Safety & Community Guidelines

Our approach: allow by default, act on report

Like most major platforms, we don’t pre-screen and block your posts. Most content is allowed to post and stays up.When something crosses a line, we act on it after it’s reported — by another member or by our team. The one exception is illegal or imminently dangerous content, which we may remove and escalate immediately without waiting for a report.

If we remove one of your posts, we’ll normally tell you whyin a notification, and you can reply to it to appeal. We’d rather explain than leave you guessing.

What’s welcome here 💚

• Confessions, venting, dark thoughts, and things you’ve never told anyone
• Talking openly about mental health, sadness, and struggling — including suicidal feelings
• Seeking and giving peer support; unpopular opinions; dark humour; messy, complicated feelings
• Disagreement and debate, as long as it’s aimed at ideas, not at hurting people
• Respectful discussion, review, and sharing of religious works — including the Quran and the Bible — anywhere on Huni, not just Bookworms
• Sharing about pregnancy — including teen, unplanned, or uncertain pregnancy — and asking for support or advice

Pregnancy & teen pregnancy 🤍

Pregnancy can bring up a lot — joy, fear, uncertainty, or all of it at once. Whatever you’re carrying, you’re welcome to share it here. Posts about pregnancy, including teen or unplanned pregnancy, are supported, not judged. This is a safe, non-judgmental space to be honest about how you’re feeling and to ask for support.

You don’t have to have it figured out. Confidential help and health services exist wherever you are — a doctor, a clinic, a counsellor, or a trusted adult can talk things through with you privately. If you’re a teen and that feels scary, you’re still allowed to ask for help; reaching out early is exactly what help is for.

Please look after each other’s privacy too: share your ownstory, and don’t expose someone else’s pregnancy or private details without their consent.

Safety Center — what we scan, and how reports work

We try to be honest about exactly how safety works here, so nothing on this page is a vague promise. Every protection we describe is a real, shipped mechanism — we’d rather under-claim than tell you we do something we don’t.

What we scan for

New posts and comments pass through an automated scanner the moment they’re submitted. It looks for a fixed set of serious patterns and sorts them into three buckets:

• Illegal / imminent harm— child sexual content & grooming, human trafficking, terrorism planning, credible imminent threats of violence, selling drugs, selling weapons, and solicitation of commercial sex. This is the only bucket we remove automatically at post time, and we escalate it to a human (and, where required, to authorities) straight away.
• Distress & self-harm— suicidal ideation and signs of crisis. We never remove or punish this for being a cry for help. Instead we surface crisis resources and route it to Huni Haven.
• Everything else we watch for— doxxing, swatting threats, stalking, targeted harassment, predatory advances, blackmail/sextortion, hate, and scams. These are notauto-deleted; they stay up and are actioned only when reported, with the scanner’s context attached so a reviewer can act fast.

Scanner calibration — fewer false alarms, clearer rejections

We’ve tuned the scanner to be more lenient with borderline matches. Medium-confidence flags no longer quietly archive your post— instead they sit in a real moderation queue for a person to look at, so a turn of phrase that pattern-matches a serious topic doesn’t disappear on you. Posts that genuinely show signs of self-harm or distress still route to Huni Haven exactly as before.

If a post you wrote does get flagged and you try to submit the same content again, we’ll stop it at submit time and show you a small explanation — which categories tripped the scanner, and when it was flagged before— so you can edit and try again instead of wondering what went wrong. Rewording the post or changing what you’re sharing is usually all it takes.

Report categories & the P0 fast-track

When you report something, you can tell us what kind of harm it is. The most dangerous categories — doxxing, swatting threats, non-consensual intimate imagery (NCII), and threats of violence— are treated as P0: the reported post is immediately hidden from public view (reversibly)while every moderator is paged to review it right away. Stalking, impersonation, and harassment are P1; spam and other reports are P2. A P0 hide is never a hard delete — the author and our team can still see it, and we restore anything reported in error.

Identity resolution — the standard we hold ourselves to

HuniWhisp is anonymous by design. We will only move to connect content to a real person in three narrow situations: an imminent threat to life, child sexual abuse material, or a lawful legal compulsion (a valid court order or subpoena). We do not de-anonymise users for ordinary rule-breaking, embarrassing posts, or because someone asks.

The same standard travels with your invites: your personal invite link and code never expose your identity beyond your public username— no email, no contact details, no activity history — so sharing an invite never reveals who you are or what you’ve posted.

