Site Title

recent posts

about

Privacy Policy

Privacy Policy

INTRODUCTION

Welcome to the HugPoint.AI Privacy Policy (“Policy” )! It explains how we collect, store, protect, and share your data, and with whom we share it. We recommend reading it together with our Terms of Service.

When you use the HugPoint.AI mobile application (“App”), our HugPoint.AI website (“Website”), or our digital products and services (such as our contests, surveys, premium accounts, and others), we collect certain information about you.

The App and the Website were created to easily and intuitively connect people who want to meet, talk, or simply share a moment of closeness through a hug. Our goal is to enable quick and safe contact between users—while ensuring comfort, support, and privacy. At the same time, we inform you that the App and the Website facilitate making connections but do not guarantee finding a partner.

We also encourage you to review the Terms of Service (link: https://hugpoint.ai/terms-of-service/ ).

You should know that we place particular emphasis on:

  • security—both in terms of personal data protection and real‑life meetings,
  • ease of use—so that every user can use the app simply and intuitively,
  • AI support—which helps match people and facilitates making contact.

This Policy explains what data we collect, how we use it, and what rights the users of the App and the Website have.

GENERAL INFORMATION

1) This Privacy and Cookies Policy of the HugPoint.AI Website and App is for information purposes only, which means it is not a source of obligations for persons visiting the Website or the App.

Any questions regarding the Policy or doubts related to the processing of your personal data should be sent to the e‑mail address: privacy@hugpoint.ai.

The Privacy Policy primarily sets out the rules for personal data processing by the Administrator of the Website and the App, including the legal bases, purposes, and scope of personal data processing and the rights of data subjects, as well as information regarding the use of cookies on the Website and in the App.

2) The controller of personal data collected via the Website or the App is ANTON YURKEVICH conducting a sole proprietorship under the business name ANTON YURKEVICH, with its registered office at: Mazowieckie Voivodeship, Pruszków County, Raszyn Commune, Rybie, ul. Wypoczynkowa 10, 05‑090, NIP (Tax ID): 5252902584, REGON: 521647422 and e‑mail address: info@hugpoint.ai—hereinafter referred to as the “Administrator,” who is also the service provider of the Website and the App.

3) Personal data on the Website and in the App is processed by the Administrator in accordance with applicable law, in particular with Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation)—hereinafter “GDPR” or the “GDPR Regulation”.

4) Use of the Website and the App, including the conclusion of any agreements, is voluntary. Likewise, providing personal data by a person using the Website and the App is voluntary, subject to two exceptions:

  • a) concluding agreements with the Administrator—failure to provide, in the cases and to the extent indicated on the Website and in the Terms of Service and this Policy, the personal data necessary to conclude and perform an agreement with the Administrator results in the inability to conclude such agreement. In such a case, providing personal data is a contractual requirement and if the data subject wishes to conclude a given agreement (e.g., account registration, purchase of premium packages, or others) with the Administrator, they are obliged to provide the required data;
  • b) statutory obligations of the Administrator—providing personal data is a statutory requirement resulting from generally applicable legal provisions imposing on the Administrator the obligation to process personal data.

5) The Administrator declares that special care is taken to protect the interests of the data subjects and, in particular, ensures that:

  • personal data is processed lawfully, fairly, and in a transparent manner for the data subjects;
  • personal data is collected for specified, explicit, and legitimate purposes and is not further processed in a manner incompatible with those purposes;
  • personal data is adequate, relevant, and limited to what is necessary in relation to the purposes for which it is processed;
  • personal data is accurate and, where necessary, kept up to date;
  • personal data is kept in a form which permits identification of the data subject for no longer than is necessary for the purposes for which the personal data is processed;
  • personal data is processed in a manner that ensures appropriate security, including protection against unauthorized or unlawful processing and against accidental loss, destruction, or damage, using appropriate technical or organizational measures.

6) Taking into account the nature, scope, context, and purposes of processing as well as the risk of varying likelihood and severity for the rights or freedoms of natural persons, the Administrator implements appropriate technical and organizational measures to ensure that processing is carried out in accordance with the GDPR. The Administrator uses technical measures to prevent the acquisition and modification by unauthorized persons of personal data transmitted electronically.

