Platform in beta
Privacy Policy
v0.1.0 privacy policy for HelloWhen.
Quick links
TermsPrivacyGuidelinesContactData deletion

HelloWhen – Privacy Policy

Effective date: 2026-02-12

This Privacy Policy explains how HelloWhen collects, uses, and shares personal data.

1) Controller

Data controller: HelloWhen
Address: France
Contact: support@hellowhen.com

2) Data we collect

Account data

  • email (or other login identifier)
  • username / display name
  • hashed credentials (if password-based auth is used)

Content you provide

  • plans you create (titles, descriptions, stops/places)
  • messages and other user-generated content

Location data (optional)

  • precise or approximate location only if you enable a location-based feature (e.g., “Near me” filtering)
  • we do not collect location unless you choose to use the feature and your device/browser grants permission

Places search / geocoding (stops)

When you search for places or add stops:

  • we process the query you type (e.g., “Paris Gare de Lyon”)
  • a geocoding provider may receive the query and your IP address to return matching coordinates
    (default provider in this project: OpenStreetMap Nominatim, unless configured otherwise)

Usage and device data

  • basic logs (IP address, timestamps, API events)
  • device/app identifiers (e.g., platform, version)
  • error/diagnostic data (e.g., Sentry, if enabled)

AI features (optional)

If you use optional AI features (e.g., plan summaries or an assistant):

  • we process the text you submit (prompts/messages) and limited context needed to answer
  • this data may be sent to an AI provider (e.g., OpenAI) to generate a response

Payments (if enabled later)

If paid features are enabled in your version of the Service, we may collect payment metadata via a payment processor (e.g., Stripe). We do not store full card numbers.

3) Why we use your data (purposes & legal bases)

We use data to:

  • provide and operate the Service (contract),
  • provide optional location-based features you enable (contract/consent, depending on your device/browser settings),
  • keep users safe and prevent abuse (legitimate interests),
  • comply with legal obligations (legal obligation),
  • improve reliability and performance (legitimate interests),
  • send service emails (security, critical updates) (legitimate interests/contract).

If we ever send marketing emails, we will use consent where required.

4) Sharing

We may share data with:

  • hosting and infrastructure providers,
  • email delivery providers (to send transactional emails),
  • geocoding providers (to return place results / coordinates),
  • analytics/telemetry providers (optional),
  • moderation/safety tooling (if used),
  • AI providers only when you use optional AI features,
  • legal authorities when required.

We do not sell personal data to advertisers.

5) Retention

We keep data only as long as needed:

  • account data: while your account is active
  • content: until you delete it or your account is deleted (subject to safety/legal retention)
  • logs: limited retention for security and debugging

6) Your rights (GDPR)

Depending on your location, you may have rights to:

  • access, correct, delete your data,
  • object or restrict processing,
  • portability,
  • withdraw consent (where used).

Request via: support@hellowhen.com

7) International transfers

If data is processed outside the EEA, we use appropriate safeguards (e.g., SCCs) when required.

8) Security

We use technical and organizational measures such as encryption in transit, access controls, and abuse prevention. No system is 100% secure; please use a strong password and keep your credentials safe.

9) Children

The Service is not intended for children under 13. If you believe a child has provided data, contact us.

10) Changes

We may update this policy. We’ll update the effective date and provide notice when required.

11) Contact

Privacy questions: support@hellowhen.com

Links
TermsPrivacyGuidelinesContactData deletionAboutNotices