Last updated: May 2026
When you create an account, we collect your name and email address. During the First Sit intake, we collect the information you share about what you’re navigating — this is used only for Keeper matching and held with full confidentiality.
Your Long Talk thread (messages between you and your Keeper) is stored in our system. Sit recordings are stored only if you explicitly enable opt-in recording. Session notes are stored only if you and your Keeper have agreed to note-keeping.
We collect standard usage data (device type, browser, page visits) to improve the platform. We do not run third-party ad pixels on any authenticated pages.
Hearth is for adults. You must be 18 or older to create an account. We do not knowingly collect personal information from anyone under 18. If you become aware that a minor has created an account, email privacy@dearhearth.com and we will delete it.
All data is encrypted at rest and in transit using AES-256 and TLS 1.3. Our infrastructure is hosted on US-based servers that meet HIPAA-comparable security standards (even though Hearth is not a covered entity under HIPAA, we hold ourselves to the same standard because it’s right).
Access to member data within Hearth is restricted to: your assigned Keeper, and Hearth staff in specific documented circumstances (e.g., a safety concern that triggers mandatory reporting). We maintain access logs.
We do not sell your data. Ever. To anyone.
We do not share your personal information or session content with third parties without your explicit written consent — except in cases where we are legally required to do so (e.g., mandatory reporting of imminent harm).
If your Keeper refers you to a Bridge therapist, context is shared only with your explicit consent and only the specific context you agree to share.
You can export all your data at any time from your account settings. This includes your Long Talk thread, session notes (if any), and intake information.
To request deletion of your account and data, email privacy@dearhearth.com. We hold data for 30 days after cancellation in case you change your mind. After 30 days, it is permanently deleted from our servers. You can also request immediate deletion at any time.
Wherever you live, you have rights over your data. You can ask us to: show you what we hold on you, correct it, delete it, give you a copy in a portable format, pause our use of it, or object to a specific use. Email privacy@dearhearth.com to exercise any of these. We respond within 30 days, usually faster.
If you live in the EU or UK, the GDPR applies and the rights above are codified in law. If you are a California resident, the CCPA applies and you have the additional right to know what categories of personal information we sell or share — we do not sell or share your personal information for advertising purposes, full stop.
We use session cookies for authentication and minimal analytics cookies (first-party only) to understand how the platform is used. We do not use third-party advertising cookies on any pages that require sign-in. On public pages, we use a minimal analytics script that respects Do Not Track.
Privacy questions: email privacy@dearhearth.com. We respond within 3 business days.