Privacy

Privacy, in plain English.

Humble Hello reads sensitive things — your inbox, your calendar, your contacts. You deserve to know exactly what we do with that data, and what we don't. This page is the answer. No legal-ese theater.

Version 1.0 · Effective May 10, 2026

The short version

Humble Hello scans your inbox, calendar, and contacts to help you stay in touch with the people who matter. We use your data only to power your experience. We don't sell it. We don't share it without your explicit consent. We don't train AI models on your inbox content. You can export or delete everything at any time.

Who we are

Humble Hello is operated by Humble Hello, LLC ("Humble Hello," "we," "us"), based in Indianapolis, Indiana. Contact: tom@humblehello.com.

What we collect, and why

From you directly

When you sign up, we collect your name, email address, profile photo, and (during onboarding) your home address. The address is required only because we send physical cards on your behalf, and we need a return address.

From your connected accounts (Google, Microsoft)

With your explicit consent, we read:

  • Email metadata: senders, recipients, subject lines, timestamps. Used to identify and rank your contacts.
  • Email body content (recent messages): used to detect life events, infer relationships, and personalize drafts. We do not retain full email bodies long-term.
  • Calendar events: attendees, titles, dates. Used to identify who you actually meet with.
  • Contacts: names, emails, phones, addresses, notes. Used as the foundation of your contact list, with two-way sync back to your provider.

From your usage

Standard application logs: IP address, device type, pages visited, actions taken. Used to keep the service running and debug issues. Retained for 30 days unless relevant to a security investigation.

From payment

If you upgrade, our payment processor (Stripe) collects your payment method. We never see your full card number.

What we never do

  • We never sell your data. Not to advertisers, data brokers, or anyone else.
  • We never email your contacts on Humble Hello's brand. All outreach goes from your address.
  • We never train AI models on your inbox content. When we use AI (Anthropic Claude) to draft messages or analyze contacts, requests are sent on a per-request basis and are not used for model training.
  • We never share your contact list with other Humble Hello users without your explicit opt-in to the Humble Hello Network (more on that below).

The Humble Hello Network (optional)

During onboarding, you have the option to contribute anonymized contact data to the Humble Hello Network — a shared pool of verified contact information that improves enrichment for everyone, like how Waze improves directions for every driver. This is opt-in. You can change your preference any time in Settings.

When you opt in, we contribute factual contact data (name, current company, current email, current phone) on contacts you have an established relationship with. We do not contribute personal notes, journal entries, or anything you've marked private. We honor any contact's request to be removed from the network within 30 days.

Your rights

Regardless of where you live, you can:

  • Access your data: see everything we have about you in Settings → Data
  • Export your data: download a complete copy in CSV/JSON format
  • Delete your data: cancel your account and we permanently delete everything within 30 days
  • Correct your data: edit any contact, profile, or setting at any time
  • Opt out of the Humble Hello Network: toggle it off in Settings
  • Opt out of marketing emails: unsubscribe link in every marketing email

If you're in the EU, UK, or California: you have additional rights under GDPR and CCPA, including the right to lodge a complaint with your data protection authority and the right to portability. Contact tom@humblehello.com with any rights request — we respond within 30 days.

Do Not Sell or Share My Personal Information: we don't sell or share your personal information for cross-context behavioral advertising. The Humble Hello Network is opt-in, contribution-based, and not a sale under CCPA.

How we share data with vendors

We use a small set of vendors to operate Humble Hello. Each is contractually bound to use your data only to provide their service to us:

  • Supabase (database hosting, US)
  • Vercel (application hosting, US)
  • Inngest (background job processing, US)
  • Anthropic (AI drafting and contact analysis, US)
  • Stripe (payment processing, US)
  • Handwrytten (handwritten card fulfillment, US)
  • Google Workspace (transactional email, US)
  • ZoomInfo (contact enrichment, US)

We do not transfer data to vendors outside the United States. If you're an EU user, data is stored in the US under Standard Contractual Clauses.

