Privacy Policy

This Privacy Policy applies to Hearthly, a registered fictitious name of Dunn Studios LLC, a Florida limited liability company ("we," "us," "our").

Effective date: June 18, 2026 (last revised June 18, 2026)

Contact: legal@gethearthly.app · Mailing address: 6503 Welle Ct., Saint Cloud, FL 34771

The short version. Hearthly is a private care journal. We don’t sell your information, we don’t use your care notes for advertising, and we don’t use your content to train anyone’s AI models. This policy explains, in plain language, what we collect, how we use and share it, and the choices and rights you have.

1. Scope

This Privacy Policy covers gethearthly.app and the Hearthly web and mobile apps, operated by Dunn Studios LLC (“Hearthly,” “we,” “us”). Hearthly is intended for users in the United States, and your information is processed in the United States. By using Hearthly, you agree to this policy. If you don’t agree, please don’t use Hearthly.

2. Information We Collect

2.1 Information you give us

Account information: your name, email address, and password (or your Google sign-in, if you choose that).
Phone number: if you turn on SMS reminders, the mobile number you provide so we (through Twilio) can text your reminders. SMS is strictly opt-in. We do not share, sell, rent, or otherwise disclose your mobile phone number or SMS opt-in data to any third party for their own marketing purposes. We only share your number with Twilio, our SMS delivery provider, solely to send you the messages you have opted into. Message frequency varies by the categories you enable — typically 1–10 messages per month per category. Message and data rates may apply. Reply HELP for help or STOP at any time to cancel.
Profile and care details: your care role, the conditions you choose to journal about, your time zone, and city-level location (used for weather context only — not precise GPS).
Journal content: daily notes, medication and dosage entries, allergy information, symptom and mood logs, sleep notes, appointment details, meals, Life Story answers, and photos you add. Some of this is health-related information about your loved one or yourself.
Care-circle information: the names and email addresses of people you invite, and the role you assign them.
Community and games: the alias you choose, the posts you make in support groups, and your game scores and leaderboard standing. Community and games use aliases, not your real name.
Payment information: handled directly by Stripe when you subscribe through our website, or by the Google Play Store or Apple App Store when you subscribe through those stores. We receive confirmation of payment and your subscription status; we never see or store your full card number, security code, or bank details. Purchases through an app store are also subject to that store's privacy practices. If you make a voluntary one-time contribution through our "Support Us" page, that payment is processed by Stripe on the same basis — we receive confirmation of the contribution but not your full card details.
Communications: messages you send us through email or support.

2.2 Information we collect automatically

Usage data: which features you use, actions you take, and session length — collected through our own internal tracking, not a third-party advertising or analytics network.
Device and log data: browser type and version, operating system, device type, screen size, IP address, referring URLs, and error logs.
Cookies and local storage: used to keep you signed in, remember your preferences, and understand how Hearthly is used. We do not use advertising cookies. See Section 12.

2.3 Information from third parties

Google: if you sign in with Google, we receive your name and email.
Stripe: payment and subscription status.
Weather provider: we request local weather using your city-level setting.
Deezer: Music Moments use Deezer’s public API for previews. We do not store a history of what you listen to.

3. How We Use Information

We use the information we collect to:

Create and manage your account and care circles;
Provide Hearthly — storing and showing your entries to you and the people you’ve authorized;
Generate the AI features you choose to use, such as summaries, pattern notes, provider-prep reports, and help chat (see Section 6);
Send reminders, notifications, and transactional emails (through Resend and SendGrid), and, if you opt in, SMS text reminders (through Twilio) and mobile push notifications (through Firebase Cloud Messaging);
Process payments and manage subscriptions (through Stripe);
Provide support and respond to you;
Keep Hearthly working, fix bugs, and improve features using our own usage data;
Protect against fraud, abuse, and security problems; and
Meet our legal obligations.

We do not use your journal content or health-related notes to train AI models, to show you ads, or to build profiles of you for sale or outside marketing. We do not sell your personal information.

