Honk Privacy Policy

Effective Date: October 15, 2025
Last Updated: October 15, 2025

1. INTRODUCTION

1.1 About This Policy

This Privacy Policy describes how Honk ("we", "us", "our") collects, uses, processes, and protects your personal information when you use the Honk mobile application ("Service", "App").

1.2 Data Controller

The data controller is Honk, located in Finland.

1.3 Commitment to Privacy

We are committed to protecting your privacy and ensuring you understand exactly how your safety data is handled.

2. PERSONAL INFORMATION WE COLLECT

2.1 Information You Provide Directly:

• Account Information: Name, email, phone number.
• Authentication Credentials: Passwords or OAuth tokens.
• Profile Information: Display name, profile picture.
• Promise Data: Safety Promises (recurring and quick), Promise schedules, grace periods, fulfillment records.
• Communication Data: Messages sent through the Service, Honk sounds, Promise confirmations.
• Friend Connections: Your friend list and blocked users.
• Support Communications: History of your support requests.
• Payment Information: Transaction history (processed via App Stores).

2.2 Information Collected Automatically

We automatically collect certain information when you access the Service, including your device type, operating system version, unique device identifiers (such as Android ID or IDFV), IP address, and usage statistics (e.g., which features you use most).

2.3 Location Information

Honk is not a location-tracking app. We do not continuously track your GPS location. We may derive your approximate location from your IP address for analytics and security purposes.

2.4 Information from Third-Party Services

If you sign in with Google or Apple, we receive your email address and authentication tokens from these providers.

3. LEGAL BASIS FOR PROCESSING (GDPR)

We process Personal Data under the following legal bases:

3.1 Contractual Necessity

Processing is necessary to provide the Service, including delivering Promises and alerts (Article 6(1)(b)).

3.2 Legitimate Interests

Processing is necessary for fraud prevention, security, and improving our App (Article 6(1)(f)).

3.3 Consent

For optional features or marketing communications, we will ask for your consent (Article 6(1)(a)).

3.4 Legal Obligation

To comply with applicable laws (Article 6(1)(c)).

4. HOW WE USE YOUR INFORMATION

4.1 Service Provision and Operation:

• Creating and managing your account
• Facilitating Safety Promises and safety notifications
• Delivering push notifications for Promises, alerts, and messages
• Enabling communication between you and your trusted contacts
• Processing duress protection features (Secret Handshake)
• Providing customizable notification sounds and preferences

4.2 Service Improvement and Development

To understand user behavior and improve app functionality.

4.3 Security and Fraud Prevention

To detect and prevent abuse, such as spam or harassment.

4.4 Communication

To send you updates, security alerts, and support messages.

4.5 Legal and Compliance

To comply with legal obligations and enforce our Terms.

5. DATA SHARING AND DISCLOSURE

5.1 We Share Your Information With:

• Other Friends: Promise information, Promise status, and messages are shared with friends and contacts you designate.
• Service Providers: Cloud hosting and database providers.
• Legal Authorities: If required by law or to protect safety.
• Business Transfers: In connection with a merger or sale of assets.

5.2 We Do Not Sell Data

We are in the business of safety, not ad-targeting. We do not sell your personal information to third-party advertisers.

5.3 Third-Party Service Providers

We may employ third-party companies to facilitate our Service (e.g., Google Cloud for hosting, RevenueCat for subscription management). These third parties have access to your Personal Data only to perform these tasks on our behalf and are obligated not to disclose or use it for any other purpose.

6. INTERNATIONAL DATA TRANSFERS

Your information, including Personal Data, may be transferred to — and maintained on — computers located outside of your state, province, country, or other governmental jurisdiction where the data protection laws may differ. Specifically, our servers are hosted by Google Cloud Platform in the United States/Europe. If you are located in the European Economic Area (EEA), we rely on European Commission-approved Standard Contractual Clauses (SCCs) or adequacy decisions for data transfers to third countries.

7. DATA RETENTION

7.1 Retention Periods

We retain your Personal Data only for as long as is necessary for the purposes set out in this Privacy Policy.

7.2 Specific Retention Periods:

• Account Information: Retained until you delete your account.
• Promise and Fulfillment Data: Retained for 12 months after fulfillment or expiration to provide history, then anonymized or deleted.
• Communication Data: Recent messages are stored to sync across devices but are periodically purged.
• Support Communications: Retained for 2 years.
• Log and Analytics Data: Retained for 14 months.

7.3 Deletion

You can request deletion of your account and all associated data directly within the App settings or by contacting us.

8. YOUR RIGHTS UNDER GDPR

If you are a resident of the EEA, you have the right to:

• Access, update, or delete the information we have on you.
• Rectify certain data that is inaccurate.
• Object to our processing of your Personal Data.
• Request portability of your data.

9. DATA SECURITY

We use industry-standard encryption (TLS/SSL) to protect data in transit and at rest. However, no method of transmission over the Internet or method of electronic storage is 100% secure..

10. CHILDREN'S PRIVACY

Our Service does not address anyone under the age of 13. We do not knowingly collect personally identifiable information from anyone under the age of 13. If you are a parent or guardian and you are aware that your child has provided us with Personal Data without verification of parental consent, please contact us.

11. COOKIES AND TRACKING TECHNOLOGIES

We do not use cookies for web tracking, as this is a mobile app. We use local storage on your device to maintain your login session and preferences. We use Firebase Crashlytics and Analytics to detect bugs and improve performance.

12. DO NOT TRACK SIGNALS

We do not support Do Not Track ('DNT'). Do Not Track is a preference you can set in your web browser.

13. THIRD-PARTY LINKS AND SERVICES

The Service may contain links to other sites. If you click on a third-party link, you will be directed to that site. We assume no responsibility for the content, privacy policies, or practices of any third-party sites.

14. CHANGES TO THIS PRIVACY POLICY

We may update our Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the 'effective date'.

15. CONTACT INFORMATION

15.1 Data Protection Officer

If you have questions about your data, contact our DPO at: support@honkapp.eu

15.2 Supervisory Authority

You have the right to lodge a complaint with the Finnish Data Protection Ombudsman: https://tietosuoja.fi

---

BY USING THE SERVICE, YOU ACKNOWLEDGE THAT YOU HAVE READ AND UNDERSTOOD THIS PRIVACY POLICY.