The App and Sites are global, and your information will be sent to and used in the United States and the UK regardless of the country you reside in. This Policy explains how we protect your personal data when we transfer it overseas, so please read very carefully!
The App and Sites are operated by the “iHey Group” (also referred to in this policy as “we” or “us”).
The iHey Group has designated a Data Protection Officer and they can be reached by emailing email@example.com or by post at the following address: .
When you download the App and create an account (“Account”), we may collect certain information (“Registration Information”) about you, such as:
Once you register, you will be able to review and change this information at any time just by logging in to iHey (other than your date of birth and location (which, if you have given iHey access to your location in your device settings, is automatically updated based on the location of your device)). It is your responsibility to ensure that your account details are kept up to date. If your phone number changes, please ensure that you update this in your account.
The information we collect helps to enhance the App and verify our Users (robots are not welcome!). Registration Information such as your sexual preference, name and username may be visible to other Users who view your profile page.
For Users who are California residents, the data we may collect falls within the following categories of “personal information”, as defined by the California Consumer Privacy Act (CCPA):
We recommend and encourage you (and all our members) to think carefully about the information you disclose about yourself. We also do not recommend that you put email addresses, URLs, instant messaging details, phone numbers, full names or addresses, credit card details, national identity numbers, drivers’ licence details and other sensitive information which is open to abuse and misuse on your profile.
When you post information about yourself or use the messaging function to communicate with other Users, the amount of personal information you share is at your own risk. Please see Section 4 below for more information on who can access what you post on iHey.
For safety and security and to ensure you have the best possible user experience, we require Users to verify their accounts and might ask for your phone number and, in some instances, we might also ask that you carry out photo verification. We want to make sure you are not a robot! And we also want to avoid fake iHey accounts being created which can be used for malicious activities and cybercrime – they threaten the iHey network and spoil things for everyone. This verification might be required by us for the prevention of fraud. You can also verify your photo on a voluntary basis (to add the blue ‘verified’ badge to your profile).
If you choose to verify your profile photo, we will scan each photo that you submit. The scan may include the use of facial recognition technology so that we can compare the photo you submit to your profile photo, to help ensure that you are who you say you are. We do not add the verification photos to your profile. We retain the scans so that we can verify you in the future and for our record-keeping purposes until we no longer need them for such purposes or for three years after your last interaction with us, whichever occurs first. After the applicable retention period expires, we take commercially reasonable steps to permanently and securely delete the scans from our systems.
If you decide to purchase any of our premium services, we will process your payment information and retain this securely for the prevention of fraud and for audit/tax purposes.
iHey uses automated decisions to prevent fraudulent payment transactions being processed as part of its anti-fraud procedures. In order to do this, our systems check payment transactions for behaviour that indicates breaches of our Terms and Conditions of Use. If a transaction meets certain criteria that demonstrate that the Terms and Conditions of Use are likely to have been breached and the transaction is likely to be fraudulent, the relevant transaction may automatically be blocked. Where a transaction is blocked, the user will be notified that their transaction cannot be processed and affected Users can contact iHey to contest the decision.
Please note that if your account is blocked for any reason, any account(s) that you have on other iHey Group platforms/applications, such as Badoo, may also be blocked as part of our anti-spam and anti-fraud procedures.
If you have given iHey access to your location in your device settings, when you use your mobile, we will collect information about WiFi access points as well as other location information about your longitude and latitude and may save your device’s coordinates to offer certain features to you. This information helps us identify your physical location and we use it to personalise the App and make it easier for you to interact with other Users, by enabling the general locality information to be displayed to Users seeing your profile and showing you the profiles of other Users who are near you.
If you have given iHey access to your location, but wish to turn this off, you can do so by the following methods:
We may keep track of how you interact with links available on iHey including third party services by redirecting clicks or through other means. We may share aggregate click statistics such as how many times a particular link was clicked on.
We may collect information about your device when you use the App including the unique device identifier, device model, and operating system, for a number of purposes, as set out in this policy. In addition, if you permit us to do so, the App may access your device’s address book solely in order to add someone to your contacts.
