Privacy Policy

DearHim, Inc. Effective Date: 5/8/26 Last Updated: 5/8/26

This Privacy Policy describes how DearHim, Inc. ("DearHim," "DearHer," "DearUs," "we," "us," or "our") collects, uses, discloses, and protects your personal information when you use our websites (dearhim.ai, dearher.ai, dearus.ai), applications, services, AI companion features, dating intelligence tools, and matchmaking services (collectively, the "Service"). This Policy applies to all users of the Service, regardless of location.

By accessing or using the Service, you acknowledge that you have read, understood, and agree to be bound by this Privacy Policy. If you do not agree with this Policy, do not access or use the Service.

Quick Summary (provided for clarity but does not replace the full Policy below): We collect information you provide, information about your use of the Service, and behavioral patterns derived from your conversations. We use this to operate the Service, improve our AI, and — if you opt into DearUs — to suggest compatible matches. We do not sell your data. We do not share your conversations with advertisers. You can delete your data at any time.

---

1. Important Disclosures

1.1 Artificial Intelligence Disclosure

DearHim, DearHer, and DearUs include AI-powered companion, dating intelligence, and matchmaking features. Within the AI Companion features, all characters on our platform are artificially generated by artificial intelligence. They are not real people. You are not communicating with a human when you interact with any character on our Service.

Our characters are powered by large language models (LLMs) and text-to-speech technology. Their responses are generated by AI algorithms, not written or spoken by human beings. Character names, personalities, backstories, and images are entirely fictional.

1.2 DearUs Matchmaking Disclosure

DearUs is a matchmaking service that introduces you to other real, human users of the Service. When you use DearUs, you may be matched with and exchange information with real people, not AI characters. Matches are suggested by an algorithm based on behavioral data, expressed preferences, and compatibility patterns derived from your activity across our platforms.

Use of DearUs is entirely optional. Your information will not be used for matchmaking purposes unless you affirmatively opt into DearUs separately from your DearHim or DearHer account.

1.3 Age Requirement

The Service is intended solely for users who are 18 years of age or older. We do not knowingly collect personal information from anyone under 18. If we learn that we have collected personal information from a user under 18, we will promptly delete that information and terminate the associated account.

1.4 Crisis Resources

If you or someone you know is experiencing a mental health crisis, suicidal thoughts, or self-harm ideation:

• 988 Suicide & Crisis Lifeline: Call or text 988 (US)
• Crisis Text Line: Text HOME to 741741
• The Trevor Project (LGBTQ+ youth): Call 1-866-488-7386 or text START to 678-678

Our Service includes automated protocols designed to detect expressions of crisis and refer users to appropriate crisis service providers. Details of these protocols are published at /safety.

---

2. Information We Collect

2.1 Information You Provide Directly

• Account Information: Name, email address, date of birth, and authentication credentials when you create an account.
• Phone Number: If you opt in to receive SMS messages.
• Payment Information: When you subscribe to a paid plan, payment is processed by Stripe, Inc. We do not store your full credit card number, bank account number, or other payment instrument details. We receive and store a truncated card identifier, billing address, and transaction history from Stripe.
• Profile Information: Display name, gender identity, sexual orientation, location (city/state), photos you choose to upload, preferences, dealbreakers, and other information you choose to add to your profile.
• Conversation Data: Messages, text, images, voice notes, and other content you send to and receive from AI characters or — within DearUs — other users. This includes text submitted to our Wingman feature for analysis.
• Settings and Preferences: Notification settings, intimacy settings, communication preferences, and DearUs matchmaking preferences.
• Verification Data (DearUs only): If you opt to verify your identity for DearUs, we may collect government-issued ID images, selfie photos for liveness/identity matching, and verification metadata. This data is processed by our identity verification provider and is described in Section 5.7.
• Communications: Content of any communications you send to our support team.

2.2 Information Collected Automatically

• Device Information: Device type, operating system, browser type and version, unique device identifiers, and mobile network information.
• Usage Data: Pages viewed, features used, interaction patterns, session duration, timestamps, and clickstream data.
• Log Data: IP address, access times, referring URLs, and error logs.
• Analytics Data: PostHog and similar services collect aggregated and individual usage data.
• Approximate Location: Derived from IP address. We do not collect precise GPS location unless you explicitly enable location-based matching in DearUs.
• Cookies and Similar Technologies: Session state, preferences, and usage data. See our Cookie Policy for details.

