How does Unhook help with recovery?

Unhook combines progress tracking, community support, and evidence-based techniques to help you break free from addiction. Our app provides tools for monitoring progress, connecting with others, and accessing long-term recovery resources.

Is my information private?

Absolutely. All personal information and activity data is encrypted and never shared. You can participate anonymously and control what's visible to others.

Can I use Unhook on multiple devices?

Currently available for iPhone, iPad, and Apple Watch. Your progress syncs across all Apple devices. Android support is coming soon!

What makes Unhook different?

Designed with addiction specialists and people in recovery. We combine accountability tools, community support, and educational resources in one integrated platform.

Is the approach backed by research?

Yes. Unhook uses techniques from cognitive-behavioral therapy, mindfulness practices, and habit formation research guided by the latest science.

What is your refund policy?

We offer a money-back guarantee — no questions asked. Contact Apple support through your App Store purchase history to process a refund.

Privacy Policy

Unhook is operated by Lexom Inc. ("Lexom", "Unhook", "we", "us", "our"). We understand the sensitive nature of your recovery journey. This Privacy Policy explains our commitment to protecting your privacy and how we handle your information. This policy applies in conjunction with our Terms and Conditions and Subscription Terms.

1. Information Collection

We are committed to data minimization and collect only the personal information necessary for the purposes identified in this policy.

1.1 Personal Information

To enhance your recovery journey, we collect:

Account information (email, username, date of birth if provided)
Recovery tracking data and progress metrics
App preferences and settings
Optional community interactions and contributions
Support communications

1.2 Technical Information

Our system automatically collects:

Device information (operating system, app version)
Usage patterns and session data
Performance metrics
IP address for service optimization

1.3 Website Tracking

When you visit our website, we may collect:

Analytics data through PostHog (page views, interactions, device type)
Cookies or similar technologies for site functionality and analytics
Referral source and browsing behavior on our site

2. Legal Basis for Processing

We process your personal information based on the following legal grounds:

Consent: When you create an account, subscribe, or opt into features, you consent to the processing described in this policy
Contract performance: Processing necessary to provide the services you have requested
Legitimate interests: Improving app functionality, preventing fraud, and ensuring security, where these interests are not overridden by your privacy rights
Legal obligations: Processing required to comply with applicable laws and regulations

2.1 Sensitive Data (Special Categories)

Recovery tracking data and information related to your addiction recovery journey constitute "special category data" (health data) under GDPR Article 9 and analogous laws. We process this data only with your explicit consent, which you provide when you create an account and opt into recovery tracking features. You may withdraw this consent at any time by contacting us at hello@getunhook.com or adjusting your settings within the App. Withdrawing consent does not affect the lawfulness of processing carried out before withdrawal.

3. How We Use Your Information

Your information helps us provide and improve Unhook in the following ways:

Personalizing your recovery journey
Syncing your progress across Apple devices
Providing community support features
Sending service notifications (account updates, security alerts, subscription confirmations)
Improving app features and user experience
Analyzing overall recovery trends (anonymized)

We will only send you promotional or marketing emails if you have expressly opted in. You may withdraw your consent to marketing communications at any time by using the unsubscribe link in any marketing email or by contacting us.

4. Data Protection

We implement robust security measures to protect your data:

SSL/TLS encryption for all data transmission
Encryption at rest for stored data
Regular security reviews and vulnerability assessments
All payment processing handled securely by Apple — we never store or have access to your payment card information
Data hosted on secure cloud infrastructure (Google Cloud / Firebase) with industry-standard protections

5. Data Sharing and Third-Party Services

We never sell your personal information. We share data only with the following categories of service providers, and only to the extent necessary to operate the App:

Cloud infrastructure: Google Cloud / Firebase (hosting, database, authentication, storage)
Content moderation: OpenAI (automated screening of user-generated content — see Section 10)
AI chatbot: OpenAI (processing chatbot conversations — messages you send to our "Lumina" AI assistant are transmitted to OpenAI's servers for processing. We do not store chatbot conversations beyond the active session unless required for safety or legal purposes)
Payment processing: Apple App Store (subscription billing — we never receive or store your payment details)
Analytics: PostHog (usage analytics for app and website improvement, including page views, click interactions, device type, and approximate geographic location)
Legal requirements: If mandated by law, court order, or government authority
Safety: In emergency situations to protect the life or safety of users

We maintain Data Processing Agreements (DPAs) with all third-party service providers that process personal data on our behalf, in accordance with GDPR Article 28. These agreements ensure that our processors implement appropriate technical and organizational measures to protect your data.

