Hey Byron - Privacy Policy
Last Updated: November 21, 2025
Hey Byron ("we," "us," "our") respects your privacy and is committed to protecting your information. This Privacy Policy explains how we collect, use, disclose, and safeguard information when you use the Hey Byron mobile application (the "App").
Business Name: Hey Byron
ABN: 61310903781
Contact Email: info@heybyron.com.au
Location: Byron Bay, NSW, Australia
This Privacy Policy should be read together with our Terms of Service. By using the App, you agree to the collection and use of information in accordance with this Privacy Policy. If you disagree, please do not use the App.
Contents
1. The Simple Version
For regular users, no account or personal information is required. Your data stays on your device, including saved events, preferences, and location. We cannot identify, track, or profile you. You remain completely anonymous.
For businesses, we store public business information only, such as name, address, and events. All data is stored in Australia (Firebase australia-southeast1). Analytics are anonymized view counts only. All data stays in Australia with no overseas disclosure.
2. What We Do Not Collect
From regular users, we do not collect personal information (name, email, phone, address), account information (no accounts required), location coordinates on our servers, browsing history or tracking data, calendar data, or payment information.
Your preferences, saved events, and location stay on your device and are never uploaded to our servers.
3. What We Do Collect
3.1 From Businesses (Public Information)
When businesses create accounts, we collect business name, description, address, and contact information, event details (titles, dates, times, locations, images, and videos), business code (authentication), and event posting capability status. This is all public information already available on business websites, Google, or social media.
3.2 On Your Device Only (Never Uploaded)
Stored locally on your device using AsyncStorage are saved or favorite events, interest preferences, distance filter settings, location data (cached temporarily), age confirmation (from first app launch), and calendar event IDs. We cannot access this data. It is permanently deleted when you uninstall the App.
3.3 Location Data (Device Only)
When you grant location permission, the App uses GPS coordinates in real-time on your device, calculates distances to venues (for example, "2.5km away"), and filters events by distance. Location coordinates are not uploaded to our servers but may be temporarily cached on your device.
We collect via Firebase Analytics device type and platform (iOS or Android) and general regional data (such as "users in Byron Bay area" with no specific coordinates or identities).
3.4 Calendar Data (Device Only)
Calendar permission allows the App to add events you choose to your calendar. While the permission allows calendar access, we only write events and never read your existing calendar entries. Calendar data never leaves your device.
3.5 Technical Data (Anonymized)
We collect device type, OS version, and app version, anonymized usage analytics (such as "50 event views today"), crash logs and error reports, and business or event view counts (anonymized). All analytics are aggregated and anonymized. We cannot link data to specific users.
4. How We Use Information
We use information to display events and businesses, calculate distances (on your device), enable event saving and calendar integration (on your device), show personalized recommendations (on your device), enable businesses to manage listings and post events, provide anonymized view counts to businesses, optimize images and videos for performance, fix bugs and improve the App, monitor compliance with Terms of Service and alcohol advertising laws, and automatically mark alcohol-related events with 18+ badges.
We may contact business account holders about policy changes or billing. We do not send marketing to users or share user identities with anyone.
5. How We Share Information
5.1 Public Information
Business listings and events are publicly visible to all users (similar to a local magazine or Google Business listings).
5.2 Service Providers (Australia Only)
Firebase (Google Cloud Platform) is located in Australia (australia-southeast1) and stores business listings, events, images, and videos. It does not store user preferences or location coordinates, which stay on your device. Their privacy policy is available at policies.google.com/privacy.
Google Maps and Apple Maps receive location data to display maps in real-time only. They do not receive location history or user identity.
Expo receives technical data and crash reports (anonymized). Their privacy policy is available at expo.dev/privacy.
All data remains in Australia. No overseas disclosure.
5.3 Legal Requirements
We may disclose business information if required by law, court orders, or government requests. We may report serious alcohol advertising violations to Liquor and Gaming NSW if legally required. Since we do not collect personal information from regular users, there is little we could disclose even if required.
5.4 Business Transfers
If Hey Byron is sold or merged, business information may be transferred. Regular user data cannot be transferred because we do not collect it.
6. Data Storage and Retention
Data on your device is stored until you uninstall the App or clear app data. We cannot access or recover this data.
Data on our servers in Australia is handled as follows. Business accounts are retained while active. After deletion, data is retained for 12 months for legal and compliance purposes. Crash logs are retained for 12 months. Analytics are retained for 24 months. Compliance records are retained for 7 years as required by Australian law. All server data is stored in Firebase australia-southeast1 (Sydney, Australia).
7. Your Privacy Rights
Under Australian Privacy Principles, you can access information we hold about you (business accounts only, as we hold no personal data for regular users), correct information by updating it directly in the App or by contacting us, delete your business account by contacting info@heybyron.com.au (deleted within 30 days) or for regular users by uninstalling the App (immediate deletion), withdraw consent by disabling location or calendar permissions in device settings anytime, and complain by contacting us at info@heybyron.com.au or lodging a complaint with OAIC at www.oaic.gov.au.
Response time is 30 days maximum as required by law.
8. Data Security
We implement reasonable security measures including HTTPS and SSL encryption, Firebase security rules, business codes for authentication, data stored in Australia only, manual business verification, and data minimization (we only collect what is necessary).
However, no system is 100% secure. Our risk profile is lower than most apps because we do not collect personal information from regular users, business data is already public information, user data stays on devices not servers, and no payment information is stored.
You are responsible for keeping your business code secure and using a secure device.
In the event of a data breach, we will notify affected parties and OAIC within 72 hours if a breach occurs.
9. Children's Privacy
We do not knowingly collect personal information from anyone, including minors. The App shows an age confirmation on first launch (stored on device only). Events at licensed venues are marked as 18+. Content targeting minors is prohibited.
Since we do not collect personal information from any users, there is no special risk to minors using the App.
Parents may contact info@heybyron.com.au with concerns.
10. Third-Party Services
We use Firebase for analytics and storage (policies.google.com/privacy), Google and Apple Maps for mapping (see their privacy policies), and Expo for development and crash reporting (expo.dev/privacy).
These services have their own privacy policies which we do not control. The App does not use cookies (it is a mobile app). We do not track individual users, and our analytics are aggregated and anonymized by default.
11. Changes to This Policy
We may update this Privacy Policy. When we do, we will update the "Last Updated" date. Continued use means you accept changes. For material changes (such as collecting personal information from regular users), we will provide prominent notice and may require consent.
Review periodically to stay informed.
12. Complaints
Step 1: Email info@heybyron.com.au with details. Step 2: We will respond within 30 days. Step 3: If unsatisfied, contact OAIC at www.oaic.gov.au, by phone at 1300 363 992, or by email at enquiries@oaic.gov.au.
For alcohol content concerns, contact Liquor and Gaming NSW at 1300 024 720.
13. Contact Us
Email: info@heybyron.com.au. ABN: 61310903781. Location: Byron Bay, NSW, Australia. Response time: 7 business days (30 days maximum for formal requests).
14. Legal
This Privacy Policy is governed by the Privacy Act 1988 (Cth), Australian Privacy Principles (APPs), Notifiable Data Breaches (NDB) scheme, and laws of New South Wales, Australia. Jurisdiction is the courts of New South Wales, Australia.
This App is designed for users in Australia. If accessing from elsewhere, you do so at your own risk and Australian privacy laws apply.
Acceptance: By using Hey Byron, you acknowledge that you have read and understood this Privacy Policy, regular users remain completely anonymous, we do not collect personal information from regular users, your preferences and data stay on your device, business data we store is public information, and all data remains in Australia. If you do not agree, do not use the App.