We collect: (a) your college email address for verification — it is hashed and never shown to other users; (b) your chosen username and password (hashed with bcrypt, never stored in plain text); (c) your profile bio, gender, and avatar if you choose to add them; (d) messages and posts you create; (e) basic usage metadata such as timestamps and join dates; (f) push notification subscription tokens if you opt in. We do not collect device identifiers, precise location data, or third-party profile information.
How We Use Your Data
Your data is used solely to operate and improve HushHall. Email is used only for one-time verification and critical account notices — we do not send marketing emails. Your identity is never sold or shared with advertisers.
Anonymity Model
HushHall's anonymity model is structural, not policy-based. Anonymous posts are cryptographically decoupled from your identity at the application layer — no username, no profile link, no metadata is attached to anonymous content that is visible to any user or staff member. We operate no content surveillance infrastructure. We run no automated monitoring. We do not profile, track, or analyse anonymous activity. The Platform processes anonymous content purely as data in transit — its origin is not our concern and not our business. The singular, narrow exception: where a specific post has been reported by another user and a competent court of law has issued a binding legal order demanding disclosure, only that isolated piece of content may be subject to review — nothing before it, nothing around it, nothing else. No disclosure occurs voluntarily, proactively, or at the request of any party absent such an order. This is not a promise. This is how the system is built.
Data Retention
Hall messages and direct messages automatically expire and are permanently deleted after 24 hours. Profile data and account information are retained while your account is active. You may request full account deletion at any time via Settings → Request account deletion. Upon deletion, your account, posts, and messages are removed within 7 days. Media files uploaded to halls are stored only for the duration of the associated message.
Push Notifications
If you opt in to push notifications, we store your browser's push subscription token to deliver hall activity alerts and mentions. You can revoke this at any time via Settings. We do not use push tokens for any purpose other than delivering in-app notifications.
Analytics
We collect anonymous, aggregate page traffic data — cookieless, no individual tracking, no fingerprinting. No personally identifiable information is ever collected through analytics.
Security
Passwords are hashed using bcrypt. All communication is encrypted via HTTPS. Authentication uses JWT tokens stored in httpOnly cookies, inaccessible to browser scripts. Media files and ID card images are encrypted at rest using AES-256-GCM before being stored. Admin actions (such as revealing an anonymous identity) are logged in an audit trail.
Children's Privacy
HushHall is not intended for users under 18. We do not knowingly collect data from minors.
Your Rights
You have the right to access, correct, or delete your personal data. Contact us at support@hushhall.com or use the in-app deletion request under Settings. We will respond within 7 days.
Changes
We may update this policy. Significant changes will be communicated via an in-app notice. Continued use after changes constitutes acceptance.