Privacy: Data Principles and Practices

Introduction

Marriage Pact, n. \’mer-ij ‘pakt\

An informal agreement between two people—if both parties remain unmarried and without prospects after a certain period of time—to simply marry each other.

Based on your values, the Marriage Pact algorithmically “interviews” all other participants at your school on your behalf to find the best person with whom you could make a marriage pact. Our data principles and privacy notice describes the information we process to make the Marriage Pact work.

Your long-term compatibility with a person depends not on your surface-level traits, but on your core values—what you care about deep down. In order to get at that, the Marriage Pact questionnaire asks some questions that can be sensitive or private.

Here, you can find specifics regarding the information we collect (what we collect, how we collect it, and how we use it), how we protect that information, whether or not we share that information (spoiler alert: we don’t), and how you can manage information about you.

A few key points:

What kinds of information do we collect?

We collect a few types of information from you as part of your participation in the Marriage Pact. First and foremost, when you submit the Marriage Pact questionnaire, your responses comprise a few types of data that we collect from you directly:

  • Contact information: we ask you to fill out your name and email address.

  • Demographic data: we ask you to answer some questions about what groups you’re a part of in the broader population. This may include information like your stated political affiliation, the languages you speak, or your year in school.

  • Values data: we ask you to answer a series of 50 questions, covering matters of principle and preference, on a scale of 1–7.

While you take the Marriage Pact, we may collect limited, anonymous analytics data, including your IP address and whether or not you take certain actions our website. Note: These analytics are kept separate from responses that you submit as part of the Marriage Pact, and we use custom-built collection scripts to ensure we collect only as much data as we need. In order to protect your privacy, we stay away from analytics platforms run by big ad-tech companies (read: no Google Analytics, no Facebook button).

Finally, after you participate in the Marriage Pact, we may ask you to answer questions to provide feedback data—this might include your thoughts and comments on the Marriage Pact match we gave you, or it could include your feedback on other experiences you have as part of the Marriage Pact.

How do we collect this information?

This information is all received via official Marriage Pact questionnaires on marriagepact.com. Your answers are only recorded when you hit “Submit” at the end of the form.

How do we use this information?

Contact information helps us communicate with you—most importantly, to let you know who your match is. When matches are announced, both you and your match will simultaneously receive each other’s contact information. We don‘t share your contact information with any third parties.

We use demographic data principally for matching. For example, we allow participants to express a preferences on the gender identity of their match, or to express preferences along the lines of “my match must also be Catholic.” We may also use participants’ demographic data in statistical analyses, for example, to understand whether our questions are free from bias.

Values data is used for matching—it allows us to determine whether you align with a prospective match on your fundamental principles and your deeply held values.

We use analytics data to improve the design of the Marriage Pact. Understanding how and why you participate helps us make the experience better for you and for others.

We use feedback data to improve the quality of future matches. Marriage Pact employs a team of relationship scientists, who may use anonymized values data in conjunction with anonymized feedback data to research what makes matches successful.

We do not share your information.

How is this information protected?

Because there are sensitive questions involved here, privacy is extremely important. We’ve worked hard to design privacy into our systems anywhere and everywhere we can.

At a high level: all data is kept encrypted. None of our student partners has access to any response data. No human reads individual participants’ answers to make matches, and our algorithm uses completely anonymous data; randomized unique identifiers for each participant take the place of any personally identifiable information.

The responses we collect from you are encrypted both in transit and at rest. Here’s how the full process looks for your data:

  1. Before you submit your responses at the end of the questionnaire, your responses exist only on your device.

  2. When you submit your responses, they travel to our servers encrypted under TLS.

  3. Your response data is written down in databases running on servers operated by Amazon Web Services (AWS). Your personally identifiable information (PII)—your name and email address—is stored in one database (“Database A”), while your question responses are stored in a physically separate database (“Database B”). Data in the two databases are correlated using randomized, unique, anonymous identifiers for each participant. Both databases are stored encrypted at rest, which means that the data on the server’s disk would be uninterpretable to anyone who doesn’t have the key. You can read about the security practices employed by AWS here.

  4. At the end of the week, after everyone’s responses have been collected, we run our algorithm to compute matches between every participant. The matching algorithm receives only the anonymized data from Database B, and matches participants based on their anonymous unique IDs. The resulting matches are stored in Database B, still using only anonymous IDs.