2.3 Information from Third-Party Services

• Authentication Providers: Name, email address, and profile information from Clerk and any social login providers you use.
• Payment Processor: Transaction confirmations, subscription status, and truncated payment identifiers from Stripe.
• Identity Verification Provider (DearUs only): Verification status, fraud signals, and biometric match results from our identity verification partner.

2.4 Behavioral and Inferred Data

This category is significant and disclosed separately because it is the primary data type used in DearUs matchmaking and AI personalization. We derive:

• Communication patterns: Response timing, message length, conversation topics, and emotional tone signals from your conversations with AI characters.
• Attachment style indicators: Patterns suggestive of attachment style (secure, anxious, avoidant, disorganized) based on conversational patterns and explicit assessments you complete.
• Relationship preferences and dealbreakers: Inferred from conversations with AI characters, Wingman submissions, and explicit profile inputs.
• Behavioral consistency markers: Patterns over time that help us match you with compatible others.
• Engagement signals: What features you use, when, and for how long.

You are entitled to know what behavioral data we have inferred about you. Contact privacy@dearhim.ai to request a copy.

---

3. How We Use Your Information

3.1 Providing and Improving the Service

• Create and manage your account.
• Process your conversations with AI characters and generate AI responses.
• Provide Wingman text analysis, dating profile reviews, and other dating intelligence features.
• Generate AI voice notes using text-to-speech technology.
• Generate and serve character photos.
• Process payments, manage subscriptions, and issue receipts.
• Send you SMS messages from AI characters if you have opted in.
• Personalize your experience based on your preferences and usage patterns.
• Monitor, diagnose, and fix technical issues.
• Improve our AI models, features, and user experience.

3.2 DearUs Matchmaking (only if you have opted into DearUs)

• Generate compatibility scores between you and other DearUs members based on behavioral data, attachment patterns, communication style, expressed preferences, and other inferred and provided information.
• Suggest matches and surface profiles within the DearUs interface.
• Facilitate introductions between matched users via in-app messaging.
• Verify member identity through our identity verification provider, if you opt for verification.
• Detect fraud, fake profiles, and abusive members.
• Maintain match history and feedback to improve future suggestions.

3.3 Cross-Product Use of Data

If you maintain accounts across multiple DearHim, Inc. products (DearHim, DearHer, DearUs), we use information collected from your activity in one product to enhance experience in others. For example:

• Behavioral patterns inferred from DearHim conversations may inform DearUs match suggestions, only if you have opted into DearUs.
• Wingman submissions on any product may improve advice quality across all products.
• A single account may be used across products with consent.

You may opt out of cross-product data use at any time in your account settings, with the exception that opting out will limit DearUs functionality (since DearUs depends on cross-product behavioral data).

3.4 Safety, Trust, and Compliance

• Detect and respond to expressions of crisis, including suicidal ideation and self-harm, in compliance with California SB 243 and other applicable laws.
• Detect, prevent, and respond to abuse, fraud, harassment, fake profiles, and unauthorized use.
• Enforce our Terms of Service, Community Guidelines, and Acceptable Use Policy.
• Within DearUs, screen for catfishing, romance fraud, and member-to-member harassment.
• Comply with legal obligations, law enforcement requests, and regulatory requirements.
• Protect the rights, safety, and property of DearHim, our users, and the public.

3.5 Communications

• Service-related communications (account confirmations, security alerts, billing notices, policy updates, match notifications).
• AI character SMS messages (opt-in only).
• Marketing communications (opt-in only).

3.6 Analytics and Research

• Analyze usage patterns and feature engagement in aggregate.
• Conduct internal research to improve our AI models and Service quality.
• Measure marketing and growth effectiveness.

---

4. Automated Decision-Making and Profiling (DearUs)

We want to be transparent: DearUs uses automated decision-making and profiling to suggest matches. Under the GDPR (EU/UK/EEA) and similar laws, you are entitled to specific protections.

4.1 What the System Does

The DearUs matching algorithm:

• Processes behavioral data (Section 2.4), profile inputs, and stated preferences.
• Computes compatibility scores between you and other DearUs members.
• Surfaces a ranked list of suggested matches.
• Filters out users you have blocked, hidden, or who do not meet your dealbreaker criteria.
• Excludes users whose verification status or safety signals indicate elevated risk.

