Legal

Privacy Policy

Last updated: April 29, 2026

1. Controller

The person responsible for processing personal data in this app is:

Nicole Jänchen
Johannesstraße 3
14165 Berlin
Germany
Email: [email protected]

2. Data we collect

We collect and process the following personal data:

• Email address, used for trusted-contact alerts, account recovery, and email verification
• Display name, used in notifications to your trusted contacts
• Check-in timestamps, the date and time of each daily check-in
• Device information, such as operating system and app version for technical support
• Push token, used to deliver notifications
• Waitlist data, such as name, email, country, preferred language, platform interest, and beta-test interest when you join the Bearhugme waitlist

We do not collect location data, health data, or payment data. Payments, if introduced later, are handled by the relevant app store.

3. Purpose of processing

We process your data only for these purposes:

• providing app functionality, including daily check-ins and notifications
• technical operation and error analysis
• alerting trusted contacts when a check-in is missed
• managing waitlist signup and product updates you requested

The legal basis is Art. 6(1)(b) GDPR for contract performance and Art. 6(1)(f) GDPR for legitimate interests in secure operation of the app. Waitlist emails are sent based on your consent.

4. Third-party providers and processors

Supabase (database and authentication)

Supabase Inc., 970 Toa Payoh North, Singapore
Email addresses, check-in data, and waitlist data are stored in a Supabase database. Supabase is certified under the EU-US Data Privacy Framework.
supabase.com/privacy

Railway (backend hosting)

Railway Corp., San Francisco, USA
The backend server is hosted on Railway. Railway does not independently use personal data.
railway.app/legal/privacy

Resend (email delivery)

Resend Inc., 2261 Market Street, San Francisco, USA
Transactional emails are sent through Resend, including trusted-contact alerts, invite emails, verification emails, account recovery emails, and waitlist confirmation emails.
resend.com/privacy

Sentry (error monitoring)

Functional Software Inc. (Sentry), 45 Fremont Street, San Francisco, USA
The backend uses Sentry for error monitoring. Technical context data may be transmitted when errors occur, and it may contain personal data such as IP addresses. Sentry is certified under the EU-US Data Privacy Framework.
sentry.io/privacy

Expo, Apple Push Notification Service, and Firebase Cloud Messaging

Expo Technology Inc. / Apple Inc. / Google LLC
Push notifications are delivered through Expo, APNs on iOS, and FCM on Android. An anonymized push token is transmitted for this purpose.
expo.dev/privacy

5. Retention

Your app data is stored while you have an active account. After account deletion, personal data is deleted within 30 days unless legal retention obligations apply. Waitlist data is stored until you withdraw consent or the waitlist is no longer needed.

6. Your rights

Under the GDPR, you have the right to access, correct, delete, restrict, receive, and object to processing of your personal data. To exercise your rights, email [email protected].

You also have the right to lodge a complaint with a data protection authority. In Berlin, this is the Berlin Commissioner for Data Protection and Freedom of Information: datenschutz-berlin.de.

7. Account and data deletion

You can delete your account and all related data in the app:

1. Open the app and go to Settings.
2. Scroll to the Data section.
3. Tap Delete all data.
4. Confirm the dialog.

This deletes your account, email addresses, check-ins, trusted-contact relationships and invitations, settings, device links, and push tokens. The deletion cannot be reversed. If you no longer have app access, email [email protected].

8. No automated decision-making

We do not use automated decision-making or profiling within the meaning of Art. 22 GDPR.

9. Changes to this policy

We may update this Privacy Policy when needed. The current version is available in the app and on this website. For material changes, we will inform users in the app where appropriate.

10. Contact

For privacy questions, email [email protected].