Data Breach Procedure

Last Updated: June 30, 2025

1. Identification and Reporting

Any suspected data breach is immediately reported to our Data Protection Officer (DPO) and relevant internal teams.

2. Assessment and Containment

We promptly assess the breach's scope, the nature of compromised data, and take immediate measures to contain and mitigate risks.

3. Notification

• When required by law, we notify the relevant data protection authorities within 72 hours of becoming aware of the breach.
• If the breach poses a high risk to users' rights and freedoms, affected users are informed without undue delay.

4. Remediation and Prevention

Following the incident, we implement corrective actions to prevent recurrence and improve our security measures.

5. Documentation

All data breaches, actions taken, and communications are fully documented and retained for accountability and compliance purposes.

6. Contact

For inquiries about data breaches, please contact our Data Protection Officer at dpo@matchme.com.