Last updated March 10, 2017
Section 1 - Your information
If you only use the Hush browser extension, all of your information is stored only on your computer, and no data is ever transferred to us or any third party services. Additionally, all information on your computer is encrypted using your bookmarks password and cannot be read without the password.
If you are a Hush Pro member, to provide our automatic backup and sync service across all of your devices, your bookmarks are securely encrypted with your bookmarks password and then sent to our servers. By the time your data leaves your computer, there is no way for us or any third party to be able to read any of it. We then encrypt your data further before storing it in a secure database. We will never share your bookmarks data with any third party.
When you purchase Hush Pro, we ask for your email address to create an account. We will use your email address for sign in and monthly subscription transaction purposes only, and will never share your email address with any third party.
Section 2 - Browser permissions
On Chrome, we request two permissions: the “tabs” and the “bookmarks” permission. See https://developer.chrome.com/extensions/permission_warnings for a description of these permissions.
“tabs” permission, or “Access your browsing activity” — this is required for bookmarking to work. When you click the Hush icon to bookmark a page, Hush makes a request using this permission to get the URL of the page you’re on. We never access your browsing activity, and only read the URL of pages you explicitly request to bookmark. See https://developer.chrome.com/extensions/permission_warnings#warnings for more details about the Chrome warning.
“bookmarks” permission, or “Read and modify your bookmarks” — this is the new bookmarks permission that we added to prepare for a much-requested feature: to move bookmarks back and forth between Hush and your Chrome browser.
Section 3 - Security
Your bookmarks are always stored using AES-256 encryption, and your bookmarks password is always stored hashed using SHA-256 with an appropriately length salt.
If you purchase Hush Pro, we process your transaction through the Stripe payment gateway and do not store your purchase transaction information or credit card data anywhere. Your transaction information is encrypted using secure socket layer technology (SSL). We follow all PCI-DSS requirements and implement additional generally accepted industry standards.
To protect your personal information, we take reasonable precautions and follow industry best practices to make sure it is not inappropriately lost, misused, accessed, disclosed, altered or destroyed.
We store a single cookie on your computer called hush-production. This allows us to store information about your session and keep you logged in. No personal information is ever stored in this cookie.
Section 4 - Age of Consent
By using this site, you represent that you are at least the age of majority in your state or province of residence, or that you are the age of majority in your state or province of residence and you have given us your consent to allow any of your minor dependents to use this site.
Questions and Contact Information
If you would like to: access, correct, amend or delete any personal information we have about you, register a complaint, or simply want more information contact our Privacy Compliance Officer at firstname.lastname@example.org or by mail at Hush Re: Privacy Compliance Officer, 858 University Ave, Palo Alto, CA, 94301, United States.