Privacy Policy
Last updated: 6 July 2026
Who we are
Tink is operated by BT Vickers App Development Pty Ltd (ACN 699 645 184) of West Perth, Western Australia. Contact: [SUPPORT EMAIL].
What Tink does
Two people connect their phones, swipe on food and activity ideas, and get matched suggestions of nearby venues they can book. To do that we handle the minimum data we can get away with.
What we collect, and why
| Data | Why | Where it lives, and for how long |
|---|---|---|
| An anonymous device identity | Instead of accounts, your device proves it is a genuine iPhone using Apple’s App Attest, or a genuine Android device using Google Play Integrity. From that we derive a random-looking identifier — it contains no personal information and is not linked to your Apple ID or Google account. | On our servers while you use Tink. It is the only thing that ties your activity together. |
| Your first name (or nickname) | Shown to the person you are planning a date with. | Lives only with the running session and is not retained beyond it — it is excluded even from the short-lived reconnection snapshots, and your device re-sends it each time it connects. |
| A search location | Finding restaurants and activities near you. You choose it (or grant one-time location access). Tink never tracks location in the background. | Used precisely during the session; stored afterwards only rounded to roughly 100 metres as part of the session record. |
| Swipes and results | Matching you with your partner and improving which categories and venues Tink offers. | Processed live. The session outcome (matched categories, the suggested venues, which one you picked) is kept for product statistics — retained for up to 24 months, or until you use “Delete my data”, whichever comes first. |
| Chat messages and reactions | Coordinating the booking with your partner during the decide window. | Relayed live between participants. A short tail is briefly written to session storage solely so a disconnection doesn’t lose messages, and is deleted when the session ends (at most a couple of hours). Chat is never logged or analysed. |
| A push token (optional) | Delivering date invites from people you have planned with before. | On our servers until replaced, or removed when push is disabled. |
| Invites and blocks | Letting a previous partner invite you, and letting you block that. | Your partner list is stored on your device only — we keep no social graph. Pending invites are deleted within about 30 minutes. Blocks are stored as salted hashes; a blocked person cannot tell they are blocked. |
| Usage statistics | Understanding whether Tink works: sessions played, match rates, booking clicks, weekly retention. | Pseudonymous — identifiers are salted, truncated hashes that cannot be reversed. Event data ages out at our analytics provider after ~3 months; a weekly “was active” ledger keyed only by hash is kept for up to 36 months, or until you delete your data. |
Bluetooth
“Tinking” phones together uses Bluetooth solely to exchange a short one-time session code with a nearby phone. Nothing about Bluetooth activity is retained.
What we never do
- No accounts, emails, phone numbers, passwords, or profile photos.
- No advertising, no ad trackers, no sale of data — to anyone, ever.
- No background location tracking.
- No reading, storing, or analysing your chats beyond live delivery.
- No server-side social graph of who dates whom.
Third parties
- Cloudflare hosts our backend at edge locations worldwide, so data is processed on Cloudflare infrastructure, including outside Australia.
- Apple processes device attestation and push notifications on iPhone under Apple’s own policies.
- Google processes device attestation (Play Integrity) and push notification delivery (Firebase Cloud Messaging) on Android under Google’s own policies.
- Booking sites: when you tap a booking link, you leave Tink and the venue’s or booking platform’s privacy policy applies. Some links are affiliate links — we may earn a commission, and the platform may know the click came from Tink, but no personal data accompanies the click. Attribution happens on the booking site’s side: the link may carry a referral code, and that site may set cookies or use its own analytics under its own policy — that part of the journey is theirs, not ours.
Your rights
We handle personal information in accordance with the Australian Privacy Act 1988 and the Australian Privacy Principles. You can ask us what we hold, ask for correction, or ask for deletion at [SUPPORT EMAIL]. The fastest path is Settings → Delete my data inside the app, which erases your server-side data immediately (your device proves which anonymous identifier is yours — a limit of our no-accounts design). Deleting the app removes your on-device data (partner list, past ideas) immediately.
Outside Australia (including the United States)
We are an Australian company and Tink is available in other countries, including the United States. Wherever you are, we extend the same rights — access, correction, and deletion — and the same practices described in this policy. For California residents: we do not sell and do not share personal information as those terms are defined in the CCPA/CPRA, and we use no advertising trackers, so there is nothing to opt out of.
Complaints
If you believe we have mishandled your personal information, contact us at [SUPPORT EMAIL] and we will respond within 30 days. If you are not satisfied with our response, you can complain to the Office of the Australian Information Commissioner (OAIC) at oaic.gov.au.
Children
Tink is for adults planning dates — including at bars, breweries and wineries — and is not directed at anyone under 18. We do not knowingly collect information from children.
Changes
If this policy changes materially, the app will tell you before the change applies to you. The latest version always lives at this address.