Privacy Policy
Last Updated: 16 March 2025
1. Information We Collect
When you use InnerHug, we may collect the following types of information:
- Personal Information: Name, email address, age, gender, country, user image (if uploaded) and payment information when you subscribe to our services.
- Usage Data: Metadata about your interactions with our AI companions (Buddy, Sage, Mother) — such as session timestamps, feature usage, session duration, and interaction frequency — for the purpose of improving our services and personalising your experience. Your actual chat messages are encrypted at rest and are never accessible to InnerHug, its employees, or any third party. Usage data is retained only for as long as necessary to fulfil these purposes and is never sold to third parties.
- Device Information: Browser type, operating system, and IP address for security and analytics purposes.
- Anonymous Community Posts: When you use our Anonymous Posting feature, content you submit is stored in our database in AES-256-GCM encrypted form. No personally identifiable information (name, email, user ID) is ever associated with a post in any API response or visible to other users. Internally, an anonymised author reference is maintained solely for purposes of allowing you to delete your own posts and for AI-based crisis detection.
2. How We Use Your Information
- To provide and maintain the InnerHug platform.
- To personalize your experience with our AI companions based on your preferences and settings (not your chat content).
- To process payments and manage your subscriptions.
- To communicate with you regarding updates, support, and promotional offers.
- To monitor anonymized usage patterns and improve safety and effectiveness of our AI models.
- To run automated AI-based crisis detection on Anonymous Community Posts for user safety. This process does not store or expose your identity and is handled server-side at the time of posting.
3. Anonymous Community Posts — Data Handling & Disclaimer
InnerHug provides an Anonymous Posting feature that allows users to share thoughts, feelings, or experiences without their identity being revealed. The following applies to all content posted through this feature:
- All post content is encrypted at rest using AES-256-GCM encryption before being stored in our database.
- Posts are displayed publicly to other InnerHug users in the Community feed. By posting, you acknowledge that your content will be visible to other users of the platform.
- Although your identity is hidden from other users, InnerHug retains an internal, encrypted association between your account and your posts solely for moderation, crisis-detection, and self-deletion purposes.
- You are solely responsible for the content you post. Do not post any personally identifiable information about yourself or others, illegal content, defamatory material, or content that violates any applicable law.
⚠ Platform Disclaimer — User-Generated Content
InnerHug operates as a platform that facilitates user-generated anonymous content. In accordance with applicable laws including the Information Technology Act, 2000 (India) and its amendments, and consistent with safe-harbour provisions applied by major social media platforms globally, InnerHug is not responsible for the accuracy, legality, or appropriateness of content posted by users.
InnerHug does not endorse, verify, or take editorial responsibility for user-generated anonymous posts. Any content that violates our Community Guidelines may be removed, and the account responsible may be suspended or terminated. We cooperate with law-enforcement authorities when legally compelled to do so.
You, the user, assume full responsibility for everything you post on InnerHug. InnerHug, its directors, employees, and partners shall not be held liable for any harm caused by content posted by other users.
4. Data Encryption Standards (At-Rest & In-Transit)
We prioritize your privacy by using industry-standard Server-Side Encryption (AES-256-GCM) to protect your conversations and community post data.
- In-Transit: All data sent between your device and our servers is encrypted using SSL/TLS protocols.
- At-Rest: Your chat history and anonymous post content are stored in encrypted format within our secure database.
- We do not sell your personal data to third parties.
5. Content Moderation & AI Safety
All Anonymous Community Posts are scanned by our AI moderation system (powered by Google Gemini) at the time of submission to detect crisis content, self-harm indicators, or extremely distressing content. If such content is detected, an automated AI support response is posted. No human reviewer reads your post as part of this process.
InnerHug reserves the right to remove any post and suspend any account that violates our Community Guidelines, Terms and Conditions, or applicable law — with or without prior notice.
6. Third-Party Services
We use third-party services such as Razorpay (payments), Google (OAuth / AI), and Cloudinary (media storage). These providers have access to your information only to perform tasks on our behalf and are obligated not to disclose or misuse it. Third-party services never have access to your encrypted chat content or your identity behind anonymous posts.
7. Your Rights
Depending on your location, you may have the right to access, update, or delete the information we hold about you. You can delete your own anonymous posts at any time from within the Community feed. To request full account deletion, contact us. Because chat messages are encrypted at rest, we cannot access or provide copies of your conversation history.
In accordance with the Digital Personal Data Protection Act (DPDP), 2023, users in India have the right to nominate an individual to manage their data in case of death or incapacity, and the right to withdraw consent at any time. You also have the right to seek grievance redressal through our Grievance Officer.
8. Contact Us
If you have any questions about this Privacy Policy, please contact us at support@innerhug.in.