Privacy Policy

hushpair Privacy Policy

Effective date: April 25, 2026. hushpair is designed to collect as little information as possible and to retain it for as little time as possible.

Our approach

hushpair is a minimalist anonymous 1:1 text chat service. We do not require full accounts, we do not ask for profile data, and we do not design the product around advertising, identity graphs, or social tracking.

Our default goal is data minimization: if we do not need a piece of information to operate the service safely and reliably, we do not want to collect or keep it.

What we collect

We try to limit stored data to the following categories:

• Ephemeral room and participant records needed to keep a two-person chat working.
• Encrypted-at-rest chat message content.
• Encrypted-at-rest nicknames when participants choose to use them.
• Hashed or otherwise obfuscated network and device diagnostics, such as keyed IP hashes and user-agent hashes.
• Minimal operational telemetry, such as aggregate counts needed to understand uptime, load, and abuse patterns.

Cookies and local browser storage

hushpair uses a small number of essential cookies and local browser storage entries to keep the service working. These are used for anonymous session continuity, room access, bookmark recovery in the same browser, and theme preference storage.

We do not use cookie banners for advertising or behavioral tracking because that is not what these cookies are for. Our goal is service operation, not cross-site profiling.

What we do not want to collect

• Real names, profile biographies, avatars, social graphs, address books, or demographic profiles.
• Email addresses, phone numbers, or contact handles as part of normal product use.
• Advertising identifiers or behavioral tracking data for ad targeting.
• Cleartext IP-address history in our app tables.

How chat content is protected

hushpair is built to protect chat content and nicknames at rest. Message bodies and nickname fields are encrypted before they are written to persistent storage.

We also filter sensitive request parameters from application logs to reduce the risk of accidental cleartext exposure through debugging or log retention.

That said, a live chat service cannot deliver messages without handling plaintext transiently while the service processes and transmits messages to the intended participants. In other words: we aim to avoid storing readable chat content, but real-time delivery still requires temporary in-process handling of message text.

Retention

We aim to keep chat rooms and their associated data only as long as necessary to operate the service, diagnose issues, and respond to abuse or safety incidents.

Rooms expire automatically. Message history may also be limited by room-level retention settings such as keeping only the last set of messages or only a recent time window. We try to prefer aggregate counts and obfuscated identifiers over raw historical records whenever possible.

Diagnostics and analytics

We may keep limited operational analytics, including aggregate or obfuscated counts of active usage, so we can maintain the service and later build privacy-preserving analytics graphs.

Our intent is to avoid analytics systems that expose who said what, which nickname a person used, or which exact IP address they connected from.

Abuse prevention

We may use limited, privacy-conscious controls such as throttling, hashed network identifiers, and basic content safety checks to reduce spam, harassment, fraud, and attempts to move users off-platform using personal contact details.

Third-party infrastructure

Like most internet services, hushpair depends on hosting, networking, and software infrastructure provided by third parties. Those providers may process limited technical data such as IP addresses, connection metadata, or logs as part of running the service.

Your choices

You can stop using hushpair at any time, end a room, or let a room expire naturally. Because the service does not use full accounts, we may not always be able to associate a later request with a past anonymous session unless you still control the same browser-based access state.

Security

We use reasonable technical and organizational safeguards to protect the service. No system is perfectly secure, but we aim to reduce unnecessary collection, encrypt sensitive data at rest, minimize cleartext logging, and limit retained diagnostics.

Children

hushpair is not intended for children under 13, and we do not knowingly seek to collect personal information from children.

Policy updates

We may update this Privacy Policy as hushpair evolves. When we make material changes, we will update the effective date on this page and revise the policy text to match how the service actually operates.