4. Health-Related Information

Much of what you record in Hearthly is health-related — medications, allergies, symptoms, moods, and so on. Because Hearthly is a journaling app and not a healthcare provider, this information is personal journal content, not a medical record or “protected health information” under HIPAA. We still treat it with real care:

It is encrypted while moving over the internet (TLS) and while stored;
Access is limited to the people you invite and the small number of personnel and providers who need it to operate Hearthly;
We never share it with insurers, employers, pharmaceutical companies, marketers, or data brokers;
We don’t analyze it for clinical or diagnostic purposes; and
We don’t sell it.

In plain terms: Because we deliberately keep Hearthly out of the HIPAA system, California’s privacy law treats your health notes as “sensitive personal information.” We only use that information to give you the service you asked for — and Section 10 explains your right to limit it.

5. Care Circles — Who Sees What

A care circle lets the people you invite view and add notes about one loved one. You decide who is in the circle and what role each person has. Roles control what a person can see and do — for example:

Admin: full access, including managing members and settings.
Family: can view and add to the shared record.
Aide / Helper: day-to-day logging access you define.
Provider: limited access suited to a visiting professional.

You can change roles or remove members at any time in your settings. When you remove someone, they lose access going forward, though entries they already made remain part of the shared record unless you delete them.

Recording information about a loved one. Often the loved one is not the person using Hearthly, and — because of conditions like Alzheimer’s or dementia — may not be able to give traditional consent. As explained in our Terms (Section 5), you are responsible for having the authority to record and share a loved one’s information (for example, as the person themselves, a legal representative, or a family caregiver acting in their interest), and for honoring the loved one’s wishes to the extent you know them. If a loved one asks that information about them be removed, you can delete it at any time.

6. AI Features and AI Providers

When you use Hearthly’s AI features, here is exactly what happens to your information — in plain language.

6.1 What we send, to whom, and why

AI provider	What we send and why
Anthropic (Claude)	Powers the in-app help chat and written content such as morning orientation summaries and provider-prep text. When you use these, the relevant parts of your entries (for example, recent logs being summarized, or your chat messages) are sent to Anthropic’s API so it can generate the response, which is then shown back to you in Hearthly.
Google (Gemini)	Generates “embeddings” — numerical representations of your text — that power features like search and pattern detection. To create them, the relevant text is sent to Google’s embeddings API and returned to us as vectors.

These are our current AI providers. We do not use your content to train any AI model, and if we add or change an AI provider, we will update this policy and note what changed.

6.2 What this means for you

AI content is generated only from what you and your circle entered, and is shown only inside your Hearthly account — never published or shared elsewhere by us.
Under our current agreements with Anthropic and Google, your content sent through their APIs is not used to train their AI models. These are commercial API terms set by those providers; if a provider's terms change, we will update this policy and notify you of any material change as described in Section 15. Providers may briefly retain content as needed to deliver the service and for limited safety and abuse-prevention purposes, per their API terms.
We send only what a feature needs — not your entire account — and only when you actually use an AI feature.
You can turn AI features off in your settings. When they’re off, your entries are not sent to AI providers for those features.

In plain terms: AI helps summarize and organize what you’ve already written. Your words briefly travel to Anthropic or Google to do that, then come back to you. They aren’t used to train AI, and you can switch this off anytime.

6.3 AI-powered logging & insights

A few features inside the daily log and respite tools use AI to help you notice patterns in what you have already written. These are advisory only — they don't interpret health data, they aren't medical advice, and you can dismiss or ignore any of them.

Reflection suggestion (in the daily log). When you choose a mood, we ask our AI provider for one short, warm follow-up question (for example, "Did anything help her settle today?"). The question is generated from the mood you picked and recent context from your own logs. You can answer it, dismiss it, or ignore it.
Past-log pattern continuity (in the daily log). As you type a note, we look for similar moments in your own logs from the last 30 days for the same loved one and show up to three short snippets you can tap to re-read. To make matching work, we generate "embeddings" (numerical vectors) of your notes through our AI provider and store them privately in your account. These stored embeddings are treated as part of your account content: they are never used to train any AI model, and they are deleted together with the underlying notes when you delete the content or your account (see Section 9).
"What's helped you before" (in respite). When the app notices a heavier caregiving stretch, we look at your past respite and well-being entries and ask our AI provider to summarize the coping strategies you have already used. We don't suggest new behavior — we reflect your own back to you.
Appointment talking points (in respite). When you have an appointment in the next 7 days, you can ask Hearthly to organize the last 30 days of your own log entries into observations, questions, and changes you've noticed. The output is plain caregiver language ("I've noticed…"), never a diagnosis.

