MISE Logo
MISE
Join waitlistSign in

Legal

Privacy Policy

Effective date: 25 May 2025

Overview

MISE (“we”, “our”, “us”) operates the MISE operational preparation platform for hospitality venues, based in Sydney, New South Wales, Australia. This Privacy Policy describes how we manage personal information in accordance with the Privacy Act 1988(Cth) (“Privacy Act”) and the Australian Privacy Principles (“APPs”) contained therein.

By using MISE at mise.app and any associated applications, you consent to the collection and handling of your personal information as described in this policy.

Information we collect

Account information

When you create an account or join the waitlist, we collect your name, email address, and business name. If you subscribe to a paid plan, billing information is collected and processed by our payment provider. We collect this information directly from you at the point of account creation (APP 5).

Operational data

To deliver the service, we store the operational data you provide: staffing records, procurement orders, reservation data, forecasts, and venue configuration. This data is used solely to operate the platform on your behalf and is not personal information unless it contains details of identifiable individuals.

Usage data

We collect standard server logs and usage metrics (pages visited, features used, session duration) to understand how the product is used and to diagnose issues. This data is aggregated and not linked to individual operational records.

How we use your information

We use personal information only for the primary purpose for which it was collected, or a directly related secondary purpose you would reasonably expect (APP 6):

  • Provide, maintain, and improve the MISE platform
  • Process transactions and send related notices
  • Respond to support requests and product questions
  • Send product updates and service communications (with your consent, per the Spam Act 2003)
  • Monitor and analyse usage to improve performance
  • Comply with legal obligations under Australian law

Overseas disclosure (APP 8)

Some of our third-party service providers are located outside Australia. Before disclosing personal information to an overseas recipient, we take reasonable steps to ensure the recipient handles that information consistently with the APPs. Our current overseas providers are:

SupabaseUnited StatesAuthentication and database hosting
StripeUnited StatesPayment processing (paid plans)
VercelUnited StatesApplication hosting and delivery
UpstashUnited StatesRate limiting and session management

By using MISE, you consent to your personal information being handled by these providers in the United States. We do not sell your data to third parties or use it for advertising.

Data retention

We retain your account and operational data for the duration of your subscription and for 90 days following account termination, after which it is permanently deleted. We do not keep personal information longer than is necessary for the purpose for which it was collected (APP 11). You may request deletion at any time by contacting us through the website.

Data security

We take reasonable steps to protect personal information from misuse, interference, loss, and unauthorised access, modification, or disclosure (APP 11). All data is encrypted in transit (TLS) and at rest. Authentication sessions are managed through short-lived tokens with rate limiting applied to all authentication endpoints. Access to production data is restricted to authorised personnel only.

Notifiable data breaches

We are subject to the Notifiable Data Breaches (NDB) scheme under Part IIIC of the Privacy Act. If we become aware of a data breach that is likely to result in serious harm to any affected individual, we will notify the Office of the Australian Information Commissioner (OAIC) and affected individuals as soon as practicable and no later than 30 days from becoming aware of the breach.

Your rights (APPs 12 & 13)

Under the Privacy Act, you have the right to:

  • Access the personal information we hold about you (APP 12)
  • Request correction of personal information that is inaccurate, out of date, incomplete, irrelevant, or misleading (APP 13)
  • Know how we handle your personal information (APP 1)
  • Complain about a breach of the APPs (see below)

To exercise any of these rights, contact us through the website. We will respond within 30 days.

Complaints

If you believe we have breached the APPs or this Privacy Policy, please contact us through the website first. We will investigate and respond within 30 days.

If you are not satisfied with our response, you may lodge a complaint with the Office of the Australian Information Commissioner (OAIC) at oaic.gov.au or by calling 1300 363 992.

Cookies

MISE uses session cookies strictly necessary to authenticate your account and maintain your session. We do not use tracking cookies or third-party advertising cookies. Cookie data is not used to identify you personally beyond your authenticated session.

Changes to this policy

We may update this Privacy Policy from time to time. When we do, we will revise the effective date above and notify active users by email. Continued use of the service after the effective date constitutes acceptance of the revised policy.

Contact

MISE — Sydney, New South Wales, Australia. Privacy enquiries can be submitted through the website.