Skip to content

Privacy Policy

Last updated: March 14, 2026

Your family's naming journey is deeply personal. We treat the information you share with us with the same care and respect you bring to choosing your child's name. This policy explains what we collect, why, and how we keep it safe.

1. Information We Collect

Account information: When you create an account, we collect your name and email address. If you sign in through Google, Apple, or Facebook, we receive your name and email from that provider — nothing more.

Naming preferences: The details you share during a consultation — cultural background, family surnames, style preferences, sibling names, religious or spiritual traditions, and any additional notes. These help us curate names that feel right for your family. Some of this information (such as cultural or ethnic origin, religious beliefs) may constitute sensitive or special category data under applicable privacy laws — see Section 3 below for how we handle it.

Payment information: When you purchase a plan or Heirloom Dossier, payment is handled entirely by Stripe. We never see or store your card number. We do store your Stripe customer ID and purchase history to manage your account.

Usage data: We collect basic analytics to improve HushName — pages visited, features used, and performance metrics. We use Vercel Analytics and Vercel Speed Insights for this purpose, which use privacy-friendly, cookieless analytics that do not track individual users across sites. We use cookies only where essential for authentication (session cookies). Your questionnaire progress is stored temporarily in your browser's session storage and is never sent to our servers until you submit it.

Device and technical data: When you access HushName, we automatically receive technical information such as your IP address, browser type and version, device type, operating system, and referring URL. This data is used for security (abuse prevention, rate limiting), analytics, and service improvement. IP addresses are not stored long-term and are not linked to your account profile.

2. How We Use Your Information

We use your information to:

  • Generate personalized name consultations tailored to your family's background and preferences
  • Create Heirloom Dossiers with cultural, linguistic, and social insights for names you love
  • Enable partner linking so you and your co-parent can discover names you both love — independently and privately
  • Process payments and manage your account
  • Send transactional emails (purchase confirmations, partner invitations, gift notifications)
  • Monitor and improve our service's reliability, security, and performance
  • Detect and prevent fraud, abuse, and security threats
  • Comply with legal obligations (tax reporting, law enforcement requests)

We will not use your personal information for purposes materially different from those described above without notifying you and, where required by law, obtaining your consent.

3. Legal Basis for Processing (GDPR)

If you are in the European Economic Area (EEA), United Kingdom, or another jurisdiction that requires a legal basis for processing personal data, we rely on the following:

  • Contract performance — Processing your account information, naming preferences, and payment data is necessary to provide the service you've signed up for (generating name consultations, delivering Heirloom Dossiers, enabling partner linking, and fulfilling purchases).
  • Legitimate interest — We process usage data, analytics, device/technical data, and error monitoring data to improve service reliability, detect abuse, prevent fraud, and fix technical issues. We have assessed that these interests do not override your privacy rights.
  • Legal obligation — We retain purchase records as required for tax and financial reporting obligations. We may also process data to comply with law enforcement requests or court orders.
  • Explicit consent — Where your naming preferences include sensitive or special category data (such as cultural or ethnic origin, religious or philosophical beliefs), we process this data based on your explicit consent, which you provide when you submit your consultation questionnaire. You may withdraw this consent at any time by deleting your account or contacting us, though this will affect our ability to provide personalised name recommendations.

4. AI Data Processing

HushName uses third-party AI providers to generate name recommendations and Heirloom Dossiers. This is how we handle your data in that process:

What we send: When you request a consultation, we send your naming preferences to our AI providers. This includes the information you provide in the questionnaire: style preferences, cultural background, family surnames, religious or spiritual traditions, sibling names, and any additional notes. We do not send your email address, name, account ID, or any other identifying information to AI providers.

What we do not guarantee: While we take reasonable steps to minimise and de-identify the data sent to AI providers, we cannot guarantee that AI providers will not infer or derive additional information from the preferences you share. AI-generated outputs may contain inaccuracies, fabricated information, or culturally inappropriate content. See our Terms of Service (Section 2) for important disclaimers about AI accuracy.

How providers handle it:

  • Google (Gemini) — Our primary AI provider. When using the Gemini API with a paid plan, Google does not use your prompts or responses to train its models. Data is processed in accordance with Google's API Terms of Service.
  • OpenAI — Our fallback AI provider and text-to-speech provider. When using the OpenAI API, your data is not used to train OpenAI's models. Data is retained for up to 30 days for abuse monitoring, then deleted. See OpenAI's API Data Usage Policies.

Sensitive data: Because your naming preferences may include cultural, ethnic, or religious information (special category data under GDPR, sensitive information under the Australian Privacy Act), we minimise what we share by stripping all personally identifiable information before sending data to AI providers. Your explicit consent to this processing is obtained when you submit your consultation questionnaire.