Every claim maps to a mechanism.We learned the hard way that a safety promise with nothing behind it is worse than no promise at all. So if it’s written on this page, it exists in the product — and we publish updates here when the system changes, so you can hold us to it.

As part of that, public statistics and counts now exclude bots, our seed accounts, and staff (admins and super-admins). The numbers you see across the site reflect real members — not us padding the room. Operator profiles also stop showing public counts, so nobody mistakes a staff account for an unusually prolific user.

Uploaded photos and voice notes are automatically screened

The safety scanner doesn’t stop at text. Photos, voice notes, and audio or video clips you attach to a post pass through an automated media screenafter you post. Voice notes and clips are transcribed first, and the transcript runs through the exact same battle-tested scanner as written posts; images are checked by an automated vision system. Both paths may involve AI processing of the media itself — our Privacy Policy spells out precisely what is sent and to whom.

What it looks for

The same fixed pattern set as everywhere else: explicit and violent content, the illegal/imminent-harm bucket (child sexual content, trafficking, credible threats, drug and weapon sales), and scams. It is a safety check, not a taste check — raw, honest, messy media is exactly what HuniWhisp is for.

What happens on each outcome

• Someone struggling— a voice note that sounds like a cry for help is treated the way we treat written distress: never removed, never punished. We surface crisis resources and route it to Huni Haven so support can find it.
• Unverified-alert patterns— the media stays up but the post is de-amplified and labelled, same as flagged text.
• The severe tier only— illegal or imminently dangerous media is the one category removed automatically, with human review behind every removal and prompt restoration of false positives.
• Everything else— stays up, and is actioned only if reported, with the scan’s context attached for the reviewer.

What it never does

It never blocks or delays your post while scanning— publishing is instant, and the screen runs quietly in the background afterwards. A screening failure never punishes you or removes anything. And no human looks at media that screens clear: a person only ever sees what the system flags or another member reports.

Direct messages — the safety scanner runs here too

Direct messages used to be checked only for dangerous links. Now the full safety scanner— the same one we run on posts and comments — runs on every direct message you send. It looks for the same serious pattern set: selling drugs, selling weapons, commercial-sex solicitation, human trafficking, credible threats of violence, signs of self-harm or distress, and predatory advances aimed at minors.

The scan is best-effort and runs in the background— it never blocks you from sending, and it never gets in the way of a normal conversation. To keep your encrypted-at-rest copy safe, the scanner reads the plaintext message beforeit's encrypted for storage. The plaintext is not retained; only the verdict is. The scanner does not pull benign chit-chat into anything — it triggers only on the fixed pattern set, the same way it does on posts.

Sensitive-info notifications — sender and receiver both get told

When a direct message trips a sensitive-informationcategory — for example someone shares a home address, full name + workplace, phone number tied to a real person, or moves into doxxing, swatting risk, blackmail, or a predatory advance — we send a quick warning to both sides of the conversation.

• The sendergets a notification explaining why sharing that content is risky — for example that the message could be screenshotted and forwarded — and that the message has been flagged for our team to review.
• The receiver sees a warning banner above the message bubble so they know to read carefully and not share their own personal info in reply.

The message itself isn’t deleted — both people see exactly what was sent — because the warning is the point. If you think the flag was a false alarm, you can keep talking. If you think the other person was trying to harm you, use Reportand we’ll review.

Messages from HuniWhisp admins — how to know it’s real

Sometimes our team needs to talk to the author of a post — about a report, a moderation decision, or a safety concern. Admins can open a direct conversation with the author of any post, including fully anonymous ones, and two guarantees always hold:

• Your anonymity is preserved.The conversation never shows the admin your username or profile — to them you are simply the author of that post, and nothing in the thread links back to who you are.
• The first message always carries an official notice pinned at the top, telling you it is an official message from a HuniWhisp admin about one of your posts and that your identity stays anonymous in the conversation. That notice is your verification: a genuine admin contact always opens with it.

If someone claims to be HuniWhisp staff in an ordinary message withoutthat notice, treat it as impersonation — share nothing and use Report. Our team will never ask for your password, payment details, or personal information in a conversation.

