Huki
Say thanks, loudly!

Privacy Policy

Last updated: April 22, 2025

1. Introduction

Huki ("we", "our", or "us") is committed to protecting your privacy. This Privacy Policy explains what information we collect, how we use it, and your rights regarding that information. By using Huki you agree to the practices described here.

2. Information We Collect

2.1 Information You Provide

  • Phone number: Required to create an account and authenticate via one-time passcode (OTP).
  • Display name: Optional name you set after signing up, shown on your public profile.
  • Huki messages: The gratitude message you write when sending a Huki to someone.

2.2 Information Collected Automatically

  • Session data: We store session information in our database to keep you logged in across visits.
  • Usage data: We may collect basic server logs (IP address, browser type, pages visited, timestamps) for security and operational purposes.

2.3 Information About Others

When you send a Huki, you provide the recipient's phone number. We use this number solely to deliver the Huki notification SMS and to match the recipient to an existing or new Huki account. We do not sell or share recipient phone numbers with third parties for marketing purposes.

3. How We Use Your Information

  • Authenticate your identity via phone OTP.
  • Deliver Huki notifications and reminder SMS messages to recipients.
  • Display your name and handle on your public profile page.
  • Maintain your Huki balance and credit ledger.
  • Detect and prevent fraud, abuse, and unauthorized access.
  • Comply with legal obligations.

4. SMS Communications

We use Supabase to send OTP authentication codes and Twilio (or equivalent carrier services) to deliver Huki notification SMS messages. Standard message and data rates from your carrier may apply. We do not use your phone number for marketing SMS without your explicit consent.

5. How We Share Your Information

We do not sell your personal information. We may share data with:

  • Service providers: Supabase (authentication and SMS delivery) and our hosting provider, who process data on our behalf under confidentiality obligations.
  • Legal compliance: We may disclose information if required by law, court order, or to protect the safety of users or the public.
  • Business transfers: In the event of a merger, acquisition, or sale of assets, user data may be transferred as part of that transaction.

6. Public Information

Your display name, handle, and the number of Hukis you have earned are visible on your public profile page. Huki messages you write are shared only with the intended recipient; they are not publicly displayed.

7. Data Retention

We retain your account data for as long as your account is active or as needed to provide the Service. You may request deletion of your account and associated data by contacting us. Some data may be retained for a limited period for legal, safety, or fraud-prevention purposes even after deletion.

8. Security

We implement industry-standard safeguards including HTTPS encryption in transit, database-backed sessions with secure tokens, and row-level locking to protect sensitive operations. No system is completely secure, and we cannot guarantee the absolute security of your information.

9. Children's Privacy

Huki is not directed at children under 13. We do not knowingly collect personal information from children under 13. If we become aware that we have done so, we will delete the information promptly.

10. Your Rights

Depending on your jurisdiction, you may have the right to:

  • Access the personal data we hold about you.
  • Correct inaccurate data.
  • Request deletion of your data.
  • Object to or restrict certain processing.

To exercise any of these rights, contact us using the information at the bottom of this page.

11. Third-Party Links

The Service may contain links to third-party websites. We are not responsible for the privacy practices of those sites and encourage you to review their policies.

12. Changes to This Policy

We may update this Privacy Policy from time to time. We will post the revised policy with an updated date. Continued use of the Service after changes are posted constitutes your acceptance of the updated policy.

13. Contact Us

If you have questions or concerns about this Privacy Policy or how we handle your data, please reach out through the contact information available on our website.