforcement around intelligence and partnership working.

You can download these guidelines here

User-Centric Business Practices for Services

Boosting user support, trust, and confidence is key for dating and social discovery services. These practices ensure alignment with requirements, enhancing credibility and fostering innovation.

By adhering to these practices, services can prioritise user satisfaction, build trust, and create an environment conducive to growth and innovation.

Clear Communication:

• Explain services, payments, and usage upfront and in clear, easily understandable language.
• Eliminate misunderstandings and ambiguity.
• Provide a straightforward and informative sign-up process.

Transparent Terms & Conditions (T&Cs):

• Ensure T&Cs are user-friendly and legally sound.
• Offer accessible information on services, payments, and data use.
• Enhance user understanding with helpful prompts.

Honest Advertising:

• Adhere to truthful, legal, and fair marketing practices.
• Avoid misleading information and context.

Payment Clarity:

• Clearly outline service offerings and payment options.
• Highlight subscription terms, auto-renewal, and cancellation policies. Keep abreast in developments in Consumer Protection in the jurisdictions in which the service operates.
• Clarify any usage-based or variable charges.

User Identity and Privacy:

• Clearly communicate user identity policy.
• Explain data use, retention, and profiling.
• Provide easy profile removal and data erasure options.

Genuine Profiles:

• Strive to ensure profiles are authentic and not misleading.
• Do not create fake profiles or advertising to drive subscriptions. 

Easy Cancellation:

• Allow users to cancel memberships or subscriptions hassle-free and in a manner similar to how they signed up.
• Provide clear instructions for cancellation and profile removal.
• Process cancellations promptly and confirm.

Accessible Support:

• Share contact details for user inquiries.
• Provide accessible refund policies for paid services.
• Handle complaints and queries efficiently.

Compliance and Resources:

• Stay informed about relevant laws and regulations.
• Reference relevant guidance and legislation to ensure compliance.
• Utilise resources for auto-renewal practices and consumer rights.

You can download these guidelines here

Cyber Security Guidelines for Services:

Dating and social discovery services hold large amounts of sensitive data which is highly sought after by cyber-criminals. Keeping this data safe through the implementation of appropriate security controls can significantly reduce the likelihood of data breaches.

To demonstrate the importance of cyber security to their customers and staff, providers should ensure they comply with all relevant cyber laws and standards while implementing policies and procedures to mitigate against the threat of common cyber threats.

In addition, providers should also ensure they have an Incident Response Plan in place and seek to mitigate risks from suppliers.

Key Laws and Standards:

United States:

• SEC Incident Disclosure Rules (for public limited Companies) 1
• Computer Fraud and Abuse Act (CFAA)
• NIST
• Relevant state legislation

European Union:

• Network and Information Systems (NIS) Directive
• EU Cyber Security Act
• Digital Operational Resilience Act (DORA)
• Cyber Resilience Act* (awaiting formal adoption by the Council of the European Union)

United Kingdom:

• Computer Misuse Act 1990
• Electronic Identification and Trust Services for Electronic Transactions Regulations 2016

Australia:

• Privacy Act 1988 (specifically Australian Privacy Provision (APP) 11)

Canada:

• Personal Information Protection and Electronic Documents Act (PIPEDA) 2000
• Relevant Provincial / Territorial legislation

International Standards:

• ISO27001

1.https://www.sec.gov/newsroom/speeches-statements/gerding-cybersecurity-disclosure-20231214