your safe place
Effective Date: March 3, 2026 | Last Updated: June 8, 2026
Hush ("we", "us", "our") is a spiritual wellness application designed to support your daily Islamic practice through daily worship, Quran reading, AI-powered spiritual assistant, voice notes, sleep content, and more.
Your privacy matters deeply to us. This Privacy Policy explains what data we collect, why we collect it, how we use it, and your rights regarding that data. We are committed to transparency and to protecting the personal information you entrust to us.
By using Hush, you agree to the practices described in this policy. If you do not agree, please discontinue use of the app.
We collect data in the following categories:
When you first open Hush, we automatically collect:
This data is used to deliver the correct content in your language, manage your subscription status, and ensure app compatibility.
Hush requests access to your device's location only when you use the Qibla Compass feature. Your location is used on-device to calculate the direction to the Kaaba in Makkah. We request "When In Use" location permission through iOS — your coordinates are processed locally and are not sent to our servers or shared with any third party.
For Ramadan prayer times (Imsakiye), you manually select your city — no automatic location detection is used.
We track how you interact with the app to improve your experience. This includes:
Analytics events are associated with your anonymous device ID — not your name, email, or any personally identifiable information.
Hush includes an AI-powered spiritual assistant ("Hush AI") that helps with Islamic questions, prayers (dua), and Quranic interpretation (tafsir). When you use this feature:
If you use Hush AI's image recognition feature, you may grant access to your camera or photo library. Images you share are:
If you use the Voice Notes feature, your audio recordings are:
You can delete any voice note at any time from within the app. We do not listen to or manually review your recordings.
Daily journal entries you write are stored locally on your device only. They are not uploaded to our servers.
Your daily worship completions, streak data, and spiritual progress are stored locally on your device using Apple's built-in data storage. This data may be synced to our backend to enable cross-device features in the future.
If you grant notification permission, we store your push notification token to deliver daily inspiration messages and important updates. You can disable notifications at any time in your device settings or within the app.
Subscription purchases are processed entirely by Apple (App Store) and managed through RevenueCat. We do not collect or store your payment information, credit card details, or billing address. We only receive confirmation of your subscription status (active, expired, trial, etc.).
We request access to Apple's Identifier for Advertisers (IDFA) through the App Tracking Transparency (ATT) framework. This is used solely for:
You can decline this request, and the app will function normally without it. We will never sell your IDFA or use it to build a personal profile.
Hush is designed with a privacy-first approach. We do not collect:
While the Qibla Compass uses your device location, your coordinates are processed entirely on-device and are never sent to our servers or any third party.
| Purpose | Data Used |
|---|---|
| Deliver content in your language | Locale, timezone |
| Qibla direction (on-device only) | Device location (not sent to servers) |
| Manage your subscription | Device ID, subscription status |
| Improve app experience | Usage analytics (anonymous) |
| AI spiritual assistant | Chat messages (sent to OpenAI, not stored on our servers) |
| AI image recognition | Camera / photo library images (processed in real-time, not stored) |
| AI transcription & analysis | Voice recordings (when you use Voice Notes) |
| Send daily inspiration | Push notification token |
| Measure ad campaign performance | IDFA (only with your permission) |
| Measure ad performance on Google | Firebase Analytics events & conversion signals (with your permission) |
| Prevent fraud & ensure security | Device ID, app version |
We use the following trusted third-party services to operate Hush:
Our backend infrastructure. Stores device registration data, push tokens, and voice note audio files. Supabase provides secure, encrypted cloud hosting.
Manages in-app subscriptions and purchase verification. Receives your anonymous device ID and subscription events. Does not receive personal information.
We use Mixpanel to understand how users interact with the app and to improve features. All data is sent to Mixpanel's EU data center for GDPR compliance. Events are tied to anonymous device IDs only.
We use Meta's SDK to measure the effectiveness of our advertising campaigns. We send only two signals to Meta: onboarding completion and paywall views. Automatic event logging is disabled. Revenue events are sent server-side through RevenueCat, not from your device.
If you grant ATT permission, your IDFA may be shared with Meta for attribution purposes. If you decline, no advertising identifier is shared.
We use OpenAI's API (GPT-4o) to power Hush AI's chat, image recognition, and Quranic interpretation features. Your messages and images are sent to OpenAI for processing. Per OpenAI's API policy, data sent through the API is not used to train their models.
Apple processes all payments and may collect anonymized ad attribution data through SKAdNetwork. This is managed entirely by Apple and does not identify you personally.
We use Google Firebase Analytics to understand how the app is used and to measure the performance of our advertising on Google. Events are tied to anonymous, de-identified identifiers — not your name or email.
If you grant ATT permission, limited conversion signals (such as starting a trial or subscribing) may be shared with Google to measure ad effectiveness, in line with Apple's on-device measurement and SKAdNetwork frameworks. If you decline ATT, no advertising identifier is shared. We do not sell your data.
Most of your data (journal entries, daily progress, streaks, favorites, preferences) is stored locally on your device using Apple's secure storage frameworks. This data is protected by iOS file-system encryption and is only accessible when your device is unlocked.
Device registration data, push tokens, and voice note audio files are stored on our Supabase servers. All data is transmitted over encrypted HTTPS connections and stored with industry-standard encryption at rest.
We retain your data only as long as necessary to provide our services:
Depending on your jurisdiction, you may have the following rights:
Our analytics data is processed on EU servers (Mixpanel EU endpoint) to support GDPR compliance.
If you are located in the Republic of Türkiye, your personal data is processed in accordance with the Personal Data Protection Law No. 6698 ("KVKK"). Under Article 11, you have the right to:
To exercise any of these rights, contact us at hush.app.official@gmail.com. We will respond within 30 days.
Hush is not directed at children under the age of 13 (or the applicable age of digital consent in your jurisdiction). We do not knowingly collect personal information from children. If you believe a child has provided us with data, please contact us and we will promptly delete it.
Your data may be processed in countries other than your own. Our analytics data is processed in the EU (Mixpanel EU data center). Backend services (Supabase) may process data in the US or EU depending on server configuration.
Where data is transferred internationally, we ensure appropriate safeguards are in place, including standard contractual clauses and encryption in transit.
Hush is a mobile application and does not use browser cookies. We use standard mobile SDKs (Mixpanel, Google Firebase, Meta, RevenueCat) that may use device-level identifiers as described in this policy. These are not cookies and cannot track you across other apps or websites (unless you have granted ATT permission for ad attribution).
We may update this Privacy Policy from time to time to reflect changes in our practices or applicable laws. When we make significant changes, we will notify you through the app or by updating the "Last Updated" date at the top of this page.
We encourage you to review this policy periodically. Your continued use of Hush after changes are posted constitutes acceptance of the updated policy.
If you have any questions, concerns, or requests regarding this Privacy Policy, please contact us:
Hush is operated by Hush App. We are committed to resolving any privacy concerns promptly and transparently.