REGISTRATION INFORMATION AND FURTHER VERIFICATION

1) When creating an account on the Website or in the App, we ask for basic data such as: first name, username, e‑mail address, phone number, date of birth, gender identity, preferences, photos, and location. You can also connect your account to social media (e.g., Facebook, Instagram).

2) You also set a password that protects access to your account. You can edit most of your data at any time in your account settings, except for location—this updates automatically if you allow the App or the Website to access it.

3) The collected information is used to improve the operation of the Website and the App, to verify users, and to allow others to view your profile.

4) To increase security and protect the community from fake accounts, we may ask you for additional profile verification. As part of this process, you may be asked to provide a phone number or submit a verification photo. The aim is to make sure that you are a real person, not a bot, and to prevent abuse and fraud.

5) Photo verification gives you the option to obtain a special “Verified” badge visible on your profile. At the first meeting such verification is not mandatory. Subsequent meetings will, however, require verification of your photo (without verification of your photo for subsequent meetings, some App or Website functionalities may be limited or completely unavailable). The submitted verification photo is not published and does not appear on your profile. It is stored solely for comparison with other photos you add later.

6) We may use facial recognition technology in the verification process to confirm the consistency of the photo with your profile. This allows us to effectively prevent the creation of fake accounts and increase the safety of all users of the Website and the App.

CHILDREN’S PRIVACY (18+)

Our service is intended for persons at least 18 years old, which we clearly emphasize. We do not allow persons under 18 to use our services, the Website, or the App. If you suspect that a user is under 18, please use the reporting mechanism available on the Website or in the App.

SAFE INFORMATION SHARING

1) We encourage all users to carefully consider what information they place in their profile or share with others on the Website and in the App. For your safety, we do not recommend publishing data such as your e‑mail address, phone numbers, full name, home address, payment card details, identification numbers, document details (e.g., driver’s license), or other sensitive information that could be misused.

2) Remember that any information you post on your profile or send via messages becomes available to other users and is disclosed at your own responsibility. We therefore recommend prudence and caution when sharing details of your private life.

LOCATION INFORMATION

1) If you allow the App to access your location in your device settings, we will collect data about your location (e.g., GPS coordinates or Wi‑Fi access points). This allows us to tailor the functions of the Website and the App to your surroundings, e.g., show you profiles of people nearby or share general information about your location with other users.

2) You can disable location access at any time in your phone settings:

  • iPhone: Settings → Privacy → Location Services → HugPoint.AI
  • Android: Settings → Location → Permissions → HugPoint.AI

3) When using the App, we may collect information about your device, including a unique device identifier, device model, and operating system, for various purposes as set out below. In addition, if you allow us to do so, the App may access your device’s address book solely to add someone to your contacts.

4) We may track how you interact with links available on the Website or in the App, including with third‑party services through click‑through redirects or otherwise. We may share aggregate click statistics, such as how many times a given link was clicked.

5) The App or Website processes geolocation data during an active session to match user profiles in your vicinity. Processing takes place only after obtaining explicit consent. The user may disable location sharing at any time.

6) Location data is stored for a maximum of 90 days from the date of the session for the purpose of matching users and ensuring platform security. After this time, the data is automatically deleted or anonymized.

SOS FUNCTION AND LOCATION SHARING

1) The Website and the App provide an optional “SOS” safety feature that allows the user to send their current geographic location and the meeting identifier (if applicable) to a trusted person designated by the user.

2) Use of the SOS function is entirely voluntary and activated only by the user. The Website or the App does not activate this function on its own or automatically.

3) The user has full control over the operation of the SOS function, including:

  • choosing the trusted person,
  • the moment of activation of the function,
  • the ability to revoke or stop sharing at any time.

4) Location data processed as part of the SOS function:

  • is used solely to transmit it to the trusted person,
  • is not archived by HugPoint.AI longer than necessary to perform the function (the location is transmitted once or for the duration of the SOS activation),
  • is not used for marketing or profiling purposes.

5) The legal basis for processing data within the SOS function is the user’s consent.

6) HugPoint.AI is not responsible for how the trusted person uses the location data provided.

7) The SOS function is designed in accordance with the data minimization principle—only the data necessary to notify the trusted person is shared.