These features only use data from your own circle. Output stays inside your account. They route through our AI providers as described in Section 6.1, and you can turn AI features off in settings.

7. Google Calendar (optional)

If you connect Google Calendar, you authorize Hearthly through Google's secure sign-in (OAuth) to read your calendars and their events. We use this only to show upcoming appointments and a sense of the day's schedule within the Care Circle you choose.

You control which calendars feed which Circle. If you're in more than one Circle, you can attach different calendars to each, and disconnect a Circle individually without affecting the others or your Google account.
We fetch your events live and don't warehouse them. We store the secure connection and your per-Circle calendar choices — not copies of your calendar's contents.
What other members see is limited. Your events contribute to the Circle's shared schedule view, but the specific titles of your events are not shown to other members; they see a generic "Appointment" with the time.
Limited Use. Hearthly's use of information received from Google APIs adheres to the Google API Services User Data Policy (https://developers.google.com/terms/api-services-user-data-policy), including its Limited Use requirements. We do not sell this data, use it for advertising, or use it to train AI models.

8. How We Share Information

We share personal information only in these situations:

Service providers. We share what’s needed with vendors who help run Hearthly. They may use it only to provide their service to us — not for their own purposes. Our key providers are:

Provider	What they help with
Supabase	Database, sign-in, and file/photo storage
Cloudflare	Hosting and content delivery
Stripe	Payment processing
Resend	Transactional email delivery
SendGrid	Email notifications (appointment reminders, trial expiration alerts, subscription receipts). When you receive an email from Hearthly, the message content is sent to SendGrid for delivery. SendGrid does not store the email content after it's sent.
Twilio	SMS medication and appointment reminders. When you enable SMS notifications in settings, Hearthly sends your phone number and reminder text to Twilio, which delivers the message to your phone via SMS. Twilio does not store message content after delivery.
Firebase Cloud Messaging (Google FCM)	Push notifications on mobile devices. When you enable push notifications, Hearthly sends notification text to Firebase, which delivers it to your phone's operating system. Firebase does not store notification content after delivery.
Anthropic	AI chat and written summaries (Section 6)
Google / Gemini	Google sign-in and AI embeddings (Section 6)
Deezer	Music preview search and playback
Weather provider	Local weather from your city-level setting

Legal reasons. We may disclose information if the law requires it (such as a valid subpoena or court order) or if we believe in good faith it’s necessary to protect someone’s safety, prevent fraud, or protect our legal rights. Where we’re allowed to, we’ll try to notify you first.

Business transfers, and what happens if we wind down. If Hearthly is ever sold, merged, or otherwise transfers its assets, your information may transfer as part of that deal. We’ll notify you beforehand, and we’ll require that your information stay subject to a policy at least as protective as this one. This applies even to an involuntary transfer in a bankruptcy or insolvency: because your care notes are sensitive, we will seek to bind any acquirer to protections at least as strong as this policy, and — to the extent the law and the circumstances allow — give you advance notice and a chance to export or delete your data before any transfer takes effect.

If instead we discontinue Hearthly without transferring it to anyone, we will give you notice and an export window as described in Section 16.4 of our Terms, and then delete user personal data on the schedule in Section 9 below, except records we must keep for legal, tax, or accounting reasons.

With your direction. We’ll share in other ways only when you ask us to or clearly direct it (for example, by inviting someone to your circle).

We do not sell personal information, and we do not “share” it for cross-context behavioral advertising (the terms California law uses). We have no advertising network and no data-broker relationships.

9. How Long We Keep Information

We keep your account information and journal content while your account is active so it’s there when you need it. If you delete your account, we delete your personal data within 30 days, with a few exceptions:

Type of data	How long we keep it
Account and journal content	While your account is active; deleted within 30 days of account deletion
Payment and tax records	Up to 7 years, as required for tax and accounting
Backups	Aged out on our normal backup rotation after deletion
Anonymized / aggregated data	May be kept indefinitely — it can no longer identify you
Data tied to a legal hold or dispute	Kept as long as needed to meet a legal obligation or resolve the matter

If you own a Care Circle with other members, we'll ask you to transfer ownership to another member before your account can be deleted, so the shared history those members rely on isn't lost. Once any required transfer is complete, your personal account data is permanently deleted within 30 days. Records that other members authored, or that are shared within a Circle that continues with other members, are retained for those members; where you authored shared entries, your authorship is removed but the entry itself may remain part of the Circle's record.

Read-only accounts (after a trial or lapsed plan) keep their data — we don’t delete it just because a plan ended. You can export or delete it anytime.

If Hearthly winds down. If we discontinue the service, we’ll give you notice and a window to export your data (Terms Section 16.4), then delete user personal data on the schedule above, except records we must retain for legal, tax, or accounting reasons or that transfer to an acquirer under a policy at least as protective as this one (Section 8).

10. Security

We use industry-standard safeguards, including encryption of data in transit (TLS) and at rest, authentication through Supabase, and access controls that limit who can reach personal data. No online service can promise perfect security, and we can’t guarantee it. If a breach occurs that is reasonably likely to put your information at risk, we’ll notify affected users and regulators as the law requires.

11. Your Choices and Rights

11.1 Choices everyone has

Access and update: you can view and edit your account information and entries in the app.
Export your data: request a copy of your journal data anytime at support@gethearthly.app; we respond within 30 days. Export works even on read-only accounts.
Delete your account: from settings, from our public Account & Data Deletion page (no login required), or by emailing support@gethearthly.app. We delete your personal data within 30 days, subject to the exceptions in Section 9. If you own a Care Circle with other members, we'll ask you to transfer ownership to another member before your account can be deleted, so the shared history those members rely on isn't lost. Once any required transfer is complete, your personal account data is permanently deleted within 30 days. Records that other members authored, or that are shared within a Circle that continues with other members, are retained for those members; where you authored shared entries, your authorship is removed but the entry itself may remain part of the Circle's record.
Turn off AI features: in settings, which stops your content from being sent to AI providers for those features.
Email preferences: you can opt out of non-essential emails; we’ll still send essential account and transactional messages.

11.2 California residents (CCPA/CPRA)

California’s privacy law (the CCPA, as amended by the CPRA) gives California residents the rights below. These laws apply to a company only once it passes certain size and data-volume thresholds, which a business at Hearthly’s stage may not yet reach. Either way, we aim to honor these rights for California residents, and we will comply fully if and when the law applies to us:

Know and access the personal information we collect, where it comes from, why we collect it, and who we share it with;
Correct inaccurate personal information;
Delete your personal information, subject to legal exceptions;
Limit sensitive personal information. Your health-related notes are “sensitive personal information” under California law. We already use them only to provide the service you asked for and other purposes the law permits — not to infer things about you — so there is no additional use to limit; and
Opt out of sale or sharing. We do not sell your personal information, and we do not “share” it for cross-context behavioral advertising. Because there is no sale or sharing, there is nothing for a sale/share opt-out — including a browser signal such as Global Privacy Control — to act on.

We won’t discriminate against you for exercising these rights. To make a request, email legal@gethearthly.app with “California Privacy Request” in the subject line. We may ask you to confirm details we already have on file so we know the request is really from you, and you may use an authorized agent. We respond as quickly as we can, and within the timeframes the law requires where it applies (generally within 45 days).

“Shine the Light.” We don’t share personal information with third parties for their own direct marketing, so there’s nothing to disclose under California Civil Code § 1798.83.

11.3 Other U.S. state privacy rights

If you live in a state with a comprehensive privacy law (for example, Virginia, Colorado, Connecticut, Utah, Texas, Oregon, or Montana), you may have similar rights to access, correct, delete, and obtain a copy of your personal information, and to opt out of targeted advertising, the sale of personal information, or certain profiling — none of which we do. Like California’s law, these statutes have size and data-volume thresholds that may not yet apply to a company at Hearthly’s stage, but we aim to honor these rights regardless and will comply fully where the law applies. To make a request, contact legal@gethearthly.app; if we deny a request, you may appeal by replying to our response, and we’ll explain any further appeal options available to you.

Florida residents. Florida has its own privacy law (the Florida Digital Bill of Rights). Its obligations apply only to businesses above revenue thresholds that a company at Hearthly's stage does not meet, so it likely does not yet apply to us; even so, we aim to honor the access, correction, deletion, and portability rights described above for Florida residents, and will comply fully if and when the law applies to us. To make a request, contact legal@gethearthly.app.