From time to time, we run surveys for research purposes and we may contact you to find out if you would like to take part. We may also contact you to find out if you would like to provide feedback, a testimonial or take part in marketing campaigns (for example, if you let us know that you have found a match on the App, we may contact you to ask if you would be happy to feature in advertising for iHey). Such surveys and marketing campaigns are optional and more information will be provided at the point of contact. If you do not wish to be contacted to take part in a survey or marketing campaign, please contact our Customer Support Team via our Feedback Page.
Our main goal is to ensure your experience on iHey is an enjoyable one and you don’t end up getting stung! In order to deliver an enjoyable experience to you, we may use your Registration and other information to:
We use a combination of automated systems and a team of moderators to monitor and review accounts (including photos and any other information uploaded onto user profiles) and messages for content that indicates breaches of our Terms and Conditions of Use. If an account or message meets certain criteria that demonstrate that the Terms and Conditions of Use are likely to have been breached, the relevant account will be subject to a warning and the user’s access restricted and/or blocked. Affected Users can contact iHey to contest the decision.
If you post anything that is inconsistent with our Terms and Conditions of Use, we reserve the right to terminate or restrict access to your Account.
Under EU and UK data protection laws, we are required to tell you our lawful basis for using your data and we have set this out in the table below. Where the legal basis is consent, you can withdraw consent at any time. Where the legal basis is legitimate interests, you have a right to object to our use of your data. We explain in the relevant sections in this Policy how you can withdraw consent or opt-out of certain data uses (where applicable).
|Purpose for which data is used||Data||Source||Legal basis|
|To provide you with the iHey social networking service||Name, email address, date of birth, location (CCPA Categories A and B)||You provide your name, email address and date of birth to us. We obtain location data from the device that you use to access the service||Contractual necessity|
|To facilitate networking opportunities on the iHey App||Optional information that you choose to provide in your profile, including through profile verification, or adding iHey badges, which may include information about your sexual preferences, non-binary gender, religion, ethnic background, photos, interests, etc. (CCPA Categories B, C, H, I, J)||You provide this information to us||Contractual necessity and our legitimate interests – it is in our legitimate interests to facilitate networking opportunities in the iHey app. For special category/sensitive personal data, we rely on your explicit consent.|
|To verify your identity and prevent fraud and to ensure the safety and security of Users||Phone number and if requested or permitted, photo provided as part of profile verification and for users based in countries where age verification is required by law: photo of Government ID + geolocation and device information (CCPA Categories A, B, C, E, F, G and H)||You provide this information to us, except for the geolocation and device information, which we obtain from the device that you use to access the service||Legitimate interests – it is in our legitimate interests to ensure that accounts are not set up fraudulently and to safeguard Users of the site|
|To take payment for premium services (not applicable for Users making payments via the Apple App Store)||Payment card details (CCPA Categories B and D)||You provide this information to us||Contractual necessity|
|To send you marketing information about our events, offers and services||Name, email address, postal address, Instagram handle and mobile phone number (CCPA Categories A and B)||You provide this information to us||Consent or legitimate interests and in accordance with the laws applying to our marketing activities. We have a legitimate interest in promoting our business and products|
|To carry out research and analysis to help us improve the App||Log and usage data, including IP address, browser type, referring domain, pages accessed, mobile carrier and search terms, images and video (CCPA Categories F and H)||You provide photos and videos to us. We obtain the log and usage information from the device that you use to access the service||Legitimate interests – it is in our interests to analyse the way in which Users are accessing and using our services so that we can further develop the App, implement security measures and improve the service|
|To respond to correspondence and queries that you submit to us, including social media queries||Email address and IP address, social media name, phone number (CCPA Categories B and F)||You provide your email address, social media name and phone number to us when you contact us and we obtain your IP address from the device that you use to contact us||Legitimate interests – it is in our legitimate interests to respond to your queries to ensure that we provide a good service to Users and troubleshoot problems|
