Privacy Policy

Last updated: May 2026

hug.care is designed to be private by default. We collect as little as possible and never use your data for advertising or marketing.

What we collect

When you send a hug without an account, we store only the message content, recipient name, and situation temporarily — just long enough for the recipient to open the link. We also record whether and when the link was opened, visible only to you. Nothing is tied to your identity.

When you sign in with your phone number, we store your phone number to verify your identity each time you sign in. We also store your hug history — recipient name, situation, date sent, and open status — on our servers, so it persists across devices.

You can optionally add a display name (shown to recipients as "A hug from [name]") and an email address for account recovery. Both are optional and stored only if you choose to add them. We never use your email for marketing unless you explicitly opt in.

If you subscribe to hug+, we additionally store your subscription status and plan details to manage your billing. We do not store your payment card details.

We do not collect any other personal information beyond what's listed above.

How we use it

We use the data we collect to operate hug.care: to generate and display your hug to the recipient, to verify your identity when you sign in, to store your history when you have an account, and to manage your subscription if you subscribe to hug+. We do not use your data for advertising, marketing, or AI training.

SMS messages

hug.care sends transactional SMS messages only. We never send marketing or promotional SMS, and we do not share your phone number with third parties for marketing. The messages we send fall into three categories:

Message frequency varies based on how you use the app. Standard message and data rates may apply. To stop receiving messages, reply STOP to any message — you will receive one confirmation and no further messages. To get support, reply HELP or contact us. Opting out of SMS does not delete your account; to delete your account, see our data deletion page.

Third parties

We use a small number of third-party providers to operate hug.care: Anthropic for AI message generation, Twilio for SMS delivery, and a payment processor for subscriptions. Each provider receives only the minimum data required for their function. We do not share your data with any third party for marketing or advertising.

Data retention

We keep your hugs while your account is active — your sent messages, recipient names, situations, open status, and history all persist so you can revisit them whenever you want. You can hide specific hugs from your view, delete individual ones by contacting us, or delete your entire account at any time. When you delete your account, your hug data is anonymized within minutes (the sender's name and any personal details are stripped; the message body stays in place so recipients still holding the share link don't see a broken page). If you use hug.care without an account, your hug is stored so the recipient can open it — it stays until that recipient's link goes unused for an extended period.

Your rights

You can request access to, correction of, or deletion of your data at any time. To delete your account, use the in-app "Delete my account" option — deletion is immediate. If you can't sign in, follow the email-request steps on our data-deletion page. For access or correction requests, email us and we'll respond within 30 days.

Cookies

We do not use cookies for tracking or advertising. We use browser storage (localStorage) only to remember your recent hugs and keep you signed in between sessions.

Children

hug.care is not directed at children under 13. We do not knowingly collect data from anyone under 13.

Contact

Questions or concerns? Contact us — we'll respond within 30 days.