Privacy Policy

Last Updated: January 16, 2025

Our Privacy Philosophy

At Holistic Quality, privacy isn't a feature—it's a fundamental right. We built our entire ecosystem on the principle that your data belongs to you, not to us, not to advertisers, not to anyone else.

This isn't just marketing speak. It's built into our business model, our technology stack, and our company culture. We make money by providing valuable services, not by exploiting your data.

What Information We Collect

Information You Provide Directly

When you use our platforms, you may provide:

• Account Information: Email, username, password (encrypted)
• Profile Information: Name, avatar, bio (optional, your choice)
• Platform-Specific Data:
  • CHISPA: Dating preferences, profile details
  • ALETHE: Mental health check-ins, sleep data (stored locally when possible)
  • Geodesic Nexus: Project information, usage data
  • Frequency: Encrypted messages (we can't read them)

Information Collected Automatically

We collect minimal technical information necessary to keep services running:

• Technical Data: IP address (anonymized), browser type, device type
• Usage Data: Features used, errors encountered (for debugging only)
• Security Data: Login attempts, authentication tokens

How We Use Your Information

We use your data for three purposes only:

1. Provide the Service: Make the platform work for you
2. Improve the Service: Fix bugs, add features you want
3. Communicate with You: Important updates, security alerts

That's it. We don't use your data for advertising, we don't sell it to third parties, and we don't build shadow profiles.

Research & Analytics (Opt-In Only)

If you choose to participate in research through HQ Institute or community features:

• All participation is 100% opt-in
• All data is anonymized before analysis
• You can withdraw consent at any time
• Research findings are published openly to benefit everyone

We believe in contributing to human knowledge, but never at the expense of individual privacy.

Data Sharing & Third Parties

We Don't Share Your Data, Except:

• With Your Consent: When you explicitly choose to share something
• Service Providers: Hosting (Vercel), database (Supabase), payments (Stripe) — all under strict data processing agreements
• Legal Obligations: Only when required by valid legal process (and we'll notify you if legally permitted)

No Third-Party Advertising

We never share your data with advertisers, data brokers, or marketing companies. Our platforms have no third-party advertising cookies or tracking scripts.

Your Rights & Controls

You have complete control over your data:

• Access: View all data we have about you
• Export: Download your data in standard formats
• Delete: Permanently remove your account and data
• Correct: Update or fix any information
• Opt-Out: Disable specific features or data collection
• Portability: Take your data to another service

No hoops to jump through, no dark patterns, no "are you sure?" guilt trips. Your data, your choice, always.

Security

We take security seriously:

• All data encrypted in transit (HTTPS/TLS)
• Passwords hashed with industry-standard algorithms
• Regular security audits and updates
• End-to-end encryption for Frequency (messages)
• Minimal data retention (we delete what we don't need)

Children's Privacy

Our services are not directed to children under 13. We don't knowingly collect data from children. If we discover we have, we delete it immediately.

International Users

We're based in the United States but serve users worldwide. We comply with GDPR, CCPA, and other privacy regulations. Your data may be processed in the US, but we maintain the same privacy standards globally.

Changes to This Policy

If we make significant changes, we'll notify you by email and/or prominent notice on our platforms. We'll never silently change how we handle your data.

Transparency Reports

We publish annual transparency reports detailing:

• Number of legal requests for data (and how we responded)
• Security incidents (if any)
• Changes to data practices