Retention

We retain your data while your account is active. When you cancel, your account data sits dormant for 30 days (in case you change your mind), then is permanently deleted. Application logs are retained for 30 days. Payment records are retained for 7 years per US tax law.

Security

All data is encrypted in transit (TLS 1.3) and at rest (AES-256). OAuth tokens are stored encrypted with row-level security. We do not store your Google or Microsoft password — authentication happens via OAuth. Access to production systems is restricted to the founder.

If we ever experience a data breach affecting your account, we'll notify you within 72 hours.

Chrome Extension

The Humble Hello Chrome Extension is a separate product feature from the core web application but operates under the same overall privacy practices described above. This section describes how it specifically accesses, processes, and transmits data on LinkedIn.

What the Extension does

The Extension allows authenticated Humble Hello users to:

  • View AI-generated communication insights for the LinkedIn profile they are currently viewing
  • Save or update that profile as a contact in their Humble Hello account
  • Optionally capture publicly visible Contact info (email, phone, birthday, address, websites) into their own Humble Hello contact records when the user opens LinkedIn's Contact info modal themselves

The Extension only operates on linkedin.com pages and only when explicitly invoked by the user.

What data the Extension reads

When you click the Humble Hello icon while viewing a LinkedIn profile, the Extension reads publicly visible information from that profile page, including:

  • Name, headline, location, and profile photo
  • Current and past work experience (titles, companies, dates, descriptions)
  • Education history (schools, degrees, dates, activities and societies)
  • Skills, languages, certifications, awards, volunteer work
  • Public posts and activity snippets
  • Connection count and recommendation count

Additionally, when you open LinkedIn's Contact info modal yourself, the Extension may read email address, phone number, birthday (month and day), address, personal websites, and linked social handles — but only if displayed by LinkedIn. The Extension never clicks the Contact info link on your behalf. It only reads what you have already opened.

What the Extension does NOT read

  • Your LinkedIn private messages or InMail
  • LinkedIn pages you are not actively viewing
  • Other browser tabs, your browsing history, or pages outside linkedin.com
  • LinkedIn data behind paywalls, hidden settings, or unauthorized areas
  • Any LinkedIn user's data without your explicit action (clicking the extension icon or saving a contact)

Where Extension data is sent

When you use the Extension, profile data may be transmitted to: Humble Hello's servers (humblehello.com) to run AI analysis, save contacts, and synchronize with your existing contacts; Anthropic's Claude API (api.anthropic.com) to generate communication insights — Anthropic processes the data on a per-request basis and does not retain it for model training; and the Google Contacts API (people.googleapis.com) if you have authorized Google Contacts sync, so contacts saved via the Extension are mirrored to your Google Contacts. The Extension does not transmit data to any other third parties. It contains no advertising trackers, analytics SDKs, or remote code execution.

Authentication and revocation

The Extension uses an API key generated when you first connect it to your Humble Hello account. This key is stored locally in your browser via Chrome's secure storage and is sent only to humblehello.com. You can revoke access at any time by disconnecting from the Extension's popup, removing the Extension from chrome://extensions, rotating your API key in your account, or closing your account.

Compliance with LinkedIn

The Extension is designed to operate within LinkedIn's User Agreement. It does not automate clicks, scrape data without user initiation, or bypass LinkedIn's access controls. All data captured is publicly displayed information you are already viewing through your own authenticated LinkedIn session.

Your responsibility for contact data

When you save a LinkedIn profile as a contact in Humble Hello, you are processing personal information about another individual. As described in our Terms of Service, you are responsible for ensuring you have an appropriate basis to do so under the laws applicable to you and your contacts. Humble Hello acts as a data processor for the contact data you save; you are the data controller for those records.

Children

Humble Hello is not intended for users under 18. We do not knowingly collect data from minors. If you believe a minor has signed up, contact us and we'll delete their account.

Changes

We'll update this policy as the product evolves. When we make material changes, we'll email you and update the version number at the top of this page. Your continued use after a material change constitutes acceptance.

Contact

Questions, requests, complaints, or feedback: tom@humblehello.com

Humble Hello, LLC
Indianapolis, IN, USA