Security built for trust, not theatre.

Last updated: June 28, 2026. This page explains the security posture DilMate is building for the beta. It is a product and operational policy, not a guarantee that every risk can be eliminated.

Data minimization

DilMate asks for information that supports account access, age eligibility, profile matching, meetup coordination, moderation, billing readiness, and safety operations. We avoid collecting exact home addresses for member profiles, and meetup venue details are revealed only when a member has the right access.

Manual ID review evidence

Manual identity review photos are stored privately, are not displayed on profiles, and are intended only for admin review. Admin reviewers should use this evidence to confirm the submitted image clearly shows the member holding a government-issued photo ID with visible name and age. DilMate should retain this evidence only as long as needed for review, dispute handling, legal obligations, fraud prevention, and safety audit needs.

Access controls

Administrative access should follow a need-to-know model. Only trained operators should review sensitive identity evidence, moderation details, reports, and account restrictions. Production access should use unique admin accounts, strong passwords, multi-factor authentication, logging, and periodic access review.

Application protections

DilMate uses email verification, login throttling, private storage for sensitive uploads, server-side validation, role-based admin routes, rate limits for reports and verification uploads, and entitlement checks before paid engagement features. Before launch, production should add managed backups, queue monitoring, TLS, secure object storage, error monitoring, vulnerability updates, and incident-response runbooks.

Member account security

Members should use a unique password, keep email access secure, avoid sharing one-time links, and report suspicious messages or account behavior. DilMate will never ask members to send money, gift cards, crypto, or off-platform payment as proof of interest.

Reporting security issues

Until a dedicated security inbox is configured, report suspected security issues to the site operator through the support channel published for DilMate. Include the page, account email, steps to reproduce, screenshots if safe, and whether any personal data may be involved.