Hearth Privacy Policy

Effective date: May 2, 2026 Operator: Lior Cohen ("Hearth", "we", "us") Contact: support@tryhearthapp.com

This policy explains what data Hearth collects, why, and how you control it. Hearth is a voice-first grocery and recipe app for iPhone, with a web companion. We are solo-first: the app works end-to-end for a single user with an automatically created anonymous session, and you only have to identify yourself when starting a subscription, inviting someone to your household, or opening the web companion.

We do not track you across other apps or websites. We do not show ads. We do not sell your data.

01What we collect

Account data

Email address — from Sign in with Apple, when you identify yourself (trial start, invite, web companion). Apple may provide a private relay address; we store whatever Apple returns.
Display name — you set this inside Hearth; shown in the household presence indicator.
User ID — a Supabase-generated UUID used internally to associate your data to your anonymous or signed-in account. Not usable to identify you outside Hearth.

Content you create

Grocery items, lists, and item history — item names, quantities, categories, notes, timestamps, and which member added each item. Stored in Hearth's database so they sync to your other devices and to anyone you've invited to your household.
Recipes and recipe library content — saved recipes, ingredients, steps, servings, preparation/cook times, tags, source type, source URLs you import, timestamps, and which member created or edited recipe content.
Recipe images — recipe cover images you choose to upload from your library or camera. User-uploaded recipe images are stored in Supabase Storage so they can sync across your household.
Household membership and invites — which account owns a household, who belongs to it, and invite codes or household-switch records needed to support collaboration.

Photos and images you choose

Import images — grocery-list photos/screenshots and recipe photos/screenshots you choose from your library or camera. We send a compressed copy to Hearth's Supabase Edge Functions and OpenAI so the app can extract grocery items or recipe details. Hearth does not store these import images after the request completes.
Stored recipe images — when you upload a recipe cover image, Hearth stores the compressed image in Supabase Storage until you replace it, delete the recipe/household, or delete your account as described below.

Voice data

Transcripts — we send the final text of what you dictate (not the audio) to OpenAI for parsing into structured items. Speech recognition runs on-device by default; audio does not leave your iPhone.
Audio recordings — only when on-device recognition fails. In that fallback path we send a short audio clip to OpenAI for transcription. We do not store the audio in Hearth after the fallback request completes.

Subscription data

Purchase history — managed by RevenueCat and Apple. We receive your subscription status (trial, premium, expired) but never your card number or Apple ID.

Diagnostic and usage data

Crash reports and performance data — via Sentry. Includes device model, iOS version, app version, stack traces, and Sentry-instrumented breadcrumbs (e.g. "voice capture started"). May include your Supabase user ID so we can reproduce account-specific crashes.
Product interaction events — via PostHog. Non-tracking analytics such as "voice_capture_completed", "item_added", "recipe_import_started", and "paywall_shown". We use these to understand which features are used and where to invest effort. Linked to your anonymous or identified PostHog distinct ID.

What we do not collect

We do not collect precise or coarse location.
We do not collect contacts, calendar data, or health data.
We do not access your microphone outside of an active voice capture you initiate.
We do not access your camera or photo library outside of a photo import/upload you initiate. The iOS photo picker only gives Hearth access to the specific image you choose.
We do not use IDFA or any other cross-app advertising identifier.

02How we use it

App functionality: running the features you use — syncing your list and recipes, transcribing your voice, parsing grocery items, importing recipes, generating recipe images, remembering your usuals, honoring your subscription.
Analytics: understanding aggregate product usage to decide what to build next. First-party only; PostHog does not share this data with other companies for their own purposes.
Diagnostics: identifying and fixing crashes and performance regressions.

We do not use your data for advertising, cross-app tracking, or sale to third parties.

