Privacy Policy

Last Updated: December 23, 2025

This Privacy Policy describes how HOA-Bot ("we," "us," or "our") collects, uses, shares, and protects information when you use our platform, website, and services (the "Service"). By using the Service, you agree to the collection and use of information in accordance with this Privacy Policy.

1. Information We Collect

1.1 Information You Provide Directly

Account Information

Email address
Name
Password (encrypted)
HOA or organization name
Any other information you choose to provide during account creation

Uploaded Documents

CCRs (Covenants, Conditions, and Restrictions)
Bylaws
HOA rules and regulations
Meeting minutes
Other governance documents you upload to the Service

Communications

Questions you ask the AI assistant
Feedback you provide
Support requests and correspondence with us

1.2 Information Collected Automatically

Usage Information

Pages visited and features used
Time and date of access
Duration of sessions
Actions taken within the Service

Technical Information

IP address
Browser type and version
Device type and operating system
Referring website
General location information (country/city level, derived from IP address)

Cookies and Similar Technologies

We may use cookies, web beacons, and similar tracking technologies to collect information about your use of the Service. You can control cookies through your browser settings, but disabling cookies may limit your ability to use certain features.

2. How We Use Your Information

We use the information we collect to:

2.1 Provide and Improve the Service

Process and analyze your uploaded documents
Generate AI-powered summaries and responses
Maintain and improve the functionality of the Service
Develop new features and capabilities
Personalize your experience

2.2 Communications

Send you service-related announcements and updates
Respond to your inquiries and support requests
Send you product updates and feature announcements (you may opt out of non-essential communications)

2.3 Security and Compliance

Detect, prevent, and respond to fraud, abuse, or security issues
Enforce our Terms of Service
Comply with legal obligations

2.4 Analytics and Research

Understand how users interact with the Service
Conduct research and analysis to improve our AI models and features
Generate aggregated, anonymized statistics about Service usage

3. How We Share Your Information

We do not sell your personal information. We may share your information in the following limited circumstances:

3.1 Service Providers and Third-Party Partners

We work with third-party service providers to deliver the Service. These providers may have access to your information only to perform specific tasks on our behalf and are obligated to protect your information. Current and potential third-party providers include:

AI Model Providers

OpenRouter, Anthropic (Claude API), or other AI service providers
Used to process document analysis and generate responses to your questions

Infrastructure and Hosting Providers

Digital Ocean or other cloud hosting services
Used to store and process your data

Other Service Providers

Email service providers
Analytics services
Payment processors (when paid features are introduced)

We reserve the right to change service providers at any time as necessary to maintain and improve the Service.

3.2 Legal Requirements

We may disclose your information if required to do so by law or in response to valid requests by public authorities (e.g., court orders, subpoenas, or regulatory requests).

3.3 Business Transfers

If HOA-Bot is involved in a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction. We will provide notice before your information becomes subject to a different privacy policy.

3.4 With Your Consent

We may share your information for purposes not described in this Privacy Policy with your explicit consent.

3.5 Aggregated or Anonymized Data

We may share aggregated or anonymized information that cannot reasonably be used to identify you, such as statistical trends about Service usage.

4. Data Retention

4.1 Active Accounts

We retain your information for as long as your account is active or as necessary to provide the Service.

4.2 Account Deletion

When you delete your account or request deletion of your data:

We will delete your uploaded documents and associated data immediately
Your account information will be deleted from active systems immediately
Some data may persist in backup systems for up to 30 days before being permanently deleted
We may retain certain information as required by law or for legitimate business purposes (e.g., to prevent fraud or abuse)

4.3 Legal Obligations

We may retain information for longer periods if required by law, regulation, or legal process.

5. Data Security

We implement reasonable administrative, technical, and physical safeguards to protect your information from unauthorized access, use, or disclosure. These measures include:

Encryption of data in transit (HTTPS/TLS)
Encryption of sensitive data at rest
Regular security assessments and updates
Access controls and authentication requirements
Secure data centers with physical security measures

However, no method of transmission over the internet or electronic storage is 100% secure. While we strive to protect your information, we cannot guarantee absolute security.

6. Your Rights and Choices

6.1 Access and Correction

You can access and update your account information at any time through your account settings.

6.2 Data Deletion

You can delete your account and request deletion of your data at any time. We will process deletion requests as described in Section 4.2.

6.3 Communication Preferences

You can opt out of non-essential communications by:

Using the unsubscribe link in our emails
Adjusting your notification preferences in account settings
Contacting us directly

Note: You cannot opt out of service-related communications (e.g., security alerts, changes to Terms of Service).

6.4 Cookies

You can control cookies through your browser settings. Please note that disabling cookies may limit your ability to use certain features of the Service.

7. Children's Privacy

The Service is not intended for users under the age of 18. We do not knowingly collect personal information from children under 18. If we become aware that we have collected personal information from a child under 18, we will take steps to delete such information promptly.

8. International Data Transfers

Your information is stored and processed in the United States. If you access the Service from outside the United States, you acknowledge that your information will be transferred to, stored, and processed in the United States, where data protection laws may differ from those in your country.

9. California Privacy Rights

If you are a California resident, you may have additional rights under the California Consumer Privacy Act (CCPA). These rights may include:

The right to know what personal information we collect and how it is used
The right to request deletion of your personal information
The right to opt out of the sale of personal information (note: we do not sell personal information)

To exercise these rights, please contact us using the information provided in Section 13.

10. European Privacy Rights

If you are located in the European Economic Area (EEA), you may have additional rights under the General Data Protection Regulation (GDPR), including:

Right of access to your personal data
Right to rectification of inaccurate data
Right to erasure (right to be forgotten)
Right to restriction of processing
Right to data portability
Right to object to processing

To exercise these rights, please contact us using the information provided in Section 13.

11. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. If we make material changes, we will notify you by:

Email notification to the address associated with your account
A prominent notice on the Service
Updating the "Last Updated" date at the top of this Privacy Policy

Your continued use of the Service after such notice constitutes acceptance of the updated Privacy Policy.

12. Third-Party Links and Services

The Service may contain links to third-party websites or services. This Privacy Policy does not apply to those third-party sites. We encourage you to review the privacy policies of any third-party services you access through the Service.

13. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us at:

Email: hello@updates.hoa-bot.com
Website: hoa-bot.com

For privacy-specific inquiries or to exercise your data rights, please include "Privacy Request" in the subject line of your email.

14. Data Processing Addendum

If you are a business or organization using the Service and require a Data Processing Addendum (DPA) for compliance purposes, please contact us at the email address above.

By using HOA-Bot, you acknowledge that you have read and understood this Privacy Policy and consent to the collection, use, and sharing of your information as described herein.