Draft — pending legal review. Do not rely on this language as legally binding.

Privacy Policy

Effective date: 2026-05-06 (DRAFT)

This policy explains what information Himish collects, how we use it, and the choices you have. It applies to himish.com, the Himish mobile apps, and related services.

1. What we collect

We collect three categories of information:

  • Account information you give us. Email address, password (stored as an argon2id hash, never in plaintext), display name, profile type (Men / Women / All), home location (a Himish neighborhood, e.g., "Boro Park"), and optionally a phone number for SMS verification or notifications.
  • Content you create. Listings (title, description, photos, tags), business pages and showcase images, messages you send to other users, reports you file, and metadata such as timestamps and the device platform.
  • Technical information. IP address, user-agent, basic device info, push notification tokens (if you opt in), session and audit log entries (login, content moderation actions, etc.), and product analytics events.

We do not collect precise GPS location. "Location" in Himish refers to the named neighborhood you choose.

2. How we use your information

  • To operate the service: signing you in, showing your listings, routing messages, sending notifications you've opted into.
  • To improve safety and quality: reviewing reports, removing prohibited content, preventing abuse and spam.
  • To analyze how the product is used so we can improve it.
  • To respond to your support requests.
  • To meet legal obligations.

3. AI processing

When you submit a listing, we send the listing text and photo metadata to an AI provider (currently Anthropic) to suggest tags, detect possible duplicates, and flag content that may break our rules. The AI provider processes this content under its own terms. We do not allow that provider to train its models on your content. AI output is reviewed by Himish staff before publication for content that requires moderation.

4. Cookies and analytics

We use a small number of cookies and similar technologies:

  • Session cookies / tokens — required to keep you logged in.
  • PostHog — product analytics (page views, feature usage). We disable session recording.
  • Sentry — error monitoring so we can fix bugs. Sentry receives stack traces and limited request metadata.

You can opt out of analytics from your account settings. Required (session) cookies cannot be disabled while you are logged in.

5. Who we share information with

We share information only as follows:

  • Other users. The content you post (listings, business pages, messages you send) is shown to the audience you choose. Your email and phone are not shown to other users; we provide in-app messaging instead.
  • Service providers who help us run Himish. Today this includes our cloud host, our database/email/SMS providers, our AI provider (Anthropic), PostHog (analytics), Sentry (error monitoring), and our push-notification providers (APNs / FCM). They may only process your data on our instructions.
  • Law enforcement when required by valid legal process, or to protect rights, property, or safety.
  • Successors in the event of a merger, acquisition, or sale of assets, subject to this policy.

We do not sell your personal information.

6. Data retention

  • Account info is retained for as long as your account is open.
  • Closed accounts are anonymized within 30 days, except for records we must keep for security, fraud prevention, or legal reasons (audit logs of moderation actions, abuse reports, etc.).
  • Messages you sent that are still visible in another user's inbox remain visible to that user.
  • Backup snapshots are rotated within 90 days.

7. Your rights

You can access and update most of your information from your account settings. You can request a copy of your data, correction of inaccurate data, or deletion of your account by emailing privacy@himish.com. Depending on where you live (e.g., California, EEA, UK) you may have additional rights under applicable law; we honor those rights for our users.

8. Children

Himish is not intended for children under 13. We do not knowingly collect personal information from anyone under 13. If you believe a child under 13 has provided us information, email privacy@himish.com and we will delete it.

9. Security

We use industry-standard practices: TLS in transit, argon2id password hashing, limited internal access on a need-to-know basis, and audit logs. No system is perfectly secure, but we work to keep ours as safe as we reasonably can. Responsible disclosure: security@himish.com.

10. International users

Himish is operated from the United States; if you use the service from outside the U.S., your information will be processed in the U.S. and other countries where our service providers operate.

11. Changes

We may update this policy. Material changes will be announced in-app or by email, and the "effective date" above will be updated.

12. Contact

Questions about privacy? Email privacy@himish.com.


Questions? Email support@himish.com.