8) Location data is not stored after the function ends, except for possible technical logs necessary to ensure system security and accountability (e.g., activation time, delivery status).

BIOMETRIC DATA

1) Biometric data means personal data resulting from specific technical processing relating to the physical, physiological, or behavioral characteristics of a natural person that allows or confirms the unique identification of that person, such as facial image or fingerprint data;

2) Since the law prohibits the processing of personal data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, trade‑union membership, and the processing of genetic data, biometric data for the purpose of uniquely identifying a natural person, or data concerning that person’s health, sex life, or sexual orientation, we expressly emphasize that such data may be processed only if the data subject has given explicit consent to the processing of such personal data for one or more specific purposes.

PURPOSES AND LEGAL BASES FOR PROCESSING PERSONAL DATA

1) In each case, the purpose, legal basis, period, and scope as well as the recipients of personal data processed by the Administrator result from the actions taken by a given user on the Website or in the App.

2) The Administrator may process personal data from the Website or the App for the following purposes:

  • Enabling you to use our services, including: creating and maintaining an account and profile in our service, operating and maintaining various features in our service, recommending other users to you and you to them, organizing lotteries and contests, responding to requests and questions, monitoring the proper functioning of our service and troubleshooting when needed;
  • fulfilling orders, processing payments;
  • using the contact form;
  • Conducting advertising and marketing campaigns, in particular: conducting and measuring the effectiveness of advertising campaigns conducted within our service, conducting and measuring the effectiveness of marketing campaigns promoting our service on external platforms, informing you about products and services that may be of interest to you;
  • Improving our services and creating new features and services, e.g.: conducting market research and surveys, analyzing how our service is used, assessing interactions with customer support teams to improve service quality, developing and enhancing new features and services, including through machine learning and other technologies, and testing them;
  • Detecting and combating violations of our Terms of Service and other unlawful or unauthorized activities and preventing them, developing and improving tools to detect and combat violations of our Terms of Service, fraud and other unlawful or unauthorized activities and prevent them, preventing repeat violations, in particular by preventing persons who violate our Terms of Service from creating a new account, informing persons who have submitted a report about actions taken in connection therewith, verifying identity, securing payments, and combating financial fraud;
  • Storing data to maintain and demonstrate compliance with applicable law, supporting investigative activities and defense in potential or ongoing court, administrative, or other proceedings, responding to lawful requests from law enforcement, courts, regulators, and other external entities, reporting illegal or unlawful content to law enforcement, government agencies, or other authorities, bringing, exercising, or defending against asserted or threatened claims, disclosing data to public order authorities or partners to combat abuse or unlawful behavior.

DATA RECIPIENTS

1) For the proper functioning of the Website and the App, including the proper provision of services by the Administrator, it is necessary for the Administrator to use the services of external entities (such as a software provider). The Administrator uses only the services of processors who provide sufficient guarantees to implement appropriate technical and organizational measures so that the processing meets the requirements of the GDPR Regulation and protects the rights of data subjects. We use suppliers who act solely on our instructions, as processors of personal data on our behalf. They provide us, among other things, with (i) support covering certain functions, (ii) hosting services, (iii) customer support, (iv) services related to security incident tracking and response, (v) services related to diagnosing and resolving issues on the Website or in the App, as well as (vi) traffic analytics on the Website and in the App, (vii) analytics of the effectiveness of our marketing campaigns (e.g., Google), (viii) support in scheduling and organizing online meetings, (ix) conducting surveys, (x) IT services, (xi) law firms and debt collection companies, (xii) banks and entities supporting payment processing. In addition, we may share data with authorities or entities authorized to do so under applicable law.

2) Personal data may be transferred by the Administrator to a third country; in such cases, the Administrator ensures that this will be to a country providing an adequate level of protection—consistent with the GDPR Regulation, and the data subject has the possibility to obtain a copy of their data. The Administrator transfers collected personal data only when and to the extent necessary to achieve the given processing purpose in accordance with this Privacy Policy.

3) The transfer of data by the Administrator does not occur in every case and not to all recipients or categories of recipients indicated in the Privacy Policy—the Administrator transfers data only when necessary to achieve the given purpose of processing personal data and only to the extent necessary to achieve it.