4.2 Logic Involved

At a high level, the algorithm weighs:

• Behavioral compatibility (how your communication and attachment patterns interact with another user's)
• Expressed preferences and dealbreakers (age range, distance, identity criteria you have selected)
• Activity signals (whether the other user is recently active)
• Mutual interest signals (we prioritize suggestions when there is mutual potential interest)
• Diversity considerations (we surface a range of matches, not only highest-score)

4.3 Your Rights

• Right to Human Review: You may request that a human review any automated decision the matchmaking system makes about your matches. Contact privacy@dearhim.ai with the subject "Match Review Request."
• Right to Explanation: You may request a description of the factors that contributed to specific match suggestions surfaced to you.
• Right to Object: You may stop matchmaking at any time by leaving DearUs or pausing your DearUs profile.
• Right to Correct Inputs: You may correct any profile information or stated preferences that feed the algorithm.

4.4 No Significant Legal Effects

DearUs match suggestions are suggestions only. They do not produce legal or similarly significant effects on you (such as denying employment, credit, insurance, housing, or other legally regulated benefits). You retain full control over which suggestions to act on, contact, or decline.

---

5. How We Share Your Information

We do not sell your personal information. We do not share your conversation data with advertisers. We share your information only as described below.

5.1 Service Providers

A current list of subprocessors is maintained at /subprocessors.

Mobile Information: No mobile information collected through SMS opt-in (including phone numbers and consent records) will be shared with third parties or affiliates for marketing or promotional purposes at any time.

5.2 Sharing With Other DearUs Members

If you opt into DearUs, the following information is shared with other DearUs members in limited circumstances:

• Profile Information you make visible: Display name, photos, age, city/region (not precise location), bio, interests, dealbreakers you choose to disclose, and verification badges. You control what appears on your profile.
• Match-state information: Whether you have liked, passed, or matched with another user. The other user only sees a "match" status if both of you have indicated mutual interest.
• Messages: Once matched, messages you send are visible to that match.

We do not share with other members:

• Your conversation data with AI characters.
• Your inferred behavioral or attachment data.
• Your precise location.
• Your real legal name (unless you put it in your display name).
• Your phone number, email address, payment information, or government ID.

You may unmatch at any time, after which the other user can no longer message you.

5.3 Legal Requirements

We may disclose information if required by law, subpoena, court order, or governmental request. We will notify you of legal requests for your data unless prohibited by law.

5.4 Protection of Rights

We may disclose information if necessary to protect the rights, property, or safety of DearHim, our users, or the public, including to detect, prevent, or address fraud, security, or technical issues.

5.5 Business Transfers

If DearHim is involved in a merger, acquisition, reorganization, bankruptcy, or sale of assets, your information may be transferred. We will notify you of any such change.

5.6 With Your Consent

We may share your information for any other purpose with your explicit consent.

5.7 Identity Verification (DearUs)

If you opt to verify your identity:

• You upload a government-issued photo ID and a selfie.
• These are sent to our identity verification provider for processing.
• The provider returns a pass/fail result, fraud risk score, and verification metadata.
• We do not store your government ID or selfie images on our servers after verification is complete unless required by law for fraud prevention. The verification provider may retain the data per their retention policy, which is referenced in our Subprocessors page.
• A "Verified" badge appears on your DearUs profile.

---

6. Conversation Data and AI Processing

6.1 How Conversations Are Processed

When you send a message to an AI character, your message and relevant conversation history are sent to Anthropic in real-time to generate a response. This data is processed transiently and is not used by Anthropic to train their models, per Anthropic's commercial API data retention policies.

6.2 Conversation Storage

Your conversation history is stored in our database (Supabase) to maintain continuity. You may delete conversations at any time.

6.3 Wingman Feature

When you use Wingman to decode texts, analyze profiles, or receive reply suggestions, content you submit is processed by our AI system with the same protections as conversation data.

6.4 Voice Notes

Text of relevant messages is sent to ElevenLabs for text-to-speech synthesis. Generated audio is delivered to you and not retained by ElevenLabs.

6.5 AI-Generated Images

Character photos are AI-generated. No real person's likeness is used. Image generation prompts do not contain user personal information.

6.6 No Human Review of Conversations

We do not employ humans to read, review, or moderate individual conversations in the ordinary course of business. Conversations may be reviewed only in response to user-reported safety concerns, legal obligations, Terms violations, or — for DearUs — abuse reports between matched users, and only by authorized personnel under strict access controls.

---

7. SMS Messaging

7.1 Opt-In and Consent

If you opt in via the "Text Me" feature in your account settings, you consent to receive SMS messages from DearHim, including AI character messages, dating insights, Wingman follow-ups, DearUs match notifications, and account notifications.

7.2 Message Frequency

Message frequency varies based on your interaction and settings. You may receive up to several messages per day.