|To investigate and block Users for reported infringements of our Terms and Conditions of Use||Name and user registration details, profile information, content of messages and photographs + usage and device data such as IP address and IP session information (CCPA Categories A, B, C, F, and H)||You provide your registration details, profile information, messages and photographs to us. We obtain the other information from the device that you use to access the service.||Legitimate interests - it is in our legitimate interests to prevent unauthorised behaviour and to maintain the safety and integrity of our services|
|To block payment transactions as part of our anti-fraud procedures||Name, IP address, email address, mobile number, cardholder name, payments received, type of payment, user ID, country (CCPA Categories, A, B, and D)||You provide your name, email address, mobile number and card details to us. We obtain your IP address from the device that you use to contact us. We obtain your payment information from your interactions with our service||Legitimate interests – it is in our legitimate interests to prevent fraudulent transactions and to maintain the security of our services|
|To serve promo cards and advertisements on the App||Location, gender, age, and information that you have optionally provided us with via your profile (CCPA Categories A, C and G)||We obtain age, gender and profile information from you, and location data from the device that you use to access the service||Legitimate interests – it is in our legitimate interests to target advertisements so that Users see relevant advertisements and to allow us to generate income from advertising revenue|
|To serve advertisements on third party networks and measure the effectiveness of such ads||Data about your visit to our Sites or App and action taken on those (for example if you downloaded our App or created an account with iHey), IP address (and your estimated location based on your IP address), age and gender, device ID (CCPA Categories B, C, G, F and K)||We obtain age and gender from you and we obtain other information from the device or browser that you use to access the service||Consent – as indicated by you in your Privacy Settings/Cookies Settings preferences and via your browser or device privacy preferences (where required by your device manufacturer, for example Apple devices using iOS 14.5).|
|To contact you in order to run surveys for research purposes and to obtain feedback, and to find out if you want to take part in marketing campaigns||Email address and mobile phone number (CCPA Category B)||You provide this information to us||Legitimate interests – it is in our legitimate interests to carry out research so that we can further develop the app and improve the service|
|To enable video and audio call functions, and the sending of images and video||
Video and audio call usage data, images and video (CCPA Categories F and H)
|We obtain this information from the device that you use to access the service||Legitimate interests – it is in our legitimate interests to provide these functionalities as part of the services|
|To defend legal claims, protect legal rights and to protect people from harm||This could include any information that is relevant to the issue||This information may be obtained directly from you, from your device or from third parties, depending on the information involved||Legitimate interests – it is in our legitimate interests to protect our legal rights, defend legal claims and to protect our Users and third parties from harm|
Our policy is to not disclose your Registration Information or personal data, except in the limited circumstances described here:
|Circumstances where data may be disclosed||Disclosed data|
|Service Providers – We engage certain trusted third parties to perform functions and provide services to us. We may share your Registration Information or personal data with these third parties, but only for the purposes of performing these functions and providing such services. More information about this is available directly below.||This could include all data, including all CCPA Categories listed above|
|Moderators – To monitor activity on the App and approve content.||Name and user registration details, profile information, content of messages and photographs (CCPA Categories A, B, C, and H)|
|Payment Processing and Telecommunications Companies – To facilitate payments for our premium services.||Cardholder name, cardholder address, card number, payment amount, transaction date/time (CCPA Categories A, B, and D)|
|Law and Harm – As we mentioned in the Terms & Conditions, we think it is very important that all Users behave whilst using the App. We will cooperate with all third parties to enforce their intellectual property or other rights. We will also cooperate with law enforcement enquiries from within or outside your country of residence where we are required to by law, where there is an investigation into alleged criminal behaviour or to protect the vital interests of a person. This may include preserving or disclosing any of your information, including your Registration Information, if we believe in good faith that it is necessary to comply with a law or regulation, or when we believe that disclosure is necessary to comply with a judicial proceeding, court order, or legal request; to protect the safety of any person; to address fraud, security or technical issues e.g. through anti-spam providers to protect the service from criminal activity or to protect our rights or property or those of third parties. In such cases we may raise or waive any legal objection or right available to us.||This could include any personal data that iHey holds about you, depending on the nature of the request or the issue that we are dealing with, including all CCPA Categories listed above|
