At last count, the dating site Match.com had regional versions in 25 countries, in at least eight languages. But its parent company, Match Group, is home to any number of other dating brands, including Meetic, Tinder, OkCupid, Twoo, PlentyOfFish and ParPerfeito, spanning more than 190 countries and 42 languages.

It isn’t hard to imagine the privacy challenges presented by the kind of data involved in digital matchmaking on that scale.

Just ask Idriss Kechida, CIPP/E, the newly appointed global head of privacy for Match Group, who has been tasked with building, for the first time, a comprehensive privacy program that encompasses the more than 50 brands. 

“We have brands all around the globe,” Kechida says over the phone from Paris, where he was most recently working in PayPal’s privacy office after a turn with Baker McKenzie. “We’re always launching new products; it’s ever-evolving. There are about 10 really prominent brands, and many others that address niche audiences.” 

And each of those brands has a slightly or greatly different culture. “It actually impacts privacy a lot,” Kechida said. Not only does each brand have its own culture, depending on the countries in which its users reside, but some brands also target very particular communities, like those of a specific ethnicity or sexual preference. Further, “Match has grown through acquisition,” Kechida noted, “so the culture of every brand from a corporate standpoint can be very unique, which can also impact privacy matters.” 

“Match has grown through acquisition,” Match Group Global Head of Privacy Idriss Kechida noted, “so the culture of every brand from a corporate standpoint can be very unique, which can also impact privacy matters.” 

In his newly created role, Kechida reports to the general counsel and is positioned within the legal team, where privacy has always been handled at Match. Now, however, the General Data Protection Regulation has given Match a reason to delve into specializations a bit more.

“Privacy has always been a priority for us because of our commitment to our customers,” Kechida said, “which is over and above the law, in a way. So it’s kind of easy internally to get people on board with that.” Who’s going to use a dating app that doesn’t respect your sensitive information? The budget is there for privacy and he has corporate buy-in already.

However, what the GDPR does, Kechida said, is provide a framework that all the brands can rally around: “We’re augmenting the whole company’s policy for all our brands in response to the GDPR. It’s an interesting framework but not necessarily the trigger.”

Rather than try to cobble together a comprehensive privacy policy for all those unique cultures, the GDPR has, in a way, done it for him. “You need to apply some kind of overarching company policy, which is definitely a challenge,” he said. Maybe that would have come eventually from the general counsel, even from the CEO at a company like Match that values privacy from the outset. If anything, the GDPR has simply spurred Match to find Kechida to lead privacy efforts now, and given him a set of instructions, of sorts, for how to go about it.

“Regardless of GDPR, privacy was a main driver for us,” Kechida said. “But it does provide a really good framework to work on.”

photo credit: Paris en miniature via photopin (license)