Privacy Policy

Effective: April 9, 2026 · Last updated: April 9, 2026 · Laws: IT Act 2000, DPDP Act 2023

Short version: We collect only what is necessary to run HearMeOut. We never sell your data. Sessions are encrypted. You can ask us to delete your data at any time.

1. Who We Are

HearMeOut ("we", "us", "our") is a peer emotional support platform operated as a startup based in India. We are the data fiduciary responsible for all personal information collected through joinhearmeout.com and the HearMeOut mobile application. For any privacy-related query, our designated Grievance Officer can be reached at the contact details in the Contact Us section.

Under the Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011, we are required to publish this policy and appoint a Grievance Officer — both of which we have done.

2. What Information We Collect & Why

2a. Waitlist Registration

When you join our pre-launch waitlist, we collect:

First name — to address you personally in our WhatsApp launch notification.
Age range — to understand our user demographics and ensure no one under 18 joins.
WhatsApp phone number — the sole purpose is to notify you when the app launches. We will contact you once, via WhatsApp, on launch day. You may opt out at any time by replying "STOP".
City — to understand geographic demand and plan regional listener availability.
Topics of interest (optional) — to understand which verticals matter most to early users. Never shared with listeners or third parties.

2b. App Usage (Post-Launch)

Session metadata — duration, date, vertical selected. Used for billing and platform quality monitoring.
Anonymous session content — encrypted in transit and at rest (AES-256). Not stored permanently once a session ends, except to resolve an active dispute or safety concern.
Ratings and feedback — stored to maintain quality standards. Feedback text is reviewed then deleted within 30 days.
Wallet and payment information — transaction amounts and timestamps only. We do not store card numbers or full UPI credentials — handled entirely by our payment processor.
Device and technical data — IP address, device type, OS, app version. Used for debugging and fraud prevention only. Not used for advertising or profiling.

2c. Listener Applications

If you apply to become a listener, we additionally collect your full name, email, CV/resume, language fluencies, weekly availability, and empathy assessment responses. This information is used solely to evaluate your application. If your application is unsuccessful, your information is deleted within 60 days of notification.

2d. Thoughts Wall

Anonymous thoughts submitted to the Thoughts Wall contain no personally identifiable information. They are stored temporarily on our server. We reserve the right to remove any submission that violates our Code of Conduct.

3. What We Will Never Do

Never sell your personal data to any third party, advertiser, or data broker.
Never use your session content for advertising targeting.
Never share your identity with your listener. Listeners see only your chosen username and selected topic.
Never contact you with marketing messages without your explicit consent.
Never share your phone number with any third party except our WhatsApp delivery provider (solely to send the launch notification you requested).

4. How We Protect Your Data

All data in transit is encrypted using TLS 1.2 or higher. Session content is encrypted at rest using AES-256. Our infrastructure uses reputable cloud providers with industry-standard security certifications. Access to user data within our team is role-restricted and logged. We conduct periodic security reviews.

In the event of a data breach likely to cause harm, we will notify you within 72 hours of becoming aware, consistent with our obligations under the DPDP Act 2023.

5. Your Rights

Under the DPDP Act 2023 and applicable Indian law, you have the following rights:

Right to access — request a summary of the personal data we hold about you.
Right to correction — ask us to correct inaccurate personal data.
Right to erasure — ask us to delete your personal data within 15 business days, except where retention is required by law or an active dispute.
Right to withdraw consent — withdraw consent to our processing at any time, without affecting prior lawful processing.
Right to grievance redressal — file a complaint with our Grievance Officer. If unsatisfied, escalate to the Data Protection Board of India once constituted.

To exercise any of the above rights, email privacy@joinhearmeout.com with the subject "Data Rights Request". We will respond within 10 business days.

6. Data Retention

Waitlist data is retained until 6 months after app launch, then deleted unless you have created an app account. App account data is retained for the duration of your account and for 12 months after deletion (for legal and billing dispute purposes). Session content is not retained beyond session end except as described above.

7. Cookies

Our website uses only essential cookies — those necessary for the site to function (session state, form submission tokens). We do not use advertising cookies, tracking pixels, or third-party analytics that identify individual users. We do not use Google Analytics or Facebook Pixel on joinhearmeout.com.

8. Minors

HearMeOut is strictly for users aged 18 and above. We do not knowingly collect data from anyone under 18. If we become aware a minor has submitted data, we will delete it immediately. If you believe a minor has registered, notify us at privacy@joinhearmeout.com.

9. Changes to This Policy

We may update this Privacy Policy from time to time. When we make material changes, we will notify registered users via WhatsApp or email and update the effective date above. Continued use of the platform after notification constitutes acceptance of the updated policy.

CRISIS RESOURCES — If you need immediate help:
iCall: 9152987821 · AASRA: 9820466627 · Vandrevala: 1860-2662-345 · Emergency: 112