|Business Transfers – In the event that a iHey Group entity or any of its affiliates undergoes a business transition or change of ownership, such as a merger, acquisition by another company, re-organisation, or sale of all or a portion of its assets, or in the event of insolvency or administration, we may be required to disclose your personal data.||This could include all personal data that iHey holds about you, including all CCPA Categories listed above|
|Marketing Services Providers – To help us serve marketing and advertising on third party websites and applications and measure the effectiveness of our advertising campaigns. More information on this is available below||Advertising identifier associated with your device (Device ID), estimated location (based on your IP address), age, gender and data about your visit to our Sites or App and action taken on those (for example if you downloaded our App or created an account with our App), hashed email address (for ‘custom audiences’ only) (CCPA Categories B, C, G, F and K)|
|Anti-Spam and Anti-Fraud – Your data may be shared with other iHey Group companies, for example, to block accounts and suspected fraudulent payment transactions as part of our anti-spam and anti-fraud procedures.||Email address, phone number, IP address and IP session information, social network ID, username, user agent string, and transaction and payment data (CCPA Categories B, F and D).|
Aggregated Information – We may share aggregated information with third parties that includes your personal data (but which doesn’t identify you directly) together with other information including log data for industry analysis and demographic profiling.
iHey does not sell your data and has not sold your personal data in the previous 12 months.
We engage certain trusted third parties to perform functions and provide services to us (“Service Providers”). The suppliers with which iHey shares User personal data vary depending on a variety of factors, such as which of our App, Sites and services a User engages with. For example, to provide our services to Users, we typically use the following suppliers:
We carry out due diligence on all Service Providers we engage to ensure they have adequate data protection and information security measures in place and only provide them with the personal data necessary to the service they are providing. Measures are taken to ensure that the data shared is non-attributable to the greatest extent possible and our suppliers are also subject to extensive obligations under our contractual arrangements, including strict data retention limits. Sharing your personal data with Marketing Services Providers
We partner with providers of marketing services (such as Facebook for example) (‘Marketing Services Providers’) to help us market and advertise our App and services on third party websites and applications and measure the effectiveness of our advertising campaigns. For example:
We share a limited amount of your personal data with these Marketing Services Providers, such as:
*Hashing is a way of encrypting information by turning it into a combination of random numbers and letters - this code cannot be traced back to the email address. When hashed email addresses are sent to a Marketing Service Provider, they’re then matched against the Provider’s own existing list of their own users’ hashed information and our ads are served to those of our users who have successfully been matched with the Provider’s. Matched and unmatched hashes are then deleted by the Provider.
Some platforms require user consent before iHey is permitted to use data gained through the platform for advertising purposes and where this is the case, iHey will only use this data where the necessary consent has been obtained. Through your device’s privacy settings, you also have the option to prevent or limit device identifiers being shared with third party advertisers and what use is made of the device identifiers. If you would like more information about your choices and how you can stop your device identifiers being shared with third party advertisers, please visit this page.
In some cases, these third parties will also use the data that they collect for their own purposes, for example they may aggregate your data with other data they hold and use this to inform advertising related services provided to other clients.
Where we share data with Facebook as our Marketing Service Provider (including via the Facebook “Like” function), we are Joint Data Controllers with Facebook Ireland for this processing. This arrangement means that iHey has to provide you this notice, but you should contact Facebook if you wish to exercise your data protection rights. Further information, including how Facebook enables you to exercise your data protection rights, and subsequently processes your information as independent data controller can be found in Facebook Ireland’s Data Policy. If you want more information relating to the nature of the arrangement we have in place with Facebook, please email DPO@team.iHey.com.
This data referred to above can include actions that you take on our website such as your interactions with our Sites or other information collected from cookies or similar technologies including the Facebook pixel. This allows us to measure the effectiveness of our advertising, improve our marketing practices, and helps us deliver more relevant advertising to you and people like you (including on social media such as Facebook).
