fae.link legal

Privacy Policy

How Friends for Humanity collects, uses, and protects information when you use fae.link.

Effective and last updated: July 13, 2026

The basics

This Privacy Policy applies only to the standalone fae.link website, iOS app, and supporting services (together, the “Service”). It does not apply to fae.so or any other Fae product.

Friends for Humanity, Inc. (“Friends for Humanity,” “we,” “us,” or “our”) operates the Service and is responsible for the personal information described here. By using the Service, you acknowledge the practices in this policy. Our Terms of Service also apply.

Anonymous messages and sender hints

fae.link is designed so that a message sender’s account identity is anonymous to the recipient unless the sender chooses to reveal it or identifies themselves in a message. “Anonymous” does not mean that a sender is necessarily anonymous to Friends for Humanity. We may keep internal account associations and limited technical information to route messages, prevent abuse, protect users, and comply with law.

The Service may show a recipient coarse hints about a sender’s visit, such as device class, operating system, approximate city or region, referring website, timezone, or network category. These hints are estimates, may be incomplete or wrong, and are not proof of identity. Do not use them to accuse, harass, or try to locate someone.

Information we collect

Account and profile information

  • Your verified phone number, handle, given name, profile image and color, authentication records, account settings, and claim status.
  • Your selected school, graduation year, and optional gender. Your handle, profile details, graduation year, and activity statistics may be visible to other members of your selected school directory.
  • If you check or confirm an Instagram username during the claim flow, public profile information such as the username, display name, profile image, follower counts, and public/private or verification status.

Messages, chats, and shared content

  • Message content, chat participants stored internally for routing, aliases, identity-reveal choices, blocks, reactions, timestamps, unread state, and message previews.
  • One-time chat codes, the first message attached to a code, code redemption details, and story cards or other content you ask the Service to create or share.
  • Information you include in a message may identify you even if the Service does not show your account identity to the recipient.

Public-profile visits and sender context

When someone visits a public fae.link profile or sends a message, we may process the IP address, approximate city, region and country, network category, device/browser/operating-system class, timezone, referring host, a visitor identifier, and timestamps. To match a web send with the corresponding in-app message, we process the submitted draft and store a short-lived hash and length rather than the draft text in the matching record. A consumed coarse context snapshot may be attached to the message as a recipient-facing hint.

Device, usage, and advertising information

  • Push-notification tokens, app and browser information, IP address, pages and features used, timestamps, diagnostics, and performance or security events.
  • Cookies, local storage, click identifiers, and similar technologies used for functionality, analytics, and advertising attribution.
  • Usage and online identifiers collected through PostHog and, when configured, advertising tools from Meta, Snapchat, and TikTok.

Support and requests

We collect the contact information, report details, and other content you provide when you ask for help, report abuse, send feedback, or exercise a privacy right.

How we use information

  • Provide, authenticate, maintain, and secure accounts, public profiles, school directories, anonymous chats, reveal features, one-time codes, story sharing, and push notifications.
  • Route messages and, where available, provide coarse sender hints.
  • Respond to support and privacy requests, troubleshoot problems, and communicate operational or safety notices.
  • Detect, investigate, and prevent spam, fraud, harassment, unauthorized access, and other misuse; enforce our Terms; and protect users, the public, and the Service.
  • Measure and improve the Service, understand feature use, and attribute or evaluate marketing and advertising.
  • Comply with legal obligations and valid legal process, resolve disputes, and protect our legal rights.

Authorized team members may review message content when reasonably necessary to respond to support or abuse reports, investigate security or integrity issues, enforce our rules, protect safety, or comply with law. We do not promise that every harmful message will be detected or prevented.

How we disclose information

  • Service providers. We use providers for hosting, databases, storage, phone verification, authentication, push delivery, analytics, advertising, security, support, and other operations. They may process information for us under their own agreements and legal obligations.
  • Other users. We disclose messages and the profile, school-directory, reveal, sender-hint, or story information described above as part of the features you use.
  • Legal and safety. We may preserve or disclose information when we reasonably believe it is necessary to comply with law or valid legal process, enforce our agreements, investigate misuse, or protect the rights and safety of a person, the public, or the Service.
  • Business changes. We may disclose or transfer information in connection with a financing, merger, acquisition, reorganization, bankruptcy, sale of assets, or similar transaction.
  • At your direction. We may disclose information when you ask us to, such as when you reveal your identity or share a story card through another app.

We do not sell personal information for money. We may disclose online identifiers and activity to analytics and advertising partners. Some privacy laws may call that disclosure “sharing,” “selling,” or targeted advertising even when no money changes hands.

Retention and deletion

We keep information only for as long as reasonably needed for the purposes described here, including providing the Service, preventing abuse, meeting legal obligations, and resolving disputes. Retention varies by data type. One-time codes and web-send matching records are designed to expire or be pruned, while account and chat information may remain while your account is active.

You can request account deletion in the iOS app. Deletion disables account access and push delivery promptly, and associated account data is scheduled for deletion after 30 days. We may retain limited information for longer when reasonably necessary for legal compliance, safety, fraud prevention, enforcing agreements, or resolving disputes. Information another user independently shared outside the Service is not under our control.

Your rights and choices

Depending on where you live, you may have rights to request access, correction, deletion, or a portable copy of personal information, or to object to or restrict certain processing and withdraw consent. You may also have the right to appeal our response or complain to your local privacy authority.

Use the in-app deletion control or email team@friendsforhumanity.com. We may need to verify your identity and may deny or limit a request where permitted by law, including to protect another person’s rights, preserve security, or meet a legal obligation. We will not discriminate against you for exercising an applicable privacy right.

Browser and device settings may let you clear or block cookies, limit cross-app tracking, or adjust advertising choices. Blocking some technologies may affect Service functionality. You can also contact us about an advertising or privacy choice available where you live.

Children's privacy

The Service is for people age 13 and older. If you are under the age of majority where you live, you may use the Service only with permission from a parent or legal guardian. We do not knowingly collect personal information from children under 13.

If you believe a child under 13 has provided personal information to us, contact us at team@friendsforhumanity.com. We will investigate and take appropriate steps, including deletion where required.

Security and international processing

We use reasonable administrative, technical, and organizational safeguards designed to protect information. No internet transmission or storage system is completely secure, so we cannot guarantee absolute security. Keep account access codes and devices secure and tell us if you suspect unauthorized access.

Friends for Humanity is based in the United States, and we and our providers may process information in the United States and other countries. Those countries may have different privacy laws. Where required, we use legally recognized safeguards for international transfers.

Third-party services

The Service may link to or work with third-party apps, websites, and services, including Apple and social platforms. Their privacy practices are governed by their policies, not this one. Review those policies before giving a third party information.

Changes and contact

We may update this policy as the Service or law changes. We will post the revised policy here, update the date above, and provide additional notice when required. Material changes apply prospectively unless law permits otherwise.

Questions, requests, or concerns can be sent to team@friendsforhumanity.com, or by mail to Friends for Humanity, Inc., 2261 Market Street, #85101, San Francisco, CA 94114, United States.