Join the HOA-OS Beta, and receive 6 Months of Free Premium for your community.Apply
HOA-OS

Privacy Policy

Last updated: May 29, 2026

1. Who We Are

HOA-OS (“we,” “us,” or “our”) is a software-as-a-service platform that helps homeowners association board members manage their communities. This Privacy Policy describes how we collect, use, and share information when you use our website, dashboard, community websites, and related services (collectively, the “Service”).

2. Information We Collect

Account Information

When you create an account, we collect your name, email address, and the homeowners association you belong to. Board administrators may also provide unit addresses, phone numbers, and member rosters on behalf of their community.

Payment Information

We use Stripe to process subscription payments and HOA dues. Payment card details are collected and stored by Stripe — we never store full card numbers, CVVs, or bank account numbers on our servers.

Bank Account and Transaction Information (via Plaid)

Board administrators may optionally connect their HOA’s bank accounts to HOA-OS using Plaid, our financial-data partner. When you do, Plaid acts on your behalf to retrieve information from your financial institution and share it with us. Specifically, we may receive: the financial institution name, account name, account type and subtype, the last four digits of the account number, current and available balances, and transaction history (date, amount, description, merchant, and category) for the connected accounts. We use this information solely for bank reconciliation, financial reporting, and budgeting features within HOA-OS — never to initiate payments, and never to share with third parties for marketing.

By using HOA-OS to connect a bank account, you authorize Plaid to access and transmit your financial information as described in Plaid’s End User Privacy Policy. You may disconnect a bank account at any time from the Bank Accounts page in your dashboard. When you disconnect, we revoke Plaid’s access immediately and permanently delete the associated bank data from our live systems within 24 hours and from all backups within 30 days.

Plaid access tokens (the credentials Plaid issues to us so we can retrieve transactions on your behalf) are stored encrypted in a dedicated secrets vault. They are never logged, never returned to client devices, and never shared with any party other than Plaid.

Usage Data

We collect information about how you interact with the Service, including pages visited, features used, IP addresses, browser type, and device information. We use this data to improve performance, fix bugs, and understand how our features are used.

Community Content

Content you or your board creates — newsletters, documents, forms, violation records, financial data, and community website pages — is stored securely and associated with your organization.

AI Interactions

When you use our AI-powered features (assistant, newsletter generation, budget generation, board packets), your prompts, inputs, and the AI’s responses are logged. Personally identifiable information is automatically stripped from form submissions and violation responses before being sent to AI models. We use this data to improve our AI features, monitor for abuse, and ensure quality. AI interactions are processed by our third-party AI provider (Anthropic) subject to their data processing terms.

3. How We Use Your Information

We use the information we collect to:

  • Provide, maintain, and improve the Service
  • Process payments and manage subscriptions
  • Reconcile bank transactions against ledger entries (when you choose to connect a bank account via Plaid)
  • Send transactional emails (receipts, reminders, notifications)
  • Deliver newsletters and community communications on behalf of your HOA
  • Improve our AI features using aggregated and anonymized interaction data
  • Monitor for security threats, abuse, and terms violations
  • Respond to support requests and contact form submissions
  • Comply with legal obligations

4. What We Do NOT Do

  • We do not sell your personal information. We will never sell, rent, or trade your data to third parties for their marketing purposes.
  • We do not target ads inside HOA-OS, and we do not use customer or community data for advertising. The authenticated dashboard, admin tools, and tenant-facing community websites are ad-free. We do not share dashboard activity, member rosters, financial data, or community content with any ad network. We do measure the effectiveness of our own marketing using a Meta (Facebook) Pixel on our public marketing pages, on the post-checkout success page, and on the interactive product demo (a read-only, anonymous demo dashboard) — see §11 below for full details and how to opt out.
  • We do not share your community’s financial data. Your HOA’s ledger entries, payment records, bank transactions, and financial reports are strictly confidential to your organization.
  • We do not initiate payments from connected bank accounts. Bank connections via Plaid are read-only. We cannot move money from any account you connect.

5. Information Sharing — Sub-Processors

We share information only with vetted sub-processors who help us operate the Service. Each is contractually bound to confidentiality and security commitments at least as strict as those in this policy. To reduce attacker reconnaissance surface, the public list below names only the vendors users have a direct relationship with or whose involvement requires informed consent; the remaining operational sub-processors are listed by category, with the full named list available at the linked page.