We think our Users are awesome, and we want you to share how awesome you are with the world, so we have built certain features to enable this. Our App is designed to make it easier for you to connect with other Users and to interact with them.
When using the iHey App, you should assume that anything you post or submit on the App may be publicly-viewable and accessible, both by Users and non-users of the App. We want our Users to be careful about posting information that may eventually be made public.
Please be careful about posting sensitive details about yourself on your profile such as your religious denomination and health details. You may also choose to add sensitive information about yourself when you add certain iHey badges to your profile, such as your religion and political leanings. While you may voluntarily provide this information to us when you create your profile, including your sexual preferences, there is no requirement to do so. Please remember that photographs that you post on iHey may reveal information about yourself as well. Where you do upload and choose to tell us sensitive information about yourself, including through the addition of badges to your profile, you are explicitly consenting to our processing of this information and making it public to other Users.
Please also note that in certain countries (currently, South Korea only), Users are provided with functionality enabling them to download a copy of their conversation history (as this is required by local laws) and that iHey has no control over how users may then publish or use that information.
If you log in to or access the App through your Facebook account or another third-party account on a device which you share with others, remember to log out of the App and the relevant third-party account when you leave the device in order to prevent other users from accessing your iHey account.
Although we want as many people as possible to enjoy our creation, you have to be at least 18 years old to use the App - sorry kids, we know iHey is cool, but you’ll have to come back when you’re old enough!
iHey does not knowingly collect any information about or market to children, minors or anyone under the age of 18. If you are less than 18 years old, we request that you do not submit information to us. If we become aware that a child, minor or anyone under the age of 18 has registered with us and provided us with personal information, we will take steps to terminate that person’s registration.
Here at iHey, we pride ourselves on taking all appropriate security measures to help protect your information against loss, misuse and unauthorised access, or disclosure. We use reasonable security measures to safeguard the confidentiality of your personal information such as secured servers using firewalls.
Unfortunately, no website or Internet transmission is ever completely 100% secure and even we cannot guarantee that unauthorised access, hacking, data loss or other breaches will never occur, but here are some handy tips to help keep your data secure:
If you ever think someone has had access to your password or Account, please follow the steps set out here. We cannot guarantee the security of your personal data while it is being transmitted to our site and any transmission is at your own risk.
When you sign in to our App using your Facebook account, you give permission to Facebook to share with us your name and profile picture. Unless you opt-out, you also give permission to Facebook to share with us your email address (if there is one associated with your Facebook account), date of birth, profile photos, gender, Page likes and current town/city.
If you register or sign in with your Apple ID, you give Apple permission to share your Apple login, a name (that can be edited by you) and an email (you can choose to hide your email and Apple will create a random email address so your personal email can stay private). This email address will be linked to your iHey account and will be used to retrieve your iHey account.
We will then use this personal data to form your iHey account. If you remove the iHey app from your Facebook settings, or from your Apple ID, we will no longer have access to this data. However, we will still have the personal data that we received when you first set up your iHey account using your Facebook or Apple ID (you must delete your iHey account entirely for us to no longer have access to this data).
You may link your iHey account with your Instagram, Facebook or Spotify accounts. This allows you to share some information from those accounts directly to your iHey account (for example, Instagram photos, or your top Spotify artists).
We only receive the limited information that Instagram or Spotify permits to be transferred (as detailed by Instagram/Facebook/Spotify and agreed by you when you first connect your account from such platforms with your iHey account).
If you no longer want to link your iHey account to your Instagram, Facebook or Spotify account, please visit the settings in your Instagram, Facebook or Spotify account and follow the instructions to remove the iHey app access permissions. Please note that any information already added to your iHey account from those platforms will not be deleted unless you delete it within your iHey account as well.
