Privacy Policy – Herline

Last updated: April 2026 | Effective date: April 2026

Herline Safety Limited ("Herline", "we", "our", or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, store, and protect your personal data when you use the Herline mobile application and website (herlineservices.com).

By using Herline, you agree to the terms of this Privacy Policy. If you do not agree, please do not use our services.

Important: Herline is intended for users aged 18 and over. We do not knowingly collect data from anyone under the age of 18. If we become aware that a user is under 18, their account will be removed.

1. Who We Are

Herline Safety Limited is a company registered in England and Wales. Our registered address is available on request. For any privacy-related queries, you can contact us at: hello@herlineservices.com

2. What Data We Collect

We collect the following types of personal data:

Account information: Your name, email address, and password (encrypted) when you register
Emergency contact information: The name and phone number of the contact you nominate to receive safety alerts
Check-in data: Timer activity and check-in history within the app
Biometric data: When you confirm your arrival using the app, we use your device's built-in biometric authentication (such as Face ID or fingerprint recognition) to verify it is you confirming safe arrival. We do not store, collect, or transmit your biometric data. This authentication is processed entirely on your device by your phone's operating system (Apple iOS or Android). Herline never has access to your biometric information.
Location data (premium feature): If you choose to use location-based features available in our premium plan, we may access your device's location temporarily and only for the purpose of providing that feature. Location data is never stored permanently, never sold, and is only shared with your nominated emergency contact in the way you have configured within the app. You can disable location access at any time through your device settings.
Device information: Device type and operating system for technical support purposes
Usage data: How you interact with the app, for improving our service

What we do NOT do with your data:

We do not continuously track or store your movements or location history
We do not sell your location data or any personal data to third parties
We do not share your location with anyone other than your nominated emergency contact, and only when you have activated a feature that does so
We do not access your contacts list beyond what you voluntarily provide when nominating an emergency contact

3. How We Use Your Data

We use your personal data to:

Create and manage your Herline account
Send OTP verification emails when you sign up or log in
Send safety alerts to your nominated emergency contact when a check-in is missed
Provide location-based features to your nominated emergency contact where you have chosen to enable this as part of a premium subscription
Improve and maintain the Herline app and services
Comply with legal obligations under UK law

4. Legal Basis for Processing (UK GDPR)

Under the UK General Data Protection Regulation (UK GDPR), we process your data on the following legal bases:

Contract: Processing necessary to provide the service you have signed up for
Legitimate interests: Improving our service and ensuring the security of our platform
Consent: Where you have explicitly agreed, such as marketing communications
Explicit consent (biometric data): For biometric authentication, we rely on your explicit consent given when you choose to enable biometric verification on your device. As biometric data is special category data under UK GDPR Article 9, we only use it where you have actively chosen to enable this feature. You can disable biometric authentication at any time through your device settings.
Legal obligation: Where we are required to process data by law

5. How We Share Your Data

We do not sell your personal data. We only share data in the following limited circumstances:

Your emergency contact: We send an alert to the contact you have nominated when a check-in timer expires without confirmation. Only an alert message is sent — no personal account data is shared.
Service providers: We work with trusted third-party services including Firebase (Google) for authentication and data storage, Twilio for SMS alerts, and Google Cloud Platform for hosting. These providers are GDPR-compliant and act as data processors on our behalf.
Legal requirements: We may disclose data if required by law or to protect the safety of our users.

6. Data Storage and Security

Your data is stored securely using Google Firebase and Google Cloud Platform infrastructure. We implement appropriate technical and organisational measures to protect your data against unauthorised access, loss, or misuse.

Passwords are encrypted and never stored in plain text. All data is transmitted over secure HTTPS connections.

7. How Long We Keep Your Data

We retain your personal data for as long as your account is active. If you delete your account, we will remove your personal data within 30 days, except where we are required to retain it for legal or regulatory purposes.

8. Your Rights Under UK GDPR

You have the following rights regarding your personal data:

Right of access: Request a copy of the data we hold about you
Right to rectification: Ask us to correct inaccurate data
Right to erasure: Request that we delete your data ("right to be forgotten"). You can delete your account and all associated data directly from within the Herline app by going to Settings → Delete My Account. You can also submit a deletion request at herlineservices.com/delete-account.html. All personal data will be permanently removed within 30 days of your request.
Right to restrict processing: Ask us to limit how we use your data
Right to data portability: Request your data in a portable format
Right to object: Object to how we process your data

To exercise any of these rights, please contact us at hello@herlineservices.com. We will respond within 30 days.

9. Cookies

Our website (herlineservices.com) may use essential cookies to ensure the site functions correctly. We do not use advertising or tracking cookies. You can control cookie settings through your browser.

10. Third-Party Links

Our website or app may contain links to third-party websites. We are not responsible for the privacy practices of those sites and encourage you to read their privacy policies.

11. Disclaimer – Not an Emergency Service

In an emergency, always call 999. Herline is not an emergency service and should not be used as a replacement for contacting the police, ambulance, or fire services.

Herline is a personal safety check-in tool designed to give users and their emergency contacts peace of mind. It is not monitored by any authority, law enforcement, or emergency response team. We do not have the ability to dispatch help, contact emergency services on your behalf, or respond to incidents in real time.

If you are in immediate danger, please call 999 (UK emergency services) or 101 (non-emergency police) immediately.

12. Limitation of Liability

Herline Safety Limited provides its app and services on an "as is" basis. While we take every reasonable step to ensure the app functions correctly, we cannot guarantee uninterrupted or error-free service at all times.

To the fullest extent permitted by law, Herline Safety Limited shall not be liable for:

Any failure of the app to deliver an alert due to technical issues, network outages, device settings, or any circumstances beyond our control
Any harm, loss, or injury that occurs as a result of relying solely on Herline as a safety measure
Any actions or inactions of the user's nominated emergency contact
Any indirect, incidental, or consequential damages arising from use of the app

Herline is intended to complement — not replace — existing personal safety practices. Users are encouraged to remain aware of their surroundings, share their plans with trusted people, and always contact emergency services if they feel they are in immediate danger.

Nothing in this disclaimer limits our liability for death or personal injury caused by our negligence, or any other liability that cannot be excluded by law.

13. Changes to This Policy

We may update this Privacy Policy from time to time. When we do, we will update the "Last updated" date at the top of this page. We encourage you to review this page periodically. Continued use of Herline after changes are made constitutes your acceptance of the updated policy.

14. Contact Us

If you have any questions about this Privacy Policy or how we handle your data, please contact us:

Email: hello@herlineservices.com
Website: herlineservices.com
Company: Herline Safety Limited, registered in England and Wales

If you are not satisfied with our response, you have the right to lodge a complaint with the Information Commissioner's Office (ICO) at ico.org.uk.