← Back to Venu

Legal

Privacy Policy

Last updated: 14 June 2026

1. Who we are

RESTASSURE AI LTD (“we”, “us”, “our”) operates Venu, a dating concierge in London. You tell us what you are looking for; we find someone you are genuinely compatible with, agree a time you are both free, and suggest a real venue you will both like. Venu is currently a private pilot in London, and during this phase a member of our team reviews matches personally.

RESTASSURE AI LTD is a UK limited company (incorporation pending with Companies House at the date above; the registered company number and registered office address will be published here on completion). For this policy, RESTASSURE AI LTD is the data controller for the personal data described below.

For any privacy question, or to exercise your rights, email privacy@restassure.app.

2. What data we collect and why

What we collect depends on how far you go with Venu. We group it by activity.

a) Joining the waitlist

When you join a waitlist on this site we store your email address and the city or university you enter, in our database, and send you a confirmation email. We will only message you about your launch.

Lawful basis: consent, which you give by submitting the form. UK GDPR Art. 6(1)(a) and PECR reg. 22. You may withdraw it at any time.

b) Confirming you are an eligible student

On the student page we ask for your university email address and the name of your university so we can confirm you are a current student at a university we have launched at. We check the email domain and university name against our list of supported universities.

Lawful basis: taking steps at your request prior to entering into a contract, and our legitimate interest in keeping Venu a students-only, campus-verified service. UK GDPR Art. 6(1)(b) and 6(1)(f).

c) Messaging the Venu team

When you message Venu we process your mobile phone number and the content of your messages, including the preferences you choose to share — the kind of date you want, the places and activities you like, and your availability. Inbound and outbound messages are carried by our SMS provider on our behalf. Standard message and data rates from your mobile carrier may apply. You can stop at any time by replying STOP.

Lawful basis: performance of a contract (providing the concierge service you asked for). UK GDPR Art. 6(1)(b).

d) Matching and compatibility

We score how closely your tastes line up with other users across the places you would actually go, and pair you with your mutual best fit using a stable-matching algorithm. If either of you would pass, you are never shown each other. To arrange a meeting we process the windows of time you are both free.

Lawful basis: performance of a contract. UK GDPR Art. 6(1)(b).

e) Sensitive information about who you are looking for

Some of what you may choose to tell Venu about who you want to be matched with — for example anything that reveals or implies sexual orientation — is “special category” data under the UK GDPR. Sharing it is entirely optional and opt-in. We use it only to find you better matches, and only when you have given us clear, explicit consent. You can withdraw that consent at any time.

Lawful basis: explicit consent. UK GDPR Art. 9(2)(a). The underlying processing also relies on Art. 6(1)(b).

f) Suggesting a venue

To suggest a real place near campus we use the general area you and your match are associated with (for example your university or city) together with your shared preferences, and retrieve venue information from the Google Places API. We do not track your precise GPS location.

Lawful basis: performance of a contract. UK GDPR Art. 6(1)(b).

g) Transactional email

We send confirmation and service emails (for example a waitlist confirmation) through our email provider. These are not marketing emails.

Lawful basis: legitimate interests (operating the service you signed up for). UK GDPR Art. 6(1)(f).

h) Security, abuse prevention and logs

We and our hosting providers process technical data such as IP address, device or browser information and request logs to keep the service secure, prevent abuse, and diagnose problems.

Lawful basis: legitimate interests (security and service integrity). UK GDPR Art. 6(1)(f).

3. What we do not collect

We do not take payments through this service, so we do not collect payment-card details. We do not use advertising trackers, we do not build advertising profiles, and we do not sell your personal data. We do not use precise GPS location.

4. Third-party processors

We rely on the following processors to run Venu. Each is bound by a data-processing agreement where applicable.

Supabase— database, authentication and storage for waitlist entries, accounts and matching data.

Twilio— sends and receives the messages between you and Venu.

Resend— sends transactional emails such as waitlist confirmations.

Vercel— hosts this website and processes standard server logs and privacy-preserving, cookie-free analytics.

Google— the Google Places API provides venue information used to suggest where you meet.

Where a processor stores or processes data outside the UK, we rely on UK-approved transfer mechanisms (the UK International Data Transfer Agreement, or the UK Addendum to the EU Standard Contractual Clauses, as applicable).

5. Cookies

This website uses only a small number of strictly necessary cookies and, where you sign in, an authentication session cookie. Analytics on the marketing site are configured to be cookie-free. We do not use advertising cookies. We may store small preferences (such as your city) in your browser.

6. Data retention

  • Waitlist entries: kept until you unsubscribe or we close the waitlist, whichever is sooner.
  • Conversations with the bot and matching preferences: kept while your profile is active, then deleted within 30 days of you asking us to forget you.
  • Account records: kept for the life of the account plus 30 days after a deletion request.
  • Transactional emails: kept for up to 24 months.
  • Security and server logs: kept for up to 30 days.

7. Your rights

Under the UK GDPR and the Data Protection Act 2018 you have the right to:

  • Be informed about how we use your data (this policy).
  • Access the personal data we hold about you.
  • Rectify inaccurate data.
  • Erase your data (the “right to be forgotten”), subject to legal exceptions.
  • Restrict or object to processing based on legitimate interests.
  • Withdraw consent at any time for anything that relies on consent, including the waitlist and any sensitive information you shared.
  • Receive a machine-readable copy of the data you provided (portability).
  • Lodge a complaint with the Information Commissioner’s Office (ico.org.uk).

To exercise any of these rights, email privacy@restassure.app. We will respond within one month.

8. Data breaches

If we suffer a personal-data breach likely to result in a risk to your rights and freedoms, we will report it to the ICO within 72 hours and, where the risk is high, notify affected users without undue delay.

9. Age and eligibility

Venu is a dating service for adults. It is only for people aged 18 or over who are current students at a supported university. It is not directed at children. We do not knowingly collect data from anyone under 18; if you believe someone under 18 has used Venu, contact us and we will delete their data.

10. Changes to this policy

We may update this policy from time to time. The “last updated” date above reflects the most recent revision. Where we have an email address for you, we will tell you about material changes.

11. Contact

For privacy enquiries, email privacy@restassure.app. Our ICO registration is being obtained; the registration reference will be published here once issued.

RESTASSURE AI LTD · Registered in England & Wales. The company registration number and registered office address will be published here once Companies House registration is complete.

PrivacyTermsHome