RIGHTS OF DATA SUBJECTS

1) A person whose personal data is processed has the right to:

  • access personal data (including, for example, receiving information about which personal data is processed); you can also update your data directly within the service by updating your account. If you wish to rectify other data, please contact us at: privacy@hugpoint.ai;
  • request rectification and restriction of the processing of personal data (e.g., if it is incorrect);
  • erasure of personal data (e.g., if it was processed unlawfully)—see more in the section below;
  • you can directly withdraw consent you have given us by updating your account settings or removing device permissions you have granted in your device settings (e.g., access to specific types of device data such as phone contacts, photos, advertising IDs, and location services, or consent to receive push notifications). After consent is withdrawn, some services may lose functionality. For more information, please contact us at: privacy@hugpoint.ai;
  • if you have created an account with us or consented to the processing of your Personal Data, you have the right to receive your Personal Data that you have provided to us in a structured, commonly used, machine‑readable, and interoperable format and to transmit it to another controller. We will send your Personal Data as a CSV file. The CSV format is commonly used, machine‑readable, and allows the Personal Data received to be transmitted to another Personal Data controller.
  • If you have an Account in the Service, you can exercise your right by logging into your Account.
  • object to the processing of personal data based on the necessity for purposes arising from the legitimate interests pursued by the Administrator or by a third party, including in particular processing for marketing purposes;
  • lodge a complaint with the President of the Personal Data Protection Office (Poland) or another competent supervisory authority in your jurisdiction.

RIGHT TO ERASURE (“RIGHT TO BE FORGOTTEN”)

1) In cases specified by law, you have the right to request that we erase your personal data. A request to delete all personal data will be treated as a request to delete your account, if you have one.

2) You have the right to request the erasure of personal data if:

  • the processing of Personal Data is unlawful or we must delete the Personal Data to comply with a legal obligation;
  • your Personal Data is no longer necessary for the purposes for which it was processed;
  • you have withdrawn your consent to the processing of Personal Data (to the extent that consent was the legal basis for processing);
  • you have objected to the processing of your Personal Data for marketing or other purposes where such consent was required;

3) We will retain some of your Personal Data despite a request for deletion if it is necessary for us to comply with a legal obligation or to establish, pursue, or defend claims. This applies in particular to Personal Data including: first name, last name, e‑mail address, and history of use of the App or the Website, which we retain for the purpose of handling complaints and claims related to the use of our services.

DATA RETENTION PERIOD

1) We want the relationships you build through our Website or App to last as long as possible, but we store your personal data only for as long as is legally necessary.

2) We will process your data for marketing purposes for the duration of our legitimate interest and until you object to such processing.

3) Where your personal data is processed based on consent, that consent can be withdrawn at any time, which will not affect the lawfulness of processing based on consent before its withdrawal.

4) In the case of location data, such data is stored for a maximum of 90 days from the date of the session for the purpose of matching users and ensuring platform security. After this time, the data is automatically deleted or anonymized.

5) In any case, your personal data may also be processed for as long as necessary to:

  • fulfill the Administrator’s obligations arising from applicable law;
  • pursue or defend against potential claims—for the limitation period specified by applicable law.

6) Depending on the scope of personal data and the purposes of processing, your personal data may be stored for different periods. In each case, the longer retention period applies.

7) If you decide to stop using our Website or App, you can close your account and your profile will no longer be visible to other users.

8) After closing the account, we delete your data as follows:

  • To protect the safety of our users, we apply a security retention period of three months after account closure or one year after account blocking. During this period, we retain your data to investigate unlawful or harmful behavior. Retention during this security period is based on our legitimate interest and the interest of potential third‑party victims.
  • We retain limited data to meet legal data retention requirements: in particular, we retain transaction data for 10 years to comply with tax and accounting obligations. We also keep records of consents given to us by users for five years to ensure compliance and document adherence to applicable laws.
  • We retain limited data based on our legitimate interest: we keep our communications with you within customer support for six years from the date of communication; customer support records and auxiliary data, as well as data regarding imprecise location of download/purchase for five years to support our security activities, support our customer service decisions, enforce our rights, and enable our defense in case of a claim; information about the existence of past accounts and subscriptions, which we delete three years after closing the last account, to ensure proper and accurate forecasting and financial reporting; profile data for one year in case of potential litigation, to bring, pursue, or defend legal claims; data necessary to block users prohibited from opening a new account for as long as necessary to ensure the safety and vital interests of our users.
  • We also retain data based on our legitimate interest if there is an unresolved or potential issue, claim, or dispute requiring us to retain data, in particular if we receive a legally binding subpoena or a data preservation request (in which case we would need to retain data to meet our legal obligations) or if the data would be necessary in legal proceedings.