The Anonymous Admin badge — an official voice, identity still anonymous

Sometimes our team needs to say something in public — clarify a rule under a post, calm a heated thread, answer an “is this allowed?” question — without attaching a personal username. When an admin chooses Speak as Anonymous Admin while writing a post or comment, it appears as Anonymous with a small 🛡️ HuniWhisp Admin badge next to it. Here is how to read that badge:

• The badge is server-verified.Our servers attach only a yes/no “this is an admin voice” flag — never a name, never an account — and they refuse the flag from anyone who isn’t actually an admin. The badge cannot be faked by typing it.
• It’s opt-in, per post and per comment.Admins are community members too — their own personal anonymous confessions are not badged, because their personal anonymity matters as much as yours. The badge appears only when an admin deliberately chose to speak officially.
• No badge means not official.If someone merely claims to be HuniWhisp staff in plain text — in a post, a comment, or a DM without the official admin-conversation notice — treat it as impersonation: share nothing and use Report.

Typing indicators — a count, never a name

On a post’s comment section, you may see “someone is typing a comment…” when another viewer is composing one at that moment — the same live hint you know from direct messages. We want the anonymity guarantee behind it on the record: the indicator only ever shows a count. No username, no profile, no draft text — and the signal is momentary, not stored. Until someone actually presses send, nothing they typed exists anywhere.

Safety scanner that learns from review

When a moderator confirms a flagged post was genuinely dangerous — or marks one as a false alarm — that decision is captured into a small dataset we use to improve the scanner over time. The dataset records the category, a short excerpt of what was written, which pattern matched, and which of HuniWhisp’s supported languages the content was in — but never anything that re-identifies a member. The goal is fewer false alarms, fewer missed real ones, and better coverage as the platform grows into new languages.

We record this in plain language so you know it’s happening: admin reviews feed improvements to the scanner. No individual is identified; the value is in the pattern, not in the person.

Organization submissions — double-layer safety on the queue

When a verified school, club, or organization runs an anonymous-submission inbox on its HuniWhisp space, the submissions members send in pass through two safety layersbefore they can ever be published. The point is to make sure the people running the queue — usually a student officer, club lead, or community organizer — never have to wade through the worst of it.

Layer 1 — pre-publication scan, before the inbox

The same scanner that runs on every post and comment runs on every submission the moment it’s sent. If the submission hits the illegal-or-imminently-dangerous bucket — child sexual content or grooming, human trafficking, terrorism planning, credible threats of violence, selling drugs, selling weapons, or solicitation of commercial sex — the submission is refused at submit timeand never reaches the organization’s inbox. The submitter sees an explanation. The organization’s admins never see the content.

Layer 2 — the moderation assistant next to every pending submission

Submissions that pass the pre-publication scan land in the inbox with a colour-coded verdict from the moderation assistant attached:

• Green— clean approve. The scanner flagged nothing concerning. One tap publishes.
• Amber— approve with an edit. The scanner flagged something borderline (a link that needs trimming, a soft personal-info share). The assistant says exactly what it caught so the admin can fix it before publishing.
• Red— reject. The scanner caught something the admin will almost certainly want to reject (heavy harassment, doxxing, hate). The rejection reason is pre-filled with the scanner’s verdict so the admin doesn’t have to write one from scratch.
• Escalate— the assistant detected an active-threat pattern and asks the admin to escalate to HuniWhisp’s safety team instead of acting on it alone.

The organization’s admin always makes the final call. The assistant is a suggestion engine, not a gatekeeper — an admin can approve over an amber verdict, reject over a green one, or escalate at any point. Every approve, reject, and escalate decision is written to the platform’s admin audit trail with the target tagged as an organization submission, so the record is there if anyone needs to look back.

What the admin does next becomes part of how the scanner learns. Approved-with-edit notes and reject reasons feed the same safety-learning surface described above — so every careful decision an organization admin makes helps every other organization on the platform get safer pending queues over time.

Authority Evidence Vault — compile a report and lock it with keys only the right people hold

If something has happened to you or someone close to you and you want to take it to the police, a cybercrime unit, a domestic-violence agency, NCMEC, a school safety office, or a mental-health crisis service, HuniWhisp gives you a private place to compile, encrypt, and carry the evidenceto whoever needs to receive it. The Vault is a tool you control — we are not the messenger, and we never get to read what you put inside it after you lock it.

