Privacy Policy

hushpair Privacy Policy

Effective date: April 25, 2026. hushpair is designed to collect as little information as possible and to retain it for as little time as possible.

Our approach

hushpair is a minimalist anonymous 1:1 text chat service. We do not require full accounts, we do not ask for profile data, and we do not design the product around advertising, identity graphs, or social tracking.

Our default goal is data minimization: if we do not need a piece of information to operate the service safely and reliably, we do not want to collect or keep it.

What we collect

We try to limit stored data to the following categories:

• Ephemeral room and participant records needed to keep a two-person chat working.
• Encrypted-at-rest chat message content.
• Encrypted-at-rest nicknames when participants choose to use them.
• Hashed or otherwise obfuscated network and device diagnostics, such as keyed IP hashes and user-agent hashes.
• Minimal operational telemetry, such as aggregate counts needed to understand uptime, load, and abuse patterns.

What we do not want to collect

• Real names, profile biographies, avatars, social graphs, address books, or demographic profiles.
• Email addresses, phone numbers, or contact handles as part of normal product use.
• Advertising identifiers or behavioral tracking data for ad targeting.
• Cleartext IP-address history in our app tables.

How chat content is protected

hushpair is built to protect chat content and nicknames at rest. Message bodies and nickname fields are encrypted before they are written to persistent storage.

We also filter sensitive request parameters from application logs to reduce the risk of accidental cleartext exposure through debugging or log retention.

That said, a live chat service cannot deliver messages without handling plaintext transiently while the service processes and transmits messages to the intended participants. In other words: we aim to avoid storing readable chat content, but real-time delivery still requires temporary in-process handling of message text.

Retention

We intend to keep chat rooms and their associated data only as long as necessary to operate the service, diagnose issues, and respond to abuse or safety incidents.

Our operating principle is short retention. Rooms expire automatically. Diagnostics should be minimized. Where possible, we prefer aggregate counts and obfuscated identifiers over raw historical records.

Diagnostics and analytics

We may keep limited operational analytics, including aggregate or obfuscated counts of active usage, so we can maintain the service and later build privacy-preserving analytics graphs.

Our intent is to avoid analytics systems that expose who said what, which nickname a person used, or which exact IP address they connected from.

Abuse prevention

We may use limited, privacy-conscious controls such as throttling, hashed network identifiers, and basic content safety checks to reduce spam, harassment, fraud, and attempts to move users off-platform using personal contact details.

Security

We use reasonable technical and organizational safeguards to protect the service. No system is perfectly secure, but we aim to reduce unnecessary collection, encrypt sensitive data at rest, minimize cleartext logging, and limit retained diagnostics.

Children

hushpair is not intended for children under 13, and we do not knowingly seek to collect personal information from children.

Policy updates

We may update this Privacy Policy as hushpair evolves. When we make material changes, we will update the effective date on this page and revise the policy text to match how the service actually operates.