Named sub-processors

Vendors with which users have a direct or consent-requiring relationship.

  • Stripe — Subscription billing and HOA dues processing. PCI DSS Level 1, SOC 2.
  • Plaid — Optional bank account linking and read-only transaction sync (only when an admin elects to connect). SOC 2 Type II, ISO 27001.
  • Anthropic — AI inference for assistant, newsletter, and budgeting features. SOC 2 Type II.
  • Meta Platforms — Advertising measurement (Meta Pixel) on public marketing pages, the post-checkout confirmation pages, and the interactive product demo. See §11 for full details and opt-out. SOC 2 Type II, ISO 27001.

Other sub-processor categories

Vendors operating as CPRA “service providers” — they process consumer data only to perform the operational service we contract them for, never for advertising, analytics, or any independent purpose.

  • Cloud hosting, edge networking, and DNS protection
  • Managed Postgres database, authentication, file storage, and encrypted secrets vault
  • Transactional and newsletter email delivery
  • SMS notification delivery (opt-in)
  • Physical mail delivery for violation notices and statements (opt-in)
  • Error monitoring (with PII scrubbing before transmission)
  • Vector search embedding generation
  • Stock photography for community websites (search queries only; no customer data)
  • Rate-limiting infrastructure (IP addresses and request counters only)

A complete named sub-processor list, including the data category handled by each vendor and their region of operation, is available at /legal/sub-processors for security and compliance review.

We share information within your HOA according to the role permissions your board configures. We may also disclose information when required by law, regulation, legal process, or governmental request.

6. SMS and Text Messaging

By providing your mobile phone number during signup or in your account’s notification preferences, you consent to receive SMS messages from HOA-OS on behalf of your community for the transactional purposes described below. This section governs how SMS data is collected, used, and handled, in addition to the general terms in §5.

Message types you may receive

  • Payment reminders for HOA dues and assessments
  • Violation notices and architectural-review updates
  • Community announcements and event reminders
  • Emergency broadcasts (e.g., water outages, storm alerts, evacuation notices)
  • Account-security alerts (e.g., sign-in from a new device, password changes)

Message frequency

Message frequency varies based on your community’s activity and the notification categories you have enabled. You can change which categories of message you receive at any time from your account’s Notification Preferences.

Carrier rates

Msg & data rates may apply. Standard message and data rates from your wireless carrier may apply to messages sent to or received from HOA-OS. Wireless carriers are not liable for delayed or undelivered messages.

How to opt out

Reply STOP to any SMS message from HOA-OS to opt out of all future SMS messages from us. After replying STOP you will receive one confirmation message and no further texts. To resume messages later, reply START. For assistance, reply HELP or contact support@hoa-os.com.

Use of your mobile number

Your mobile phone number will never be sold, rented, or shared with any third party for marketing or promotional purposes. We share your number only with Twilio, our SMS delivery sub-processor (see §5), as necessary to deliver the messages you have opted into. Your number is not used to place outbound marketing calls.

7. Data Security

We implement industry-standard security measures including:

  • Encryption in transit using TLS 1.2 or better on all endpoints
  • Encryption at rest for all customer data stored in our database, file storage, and secrets vault (AES-256)
  • Row-level database security ensuring one HOA cannot access another’s data
  • Secure authentication with HTTP-only session cookies and optional multi-factor authentication
  • Encrypted, vault-stored Plaid access tokens with managed key rotation
  • Rate limiting on all public endpoints
  • Audit logging of sensitive operations
  • Continuous dependency vulnerability monitoring and timely patching

While no system is 100% secure, we take reasonable measures to protect your information. For full details on our security program, see our Information Security Policy, available on request to support@hoa-os.com.

8. Data Retention and Deletion

We retain your account data for as long as your account is active or as needed to provide the Service.

  • On organization termination: we retain your data for 30 days to allow export, then permanently delete it, except where retention is required by law.
  • Bank connection data (Plaid): deleted from our live systems within 24 hours of disconnection and from all backups within 30 days. Plaid’s revocation is immediate.
  • Audit logs: retained for up to 7 years to support regulatory and legal hold obligations.
  • Activity logs: automatically purged after 90 days.
  • Backups: retained for 30 days under Supabase’s managed backup service.