CROSS‑BORDER DATA TRANSFERS

1) Because our service operates globally, your personal data may be transferred to and stored in countries outside the European Economic Area (EEA), the United Kingdom, or Switzerland. In some of these countries, data protection laws may differ from those in your country.

2) To ensure an adequate level of security, we use Standard Contractual Clauses approved by the European Commission or other competent authorities. These clauses are legally binding and require the parties to protect your data in a manner consistent with applicable regulations.

MARKETING AND ADVERTISING

1) The App and the Website may display advertisements and promotional materials. All ads are clearly marked as sponsored or promoted.

2) The App and the Website do not mislead users in marketing or advertising communications—we do not use statements suggesting guaranteed success (“100% safety,” “everyone will find a partner”).

3) Sending marketing communications (newsletters, SMS, push notifications) is carried out only based on the user’s explicit consent.

4) Every marketing communication includes an easy way to withdraw consent at any time.

5) Ads may be targeted based on activity in the App or on the Website or preferences expressed by the user, if the user has consented to this.

6) The use of cookies or similar technologies for ad targeting requires prior user consent.

7) We do not target ads based on sensitive data, including sexual orientation, political opinions, religious beliefs, or health status.

8) Ads and marketing communications may not suggest that the App and the Website replace medical, psychological, or therapeutic services.

COOKIES IN THE SERVICE AND APP

1) Cookies are small text information files sent by a server and stored on the side of the person visiting the Website or the App (e.g., on a computer hard drive, laptop, or smartphone memory card—depending on the device the user uses).

2) The Administrator may process data contained in Cookies while users use the Website or the App for the following purposes:

  • remembering data from completed forms;
  • customizing the content of the Website to the individual preferences of users (e.g., regarding colors, font size, page layout) and optimizing the use of the Website or the App;
  • conducting anonymous statistics showing how the Website or the App is used;

3) By default, most web browsers available on the market accept the storage of Cookies. Everyone can define the conditions for the use of Cookies via their web browser settings. This means that you can, for example, partially limit (e.g., temporarily) or completely disable the possibility of storing Cookies—however, in the latter case, this may affect some functionalities of the Website or the App.

4) Browser settings regarding Cookies are important for consent to the use of Cookies by our Website or App—according to the law, such consent may also be expressed through the browser settings. If such consent is not given, the browser settings regarding Cookies should be changed accordingly.

5) Detailed information on changing Cookie settings and deleting them yourself in the most popular web browsers is available in the help section of the web browser.

6) Because the Administrator cooperates with other entities within the Website and the App, for the purposes of this cooperation the browser also saves Cookies originating from entities with which the Administrator cooperates. Cookies sent by these entities aim to improve the effectiveness of presenting you with ads that match your online activity.

FINAL PROVISIONS

1) The Administrator reserves the right to amend the Policy in the future—this may occur for the following important reasons, among others:

  • changes in applicable laws, in particular regarding personal data protection, telecommunications law, services provided electronically, and consumer rights that affect the rights and obligations of the Administrator or the user of the Website or the App;
  • development of functionalities or electronic services dictated by the progress of internet technology, including the use/implementation of new technological or technical solutions that affect the scope of the Policy;

2) The Administrator will each time place information about changes to the Policy on the Website and in the App. With each change, the new version of the Policy will appear with a new date.

3) Since the Website may contain links to external websites that do not belong to the Administrator and for which the Administrator is not responsible, the Administrator encourages you to read the privacy policies posted on external websites that belong to other controllers.

4) This version of the Policy is effective as of 1 October 2025.

CONTACT

If you have questions regarding the Privacy Policy, contact us as follows:

e‑mail: info@hugpoint.ai.

For complaints: privacy@hugpoint.ai.

Technical support: support@hugpoint.ai.