Privacy Policy

1. Who We Are

HOA-OS (“we,” “us,” or “our”) is a software-as-a-service platform that helps homeowners association board members manage their communities. This Privacy Policy describes how we collect, use, and share information when you use our website, dashboard, community websites, and related services (collectively, the “Service”).

2. Information We Collect

Account Information

When you create an account, we collect your name, email address, and the homeowners association you belong to. Board administrators may also provide unit addresses, phone numbers, and member rosters on behalf of their community.

Payment Information

We use Stripe to process subscription payments and HOA dues. Payment card details are collected and stored by Stripe — we never store full card numbers, CVVs, or bank account numbers on our servers.

Usage Data

We collect information about how you interact with the Service, including pages visited, features used, IP addresses, browser type, and device information. We use this data to improve performance, fix bugs, and understand how our features are used.

Community Content

Content you or your board creates — newsletters, documents, forms, violation records, financial data, and community website pages — is stored securely and associated with your organization.

AI Interactions

When you use our AI-powered features (assistant, newsletter generation, budget generation, board packets), your prompts, inputs, and the AI’s responses are logged. We use this data to improve our AI features, monitor for abuse, and ensure quality. AI interactions are processed by our third-party AI provider (Anthropic) subject to their data processing terms.

3. How We Use Your Information

We use the information we collect to:

• Provide, maintain, and improve the Service
• Process payments and manage subscriptions
• Send transactional emails (receipts, reminders, notifications)
• Deliver newsletters and community communications on behalf of your HOA
• Improve our AI features using aggregated and anonymized interaction data
• Monitor for security threats, abuse, and terms violations
• Respond to support requests and contact form submissions
• Comply with legal obligations

4. What We Do NOT Do

• We do not sell your personal information. We will never sell, rent, or trade your data to third parties for their marketing purposes.
• We do not use your data for advertising. We do not serve ads or share your information with ad networks.
• We do not share your community’s financial data. Your HOA’s ledger entries, payment records, and financial reports are strictly confidential to your organization.

5. Information Sharing

We share information only in these limited circumstances:

• Within your HOA: Members of the same organization can see shared content (newsletters, documents, directory) as permitted by their role and your board’s settings.
• Service providers: We use trusted third-party services to operate the platform, including Supabase (database and authentication), Stripe (payments), Resend (email delivery), Anthropic (AI), and Vercel (hosting). These providers access your data only to perform services on our behalf.
• Legal requirements: We may disclose information if required by law, regulation, legal process, or governmental request.

6. Data Security

We implement industry-standard security measures including encryption in transit (TLS), row-level database security ensuring one HOA cannot access another’s data, secure authentication with session management, rate limiting on all public endpoints, and audit logging of sensitive operations. While no system is 100% secure, we take reasonable measures to protect your information.

7. Data Retention

We retain your account data for as long as your account is active or as needed to provide the Service. If you or your board administrator deletes your organization, we will remove your data within 30 days, except where retention is required by law. Activity logs are automatically purged after 90 days.

8. Your Rights

You may:

• Access and update your personal information via your profile settings
• Request a copy of your data by contacting support@hoa-os.com
• Request deletion of your account and associated data
• Unsubscribe from marketing emails at any time
• Opt out of newsletter communications using the unsubscribe link in each email

9. Cookies

We use essential cookies for authentication and session management. We do not use third-party tracking cookies or advertising cookies. Our analytics are first-party and privacy-friendly.

10. Children’s Privacy

The Service is not directed to individuals under 18. We do not knowingly collect personal information from children. If you believe a child has provided us with personal information, please contact us at support@hoa-os.com.

11. Changes to This Policy

We may update this policy from time to time. We will notify you of material changes by posting the updated policy on this page and updating the “Last updated” date. Your continued use of the Service after changes constitutes acceptance of the updated policy.

12. Contact Us

If you have questions about this Privacy Policy or our data practices, please contact us at support@hoa-os.com or visit our contact page.