AI provider changes: We may change or add AI providers in the future. If we do, we will update this policy and ensure the new provider meets equivalent data protection standards. Material changes to AI data processing will be notified in accordance with Section 16 of this policy.

5. Partner Linking and Shared Data

When you link with a partner, each of you swipes through names independently. We only reveal a match when you both love the same name — neither partner can see the other's full list of likes, passes, or saves. Either partner can unlink their account at any time from Settings, which immediately stops all match comparisons.

Partner linking data is designed for casual name exploration between partners. We do not provide partner linking data for use in legal proceedings and disclaim any responsibility for its accuracy or completeness if it is subpoenaed or requested by third parties. See our Terms of Service (Section 7) for more details.

6. Third-Party Services

We use a small number of trusted providers to deliver HushName:

  • Supabase — Database and authentication. Your data is encrypted at rest and in transit, protected by Row Level Security so only you can access your own records. Data is stored in Supabase's cloud infrastructure.
  • Stripe — Payment processing. Subject to Stripe's Privacy Policy.
  • Google (Gemini) and OpenAI — AI name generation and text-to-speech. See Section 4 above for details on data handling.
  • Resend — Transactional email delivery (purchase confirmations, partner invitations, gift notifications). Resend processes your name and email address to deliver emails on our behalf. Subject to Resend's Privacy Policy.
  • Sentry — Error monitoring to help us fix issues quickly. Error reports may include technical context (browser type, route, error stack traces) but never your naming preferences or personal details.
  • Vercel — Hosting, delivery, and privacy-friendly analytics. Subject to Vercel's Privacy Policy.

We do not sell, rent, or share your personal information with advertisers or data brokers. Ever.

We are not responsible for the privacy practices of third-party services. We encourage you to review their privacy policies. In the event a third-party provider experiences a data breach or security incident affecting your data, we will notify you as described in Section 9.

7. International Data Transfers

HushName is operated from Australia. Our third-party service providers may process your data in countries outside of Australia, including the United States. When your data is transferred internationally, we ensure appropriate safeguards are in place:

  • Our service providers are bound by contractual obligations to protect your data, including Standard Contractual Clauses (SCCs) approved by the European Commission where applicable.
  • We select providers that maintain industry-standard security certifications (such as SOC 2, ISO 27001) and data protection practices.
  • Under the Australian Privacy Act 1988, we take reasonable steps to ensure that overseas recipients handle your personal information in accordance with the Australian Privacy Principles (APPs).

By using HushName, you acknowledge that your data may be processed in jurisdictions with different data protection laws than your own. While we implement safeguards, we cannot guarantee that the laws of every jurisdiction in which your data may be processed will provide the same level of protection as your home jurisdiction.

8. Cookies and Tracking

We use a minimal number of cookies and tracking technologies:

  • Authentication cookies (essential) — Session cookies set by Supabase to keep you logged in. These are strictly necessary and cannot be disabled.
  • Vercel Analytics (functional) — Privacy-friendly, cookieless web analytics that measure page views and performance. No cookies are set and no cross-site tracking occurs.
  • Vercel Speed Insights (functional) — Collects Core Web Vitals performance data. Cookieless and anonymous.

We do not use advertising cookies, social media tracking pixels, or any third-party cookies for marketing purposes. Because we rely only on essential and cookieless analytics, a cookie consent banner is generally not required. If this changes, we will update this policy and implement appropriate consent mechanisms.

9. Data Security

Your data is encrypted in transit (TLS) and at rest. Our database uses Row Level Security — a technical safeguard that ensures authenticated users can only access their own data. Administrative operations use a separate, restricted service role. We regularly review our security practices and dependencies.

While we implement industry-standard security measures, no system is completely secure. We cannot guarantee absolute security of your data and are not liable for unauthorised access resulting from circumstances beyond our reasonable control, including but not limited to sophisticated cyberattacks or vulnerabilities in third-party infrastructure.

Breach notification: In the event of a data breach that is likely to result in a risk to your rights and freedoms, we will notify affected users without undue delay and no later than 72 hours after becoming aware of the breach, as required by applicable law (including GDPR Article 33 and the Notifiable Data Breaches scheme under the Australian Privacy Act). We will also notify the relevant supervisory authorities as required. Our notification will include: the nature of the breach, the categories of data affected, likely consequences, and measures taken or proposed to address the breach.

10. Data Retention

We retain your data for the following periods:

  • Account data, consultations, and saved names — Retained while your account is active. Deleted when you delete your account.
  • Purchase and transaction records — Retained for 7 years after the transaction date, as required for tax and financial reporting obligations under Australian law.
  • Analytics events — Aggregated and anonymised. Individual event data is retained for 12 months, then deleted.
  • Error logs (Sentry) — Retained for 90 days, then automatically deleted.
  • Transactional email records — Retained by Resend for 30 days for delivery monitoring, then deleted.
  • Rate limiting data — IP-based rate limiting data is retained in memory or Redis for a maximum of 24 hours.

11. Account Deletion

You can delete your account at any time from your Settings page. When you delete your account, we permanently remove:

  • Your profile information (name, email, preferences)
  • All consultation sessions and generated names
  • Your swipe history and saved names
  • Partner linking data
  • Analytics events associated with your account

The following may be retained after account deletion:

  • Purchase records — Retained for 7 years for tax compliance, with personal details minimised to what is legally required (transaction ID, amount, date).
  • Stripe records — Stripe retains its own transaction records in accordance with its data retention policies and legal obligations. We do not control Stripe's retention practices.
  • Error logs — Sentry error logs generated during your use of the service may persist for up to 90 days, but do not contain naming preferences or personal profile data.
  • Backups — Your data may persist in encrypted database backups for a limited period (up to 30 days) before being overwritten through normal backup rotation.

Deletion is permanent and cannot be undone.

12. Your Rights

Depending on where you live, you may have the right to:

  • Access your personal data
  • Correct inaccurate information
  • Delete your account and associated data
  • Export your data in a portable format
  • Object to certain types of processing
  • Restrict processing of your data in certain circumstances
  • Withdraw consent where processing is based on consent, without affecting the lawfulness of prior processing

To exercise any of these rights, email us at privacy@hushname.com. We respond within 30 days. We may need to verify your identity before processing your request. If we cannot fulfil your request, we will explain why.

For Australian residents

Under the Australian Privacy Act 1988, you have the right to access and correct your personal information. You also have the right to complain about a breach of the Australian Privacy Principles. If you believe we have breached the APPs, please contact us first. If you are not satisfied with our response within 30 days, you may lodge a complaint with the Office of the Australian Information Commissioner (OAIC).

For European Economic Area and UK residents

Under the GDPR, you have the rights listed above, including the right to data portability and the right to lodge a complaint with your local data protection supervisory authority. Our legal bases for processing are described in Section 3. If you believe we have processed your data unlawfully, you have the right to seek judicial remedy.

For California residents

Under the California Consumer Privacy Act (CCPA) and the California Privacy Rights Act (CPRA), you have the right to:

  • Know what personal information we collect, use, disclose, and sell
  • Request deletion of your personal information
  • Opt out of the sale or sharing of your personal information
  • Non-discrimination for exercising your privacy rights

We do not sell or share your personal information as defined by the CCPA/CPRA. We have not sold or shared personal information in the preceding 12 months. To exercise your rights, contact privacy@hushname.com.

13. Automated Decision-Making

HushName uses AI to generate name recommendations based on your preferences. These recommendations are suggestions to assist your exploration — they are not binding decisions that produce legal or similarly significant effects. No automated decisions are made about your access to the service, pricing, or eligibility based on profiling. You are always free to disregard any suggestion. If you have concerns about how AI-generated recommendations are produced, contact us and we will provide a meaningful explanation of the logic involved.

14. Children's Privacy

HushName is designed for expecting parents and families — not for use by children. We do not knowingly collect information from anyone under the age of 16 (or the applicable age of digital consent in your jurisdiction). If you believe a child has provided us with personal information, please contact us and we will promptly remove it. If we become aware that we have collected personal information from a child without verified parental consent, we will take steps to delete that information.

15. Law Enforcement and Legal Requests

We may disclose your personal information if required to do so by law or in response to valid legal process (such as a court order, subpoena, or government request). Where legally permitted, we will notify you of such requests before disclosing your information. We will challenge requests that we believe are overbroad, vague, or lack proper authority.

16. Changes to This Policy

We may update this policy from time to time. When we make material changes, we'll update the date at the top and notify you by email or by displaying a prominent notice within the service at least 14 days before the changes take effect. Material changes include: new categories of data collected, new purposes for processing, new third-party data sharing, or changes to your rights.

17. Contact Us

For privacy-related questions or to exercise your data rights:

Privacy Contact: privacy@hushname.com

General Support: support@hushname.com

HushName is operated from New South Wales, Australia.

If you are not satisfied with our response to a privacy concern, you have the right to lodge a complaint with the relevant supervisory authority in your jurisdiction.