6. Your Privacy Rights

You have the following rights regarding your personal information:

Access: Request a copy of the personal data we hold about you
Correction: Request correction of inaccurate or incomplete data
Deletion: Request deletion of your personal data (subject to legal retention requirements)
Data portability: Request an export of your data in a structured, commonly used, machine-readable format (such as JSON or CSV)
Withdraw consent: Withdraw your consent at any time where processing is based on consent
Opt out of analytics: Disable anonymous analytics through your app settings
Control profile visibility: Manage what information is visible in the community
Manage notifications: Adjust or disable notification preferences

To exercise any of these rights, contact us at hello@getunhook.com. We will respond within 30 days.

7. Young Users

Unhook is available to users aged 13 and above. To protect our younger users:

Enhanced privacy settings are enabled by default
Community features have additional safety measures
Content is carefully moderated
No adult content or explicit material is allowed
We do not knowingly collect personal information from children under the age of 13

Users between the ages of 13 and 17 must have the consent of a parent or legal guardian to use the App. For users aged 13 to 15 in the European Economic Area, we require verifiable parental consent before processing personal data, in accordance with GDPR Article 8. Parents or guardians may contact us at hello@getunhook.com to review, modify, or request deletion of their child's personal information. If we discover that we have inadvertently collected personal information from a child under 13, we will promptly delete such information and terminate the account.

8. Data Retention

We keep your data only as long as necessary:

Active accounts: Data retained for continuous service
Inactive accounts: Data moved to secure archival storage with restricted access after 12 months of inactivity. Archived data remains subject to the same privacy protections described in this policy and can be restored if you reactivate your account
Deleted accounts: Personal data removed from our active systems within 30 days of your deletion request. Data in encrypted backups is purged within 90 days. We also instruct our third-party processors to delete your data within their respective retention periods. If the request is complex, we may extend the response period by an additional 60 days and will notify you of any such extension
Anonymous/aggregated data: Anonymized and aggregated data that cannot be linked back to you may be retained indefinitely for service improvement

Cancelling a subscription does not delete your account or data. To request data deletion, see Section 6 of this policy.

9. Cookies and Tracking Technologies

Our website may use cookies and similar tracking technologies for:

Essential cookies: Required for site functionality (session management, security)
Analytics cookies: Help us understand how visitors interact with our website (PostHog)

We do not use advertising or third-party tracking cookies. You can control cookies through your browser settings. Disabling cookies may affect site functionality.

10. Content Moderation

To maintain a safe environment, we use automated content moderation:

User-generated content is automatically screened for prohibited material
We use OpenAI's moderation API to detect potentially harmful content
Content is analyzed for violence, hate speech, sexual content, and other prohibited categories
Flagged content may be automatically removed or held for review
We don't store the full text of removed content longer than necessary for safety purposes
You can appeal moderation decisions through our support channels

11. International Data Transfers

Your data may be transferred to and processed in countries outside of Canada (including the United States, where our cloud infrastructure is hosted). When we transfer your data across borders, we ensure:

Compliance with PIPEDA and applicable international privacy laws
Data Processing Agreements with all service providers
Standard Contractual Clauses (SCCs) where required
Equivalent or greater levels of data protection at the destination

12. Data Breach Notification

In the event of a personal data breach that creates a risk to your rights:

We will notify the Office of the Privacy Commissioner of Canada as required under PIPEDA where the breach creates a real risk of significant harm, and maintain a record of the breach for at least 24 months
We will notify relevant EU/UK supervisory authorities within 72 hours where required under GDPR
We will comply with applicable US state breach notification laws
We will notify affected users without undue delay if the breach is likely to result in a high risk to their rights and freedoms
We will document the breach, its effects, and the remedial actions taken

Regional Privacy Rights

The following sections provide additional information for users in specific jurisdictions. These rights supplement (and do not replace) the rights described in Section 6.