We review this retention policy at least annually and update it as necessary to comply with applicable data privacy laws.

9. Your Rights

Depending on where you live, you may have additional rights under laws such as the California Consumer Privacy Act (CCPA). All users may:

  • Access and update your personal information via your profile settings
  • Request a copy of your data by emailing support@hoa-os.com
  • Request deletion of your account and associated data
  • Disconnect any linked bank account at any time, which triggers immediate data deletion
  • Unsubscribe from marketing emails at any time
  • Opt out of newsletter communications using the unsubscribe link in each email
  • California residents may request, twice per twelve-month period, that we disclose the categories and specific pieces of personal information we have collected about them, and may request deletion subject to limited exceptions. We will not discriminate against you for exercising these rights.
  • California residents — Do Not Sell or Share My Personal Information. We do not sell personal information for money. The Meta Pixel described in §11 may constitute “sharing” under the California Privacy Rights Act (CPRA) because it transmits page-view and conversion events to Meta for cross-context behavioral advertising attribution. You may opt out of this sharing at any time by (a) following the browser-level and Meta-account opt-out steps in §11, or (b) emailing support@hoa-os.com with the subject “Do Not Sell or Share — California”. We will honor your request within 15 business days and confirm by reply.
  • Global Privacy Control (GPC). We honor the GPC signal as a request to opt out of the sale and sharing of personal information (California Privacy Rights Act) and as an opt-out of targeted advertising (Colorado UOOM, Connecticut CTDPA, Texas Data Privacy and Security Act). When your browser sends the Sec-GPC: 1 header or sets window.navigator.globalPrivacyControl, the Meta Pixel described in §11 does not load and our first-party analytics beacon (also described in §11) is not sent. No action is required on your part beyond enabling GPC in your browser (Firefox supports it natively; Brave, DuckDuckGo, and several Chrome extensions also send the signal).
  • Plaid-specific rights: you may also exercise rights directly through Plaid’s privacy portal at my.plaid.com, including viewing and revoking which apps have access to your financial data.

To exercise any of these rights, contact us at support@hoa-os.com. We will respond within 45 days, with a possible 45-day extension on notice.

10. Cookies

HOA-OS uses two categories of cookies and similar technologies:

  • Essential — authentication, session management, CSRF protection, and security headers. These are required for the Service to function and cannot be disabled.
  • Marketing measurement — the Meta (Facebook) Pixel sets cookies on our public marketing pages, briefly on the post-checkout confirmation pages, and on the interactive product demo (a read-only, anonymous demo dashboard) so we can measure demo engagement and attribute completed sign-ups to our advertising. See §11 for full details and opt-out options. The Pixel is not loaded anywhere else inside the authenticated HOA-OS application — not on the dashboard home, member management, financial records, admin tools, or community-facing tenant websites. The Pixel is automatically suppressed when your browser sends a Global Privacy Control (GPC) signal — see §9 for details.

Our in-app analytics (Vercel Analytics and Speed Insights) are first-party, cookieless, and IP-anonymized. Our own first-party website analytics (described in §11) are likewise cookieless — they set no cookies of any kind.

11. Advertising and Analytics

We use the Meta Pixel from Meta Platforms, Inc. (Facebook / Instagram) to measure the effectiveness of our advertising on Meta platforms and to understand which marketing pages lead to sign-ups. The Meta Pixel is loaded on the public marketing pages of hoa-os.com (such as the homepage, pricing, blog, contact, and beta-program pages), briefly on the post-checkout confirmation pages (specifically: the Stripe-success landings for new subscriptions, plan upgrades, and sponsor checkouts) so we can attribute the completed conversion to our advertising, and on the interactive product demo (the read-only demo dashboard reachable from the site) to measure demo engagement and ad effectiveness. Apart from those specific pages, the Pixel is not loaded anywhere else inside the authenticated HOA-OS dashboard, the admin tools, or the community-facing tenant websites we host. It also never fires for signed-in HOA-OS staff (super administrators) or for any non-production environment (dev / preview).

