Privacy Policy
Last Updated: 28 May 2025
Effective Date: 28 May 2025
1 | WHO WE ARE & HOW TO CONTACT US
Humai FZCO (trading as "Hun nest") is a company registered in the Dubai Multi Commodities Centre (DMCC) Free Zone and is the data controller for all personal-data processing described in this Policy.
| Contact Channel | Details |
|---|---|
| Postal Address | DMCC Business Centre, Jumeirah Lakes Towers, DMCC, Dubai, UAE |
| General Privacy Enquiries | privacy@hunnest.com |
| Data Protection Officer (DPO) | dpo@hunnest.com |
2 | WHAT THIS POLICY COVERS
This Policy explains how we collect, use, share and safeguard your personal data when you use:
- The Hun nest website,
- Hun nest mobile apps,
- Our public APIs, widgets and related services, and
- The AI Relationship Coach, HeartBank, Taskboard and other in-app features
(collectively, the "Services").
3 | PERSONAL DATA WE COLLECT
3.1 Information You Provide
| Category | Typical Examples |
|---|---|
| Account Data | Name, email, password, age/date-of-birth, profile photo |
| Relationship Profile | Status, anniversaries, preferences, shared goals |
| User-Generated Content | Messages, chats, HeartBank photos/videos, Taskboard items |
| Voice Content | Voice notes/recordings (opt-in only) |
| Support Data | Help-desk tickets, survey responses |
| Payment Data | Subscription tier, masked card tokens (received from our payment processor) |
3.2 Information We Collect Automatically
| Category | Typical Examples |
|---|---|
| Device & Log Data | IP address, device IDs, OS, browser type, crash logs |
| Usage Data | Pages visited, feature interactions, session duration |
| Approximate Location | Country/region inferred from IP (no GPS) |
3.3 Sensitive Data
We do not request health information, religious beliefs, or other sensitive categories. If you voluntarily upload such data, you are responsible for ensuring you have the right to do so and acknowledge that we process it solely on your instructions.
4 | WHY & HOW WE USE YOUR DATA
| Purpose | Legal/Commercial Basis |
|---|---|
| Provide and maintain the Services | To perform our contract with you |
| Personalise content & recommendations | To deliver the features you request |
| Process payments & manage subscriptions | To fulfil your purchase requests and for accounting |
| Send marketing communications (optional) | Based on your explicit opt-in consent |
| Conduct analytics, improve security & prevent fraud | Our legitimate interest in operating a safe and efficient service |
| Comply with legal obligations | Where required by applicable UAE law |
Automated Decisions: We do not make decisions about you that have legal or similarly significant effects without human review.
5 | COOKIES & SIMILAR TECHNOLOGIES
We use cookies and local-storage technologies to:
- Keep you signed in,
- Remember preferences,
- Analyse traffic and performance, and
- Prevent fraud.
You can control non-essential cookies through your browser settings or our in-app cookie tools.
6 | HOW WE SHARE YOUR DATA
| Recipient | Why & How Protected |
|---|---|
| Your Partner | Only content you explicitly mark as shared (e.g., joint HeartBank). |
| Service Providers (cloud hosting, analytics, customer support, payments) | Bound by contracts that require data confidentiality and security. |
| Legal & Safety Authorities | If required to comply with law, protect rights, or investigate fraud/security incidents. |
| Business Successor | If we merge, sell assets, or undergo similar change, subject to equivalent safeguards. |
| Aggregated / Anonymised Data | Shared for research or statistics; cannot identify you. |
We do not sell personal data.
7 | INTERNATIONAL TRANSFERS
Our primary servers are in the United Arab Emirates and the United States. When we transfer data across borders, we use industry-standard safeguards (such as encryption and contractual commitments) to protect it.
8 | DATA SECURITY
Encryption
AES-256 at rest; TLS 1.3 in transit
Access Controls
Role-based permissions and multi-factor authentication
Security Testing
Independent penetration tests at least annually
Monitoring & Response
24/7 monitoring and formal incident-response plan
If a breach likely affects your rights or welfare, we will notify you and the relevant authority as quickly as practicable.
Disclaimer: No internet or storage system is completely secure; you transmit information at your own risk.
9 | DATA RETENTION
| Data Type | Retention Period |
|---|---|
| Active-account content | Until you delete account + 30 days (backup roll-off) |
| Billing & tax records | 7 years (statutory requirement) |
| Security logs | 12 months |
| Marketing contact data | Until you opt-out + 30 days |
| Aggregated/Anonymised data | Retained indefinitely (non-personal) |
If one partner deletes their account, shared content remains visible to the other partner unless both jointly request deletion.
10 | YOUR PRIVACY CHOICES
Depending on where you live, additional rights may apply. We will honour valid requests under applicable law.
11 | CHILDREN'S PRIVACY
The Services are intended for users 18 years and older. We do not knowingly collect personal data from children. If you believe a child has provided us data, contact us so we can delete it.
12 | YOUR RESPONSIBILITIES
- Keep login credentials confidential.
- Upload only content you own or have rights to share.
- Avoid including highly sensitive data unless you accept the risks.
- Report any security concerns promptly.
13 | NO PROFESSIONAL ADVICE
Content from the AI Relationship Coach and other features is informational only and does not constitute licensed therapy, counselling, medical, legal or other professional advice. You assume sole responsibility for any decisions based on such content.
14 | INDEMNITY
You agree to indemnify and hold harmless Humai FZCO and its affiliates from any third-party claims or damages arising from content you upload or your violation of this Policy or the Terms of Service.
15 | DISCLAIMER OF WARRANTIES & LIMITATION OF LIABILITY
The Services are provided "as is" and "as available." Humai FZCO disclaims all warranties, express or implied.
To the maximum extent permitted by law, Humai FZCO is not liable for indirect or consequential losses. Where liability cannot be excluded, our aggregate liability is limited to the fees you paid us in the preceding twelve (12) months. Nothing limits liability for death, personal injury, or fraud.
16 | THIRD-PARTY LINKS
External sites or services linked within the Services are outside our control; their privacy practices govern any data you provide to them.
17 | CHANGES TO THIS POLICY
We may update this Policy periodically. Non-material updates take effect upon posting. For any material change, we will give at least 30 days' notice via email or in-app banner. Continuing to use the Services after the effective date means you accept the revised Policy.
18 | GOVERNING LAW & VENUE
This Policy is governed by the laws of the United Arab Emirates and the regulations of the DMCC Free Zone. Disputes shall be resolved exclusively in the courts of Dubai unless mandatory law provides otherwise.
19 | QUESTIONS OR CONCERNS?
Email privacy@hunnest.com (general) or dpo@hunnest.com (Data Protection Officer).
By using our Services, you acknowledge that you have read, understood, and agreed to this Privacy Policy.