The very popular dating app for gay men, Grinder, has been exposing the location of the users to a third party, despite the fact that the users have disabled the option of the showing their location. Two security flaws allowed for the discovery of location data against a user’s will, though they take a bit of doing.

First reported by NBC News, the app suddenly allowed the users to see the hidden features such as who had blocked them, deleted photos, locations of people who had chosen not to share that data and more. According to TechCrunch, “the second flaw involved location data being sent unencrypted, meaning a traffic snooper might be able to detect it.”

This would not have been a grave problem but understanding the minor population of gays in India, the issue must be dealt seriously, for they are often targeted by the government authorities. The company said in a statement, “In territories where homosexuality is criminalized, or it is otherwise unsafe to be LGBTQ identified, we deliberately obfuscate the location-based features of our application to protect our users.”