How it works

• You start a draft and pick the authority category, the recipient’s name (free text), and the jurisdiction. You can write your own narrative timeline — who, when, where, what happened — and attach images, audio, video, PDFs, or written statements as evidence.
• You pick how the bundle will be unlocked: a printable QR code, a biometrictied to your device or the recipient’s device (Touch ID, Face ID, Windows Hello via WebAuthn’s PRF extension), a passphrase, or any combination of those with a Shamir N-of-K threshold — for example “QR andbiometric required” or “2 of 3 of QR, biometric, passphrase.”
• When you tap finalize, your browser generates a random AES-256-GCM master key, encrypts every evidence file and the narrative, wraps the key with each unlock method you registered (or splits it via Shamir), and sends only the wrapped envelope to our servers. The plaintext key is wiped from memory. After finalize we do not hold, see, or have any way to recover the key.
• You can download the encrypted bundle (a .huniwhisp-reportfile) and carry it to the authority in whatever way you choose — in person, by upload to their intake portal, by courier, or via a one-time share link. The downloaded copy is yours and is not affected by our retention window.
• The recipient opens the unlock page, presents the QR / biometric / passphrase the way you agreed, and the bundle is reconstructed and decrypted entirely in their browser. Our servers serve the encrypted bytes — they never see the decrypted contents.

What we promise and what we can’t

We promise to keep the Vault server-blind after finalize, to write a tamper-evident audit log of every action taken against your report (creation, evidence added, finalize, download, unlock attempt, hand-over, expiration), and to hold a finalized report for 365 daysbefore it expires. We can’t promise that an authority will read your report, accept it as evidence in court, or act on it — that decision is theirs, and chain-of-custody and admissibility rules vary by jurisdiction. If your report is serious, please also talk to a lawyer.

What we won’t allow

The Vault is for compiling evidence for a relevant authority. It is not for compiling or distributing child sexual abuse material (please report CSAM directly to NCMEC’s CyberTipline at CyberTipline.org or 1-800-843-5678 in the US, or your local INHOPEhotline elsewhere — do not upload such material here), non-consensual intimate imagery, doxxing dossiers, blackmail material, or anything else listed in Terms §28e clause (f). We also can’t recover your report if every unlock token you registered is later lost — that’s the whole point of the design, and it’s why we tell you to keep at least one token (or a Shamir threshold combination of tokens) safe.

The full contract for the Vault lives in Terms §28e, and the proprietary-rights claim over the multi-method-unlock + Shamir-combination + server-blind design is recorded in Terms §28c clause (o).

Vault admin oversight — opt-in only, with five gates and a notification to you every time

Every finalized authority report is also archived in our admin dashboard so super-admins can investigate abuse and respond to lawful emergencies. We want to be honest about what that archive can and can’t do, because it’s a meaningful trade-off and the choice is yours to make.

The opt-in toggle at finalize

At finalize you see a single toggle: “Allow HuniWhisp admins to recover this report’s contents in an emergency.” It is off by default. If you leave it off, our admins can see only metadata about your report — status, recipient category, finalize date, evidence count, and the audit log — and have no technical path to read the contents. If you turn it on, your browser also generates an extra Shamir share of the master key and wraps it to an offlinesuper-admin keypair (the private key is not on any HuniWhisp server or database). That wrapped share is the only door into the contents from the admin side. The toggle is irreversible once you finalize — the only way to revoke admin access after the fact is to delete the report.

The five gates an admin has to clear before reading

• Super-admin role + 2FA elevationon the account — the standard admin floor.
• A separate admin-archive passphrase re-entered once per session, distinct from the login password and stored only as a salted PBKDF2-SHA256 hash.
• WebAuthn biometric step-upimmediately before any read — a Touch ID, Face ID, or hardware-key prompt with userVerification: required.
• A free-text reason for accesstyped in at open time and recorded verbatim in the access log alongside the admin’s identity, the IP-hash, and the timestamp.
• A 5-opens-per-24-hour rate cap per admin. Beyond five, the admin has to go through the force-open path, which only executes once a second super-admin with a distinct identity co-signs with their own reason.

Decryption happens in the admin’s browser, not on our servers

Even when an admin clears the five gates, the offline private key never travels to our servers. The admin pastes the offline private key into the browser, the wrapped share is unwrapped client-side, and the master key is reconstructed and the contents decrypted entirely in the admin’s browser. The server’s job is to hand over the encrypted bytes and log the access — nothing more.

You get notified every time, and peer admins see it too

Every contents-open emails you at the address on file. The email includes the date and time, the reason text the admin typed in, the super-admin tier of the accessing admin (not their username), and a link back to your report and its audit trail. In parallel, the access log is exposed to all other super-admins as a real-time peer-oversight feed— so any abuse of admin access is visible to the whole super-admin group as it happens, not just after the fact.

