⚠️ This document is a draft pending attorney review and is not yet final or legally binding.
Heidi Platform, LLC · Effective date pending attorney review
From all users: full name, email address, phone number, date of birth (for age verification), government-issued ID (for identity verification — stored securely, limited access), profile information, payment information (processed by Stripe — we do not store full card numbers), in-app messages, session history, ratings and reviews, device information, IP address, and usage data.
From companions additionally: background check results (stored securely, access limited to platform operator), social security number or tax ID (for payment processing and 1099 forms), bank account or payment method for payouts.
From clients additionally: emergency contact information provided in session boundary agreements, session boundary preferences and notes.
To verify identity and conduct background checks (companions). To facilitate bookings, payments, and session management. To monitor communications for safety and policy compliance. To investigate and respond to safety reports and incidents. To send platform notifications, booking confirmations, and safety alerts. To comply with legal obligations, including responding to law enforcement requests. To improve the Platform and develop new features.
We do not sell your personal information. We share information only in the following circumstances: with your matched companion or client (first name and general location only — we do not share full addresses, last names, or contact details); with third-party service providers (Persona for identity verification, Checkr for background checks, Stripe Connect for payment processing, and messaging infrastructure — each bound by confidentiality agreements); with law enforcement when required by law, court order, or when necessary to protect the safety of any person; in a business transfer if Heidi is acquired or merges.
Active account data: retained for the duration of your account. Session records and boundary agreements: retained for 36 months minimum. Safety incident records: retained indefinitely. Background check results: retained for the duration of the companion relationship plus 36 months. Deleted accounts: most data deleted within 30 days; safety-related records retained per above.
We implement industry-standard security measures including encryption at rest and in transit, access controls limiting who can view sensitive data, and regular security reviews. No system is completely secure. We encourage you to use a strong password and to notify us immediately if you believe your account has been compromised.
If you are a California resident, you have rights under the California Consumer Privacy Act (CCPA), including the right to know what personal information we collect, the right to request deletion, and the right to opt out of the sale of your personal information (we do not sell personal information). To exercise these rights, contact us at info@pleaseheidi.com. We will respond within 45 days.
The Platform is not intended for anyone under the age of 18. We do not knowingly collect personal information from anyone under 18. If we learn that we have collected information from someone under 18, we will delete it immediately.
We may update this Privacy Policy from time to time. We will notify you of material changes by email and by posting the updated Policy on the Platform. Continued use after the effective date constitutes acceptance.
Privacy questions: info@pleaseheidi.com
Not therapy. Not dating. Not sexual services. Heidi provides peer-style emotional support and companionship only.