03Who processes your data

Hearth is a solo operation, so we rely on a small set of reputable service providers ("sub-processors"). Each has their own privacy policy:

| Processor | Purpose | Policy | |---|---|---| | Apple (Sign in with Apple, StoreKit) | Authentication, subscription billing | https://www.apple.com/legal/privacy/ | | Supabase | Database, auth, realtime sync, edge functions, private recipe-image storage | https://supabase.com/privacy | | OpenAI | Voice parsing, fallback transcription, grocery text/image import, recipe URL/text/photo import, recipe-to-ingredients generation | https://openai.com/policies/privacy-policy | | RevenueCat | Subscription management and entitlement | https://www.revenuecat.com/privacy | | PostHog | Product analytics (first-party, non-tracking) | https://posthog.com/privacy | | Sentry | Crash and performance reporting | https://sentry.io/privacy/ | | Vercel | Hosting the public site and web companion | https://vercel.com/legal/privacy-policy |

When you use Hearth, your data may be transferred to and processed by these providers. They are bound by their own privacy commitments and, where applicable, by Data Processing Agreements with Hearth.

04International transfers

Hearth's infrastructure is hosted by Supabase, OpenAI, Vercel, and other processors in regions that may include the United States and the European Union. If you are located outside the United States, your data will be transferred to and processed in the United States and other jurisdictions. We rely on Standard Contractual Clauses or equivalent mechanisms where our processors provide them.

05Retention

Account and content: retained for as long as your account is active. If you delete your account, we delete your profile, households you solely own, your lists, items, item history, saved recipes, recipe ingredients/steps, and stored recipe images within 30 days — except a one-way, irreversible token derived from your Sign in with Apple identifier (containing no name, email, or content), which we retain for up to 12 months to recognize returning sign-ins and prevent abuse, and indefinitely for internal/test accounts. Content in households shared with others may remain with the household so other members can keep using it.
Import images and voice audio: not stored by Hearth after the request completes, except for diagnostic metadata such as byte counts, timing, and error codes. OpenAI and our infrastructure providers process request data under their own retention and security terms.
Stored recipe images: retained until you replace the image, delete the recipe, delete a solely owned household, or delete your account, subject to cleanup delays and backups.
Diagnostics: Sentry retention is governed by Sentry's default policy (30–90 days depending on plan).
Analytics: PostHog retention is 7 years on default tier, subject to PostHog's policy and your deletion requests below.

06Your rights

Regardless of where you live, you can:

Access the data we hold about you — email support@tryhearthapp.com.
Correct anything that's wrong — most of it is editable inside the app (display name, list content). For anything else, email us.
Delete your account and associated data — email support@tryhearthapp.com and we will confirm and process within 30 days. An in-app deletion flow will be provided before Hearth is submitted for App Store production release.
Export your data in a portable format — email us.
Object to processing for analytics or diagnostics — email us and we will exclude your distinct ID from PostHog and disable Sentry reporting for your account where technically feasible. A self-serve in-app privacy choices control is planned before production release.

If you are in the European Economic Area, the United Kingdom, or California, you have additional statutory rights under the GDPR, UK GDPR, and CCPA respectively. Our contact channel above handles those requests. You also have the right to complain to your local supervisory authority.

07Children

Hearth is not directed at children under 13 (or under 16 in jurisdictions applying the GDPR). We do not knowingly collect data from children. If you believe a child has provided us data, email support@tryhearthapp.com and we will delete it.

08Security

Data in transit between Hearth and our processors is encrypted with TLS.
Your Supabase session is stored in the iOS Keychain, which is encrypted at rest and protected by your device passcode.
Our database enforces Row-Level Security so one household cannot see another household's data, even if someone could bypass the app.
We do not have access to your Apple ID password or payment details.

No system is perfectly secure. If you discover a vulnerability, email support@tryhearthapp.com and we will acknowledge promptly.

09Changes to this policy

We will update this policy when our practices change. The effective date above reflects the latest version. Material changes will be announced in the app. Continued use after the effective date means you accept the updated policy.

10Contact

Questions about this policy, or about any data Hearth holds about you?

Lior Cohen support@tryhearthapp.com

Privacy policy.