The full rules for the opt-in, the five gates, the force-open co-sign, and the reporter notification live in Terms §28e clauses (j)–(m), and the proprietary-rights claim covers this admin-archive layer too — see Terms §28c clause (o).

Admin-invited accounts — first-login password reset

Sometimes a member can’t self-register because of a bounced email, a regional sign-up issue, or because they need a hand getting onto the platform. A super-admin can manually create the account from the admin tools and email the new member a temporary password. As soon as that member first logs in, we force them through a password reset— they can’t use any other part of the app until they pick a new password of their own. The temporary password becomes unusable after that first reset.

This is also the same path used when an existing member contacts support locked out and needs a temporary password issued. Either way, the temporary password is single-use and the forced-reset flow keeps strangers from holding onto a working credential.

Links and videos in comments — safer to skim

Comments often carry links, and a link from a stranger is the single most common way someone gets hurt on a social platform. HuniWhisp adds a few quiet protections so a comment feed stays easy to skim without handing trust over to whoever posted last.

• Safety badge on every link.When a URL appears in a comment, we scan it at the moment it’s written and attach a small badge — safe, suspicious, or dangerous— right on the link chip. The verdict is stored with the comment so the badge is there even if you read the conversation days later. You decide whether to tap.
• Auto-linkified URLs.A bare URL in a comment turns into a tappable chip with the safety badge attached — you don’t have to copy-paste or guess where it leads. Chips carry no tracking parameters and never auto-load remote scripts.
• YouTube videos start silent. If a link points at a YouTube video, we embed the player inline but show a poster image with the sound off. A small play with soundgate stands between you and any audio — so a stranger’s video can never blast at you while you’re scrolling. There’s also a Don’t playpath that keeps the poster visible if you don’t want to load the video at all.
• Repeat scammers get paused.If a single account writes several dangerous-verdict links in a 24-hour window, we quietly flag the account for our team to review — a soft pause on a small number of repeat offenders so the rest of the community keeps seeing safer comments.

Misinformation — we inform, we don’t censor

An anonymous platform lives or dies on trust, so HuniWhisp ships a full toolkit for weighing what you read — and a firm rule behind all of it: every signal is context placed next to content, never a reason to remove it. Nothing in this toolkit deletes a post, edits an author’s words, or decides what you’re allowed to read. And none of it is HuniWhisp claiming to have fact-checked anything — community signals are labelled as community, curated signals as curated, automated signals as automated.

• Credibility voting & the consensus bar.Readers vote every eligible post Believable, Plausible, or Made Up. The post page shows the full meter and timeline; feed cards show a compact three-color consensus bar once a post has at least 5 votes, so a couple of early votes or a coordinated pile-on can’t paint a misleading picture. It’s crowd sentiment, not a verdict.
• Community notes & pinned reader context.Anyone can attach a context note (ideally with a source) and readers rate notes helpful or not. A note that earns the community’s trust is pinned directly under the post so the context travels with it — chosen entirely by reader ratings, never by staff.
• Source check on shared links.Links to outside sites can carry a small curated chip rating the publication — Reliable, Mixed, Low, Satire, or User-generated — from a hand-maintained list informed by public media-reliability research. Domains we haven’t curated show nothing: no chip means “we don’t know,” never “this is fine.”
• Proof chips on media.Authors can mark an attached photo, video, or clip as their proof — receipts for the story. The chip means “marked by the poster,” not “verified by HuniWhisp” — weigh it with everything else.
• A heads-up before sharing.If a post is flagged unverified by our safety system, or the community has voted it heavily Made Up (10+ votes, 60%+), the share sheet pauses for one tap to tell you so before the post leaves the platform. It never blocks the share — the choice is always yours.
• Unverified posts lose amplification, not their voice.When automated checks flag a fast-spreading, uncorroborated claim, the post gets a visible “unverified” badge and the feed simply stops boosting it while the community catches up. The post stays up, readable, and votable — de-amplification is the ranker’s job; deletion is nobody’s.

The full methodology — every signal, who sets it, and what it never does — is published in the Truth & Trust guide. Deliberate, coordinated manipulation of these signals (vote brigading, note spam) violates the Terms and is actioned like any other abuse.

