Privacy Policy

MooMeetup (“we”, “our”, or “us”) is committed to protecting your personal data in accordance with the Personal Data (Privacy) Ordinance (Cap. 486, Laws of Hong Kong) (“PDPO”) and its six Data Protection Principles.

This Privacy Policy explains what personal data we collect, why we collect it, how we use and protect it, and your rights as a data subject.

By using our website at moomeetup.com and submitting any application or form, you acknowledge that you have read and understood this policy.

We may collect the following categories of personal data:

• Identity data: First name, last name, profile photo (via Google Sign-In)
• Contact data: Email address, phone number (WhatsApp format)
• Profile data: Age range, sex, diet preference, nationality, location, occupation, MBTI type
• Social data: Instagram handle, LinkedIn profile URL
• Community data: Interests, background, how you heard about us, event preferences
• Business data: Business name, category, description, logo, and location (for MooBiz applications)
• Technical data: Authentication tokens via Google OAuth

We do not collect sensitive personal data such as financial information, government-issued ID numbers, or medical records.

Your personal data is collected and used for the following purposes:

• Processing and reviewing your MooMeetup membership application
• Matching you with events, gatherings, and community members
• Managing your account and profile on moomeetup.com
• Processing MooBiz directory listings
• Sending event invitations, community updates, and newsletters (where consented)
• Improving our services and user experience
• Complying with applicable laws and regulations

We will not use your personal data for purposes beyond those listed above without obtaining your prior consent, except as required by law.

Your personal data is stored securely on Supabase, a cloud database platform. Data is stored in servers located in the United States. Supabase complies with industry-standard security practices including encryption at rest and in transit.

We retain your personal data for as long as your account is active or as needed to provide our services. If you request deletion of your account or data, we will erase your personal data within 30 days unless retention is required by law.

We do not sell, rent, or trade your personal data to third parties. We may share your data in the following limited circumstances:

• Service providers: Supabase (database), Google (authentication and OAuth), Vercel (hosting). These providers act as data processors under our instruction.
• Community members: With your consent, limited profile information (first name, photo, occupation) may be shared with other MooMeetup members at events.
• Legal requirements: Where required by Hong Kong law, court order, or regulatory authority.

Our website uses session cookies solely for authentication purposes (to keep you signed in). We do not use advertising cookies, cross-site tracking, or third-party analytics cookies.

You may disable cookies in your browser settings, but this may affect your ability to sign in or use certain features.

Under the PDPO, you have the right to:

• Access: Request a copy of the personal data we hold about you (Data Access Request under s.18 PDPO)
• Correction: Request correction of any inaccurate personal data we hold about you (Data Correction Request under s.22 PDPO)
• Opt-out: Withdraw consent for direct marketing communications at any time
• Deletion: Request erasure of your personal data, subject to our legal retention obligations

To exercise any of these rights, please contact us at the address below. We will respond within 40 days as required under the PDPO.

We may use your email address to send MooMeetup newsletters, event announcements, and community updates where you have given consent (by checking the subscribe checkbox on our application form).

You may opt out of marketing communications at any time by clicking the unsubscribe link in any email, or by contacting us directly. Opting out does not affect transactional communications related to your account.

We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, loss, or disclosure. These include:

• TLS encryption for all data in transit
• Encrypted storage via Supabase
• Role-based access controls limiting staff access to personal data
• Google OAuth for secure authentication (we do not store passwords)

Our website may contain links to third-party websites including moocredits.io, moolabs.ai, and moomingle.app. These sites have their own privacy policies and we are not responsible for their data practices. We encourage you to review their policies before submitting any personal data.

We may update this Privacy Policy from time to time. The date at the top of this page indicates when it was last revised. Continued use of our services after any changes constitutes acceptance of the updated policy.

If you have any questions about this Privacy Policy, wish to make a Data Access or Correction Request, or have a complaint regarding our handling of your personal data, please contact our Privacy Officer: