Privacy Policy

Welcome to Hearth, a private family emotional connection application developed and operated by Hearth Technologies ("we", "us", or "our"), a company registered in the United Arab Emirates.

This Privacy Policy ("Policy") describes how we collect, use, store, share, and protect your personal information when you use:

• The Hearth mobile application on iOS and Android ("App")
• The Hearth website at hearth.family ("Site")
• Any related services, features, or content (collectively, "Services")

This Policy applies to all users globally. We are committed to compliance with the General Data Protection Regulation (GDPR), the California Consumer Privacy Act (CCPA), the UAE Federal Law No. 45 of 2021 on Personal Data Protection (PDPL), the Children's Online Privacy Protection Act (COPPA), Apple App Store Review Guidelines, and Google Play User Data Policy.

By downloading, installing, or using Hearth, you acknowledge that you have read, understood, and agree to this Privacy Policy. If you do not agree, please discontinue use and contact us to delete your account.

Data Controller: Hearth Technologies, United Arab Emirates
Privacy Contact: [email protected]
General Contact: [email protected]

2.1 Personal & Account Data

What: Full name, display name, email address, date of birth, family role (e.g. Parent, Child, Grandparent), preferred language, and optional phone number.

How: Provided directly by you during account registration or profile setup.

Why: To create and secure your account, personalise your experience, enforce minimum age requirements, and support WhatsApp-based messaging features (phone only).

2.2 Profile Photo

What: An optional profile image you choose to upload.

How: Uploaded voluntarily via the in-app camera or photo library.

Why: To display your identity to members of your family circle.

2.3 Authentication Credentials

What: Hashed password (we never store plaintext passwords), or third-party identity tokens from Apple Sign-In and Google Sign-In, or a one-time magic link token for passwordless sign-in.

How: Generated at sign-up or sign-in and processed through Supabase Auth.

Why: To authenticate you securely and maintain your session.

2.4 Emotional & Mood Data

What: Your daily mood check-in score (numeric rating from 1–5 or equivalent emoji), optional private text notes accompanying a check-in, and your check-in history over time.

How: Submitted actively by you each time you complete a daily check-in.

Why: To display your emotional state to family members, generate AI-powered connection suggestions, and provide insights about family wellbeing over time. Private notes are only used for AI suggestion generation if you choose to include them.

2.5 Family Circle Data

What: Family name, unique family identifier, member list and roles, invite links and QR codes, and family activity timestamps (last check-in, last active).

How: Created when you establish or join a family circle; invite links are generated on demand.

Why: To operate the core family connection functionality — showing family status, enabling moment sharing, and managing circle membership.

2.6 Location Data (Precise GPS)

What: Real-time GPS latitude and longitude, updated at regular intervals while sharing is active.

How: Collected from your device's location services only when you explicitly opt in to Family Map location sharing. Location is transmitted in real time via Supabase Realtime channels.

Why: To display your position on the Family Map to circle members. Location is never stored permanently on our servers — it exists only in the active real-time channel and is discarded when you stop sharing or close the session.

Note: You can disable sharing at any time or activate Ghost Mode to hide your position without fully disabling the feature.

2.7 Voice & Audio Data

What: (a) Voice recordings you create and send as in-app voice notes to family members. (b) Your microphone audio streamed in real time during AI voice conversation sessions.

How: (a) Recorded in-app and stored in Supabase Storage. (b) Streamed to ElevenLabs via their SDK during active voice sessions; Hearth does not retain the raw audio after the session ends.

Why: (a) To deliver voice messages to family members. (b) To enable real-time AI voice conversations via the ElevenLabs platform.

2.8 Moments & Media Content

What: Photos, images, captions, and text you publish to the Family Moments feed.

How: Uploaded voluntarily by you within the app.

Why: To share family memories and updates within your private circle. Moments are visible only to members of your family circle — they are never public.

2.9 AI Interaction Data

What: The subset of mood data (score and optional notes) that you choose to include when requesting an AI connection suggestion; AI-generated suggestion text stored to personalise future recommendations.

How: Transmitted securely to OpenAI's API on your request; suggestions stored in Supabase.

Why: To generate personalised, context-aware connection suggestions to help you stay emotionally connected to your family.

2.10 Device & Technical Data

What: Device model, manufacturer, operating system version, app version, IP address, time zone, locale/language settings, and device push notification token.

How: Automatically collected by the app runtime, Supabase, and Firebase SDKs at app launch and during sessions.

Why: To ensure compatibility, deliver push notifications, troubleshoot crashes, and improve performance across device types.

2.11 Usage & Analytics Data

What: In-app event names (e.g., "check_in_completed", "moment_posted"), screen views, feature interaction counts, session duration, and user flow paths — all without directly identifiable personal details.

How: Automatically collected via Firebase Analytics and processed according to Firebase's privacy standards.

Why: To understand how features are used, prioritise improvements, and measure product health — without tracking individuals.

2.12 Crash & Error Logs

What: Stack traces, error messages, device model, OS version, app version, and an anonymised installation identifier at the time of a crash.

How: Automatically captured by Firebase Crashlytics and Sentry when the app encounters an unexpected error.

Why: To identify, diagnose, and resolve stability issues quickly.

2.13 Subscription & Payment Data

What: Your current subscription tier, subscription status (active/expired/ cancelled), transaction identifiers issued by Apple App Store or Google Play, and a RevenueCat customer identifier linked to your account.

How: Passed from Apple/Google to RevenueCat on purchase; Hearth receives only tier and status — never raw payment card details.

Why: To gate premium features, manage entitlements, and handle billing inquiries.

2.14 Cookies & Tracking Technologies

The Hearth mobile app does not use browser cookies. The Hearth website (hearth.family) uses minimal session cookies required for navigation only. We do not use advertising trackers, third-party pixels, or persistent tracking technologies on the website. Analytics on the website, if any, are limited to privacy-respecting, aggregate-only tools.

• Core service delivery: authenticate users; display family check-ins, moods, moments, and map; manage family circles; deliver push notifications; maintain your session.
• AI-powered suggestions: generate personalised connection nudges (e.g., call a family member, send a voice note) based on mood context submitted to OpenAI.
• AI voice conversations: power real-time voice interactions with the Hearth AI companion via ElevenLabs streaming.
• Personalisation: remember your language preference, display name, role, and family context across sessions and devices.
• Communications: send transactional emails — account confirmation, password reset links, magic-link sign-in emails, and critical service announcements. We do not send marketing emails without your explicit opt-in.
• Subscription management: validate, activate, and manage your in-app subscription tier and enforce feature entitlements.
• Product improvement: analyse anonymised, aggregated usage patterns to improve features and prioritise the product roadmap.
• Safety & security: detect and prevent fraudulent activity, abuse, unauthorised access, and Terms of Use violations.
• Legal compliance: fulfil obligations under UAE PDPL, GDPR, CCPA, COPPA, and respond to lawful government requests.
• Crash resolution: triage and fix application errors reported via Crashlytics and Sentry to maintain app stability.

For users in the European Economic Area, the United Kingdom, and Switzerland, we process personal data only where we have a valid legal basis:

Where processing is based on consent, you may withdraw it at any time without affecting the lawfulness of processing prior to withdrawal. To withdraw consent, use the relevant in-app toggle or contact us at [email protected].

We do not sell, rent, or trade your personal data. We share data only in the following circumstances:

a) Within Your Family Circle
Mood status, check-in history, shared moments, voice notes, and real-time location (when enabled) are shared with family members you have explicitly invited into your circle. You control who is in your circle at all times.

b) Service Providers (Data Processors)
We engage third-party processors listed in Section 6. Each receives only the data necessary for their function and is bound by a Data Processing Agreement or equivalent contractual protections.

c) Legal Obligations
We may disclose data to law enforcement, courts, or government authorities when required by applicable law, court order, or legal process, or to protect the rights, safety, or property of Hearth Technologies, our users, or the public. Where lawfully permissible, we will notify you before disclosing your data.

d) Business Transfers
In the event of a merger, acquisition, restructuring, or sale of all or a portion of our assets, your data may be transferred as part of that transaction. We will provide at least 30 days' notice via in-app notification and email before your data becomes subject to a materially different privacy policy.

e) With Your Explicit Consent
In any other case, we will share data only with your clear, informed, and freely given consent.

We never sell your personal data. This applies to all users, including California residents exercising rights under the CCPA.

The following third-party services are integrated into Hearth. Each processes your data solely for the purposes described:

We do not integrate advertising networks, ad tracking SDKs, data brokers, or any third-party services for marketing profiling purposes.

We retain personal data only for as long as necessary to fulfil the purposes described in this Policy, comply with legal obligations, and resolve disputes:

Subject to applicable law, you have the following rights regarding your personal data. To exercise any right, contact [email protected] or use the relevant in-app controls.

Right of Access (GDPR Art. 15 / CCPA): Request a copy of the personal data we hold about you and information about how we use it.

Right to Correction (GDPR Art. 16): Request correction of inaccurate or incomplete data. Most profile data can be updated directly in the app under Settings → Edit Profile.

Right to Deletion / Erasure (GDPR Art. 17 / CCPA): Request that we delete your personal data. You can initiate account deletion in the app via Settings → Edit Profile → Delete Account. Deletion is subject to legal retention obligations (e.g., billing records).

Right to Data Portability (GDPR Art. 20): Request your data in a structured, machine-readable format (JSON) to transfer to another service. Contact us to submit a portability request.

Right to Object (GDPR Art. 21): Object to processing based on legitimate interests. We will cease such processing unless we can demonstrate compelling legitimate grounds that override your interests.

Right to Restriction (GDPR Art. 18): Request that we restrict processing of your data while a correction or objection request is evaluated.

Withdraw Consent: Where processing is based on consent (location sharing, AI voice, push notifications), you can withdraw at any time via in-app toggles or by contacting us, without affecting prior lawful processing.

Opt Out of AI Processing: You may stop using AI suggestion and voice features at any time. This does not affect your access to the core Hearth features.

California Residents (CCPA/CPRA): In addition to the rights above, you have the right to: (i) know what personal information is collected, disclosed, and sold; (ii) opt out of the sale or sharing of personal information (we do not sell or share data for advertising); (iii) limit use of sensitive personal information; (iv) non-discrimination for exercising privacy rights.

UAE Residents (PDPL): You have the right to access your data, request correction or deletion, and object to processing under the UAE Federal Law No. 45 of 2021 on Personal Data Protection.

We aim to respond to all privacy requests within 30 days. For complex requests, we may require up to 90 days and will notify you of any extension. EEA residents may also lodge a complaint with their local supervisory authority (e.g., the Data Protection Authority in their EU member state).

We implement technical and organisational measures commensurate with the risk of processing your data:

• Encryption in transit: All communications between the app and our servers use TLS 1.2 or higher. OAuth tokens and magic link tokens are transmitted only over encrypted channels.
• Encryption at rest: Data stored in Supabase is encrypted at the database level. Profile photos and media are stored in Supabase Storage with server-side encryption.
• Row-Level Security (RLS): Supabase RLS policies enforce that each authenticated user can access only their own data and their family circle's data — enforced at the database query level.
• Password hashing: All passwords are hashed using bcrypt via Supabase Auth. Plaintext passwords are never stored.
• Session management: Auth tokens are stored in encrypted platform-native storage (iOS Keychain / Android Keystore equivalent via Expo SecureStore or AsyncStorage with encryption).
• Access control: Access to production infrastructure is restricted to authorised Hearth Technologies personnel, enforced via multi-factor authentication and role-based access control.
• Vulnerability management: We conduct periodic security reviews and address identified vulnerabilities promptly.
• Incident response: In the event of a data breach, we will notify affected users and relevant authorities within the timeframes required by applicable law (72 hours under GDPR where feasible).

Despite these measures, no method of internet transmission or electronic storage is 100% secure. We encourage you to use a strong, unique password, enable device-level security, and contact us immediately if you suspect unauthorised access to your account.

Hearth is not directed to children under the age of 13. We do not knowingly collect personal information from children under 13. If you are under 13, you may not create an account or use any Hearth service.

Users aged 13 to 17 (Minors) may use Hearth only under the active supervision and with the verifiable consent of a parent or legal guardian. By registering a minor's account or adding a minor to a family circle, the supervising adult confirms they have reviewed this Privacy Policy and consent to the collection and use of the minor's data as described herein.

Parents or guardians may request the deletion of their child's data at any time by contacting us at [email protected]. We will delete the data promptly upon verification of the requestor's authority.

If we discover that we have inadvertently collected personal information from a child under 13 without verifiable parental consent, we will delete that information immediately and notify the relevant guardian if contact information is available.

This section is designed to comply with the U.S. Children's Online Privacy Protection Act (COPPA), the EU GDPR provisions on children's data, and equivalent child protection regulations in other jurisdictions.

Hearth Technologies is based in the UAE. However, some of our third-party service providers (including Supabase, Firebase, OpenAI, ElevenLabs, Sentry, and RevenueCat) operate data centres in the United States and other countries. Your personal data may therefore be transferred to, stored in, and processed in countries outside your country of residence, including countries that may not provide the same level of data protection as your home jurisdiction.

For transfers from the EEA, UK, or Switzerland to third countries, we rely on appropriate transfer safeguards, including:

• European Commission Standard Contractual Clauses (SCCs) with our data processors where applicable.
• Adequacy decisions where recognised by the European Commission or UK ICO.
• Binding Corporate Rules or other recognised legal mechanisms as appropriate.

For transfers from the UAE, we ensure appropriate contractual protections consistent with UAE PDPL requirements.

By using Hearth, you acknowledge that your data may be processed in countries outside your own. If you have questions about specific transfer mechanisms, contact us at [email protected].

We may update this Privacy Policy from time to time to reflect changes in our practices, the features we offer, or applicable legal requirements.

For material changes — changes that significantly affect your rights, the categories of data we collect, or how we use your data — we will provide at least 30 days' advance notice via:

• An email to the address on file with your account, and/or
• A prominent in-app notification requiring your acknowledgement, and/or
• A notice on this page with an updated "Last updated" date.

For non-material changes (clarifications, formatting corrections, contact detail updates), we will update the "Last updated" date without prior notice. We encourage you to review this Policy periodically.

Your continued use of Hearth after the effective date of an updated Policy constitutes acceptance of the revised terms. If you do not accept a material change, you should stop using Hearth before the effective date and may request deletion of your account.

For any privacy-related questions, data rights requests, or to report a concern, please contact us through the appropriate channel below:

We aim to acknowledge all requests within 5 business days and resolve them within 30 calendar days. For complex requests under GDPR, we may extend the response period by up to 60 additional days and will inform you of the extension and reason.

EEA residents who are not satisfied with our response have the right to lodge a complaint with their national supervisory authority. A list of EEA supervisory authorities is available at edpb.europa.eu.