In short, photos are hosted on an outside company’s servers.
As Joseph Bonneau explained, the main website provides an obfuscated URL for the photo to anyone it deems has permission to view it.
But in Bonneau’s experiment with 16 popular websites, removing the photo from the main website didn't always remove it from the Content Delivery Network; in those cases, anyone who still had the destination URL would be able to view the photo.
To maintain the highest levels of privacy, consider taking steps to obfuscate your IP address, such as using a VPN. Gaping security holes riddle popular mobile dating sites-still.
In January, an Australian hacker exploited a security flaw in Grindr, the mobile app that allows gay and questioning men to find sexual partners nearby through the use of GPS technology.
The vulnerability allows an attacker to impersonate another user, send messages on his behalf, access sensitive data like photos and messages, and even view passwords.
Grindr acknowledged the vulnerability on January 20th and promised a mandatory update to their software “over the next few days.” To date, Grindr's blog and Twitter profile do not mention a security fix for the flaw.
This might be a particular concern for individuals who use niche dating sites, such as HIV-positive or queer dating sites. Your data is helping online marketers sell you stuff.