Privacy Policy
Last updated: July 2, 2026
What we collect
Account: your email address and a securely hashed password. Provider profile (if you create one): name, profession, category, bio, tags, portfolio photos, the contact methods you choose to list, and an approximate service area. Activity: providers you save, reports you submit, and (stored only on your device) providers you recently viewed or contacted.
Location
hellolink uses AREA-LEVEL location only — a city or district centre — to show nearby providers. If you use “current location”, your precise coordinates are converted to an area and the precise point is not stored. Your rough country (from your network address) may be used to pick sensible defaults such as distance units.
What is public
Provider profiles are public: the profile details, portfolio, service area, and listed contact methods can be seen by anyone using the app. Your consumer activity is NOT public — nobody can see what you saved, viewed, or reported, and we do not show public save counts.
How we use your data
To run the service: showing providers by area, powering search, keeping images safe through moderation review, handling reports, and preventing abuse. We do not sell your data, and there is no advertising or cross-app tracking in hellolink.
Services we rely on
We use a small number of processors to run hellolink: Supabase (database, authentication, and image storage), an image-moderation service that screens uploaded photos, and a geocoding service that turns place names into area coordinates. Each receives only what it needs to do its job, and we require these providers to protect your data to the same standard described in this policy.
Retention and deletion
Your data is kept while your account exists. Deleting your account (Settings → Login & security) permanently removes your account, profile, and images. Reports may be kept in anonymised form for safety and audit, and a non-reversible marker of a banned account’s email may be kept to stop banned users simply re-registering.
Security
Data is encrypted in transit, access to production systems is restricted, and uploaded images pass through a review pipeline before publication. No system is perfectly secure, but we design with least-privilege access throughout.
Children
hellolink is not directed at children under 13, and we do not knowingly collect their data. If you believe a child is using the service, contact us and we will remove the account.
Your choices
You can edit your profile and contact methods at any time, unlist your provider profile, block providers from your own feeds, and delete your account entirely. For anything you cannot do in-app, email us.
Changes and contact
We will update this policy if our practices change, and signpost material changes in the app. Questions or requests about your data: support@hellolink.app.