For Users who are California residents, you have the following rights (in addition to those listed at section 10 below) under the California Consumer Privacy Act, and you have the right to be free from unlawful discrimination for exercising your rights under the Act:
California’s “Shine the Light” law, Civil Code section 1798.83, requires certain businesses to respond to requests from California customers asking about the businesses’ practices related to disclosing personal information to third parties for the third parties’ direct marketing purposes. If you wish to find out about any rights you may have under California Civil Code section 1798.83, you can write to us at firstname.lastname@example.org.
From time to time, as part of a joint promotion with a third party, we may, if you participate in such promotion, disclose your contact information to the third party to allow them to market their products or services to you. Where this is a condition for participation in a promotion, we will always let you know before when you enter the promotion. Please follow the instructions provided to you by third parties to unsubscribe from their messages.
In addition, under California law, operators of online services are required to disclose how they respond to “do not track” signals or other similar mechanisms that provide consumers the ability to exercise choice regarding the collection of personal information of a consumer over time and across third party online services, to the extent the operator engages in that collection. At this time, we do not track our Users’ personal information over time and across third-party online services. This law also requires operators of online services to disclose whether third parties may collect personal information about their users’ online activities over time and across different online services when the users use the operator’s service. We do not knowingly permit third parties to collect personal information about an individual User’s online activities over time and across different online services when using the App.
Privacy laws applicable in your country may give you the following rights:
The particular rights which are applicable to you (which might include other rights not listed above) may vary depending on your country. You should make yourself aware of the rights you have under applicable privacy laws in your country.
If you want to exercise any of your rights listed above please visit our Feedback Page or email our Data Protection Officer at email@example.com. You can also contact us by post at the following address: . For your protection and the protection of all of our Users, we may need to request specific information from you to help us confirm your identity before we can answer the above requests.
If you have a concern about how we have processed your request or your personal data, you should contact us in the first instance via the contact details listed above.
If you feel we have not resolved your concern, you have the right to make a complaint at any time to the Information Commissioner’s Office (ICO), the UK supervisory authority for data protection issues (www.ico.org.uk). If you live in a country or territory located in the European Union (EU) or European Economic Area (EEA), you may also get in touch with your local Data Protection Regulator. If you live in a country outside the EU, you may have the right to lodge a complaint with your local privacy or data protection regulator.
Pursuant to Article 27 of the General Data Protection Regulation (GDPR), iHey has appointed Borlux Ltd as its GDPR representative in the EU. If you usually reside in an EU Member State you can contact Borlux Ltd regarding matters pertaining to the GDPR by:
Using the online request form at https://services.nathantrust.com/privacycontact
Postal address: 1st Floor, 6 Lapps Quay, Cork, Ireland
We want you to be able to access iHey wherever you happen to be in the world. To enable us to provide that service, we operate a global network of servers including in the US, UK, EU, and (for Users located in Russia) Russia. The hardware is located in third-party data centres but is owned by the iHey Group. Data collected by Advertising Partners and other Service Providers may also be held outside the UK and the European Economic Area. We ensure that the data is adequately protected by ensuring that valid, legal mechanisms are in place such as: EU approved model clauses (which can be found here), and implementing robust contractual standards. If you want more information relating to the nature of the safeguards we have in place, please email firstname.lastname@example.org.
We keep your personal information only as long as we need it for the legal basis relied upon (as set out in Section 2 above) and as permitted by applicable law. Please see “Profile Verification Information (Including Biometric Information)” in Section 1, above, to learn about our retention policy with respect to biometric information.
When you delete your Account, or it is deactivated by us, we make sure it is no longer viewable in the App. For up to 28 days, it is still possible to restore your Account if it was accidentally deleted or wrongfully deactivated. After 28 days, we begin the process of deleting your personal information from our systems, unless:
Warning: Even after you remove information from your profile or delete your Account, copies of that information may still be viewable and/or accessed to the extent such information has been previously shared with others, or copied or stored by others. We cannot control this, nor do we accept any liability for this. If you have given third party applications or websites access to your personal information, they may retain such information to the extent permitted under their terms of service or privacy policies.
Thanks for reading, we hope we didn’t drone on for too long!