Moderation powers — hard deletes for unambiguous spam

We want to be straight with you about one thing: for content that is clearly spam — scams, ad-spam, mass-posted junk — our moderators can permanently delete the post and everything attached to it (its reactions, comments, bookmarks, tags, and votes) without sending the author a notification. Nothing recoverable, no appeal email.

This is reserved for unambiguous spam, not for ordinary rule-breaking. Removals for harassment, hate, violations of these guidelines, and other normal moderation still come with a notification you can reply to and appeal — that part hasn’t changed. We’re telling you about the silent-delete path so you know it exists; you should never see it used on a genuine post.

Shoutouts — public recognition, same rules apply

A shoutoutis a short, public message of positive recognition you can send to a post, another member, a group, or the whole community. They show up in a “Shoutouts” rail and roll off on their own after a while. They’re meant to lift people up — so they follow exactly the same rules as everything else here.

• Shoutouts are public content and must comply with all of these community guidelines. Using a shoutout to harass, demean, spam, impersonate, or amplify abuse is not allowed and is actioned the same way as any other rule-breaking content — including strikes, suspension, or a ban under the Terms.
• Member-created shoutouts are limited to email-verified accounts, and each member can only have a few active at a time — a light cap that keeps the rail from being spammed.
• Auto-shoutouts are platform-generated, not written by a person: when a post or a reply catches fire (earns a strong reaction-based heat tag), the system can mint one automatically to celebrate it. An auto-shoutout is a signal that content is resonating — it does not imply endorsement by HuniWhisp, and like every shoutout it expires on its own.

What isn’t allowed

These are removed when reported (and some are removed automatically):

• Illegal / imminent danger (removed automatically + escalated): child sexual content or grooming, human trafficking, terrorism, credible imminent threats of violence, selling drugs, selling weapons, and solicitation of commercial sex. Talking about any of these topics in a confession, story, or diary is fine — setting up the deal itself is what’s blocked.
• Encouraging self-harm: telling, pressuring, or daring anyone to hurt or kill themselves; sharing methods, instructions, or graphic depictions of self-harm or suicide. (Expressing your own pain is always okay — this is about content aimed at harming others.)
• Violence: threats of violence, or glorifying, celebrating, or encouraging violence against anyone.
• Harassment, bullying & persecution: targeting, threatening, intimidating, or relentlessly attacking a specific person, or persecuting someone for who they are.
• Doxxing: posting private identifying information about someone without consent.
• Hate: dehumanising or inciting harm against people for who they are.
• Disrespecting religion: insulting, demoralising, mocking, or hateful content toward any religion, religious text, or believers. (Respectfully discussing or reviewing a religious work is always welcome — this is about content meant to belittle.)
• Scams, fraud, and spam.

Keeping each space true to itself

A few main categories are special spaces, so they have light guardrails to stay meaningful. Nothing is deleted — posts that don’t fit are simply moved to a regular post and labelled as such.

• Huni Diaries are ongoing personal journals. A real diary should keep going — at least 3 entries. If a diary hasn’t reached 3 entries within 14 days, it becomes a regular post.
• Aspirations & Goals track a real goal over time and should show progress. An aspiration with no progress within 14 days becomes a regular post.
• Huni Stories should be an actual story with some substance. Very short posts are published as regular posts instead.
• Huni Bookworms is strictly for books — reviews of or chats about a book or anything book-related, including religious books like the Quran or the Bible. Posts that aren’t about a book may be removed or reclassified.

If you’re struggling, you’re not alone

Posts about self-harm or distress are never removed or punished for being a cry for help.They stay in the feed and also appear in Huni Haven — an opt-in support space where people vent and support each other, with these resources pinned:

To make sure these posts are seen with the right tone, our safety scanner now automatically routes posts that show signs of self-harm or deep distress into Huni Haventhe moment they’re submitted. Nothing is removed, edited, hidden, or punished — the post stays exactly as written, the author stays the same, and it still lives on your profile. It just appears inside a supportive space rather than mixed into the general feed. Inside Haven, viewers see a Support Post banner with quick-pick supportive comment templates, so a kind, helpful reply is one tap away. If a post was routed in error, contact us and we’ll review it.

Protecting younger members

We ask every member for an age group when they join (it’s private and never shown to anyone). This lets us give younger members a safer experience — some features and personalisation are limited or turned off for under-18s, and we never target them with anything beyond the core, honest product. If you’re under 18, please also have a parent or guardian’s okay to be here.

