¶ THE FINE PRINT

Privacy Policy

Last revised 14 June 2026

What we collect when you use Hey Sini, why, who we share it with, and the choices and rights you have. Plain-language summaries sit beside each clause.

Who we are and what this covers

Hey Sini ("Hey Sini", "we", "us") runs a members-only social club that seats compatible people into a small table that meets each week in their own neighbourhood, currently in Melbourne, Australia and Jakarta, Indonesia. We are the controller of the personal information described here.

Importantly, we facilitate introductions. We may suggest a public venue, but we do not host, book, supervise or attend dinners. This policy explains the information we handle when you use our website and app. It works alongside our Terms of Service.

Information we collect

You give us

  • Account and identity: your name, email and sign-in, handled through our authentication provider.
  • Profile and matching details: your neighbourhood, the night you can keep, your vibe and interests, a short intro, and optional details such as age, gender (used only to balance tables, never shown to others), and social links.
  • Photos:an optional profile photo, an optional live verification selfie, and any photos you add to your table's shared roll. See section 4.
  • Messages and content: messages in your crew chat and direct messages, RSVPs, venue suggestions, feedback, and mood posts.
  • Safety details: reports or blocks you make, and, only if you opt in, an emergency contact name and number.

We collect automatically

  • Approximate location: the neighbourhood you choose, and an approximate city inferred from your IP address to set your language and market. We do not collect precise or background GPS location.
  • Device and usage: IP address, basic device and log data, and product analytics events (for example sign-up, matched, RSVP) used to run and improve the service and to rate-limit abuse.

Payments

Dues are processed by our payment provider. We receive a customer and subscription reference and your payment status. We never receive or store your full card number.

How we use your information

We use your information to:

  • match you once into a compatible table and run your weekly dinner;
  • operate safety and moderation features (verification, reporting, blocking);
  • take dues and manage your membership;
  • send service messages, and marketing only where you have opted in;
  • understand and improve the product through aggregate analytics; and
  • comply with our legal obligations and enforce our Terms.

Our lawful bases (where required) are performing our contract with you, your consent (for example for the verification selfie and marketing email), and our legitimate interests in running a safe, working club. We do not sell your personal information.

Verification selfies and liveness

Verification is optional. If you choose it, you take a live photo on the spot (no uploads) and may be asked to perform a simple action, such as holding up a number of fingers, so we can tell a live person from a photo of a screen or a printout.

The image may be checked by an automated vision service purely to answer "is this a real, live person doing the requested action?" We do not create a faceprint, and we do not match your face against any database or other photos to identify you. Because we do not perform automated facial identification, this is a liveness check rather than the collection of biometric identifiers. The photo you take becomes your profile photo unless you change it.

Safety, reporting and chat moderation

To keep the club safe we provide reporting and blocking, basic word filters on messages, and human review of messages that are reported to us. We are transparent about this: we are not running covert surveillance of private conversations, and we disclose this safety layer here and in our Terms.

We are not an emergency service. If you feel unsafe, contact your local emergency number (000 in Australia, 112 in Indonesia).

Who we share information with

We share information only as needed to run Hey Sini:

  • Other members: your name, photo, verification status and the profile details you provide are shown to the four people seated at your table, and your first name and photo may appear in discovery features you enable.
  • Service providers (sub-processors) who process data on our instructions: hosting and file storage, authentication, payments, our database, transactional email, static maps for the venue area, and the automated liveness check. Each receives only what it needs for its function.
  • Authorities where we are legally required to, or to protect the safety of members or the public.

We maintain a current list of sub-processors and will provide it on request to hello@heysini.com.

Where your data is processed

Several of our service providers are based in or process data in the United States and other countries, so your information may be transferred and processed outside Australia and Indonesia. Where we disclose information overseas we take reasonable steps to ensure it is handled consistently with this policy and applicable law, including contractual protections with our providers.

Indonesia-specific cross-border transfer requirements under the Personal Data Protection Law (UU No. 27/2022) are being finalised in this policy and will be updated.

How long we keep it, and deletion

We keep personal information for as long as you have an account and for a reasonable period afterwards to meet legal, accounting and safety obligations. When you delete your account we anonymise your profile and remove it from matching and discovery; some records (for example a report another member made, or a transaction record) may be retained where we have a legal basis to keep them.

You can delete your account from your account settings, or by emailing hello@heysini.com.

Your rights and choices

Subject to local law, you can:

  • access the personal information we hold about you and ask us to correct it;
  • delete your account and request deletion of your personal information;
  • opt out of marketing email at any time; and
  • object to or restrict certain processing.

To exercise any of these, email hello@heysini.com. If you are in Australia and are not satisfied with our response, you can complain to the Office of the Australian Information Commissioner (OAIC). If you are in Indonesia, you may contact the relevant data protection authority.

How we protect your information

We use reasonable technical and organisational measures to protect your information, including encryption in transit (HTTPS), validation of every uploaded file by its true content, rate limiting, access controls, and keeping payment card handling entirely with our PCI-compliant payment provider. No method of transmission or storage is completely secure, so we also maintain a process for detecting and responding to incidents (see section 12).

Minimum age

Hey Sini is intended for adults. You must be at least 18 years old to create an account. We do not knowingly collect personal information from anyone under 18; if you believe a minor has given us their information, contact us and we will delete it.

Data breaches

If we become aware of a data breach that is likely to result in serious harm, we will assess it and notify affected individuals and the relevant regulator as required by law. In Australia we follow the Notifiable Data Breaches scheme, which requires us to assess a suspected eligible breach within 30 days and notify as soon as practicable thereafter.

Indonesia's breach-notification timing (reported as 3 x 24 hours) is being confirmed and will be reflected here.

Changes to this policy

We may update this policy as the product and the law change. When we make material changes we will revise the date at the top and, where appropriate, notify you in the app or by email. The current version always lives at this address.

How to contact us

For any privacy question or request, email hello@heysini.com, or use our contact page.