Interactive product demo

The interactive product demo is a publicly accessible, read-only experience that lets prospective customers explore HOA-OS features without creating an account. Demo visitors are anonymous — no account is created, no personal information is entered, and all write operations are disabled. Because demo visitors are anonymous prospects (not HOA members), the events the Pixel and Conversions API report for the demo carry only the standard signals any web visitor generates: the page URL, interaction type, and the hashed identifiers Meta derives from its own cookies and browser fingerprinting — never HOA member data, rosters, or any community content. The same opt-out methods described in this section apply to the demo, and the Pixel is suppressed when your browser sends a Global Privacy Control (GPC) signal (see §9).

What we send to Meta

  • Page views on the marketing pages listed above.
  • Lead events when you successfully submit the contact form or the beta-program interest form. We pass only a generic form-type label (e.g., contact_formor beta_signup) — we do not pass your name, email, or message text.
  • Subscribe events when a Stripe Checkout completes successfully, optionally with the monthly subscription value in USD. We do not pass your email, name, or any identifying information.

What we do not send

We never send your account email, full name, mobile number, address, HOA membership, payment-card details, bank-account information, or any community content (newsletters, member rosters, ledger entries, violation records, documents) to Meta or any other advertising platform.

How to opt out

  • Manage your Meta advertising preferences in your Facebook Ad Preferences.
  • Block the Pixel entirely with browser tracking-prevention features (Safari ITP, Firefox Enhanced Tracking Protection), an ad blocker, or the official Meta Pixel Helper browser extension.
  • Read more about how Meta processes pixel data in Meta’s Data Policy.

California residents may also use the rights described in §9 to request the categories of personal information we have collected, including any marketing-measurement data.

Meta Conversions API (server-side reporting)

In addition to the browser-based Meta Pixel, we send the same event reports to Meta server-side through their Conversions API. The information transmitted matches the Pixel in scope — the page URL, your IP address, browser type, our Meta advertising cookies when present, and (when known from a form submission or signed-in session) your email address, which is hashed before it leaves our servers. Server-side reporting is suppressed for visitors who send a Global Privacy Control signal, exactly as the browser Pixel is.

First-party website analytics

HOA-OS operates its own privacy-friendly, cookieless website analytics on public marketing pages to understand aggregate traffic and how visitors reach us. This system uses no cookies and no cross-site tracking. It does not store your IP address or browser user-agent — instead, it computes a daily-rotating, non-reversible identifier (a one-way hash of the day, IP address, user-agent, and a server-held secret) used only to count unique visitors within a single calendar day. Once the day ends the raw inputs are discarded and the identifier cannot be reversed or linked to you.

The data collected is coarse and non-identifying: the page visited, the referring site’s hostname, any UTM campaign tags present in the URL, your approximate country (derived from a Vercel edge header, not from IP geolocation we perform), device type (desktop / mobile / tablet), browser family, and an event type with a timestamp (a page view, or — on the contact, beta-interest, and sponsor pages — a form submission or sign-up, recorded as an aggregate count, never with the form’s contents). This data stays entirely within HOA-OS infrastructure and is never shared with any third party or used for advertising. It is not collected from signed-in HOA-OS administrators. Raw event records are automatically deleted after 90 days; only aggregate daily totals are retained beyond that. Because the analytics are first-party and processed in-house, they add no new sub-processor (see §5).

This first-party analytics beacon also honors the Global Privacy Control (GPC) signal — no beacon is sent when your browser sets Sec-GPC: 1 or window.navigator.globalPrivacyControl. See §9 for details.

12. Children’s Privacy

The Service is not directed to individuals under 18. We do not knowingly collect personal information from children. If you believe a child has provided us with personal information, please contact us at support@hoa-os.com.

13. International Users

HOA-OS is operated from the United States, and our infrastructure is hosted in the United States. If you access the Service from outside the United States, you understand that your information will be transferred to and processed in the United States, where data-protection laws may differ from those of your jurisdiction.

14. Changes to This Policy

We may update this policy from time to time. We will notify you of material changes by posting the updated policy on this page and updating the “Last updated” date. For material changes affecting how we collect or share data, we will also send an email notice to active organization administrators. Your continued use of the Service after changes constitutes acceptance of the updated policy.

15. Contact Us

If you have questions about this Privacy Policy or our data practices, please contact us at support@hoa-os.com or visit our contact page.

16. Related Notices

  • Surveys privacy notice — how anonymous-mode and identified-mode responses are collected, stored, and shared.