7.3 Opt-Out

You may opt out at any time by replying STOP or disabling the "Text Me" feature in your account settings. Reply HELP for support.

7.4 Carrier Disclaimer

Message and data rates may apply. Carriers are not liable for delayed or undelivered messages.

7.5 SMS Data

Your phone number is transmitted to Twilio solely for message delivery. We do not sell, share, or use your phone number for third-party marketing.

---

8. Data Retention

We retain personal information for as long as your account is active or as needed to provide the Service. Specific retention periods:

• Account Information: Retained until you delete your account.
• Conversation Data: Retained until you delete individual conversations or your account.
• Behavioral and Inferred Data: Retained while your account is active. Anonymized derivatives may be retained for AI model improvement.
• DearUs Match Data: Retained for as long as you maintain a DearUs profile, plus 90 days for fraud and safety review purposes after deletion.
• Identity Verification Data: Retained per our identity verification provider's policy. Pass/fail status is retained for 1 year.
• Payment Records: Retained for 7 years per tax and accounting law.
• SMS Consent Records: Retained for the duration of consent plus 5 years.
• Analytics Data: Retained in aggregated or pseudonymized form for up to 3 years.
• Server Logs: Retained for up to 90 days.
• Safety/Abuse Reports (DearUs): Retained for 5 years to enable cross-account fraud and safety review.

When you delete your account, we delete or anonymize personal information within 30 days, except where retention is required by law or for legitimate fraud-prevention purposes.

---

9. Your Rights and Choices

9.1 All Users

You may:

• Access the personal information we hold about you.
• Correct inaccurate personal information.
• Delete your account and associated personal data.
• Export your data in a portable format.
• Opt out of marketing communications.
• Opt out of SMS messages.
• Delete individual conversations or your entire conversation history.
• Pause or delete your DearUs profile (does not delete your DearHim or DearHer account).
• Request human review of any automated matchmaking decision (DearUs).
• Limit the use of your sensitive personal information (see CCPA section).

To exercise any of these rights, contact us at privacy@dearhim.ai or use the relevant features in your account settings.

9.2 California Residents (CCPA/CPRA)

If you are a California resident, you have additional rights under the California Consumer Privacy Act as amended by the California Privacy Rights Act:

• Right to Know: What we have collected, sources, purposes, and third parties with whom we share information.
• Right to Delete: Subject to legal exceptions.
• Right to Correct: Inaccurate information we maintain.
• Right to Opt Out of Sale/Sharing: We do not sell personal information. We do not share for cross-context behavioral advertising.
• Right to Limit Sensitive Personal Information: You may direct us to limit use of sensitive PII to providing the Service.
• Right to Non-Discrimination: We will not discriminate against you for exercising these rights.

To submit a request, email privacy@dearhim.ai with subject "CCPA Request" or call (323) 451-1354. We verify identity before processing and respond within 45 days.

Categories of Personal Information Collected (preceding 12 months):

• Identifiers (name, email, phone number, IP address, device identifiers)
• Commercial information (subscription history, transactions)
• Internet or electronic network activity (usage data, browsing on Service, AI feature interaction)
• Geolocation data (approximate, IP-derived; precise only if enabled for DearUs)
• Audio, visual data (uploaded photos for DearUs profiles; voice notes generated for you; selfie/ID for opt-in verification)
• Professional or employment information (only if you choose to disclose in profile)
• Sensitive Personal Information:
  • Account login credentials
  • Contents of communications (conversation data)
  • Government identifiers (for opt-in DearUs identity verification only)
  • Biometric identifiers (selfie photos for opt-in DearUs verification only)
  • Sexual orientation
  • Gender identity
  • Romantic and sexual preferences
  • Inferences about mental health and emotional state from conversation data
• Inferences (preferences, behavior patterns, attachment style, compatibility metrics)

Categories Sold: None. Categories Shared for Cross-Context Behavioral Advertising: None.

9.3 European Economic Area, United Kingdom, and Switzerland (GDPR)

If you are located in the EEA, UK, or Switzerland, you have rights under the GDPR:

• Legal Bases for Processing: Consent (SMS, marketing, intimate features, DearUs matchmaking, identity verification); performance of a contract (providing the Service, processing payments); legitimate interests (improving Service, ensuring security, fraud prevention); compliance with legal obligations.
• Right to Access, Rectification, Erasure, Restriction, Portability, Objection, Withdrawal of Consent.
• Right to Lodge a Complaint with your local data protection authority.
• Rights Related to Automated Decision-Making (Article 22): See Section 4.

To exercise rights, contact privacy@dearhim.ai. We respond within 30 days.

International Data Transfers: Data may be transferred to and processed in the United States. We rely on Standard Contractual Clauses or other appropriate safeguards.

<!-- ⚠️ PLACEHOLDER: [EU/UK REPRESENTATIVE] — GDPR Article 27 representative appointment required if EU/UK users exist (issue #94) -->

EU/UK Representative: [TO BE APPOINTED]

9.4 Other US State Rights

Residents of Virginia, Colorado, Connecticut, Utah, Texas, Oregon, Montana, Iowa, and other states with comprehensive privacy laws have rights similar to those described above, including rights to access, correct, delete, port, opt out of targeted advertising, and opt out of profiling that produces legal or similarly significant effects. Contact privacy@dearhim.ai to exercise these rights.

9.5 Nevada Residents

Nevada residents may opt out of the sale of certain personal information. We do not sell personal information as defined under Nevada law. Contact privacy@dearhim.ai with subject "Nevada Opt-Out" if you have questions.

---

10. Data Security

We implement commercially reasonable administrative, technical, and physical safeguards:

• Encryption of data in transit (TLS/SSL) and at rest.
• Access controls limiting employee access to personal information to those with legitimate business need.
• Regular security assessments and vulnerability testing.
• Secure authentication via Clerk with multi-factor authentication support.
• Payment processing via PCI-compliant Stripe infrastructure.
• For DearUs: heightened controls on identity verification data, including encryption at rest, access logging, and limited retention.

Despite our efforts, no method of transmission over the Internet or electronic storage is 100% secure. We cannot guarantee absolute security. If we become aware of a security breach affecting your data, we will notify you and applicable regulatory authorities as required by law.

---

11. California SB 243 Compliance

In compliance with California Senate Bill 243 (effective January 1, 2026):

11.1 AI Disclosure

All users are notified that they are interacting with AI-generated characters within the Companion features. This disclosure is provided during account creation and is accessible at all times within the Service.

11.2 Crisis Prevention Protocol

When our system detects expressions of suicidal ideation or self-harm:

• Provide notification referring the user to crisis providers (988 Lifeline, Crisis Text Line).
• Prevent the AI from generating content that encourages, promotes, or facilitates suicidal ideation or self-harm.

Details published at /safety.

11.3 Minor Safety

Service is restricted to users 18+. We disclose that companion chatbots may not be suitable for minors. We do not permit AI characters to generate sexually explicit content involving minors under any circumstances.

---

12. Children's Privacy

The Service is not directed to children under 18. We do not knowingly collect personal information from children under 18. If you believe we have collected information from a child under 18, contact privacy@dearhim.ai immediately.

---

13. Third-Party Links and Services

The Service may contain links to third-party websites or services. We are not responsible for the privacy practices of these third parties. Review their privacy policies before use.

---

14. Do Not Track Signals

Some browsers transmit "Do Not Track" (DNT) signals. We currently do not respond to DNT signals as there is no industry-standard interpretation. California law requires us to disclose this.

We do honor Global Privacy Control (GPC) signals as a valid opt-out request for sale or sharing of personal information.

---

15. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by posting the updated Policy, updating the "Last Updated" date, and, where required by law, sending you notification via email or through the Service. For DearUs members, material changes affecting matchmaking data use require your renewed opt-in consent.

Your continued use of the Service after changes become effective constitutes your acceptance of the revised Privacy Policy.

---

16. Contact Us

DearHim, Inc.

• General: privacy@dearhim.ai
• Support: support@dearhim.ai
• Legal: legal@dearhim.ai
• Safety: safety@dearhim.ai
• DearUs Trust & Safety: trust@dearus.ai

For specific request types, use these subject lines:

• "CCPA Request" — California rights
• "GDPR Request" — EEA/UK/Swiss rights
• "Data Deletion Request" — full data deletion
• "Match Review Request" — DearUs human review of automated decisions
• "Behavioral Data Disclosure" — copy of inferred data

<!-- ⚠️ PLACEHOLDER: [MAILING ADDRESS] — awaiting company address from Evan (issue #94) -->

Mailing Address: [TO BE COMPLETED]

<!-- ⚠️ PLACEHOLDER: [DATA PROTECTION OFFICER] — DPO appointment required if large-scale sensitive data processing (issue #94) -->

Data Protection Officer (DPO): [TO BE APPOINTED IF REQUIRED]