Offline reading — encrypted, temporary, purged on reconnect

If you turn on the optional offline reading setting (off by default, in Dashboard > Settings), HuniWhisp saves a small number of recent public posts on your own device — you pick how many — so a dropped connection still leaves you something to read in a clearly marked, read-only “Saved for offline” section. Anything stored on a device is a risk to be contained, so the cache is deliberately boxed in:

• Encrypted on your device.Saved posts are encrypted at rest with AES-GCM using your browser’s own WebCrypto — they never sit on the device in readable form.
• Strictly temporary. Every cached copy hard-expires after 24 hours, even if the device stays offline the whole time. Expired copies become unreadable.
• Purged the moment you reconnect.When the device comes back online, the entire cache is deleted and replaced with a fresh copy — nothing stale or compromised lingers.
• Public posts only. Momentary Hunis (self-destructing posts), private-group posts, and direct messages are nevercached — nothing sensitive can end up on the device in the first place.

Because the setting is off by default, nothing is ever saved unless you chose it — and switching it off clears the cache.

Your region — optional, self-declared, never your exact location

HuniWhisp never collects your precise location — no GPS, no addresses, no tracking. If you want a region on your profile, you tell us yourself: an optional country (plus a state and city if you choose) you can set at signup or any time in Account › Edit Profile, and clear whenever you like. The defaults are deliberately conservative — only your country can show publicly by default, and state and city stay private until you switch them on in Account › Privacy. What other people see is enforced on our servers, not just hidden in the page.

One thing you might spot: a brief, dismissible 🌍 notice can appear if you’re on a VPN with no saved region — it simply explains that recommendations follow where your connection appears to come from. Informational only; nothing is blocked, limited, or tracked because of it.

If you’re being bullied or targeted

No one should be bullied, harassed, intimidated, or persecuted here. Threats of violence, glorifying or encouraging violence, bullying, harassment, and persecution are not allowed— they’re removed when reported, and the person responsible faces strikes, suspension, or a ban under our strike policy.

If someone is doing this to you, you don’t have to put up with it. Use Report on the post, comment, or profile, and Blockthem so they can’t reach you. You can also vent and find peer support in Huni Haven. We’re on your side.

Reporting & appeals

• See something that breaks these rules? Use the Report option on the post or comment.
• Reports are reviewed by our team; we act on what genuinely breaks the rules and dismiss the rest.
• If your post is removed, you’ll get a notification explaining why. Reply to it to appeal — mistakes happen, and we’ll restore posts we got wrong.
• Repeated or serious violations can lead to limits on your account, suspension, or a ban (see the Terms, Sections 16–17).

If something happens to a loved one 🤍

When a HuniWhisp member dies, becomes incapacitated, or is caught up in legal proceedings, the people who love them are sometimes left with questions — or with a quiet account they need help closing. We’ve built a private, careful path for family, guardians, and authorities to ask for what they need without compromising the privacy of the person behind the account.

Start a request at /legal-requests. Everything you upload is encrypted at rest, and you’ll get a private status token so you can check back on progress.

• Deceased — access: next of kin requesting the account’s content. Needs a government photo ID, a death certificate, and proof of kinship.
• Deceased — closure: close and soft-delete the account; an encrypted archive is retained per our privacy policy. Needs a government photo ID and a death certificate.
• Guardianship: a legal guardian acting on behalf of a member. Needs a government photo ID and the guardianship court order.
• Court order: a court has ordered access to specific account information. Needs a government photo ID and the court order itself.

We aim to respond within 14 days for routine requests and within 7 days for verified emergencies. Questions can go to privacy@huniwhisp.com.

Lawful requests from authorities

HuniWhisp is built on pseudonymity, and we take that seriously. We do notvolunteer user information to law enforcement, governments, or private parties absent a valid legal order or a narrow imminent-harm exception — that’s a written commitment in our Terms §7. When we do receive lawful process, we review it carefully, comply with what is legally compelled, and push back on overbroad demands.

Authorities can submit court orders, subpoenas, search warrants, and law-enforcement investigation requests through /legal-requests. Each submission requires a government photo ID and the underlying legal instrument (subpoena, warrant, court order, or credentials + agency letterhead for investigations), plus a declaration under penalty of perjury. Documents are encrypted at rest (AES-256-GCM), as is requester PII.

Standard turnaround is 14 days, up to 30 days for complex matters. Verified emergency requests involving imminent threat to life are triaged within 7 days. Direct questions to privacy@huniwhisp.com.