last updated · 16 may 2026
Privacy Policy.
HUSH is a privacy-first cycle and wellness companion. This policy explains, in plain language, what data the app collects, why, how it is protected, and what you control.
The summary
- We do not sell your data, ever.
- We do not share your data with advertisers, data brokers, or analytics providers.
- We do not use advertising or analytics SDKs, and we do not track you across other apps or websites.
- Your data is encrypted in transit (TLS) and encrypted at rest on our infrastructure. Access is strictly limited to operating the service for you.
- You can export or permanently delete your account and all of its data from inside the app at any time.
1. Who we are
HUSH is an iOS application operated by the HUSH project ("we", "us"). You can reach us at hello@hush.app.
2. What we collect
We deliberately collect as little as possible.
- Account identifiers. When you sign in with Apple or Google, we receive an authentication token, a stable user identifier, and an email address. These are required to create your account and sync your data across devices.
- Health & cycle content. Cycle dates, symptoms, mood, flow, BBT readings, notes, medications, and reminders that you enter. This is stored on our backend so it is available across your devices, encrypted in transit and at rest.
- App preferences. Mode (cycle, TTC, pregnancy, postpartum, perimenopause), tracked categories, default cycle length, sync toggle, travel-mode state.
- Subscription state. Whether you have an active HUSH Plus subscription. Apple processes the payment; we receive only the entitlement state.
- Diagnostic information. If the app crashes, we may receive an anonymous crash report containing the file and line where the error occurred. No personal data is included.
3. What we do not collect
- We do not collect your name, address, phone number, location, photos, contacts, calendar, microphone, or camera.
- We do not read or write to Apple HealthKit unless a future version asks for your explicit opt-in.
- We do not use third-party advertising or analytics SDKs.
- We do not track you across other apps or websites.
- HUSH includes no IDFA collection and presents no App Tracking Transparency prompt.
4. How we use the data
We use the limited data we collect only to: keep you signed in, sync your content across your devices, deliver the features you turn on (predictions, reminders, doctor-export PDF), and maintain a working subscription. We do not use your health data for advertising, profiling, or sale. That is the entirety of the use.
5. How your data is stored and protected
Your data is stored with our backend provider, Convex, in databases located in the United States. It is encrypted in transit using TLS 1.2 or higher, and encrypted at rest by our infrastructure provider.
Access to production data is restricted to the minimum necessary to operate and support the service, governed by access controls. We do not sell it, share it with advertisers, or use it for any purpose other than running HUSH for you. Authentication is delegated to Apple or Google — we never see or store your password.
6. Sharing
We do not sell, rent, lease, or share your data with any third party for marketing or advertising purposes. We share data with the following processors only as strictly required to operate the app:
- Clerk — authentication.
- Convex — data storage and sync.
- Apple — subscription processing and delivery via the App Store.
- RevenueCat — subscription state validation.
Each processor is bound by a data-processing agreement and may not use your data for any purpose other than operating HUSH on our behalf.
7. Your rights
You can, at any time, from within the app:
- Access — view all of your data on the Today, Calendar, Insights, and Privacy screens.
- Export — generate a PDF or JSON export from the Privacy screen.
- Correct — edit or remove individual logs, cycles, BBT readings, and meds.
- Delete — Settings → Delete account permanently removes your account and all associated records. This cannot be undone.
Residents of the EU/UK have rights under the GDPR/UK GDPR to access, rectify, port, or erase personal data, and to object to processing. Residents of California have the rights granted by the CCPA/CPRA. To exercise any right not already available in-app, email hello@hush.app and we will respond within 30 days.
8. Children
HUSH is not directed to children under 13. We do not knowingly collect personal information from children. If you believe a child has created an account, email us and we will delete it.
9. International transfers
If you use HUSH outside the United States, your data may be transferred to and stored on servers in the United States. Where applicable, we rely on the Standard Contractual Clauses approved by the European Commission and equivalent UK transfer mechanisms.
10. Retention
We keep your records for as long as your account is active. When you delete your account, the records are permanently removed within 30 days. Anonymous crash reports are kept for 90 days.
11. Security
All traffic is encrypted in transit using TLS 1.2 or higher, and data is encrypted at rest on our infrastructure. Authentication is delegated to Apple or Google; we do not log or store passwords. Access to production data is limited to operating and supporting the service.
12. Changes
If we materially change this policy, we will notify you in the app and update the "last updated" date above. Continued use after changes means you accept the new policy.
13. Contact
Questions, requests, or anything that does not feel right: hello@hush.app.