Privacy Policy

1. Introduction

HOA Haven, Inc. ("we," "us," or "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our HOA management software platform ("the Service").

Please read this Privacy Policy carefully. If you do not agree with the terms of this Privacy Policy, please do not access the Service.

2. Information We Collect

2.1 Information You Provide

We collect information that you voluntarily provide when using our Service:

• Account Information: Name, email address, password, phone number
• HOA Information: HOA name, address, unit count, property details
• Member Information: Property addresses, unit numbers, role within HOA
• Payment Information: Billing address, payment method details (processed securely by Stripe)
• Communication Data: Violation reports, architectural requests, messages, uploaded documents and photos

2.2 Information Collected Automatically

When you access the Service, we automatically collect:

• Log Data: IP address, browser type, device information, operating system
• Usage Data: Pages viewed, features used, time spent on pages, click patterns
• Cookies and Tracking: Session data, preferences, authentication tokens

2.3 Information from Third Parties

• OAuth Providers: If you sign in with Google, we receive your name, email, and profile photo
• Stripe: Payment processing data and transaction records
• Anthropic (Claude AI): AI analysis results for violation photos and document generation

3. How We Use Your Information

We use the information we collect for the following purposes:

• Provide the Service: Create and manage your account, enable HOA management features
• Process Payments: Handle dues collection, fines, and subscription billing
• AI Features: Analyze violation photos, generate violation letters, provide intelligent suggestions
• Communications: Send transactional emails, notifications, and service updates
• Improve the Service: Analyze usage patterns, fix bugs, develop new features
• Security: Detect fraud, prevent abuse, ensure platform security
• Legal Compliance: Comply with legal obligations and enforce our Terms of Service

4. How We Share Your Information

We may share your information in the following circumstances:

4.1 Within Your HOA

Information you submit (violations, architectural requests, payments) is shared with other members of your HOA according to their role and permissions. Board members have access to more information than general residents.

4.2 Service Providers

We share data with third-party service providers who help us operate the Service:

• Supabase: Database hosting and authentication
• Stripe: Payment processing and subscription management
• Anthropic: AI-powered features (Claude AI)
• Resend: Transactional email delivery
• Vercel: Application hosting and deployment

These providers are contractually obligated to protect your data and use it only for the services they provide to us.

4.3 Legal Requirements

We may disclose your information if required by law, court order, or government request, or to protect our rights, property, or safety.

4.4 Business Transfers

If HOA Haven is involved in a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction.

5. Data Security

We implement industry-standard security measures to protect your information:

• Encryption: All data is encrypted in transit (TLS/SSL) and at rest
• Authentication: Secure password hashing and optional OAuth authentication
• Access Control: Role-based permissions and row-level security
• Payment Security: PCI-compliant payment processing through Stripe
• Infrastructure: Secure cloud hosting with regular backups
• Monitoring: Continuous security monitoring and incident response

However, no method of transmission over the Internet is 100% secure. While we strive to protect your information, we cannot guarantee absolute security.

6. Data Retention

We retain your information for as long as necessary to:

• Provide the Service to you
• Comply with legal obligations (e.g., tax records, transaction history)
• Resolve disputes and enforce our agreements

When you delete your account, we will delete or anonymize your personal information within 90 days, except where we are legally required to retain it.

7. Your Privacy Rights

Depending on your location, you may have the following rights:

7.1 Access and Portability

You can access and export your data at any time through your account settings.

7.2 Correction

You can update your account information and HOA details through the Service.

7.3 Deletion

You can delete your account through account settings or by contacting us. Note that some information may be retained for legal compliance.

7.4 Opt-Out

You can opt out of marketing communications by clicking "unsubscribe" in emails or updating your notification preferences.

7.5 Additional Rights (GDPR, CCPA)

If you are located in the European Union or California, you have additional rights:

• Right to object to processing
• Right to restrict processing
• Right to data portability
• Right to know what information we collect and how we use it
• Right to non-discrimination for exercising privacy rights

To exercise these rights, contact us at privacy@hoahaven.app.

8. Cookies and Tracking Technologies

We use cookies and similar tracking technologies to:

• Essential Cookies: Required for authentication and core functionality
• Analytics Cookies: Help us understand how users interact with the Service
• Preference Cookies: Remember your settings and preferences

You can control cookies through your browser settings. Disabling essential cookies may affect the functionality of the Service.

9. Children's Privacy

The Service is not intended for children under 13 years of age. We do not knowingly collect personal information from children. If you believe we have collected information from a child, please contact us immediately and we will delete it.

10. International Data Transfers

Your information may be transferred to and processed in the United States or other countries where our service providers operate. These countries may have different data protection laws than your country of residence.

By using the Service, you consent to the transfer of your information to these countries. We ensure appropriate safeguards are in place to protect your data.

11. Third-Party Links

The Service may contain links to third-party websites or services. We are not responsible for the privacy practices of these third parties. We encourage you to review their privacy policies.

12. AI and Data Processing

We use Claude AI (by Anthropic) to provide intelligent features:

• Analyzing violation photos to identify issues
• Generating violation letters with customizable tone
• Suggesting violation types and severity levels

When you use AI features, your photos and data are sent to Anthropic for processing. Anthropic's privacy policy and data retention practices apply to this processing. We only send the minimum data necessary for the AI feature to function.

13. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by:

• Posting the new Privacy Policy on this page
• Updating the "Last updated" date
• Sending an email notification for significant changes

Your continued use of the Service after changes become effective constitutes acceptance of the revised Privacy Policy.

14. Contact Us

If you have questions or concerns about this Privacy Policy or our data practices, please contact us: