← Home

Privacy Policy

Last updated: 2026-05-27

sweetSpot is operated by HONEYTECH Inc. ("we"), a company registered in the Republic of Korea. This policy explains what data we process and your choices.

1. What We Don't Collect

sweetSpot does not require an account, email address, real name, phone number, or any government ID. We do not run advertising trackers or sell data to third parties.

2. What We Do Collect

  • Conversation content. The messages you send to the AI coach. Stored encrypted at rest in our database (Neon Postgres) and used to generate your analysis.
  • Display name.The handle you chose during session setup (e.g., "Sam"). Visible to your partner inside the session.
  • Account info (optional). If you sign in with Google to claim a free preview, we receive your Google account ID, email, and name. We do not request access to any other Google data.
  • Session metadata. Invite link identifier, session creation time, last activity time, payment status.
  • Technical data. IP address and approximate location for security and abuse prevention; user-agent for compatibility.
  • Payment data. When you pay, the payment provider collects your payment information directly; we receive only a transaction reference and the email you provide to PayPal.

3. How We Use It

  • To provide the service: route your messages to the AI model, store them so you can come back, generate your personalized analysis.
  • To process payments via PayPal.
  • To monitor for abuse, fraud, and crisis signals (so we can surface the right hotline resources).
  • To improve the service (in aggregate, anonymized form only).

4. Who We Share With (Sub-Processors)

We use the following third-party services to operate sweetSpot. Your conversation content is processed by some of these:

  • Anthropic, PBC— via the Vercel AI Gateway. Our AI coach is powered by Anthropic's Claude models. Anthropic processes your messages to generate responses and does not train on API data per their published policy.
  • Vercel, Inc. — application hosting and AI gateway.
  • Neon, Inc. — Postgres database hosting (encrypted at rest), with data stored in Singapore (AWS ap-southeast-1).
  • PayPal — payment processing.

These providers are located in the United States and Singapore, so your data is processed and stored outside your country of residence. We do not sell your data and do not share it with advertisers or data brokers.

5. Cookies

We set two cookies: a session token (HTTP-only, identifies your participant ID inside a couple session) and a market preference cookie (to remember which version of the site to serve). We do not use third-party tracking cookies.

6. Data Retention

Your conversation lives in your browser session. When you clear your browser cookies or use the "Forget and start fresh" button on the home page, you can no longer access the session and the associated data is detached from any device. We retain anonymized session metadata (no message content) for up to 24 months for fraud and abuse prevention. You may request deletion of your data by contacting us at the address below.

7. Your Rights (NY Residents)

We comply with the New York SHIELD Act. You have the right to:

  • Request a copy of the data we hold about your session.
  • Request deletion of your session data.
  • Be notified, in accordance with New York General Business Law § 899-aa, if a security breach affects your data.

8. Children

sweetSpot is intended for adults age 18 and over. We do not knowingly collect data from anyone under 13.

9. Crisis Signals

If our AI flags potential crisis content (self-harm, domestic violence), we surface external hotline resources directly in the chat. We do not report this information to law enforcement or third parties unless required by law.

10. Security

We follow industry-standard security practices: HTTPS in transit, encryption at rest, principle of least privilege for internal access. No system is perfectly secure; you accept this risk in using the service.

11. Changes to This Policy

We may update this policy from time to time. Material changes will be notified on the home page or by other reasonable means.

12. Contact

Questions, requests, or breach notifications can be directed to our privacy contact. We aim to respond within 30 days.

  • HONEYTECH Inc. (CEO & Data Protection Officer: Kim Sooyoung)
  • 41, Burim-ro 169beon-gil, Dongan-gu, Anyang-si, Gyeonggi-do, Republic of Korea (Unit 104-2906)
  • +82-70-8275-3073 · vincent012222@gmail.com