12. Cookies and Tracking

We use a small number of cookies and similar technologies: ones that are strictly necessary to keep you signed in and secure, and ones that remember your preferences and help us understand usage through our own internal tracking. We do not use advertising or cross-site tracking cookies, and we don’t allow third-party ad networks on Hearthly. You can control cookies through your browser settings, though turning off necessary cookies may affect sign-in.

13. Children

Hearthly accounts are for adults 18 and older, and Hearthly is not directed to children. Our minimum account age is 18; we mention 13 below only because the federal Children's Online Privacy Protection Act (COPPA) sets 13 as the age floor for collecting personal information directly from a child. We do not knowingly let anyone under 18 create an account, and we do not knowingly collect personal information directly from a child under 13.

Minors in a care circle. A minor may appear in your records — for example, as a loved one you help care for or as a family member. That information is entered by an adult, and the adult who enters it is responsible for having the authority to do so (see Section 5 and our Terms). If you believe a child under 13 has created their own account, or that information about a child was entered by someone without authority, contact us at legal@gethearthly.app and we’ll address it promptly, including deleting an underage account.

14. Third-Party Links

Hearthly may link to other websites or services we don’t control. This policy doesn’t cover them, so please review their privacy policies.

15. Changes to This Policy

We may update this policy. If a change is material, we’ll let you know by email or in-app notice at least 14 days before it takes effect. If you keep using Hearthly afterward, the updated policy applies.

16. Contact Us

Privacy questions, data requests, or concerns: legal@gethearthly.app. We aim to respond within 30 days (and within the timeframes required by applicable law for formal rights requests).

17. Beta Testing & First Circle Recognition

This section applies if you participate in the Hearthly closed beta or are designated a Hearthly First Circle member. It supplements — and does not replace — the rest of this policy.

17.1 Data we collect during beta

Alongside the data described elsewhere in this policy, during the beta period we may collect:

Account information you provide at signup (name, email, profile details).
Usage data — how you interact with the app, features used, session timing, device and platform information.
Feedback and bug reports you send us through the in-app form, email, or other channels.
Care-circle content you voluntarily enter for testing (notes, logs, reminders, and similar entries).

We use this information to improve Hearthly, fix bugs, understand which features are working, and produce aggregated, de-identified analytics. We do not use it to build a separate "First Circle member" profile of you, to treat you differently from other users post-launch, or to share with third parties for marketing or recruiting purposes (except as required by law or as otherwise disclosed in this policy).

17.2 Public recognition (Friends of Hearthly page)

If you are designated a Hearthly First Circle member, we may display your name and profile photo on a public Friends of Hearthly page to thank you for your contribution. This is optional and opt-in — you will be asked at the end of the beta whether you want to be publicly recognized, and you may decline and still receive every other First Circle member benefit. You can request removal from the public page at any time by emailing legal@gethearthly.app; we'll act on the request within 30 days.

17.3 In-app avatar identifier

First Circle members see a distinctive ring around their profile avatar inside the Hearthly app. It is visible to you, to people in your care circle, and to other users who can already see your profile in shared contexts. It stays inside Hearthly — it is not exported to third parties or shown on the public web unless you opt in to public recognition (Section 17.2).

17.4 Retention of beta data

Usage data from the beta is retained for up to 12 months for analytics, then de-identified or deleted.
Feedback and bug reports may be retained indefinitely so they continue to inform product development.
Care-circle content you entered during the beta is treated like any other account data — kept if you continue using Hearthly, exportable on request, and deleted when you delete your account (see Sections 10 and 11).
The First Circle member designation (name, photo, status) is retained while your account is active or until you ask us to remove it.

17.5 Your rights as a First Circle member

In addition to the rights described in Sections 10 and 11, you may:

Decline or withdraw consent for public recognition on the Friends of Hearthly page.
Ask us to discuss visibility of the in-app avatar identifier.
Request deletion of your beta usage data in line with applicable privacy laws.
Ask what information we hold about your participation by emailing legal@gethearthly.app.

Historical references in our internal records may persist where needed for legal or accounting reasons, but future public-facing displays will be removed on request.