  5. When we email everybody their matches, we use participants’ unique identifiers to re-combine the anonymous computed matches in Database B with the user info from Database A, so that we can tell everyone who their match is. We don’t write down this de-anonymized match data anywhere—we use it in-memory to render an email for each participant, and we upload those emails to Sendgrid, our email provider, to send to each of you (read about Sendgrid’s security policies here).

We also do the un-sexy parts of security that are still important—for example, all of our accounts use long and unique passphrases, and are protected by multi-factor authentication everywhere possible.

We do not share this information

We will never sell information about you. And beyond sharing contact information with your match, we will never share any of your responses in a way that could let you be individually identified by it. See “Your privacy is not for sale” in “Principles”, below, for more on this.

We also recognize that, because your values information and demographic information may be unique to you, removing contact information from your responses does not necessarily qualify as “anonymizing” it. This is why we follow a standard of protecting personal information broadly (rather than the more narrowly-scoped PII).

We may, after the conclusion of the Marriage Pact, aggregate the anonymized responses of all participants to share insights a picture of the community and its values as a whole.

Note: Your name and email are inherently shared when you’re matched with someone.

Note: We lean on service providers for critical infrastructure like sending emails and for operating our servers. That means that, as part of running the Marriage Pact, those infrastructure providers will necessarily handle your data on our behalf. We transmit information to and from these service providers in encrypted form, and all data are stored encrypted at rest. Take a look at "How is this information protected?" to learn more.

How can I manage information about me?

If you’d like to change or correct any of the answers you submitted, the best way to do so by re-submitting the complete questionnaire. We’ll use only the most recent set of responses under your email address when we compute the matching. You’re welcome to do this at any time while the questionnaire is available.

At this time, we don’t have a way for you to view the answers you submitted. If you think you might be curious about it down the road, we recommend making a copy of your answers before you hit “Submit.” Because we have no mechanism for you to view your submitted answers, we also have no mechanism for you to download your answers at this time.

After you've submitted a form, you can withdraw from the Marriage Pact or delete your data at any time. Log in to manage your data on school.marriagepact.com/account.

Principles

Participation is voluntary.

Participating in the Marriage Pact is entirely voluntary, and you may withdraw from the event at any point over the course of the Marriage Pact.

  1. Before hitting “Submit” at the end of the questionnaire, none of your responses will be transmitted off of your device—we only receive your responses if you complete and submit the form.

  2. After submitting your questionnaire and prior to the matches being computed, you may request to withdraw from the matching by removing your submission on your account page.

  3. Once the matches are computed and sent, another student at your school will be matched with you, and they’ll receive your contact information (name and email). After this point, we can’t un-send your name to your match, but you can still delete your responses from our own systems using your account page.

  4. A while after matches are delivered, we may ask you to share feedback or answer other questions in order to improve the quality of future matches we make. Your participation in this portion is optional, and you may choose to not answer any of those questions.

Your privacy is not for sale.

We won’t sell access to you (or to your attention) to advertisers. We will never allow the data you share with us to be given to advertisers—your Marriage Pact data will never be brokered nor sold. We won’t correlate your responses with information about you from third parties, and we won’t give third parties access to Marriage Pact information to correlate with external data about you. This means, for example, you won’t get targeted ads based on your answers to our questions.

Who We Are

The Marriage Pact was first created in fall 2017 as part of a class project for ECON136: Market Design, at Stanford University. That fall, 58% of everyone at Stanford participated. The next year, 65%. The next, 71%. As of October 2021, a Marriage Pact has now happened at 62 schools, with more than 172,392 people participating and 79,675 matches.

We are a small (but growing) team composed almost entirely of full-time students. Students around the country help bring the Marriage Pact to new schools.

Marriage Pact currently makes no revenue—Marriage Pact has raised a seed round of venture funding, which currently covers our server and payroll expenses. If you want to be a part of what we’re building next, join our team.

The version of the Marriage Pact dedicated to your school is an independent student initiative. The event is not reviewed or approved by, nor does it necessarily express or reflect the policies or opinions of your university.

Closing Words

We’ve outlined the data policies above because we think it’s the right thing to do. It is our best-faith effort to do the right thing! If you have questions about any of this, you can DM us on Instagram @marriagepact or email us at hello@marriagepact.com.