For Canadian Residents (PIPEDA)

As a Canadian-operated service, Unhook complies with the Personal Information Protection and Electronic Documents Act (PIPEDA). Under PIPEDA, you have the right to:

Know what personal information we hold about you and why
Access your personal information at no cost and challenge its accuracy
Withdraw consent for the collection, use, or disclosure of your information (subject to legal or contractual restrictions)
File a complaint with the Office of the Privacy Commissioner of Canada if you believe your privacy rights have been violated

We take reasonable steps to ensure that personal information in our custody is accurate, complete, and up-to-date for the purposes for which it is used.

If you have a complaint about our privacy practices, please contact our Privacy Officer. We will investigate all complaints and respond within 30 days. If you are not satisfied with our response, you may file a complaint with the Office of the Privacy Commissioner of Canada.

For Quebec Residents

If you are a resident of Quebec, the Act Respecting the Protection of Personal Information in the Private Sector applies to our processing of your personal information. You have additional rights under Quebec law, including the right to de-indexation and the right to data portability in a commonly used technological format. In the event of a confidentiality incident posing a risk of serious injury, we will notify the Commission d'accès à l'information du Québec and affected individuals as required by law.

For European Residents (GDPR)

If you are located in the European Economic Area (EEA), United Kingdom, or Switzerland, the General Data Protection Regulation (GDPR) applies. In addition to the rights in Section 6, you have:

Right to restriction of processing: You may request restriction in certain circumstances, including while we verify data accuracy, if processing is unlawful but you oppose deletion, if we no longer need the data but you require it for legal claims, or while we verify our legitimate interests. While restricted, we will store your data but not process it further, and we will inform you before any restriction is lifted
Right to object: You may object to processing based on legitimate interests, including automated content moderation decisions
Right not to be subject to automated decisions: You have the right not to be subject to decisions based solely on automated processing that significantly affects you, and to request human review
Right to lodge a complaint: You may file a complaint with your local supervisory authority

When your data is transferred from the EEA to Canada, we rely on Canada's adequacy decision by the European Commission. For transfers to the United States, we use Standard Contractual Clauses (SCCs) approved by the European Commission.

If you are a consumer in the EEA, nothing in this policy affects your mandatory rights under the consumer protection laws of your country of residence.

For California Residents (CCPA/CPRA)

If you are a California resident, the California Consumer Privacy Act (CCPA) as amended by the CPRA provides you with additional rights:

Right to know: You may request the categories and specific pieces of personal information we have collected about you in the past 12 months
Right to delete: You may request deletion of your personal information, subject to certain exceptions
Right to correct: You may request correction of inaccurate personal information
Right to opt out: You have the right to opt out of the sale or sharing of your personal information. We do not sell your personal information
Right to limit use of sensitive personal information: Recovery and addiction-related data is classified as sensitive personal information under CPRA. We use this data only as necessary to provide the App's services
Non-discrimination: We will not discriminate against you for exercising any of your CCPA/CPRA rights

To submit a request, contact us at hello@getunhook.com. We will verify your identity before processing any request. We do not sell or share personal information for cross-context behavioral advertising.

13. Dispute Resolution

Any disputes arising under this Privacy Policy shall be resolved in accordance with Section 17 (Dispute Resolution) of our Terms and Conditions.

14. Governing Law

This Privacy Policy is governed by the laws of the Province of Ontario and the federal laws of Canada applicable therein, including PIPEDA. Any disputes related to this policy shall be subject to the exclusive jurisdiction of the courts of the Province of Ontario, Canada. If any provision conflicts with mandatory laws in your jurisdiction, those mandatory laws prevail to the extent of the conflict.

15. Entire Agreement

This Privacy Policy, together with our Terms and Conditions and Subscription Terms, constitutes the entire agreement between you and Lexom Inc. regarding your use of the App, as further described in Section 21 of the Terms and Conditions.

16. Updates to This Privacy Policy

We may update this policy to reflect app changes or legal requirements. Material changes will be communicated through the App, via email, or other reasonable means. Continued use of the App after changes take effect constitutes your acceptance of the updated policy.

17. Contact Information

Our designated Privacy Officer can be reached at privacy@getunhook.com.

For privacy-related inquiries, data requests, or complaints: hello@getunhook.com