PRIVACY POLICY
Hatchet Works LLC — Pinch SMS Recommendation Service
Last Updated: 4/1/26
1. Introduction
Hatchet Works LLC ("we," "us," "our") operates Pinch, an AI-powered recommendation service delivered via SMS. This Privacy Policy explains how we collect, use, store, and protect your information when you use our service.
2. Information We Collect
We collect the following information when you use Pinch:
Phone number — required to send and receive SMS messages. Message content — the questions you send and the recommendations we provide. Timestamps — when messages are sent and received, including consent timestamp. Device metadata — carrier type (mobile vs VoIP) for rate limiting and fraud prevention. Location — only if you voluntarily provide it via the LOC command for local recommendations.
We do NOT collect: your name, email address, browsing history, contacts, purchase history from other platforms, or any information beyond what you text to us.
3. How We Use Your Information
We use your information to:
Provide the Pinch recommendation service — processing your questions and generating responses. Improve the service — analyzing query patterns and response quality using anonymized and aggregated data. Prevent abuse — rate limiting, fraud detection, and enforcement of our Terms of Service. Comply with legal obligations — responding to lawful requests from law enforcement.
We do NOT use your information to: sell to third parties, build advertising profiles, target you with ads, or share with marketing partners.
4. Third-Party Data Processing
Pinch uses the following third-party services to operate:
Anthropic — processes your query through their Claude AI model to generate recommendations. Anthropic's API terms state that API inputs and outputs are not used for model training and are not retained beyond 30 days. Twilio — delivers SMS messages between you and Pinch. Message Redaction is enabled, which strips message bodies from Twilio's logs after delivery. Twilio retains metadata (phone numbers, timestamps) per their data retention policies. Cloud Hosting Provider — hosts the Pinch application and database. Data is encrypted at rest and in transit via the hosting provider's infrastructure.
These services process your data solely to provide the Pinch service and are bound by their own privacy policies and data processing agreements.
5. Data Retention
Your phone number and query history are retained for as long as your account exists. If you text DELETE and confirm with DELETE CONFIRM, all data associated with your phone number is permanently deleted from our systems, including all queries, preferences, and user records. After deletion, if you text again, you will be treated as a new user with no history. Anonymized, aggregated analytics data (which cannot be linked back to any individual) may be retained indefinitely for service improvement.
6. COPPA Compliance — Children Under 13
Pinch is not intended for users under 13 years of age. If we detect through message content that a user may be under 13, we will: immediately cease all communications with that user, permanently delete all data associated with that phone number (queries, user record, rate limiting data), and add the phone number to a suppression list to prevent future interactions. Data deletion occurs immediately upon detection, not on a delayed schedule. This exceeds COPPA's requirement of deletion within a reasonable time. If you believe a child under 13 has used Pinch, contact us at support@hatchetworks.io and we will delete their data immediately.
7. Data Security
We implement the following security measures: input sanitization and prompt injection detection, rate limiting per user and globally, Twilio signature validation on all incoming webhooks, database encryption at rest via hosting provider, HTTPS encryption for all data in transit, and admin endpoints protected by authentication.
No system is perfectly secure. While we take reasonable measures to protect your data, we cannot guarantee absolute security.
8. Your Rights
You have the right to:
Access — text HELP to learn about the service and your options. Delete — text DELETE then DELETE CONFIRM to permanently erase all your data. Opt out — text STOP to cease all messages immediately. Data portability — contact support@hatchetworks.io to request a copy of your stored data.
9. What We Never Do
We never sell your phone number, query history, or any personal data to third parties. We never share your data with advertisers, data brokers, or marketing partners. We never use your data to build advertising profiles or target you with ads. We never train AI models on your individual conversations. We never text you first — all communications are initiated by you.
10. Affiliate Links
Some recommendations may include affiliate links. When you purchase through an affiliate link, we may earn a small commission at no cost to you. Affiliate relationships never influence which products are recommended. The AI generates recommendations independently before any affiliate links are applied. For details, see our Affiliate Disclosure.
11. Changes to This Policy
We may update this Privacy Policy from time to time. Material changes will be communicated via SMS or posted on our website at hatchetworks.io. Continued use of the service after changes constitutes acceptance of the updated policy.
12. Contact Us
Hatchet Works LLC Email: support@hatchetworks.io Admin: admin@hatchetworks.io