Privacy Policy

1. DEFINITIONS

• "Personal Information" means information that identifies, relates to, describes, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular User or household.
• "Embeddings" mean numerical representations derived from the content you provide, used for machine learning and analysis purposes.
• "Usage Information" means information automatically collected about your interaction with the Services, which may include Device Identifiers, IP addresses, browser type, operating system, referring URLs, pages viewed, links clicked, mouse movements, session recordings, heatmaps, and timestamps.

2. PERSONAL INFORMATION COLLECTION

We collect Personal Information through the following means:

2.1 Information You Provide:

We collect Personal Information you provide directly when you use our Services. This includes:

• Account Information: Information provided during account registration (e.g., name, email address, authentication credentials managed via Clerk).
• Content: Content and documents you upload or submit to the Services for processing.
• Property Information: Information related to your home or property, potentially including geographic location, if you provide it.
• Voluntary Information: Any other information you choose to provide when interacting with our Services or contacting us (e.g., through support requests).

2.2 Information Collected Automatically:

When you access and use the Services, we and our third-party service providers may automatically collect certain Usage Information. This information helps us understand how our Services are used, improve them, and measure effectiveness. Technologies used for this collection may include:

• Cookies: Small text files stored on your device. We may use cookies for session management, authentication, and understanding user preferences. You can typically disable cookies through your browser settings, but some Service features may not function properly as a result.
• Log Files: Servers may automatically record information including IP address, browser type, and access times.
• Analytics and Tracking Technologies: We use third-party services like Google Analytics, Microsoft Clarity, and may implement others such as Meta Pixel, Reddit Pixel, and Google Tag Manager (which helps manage other tags/pixels) to understand how Users interact with our Services. These services may use cookies, pixels (small blocks of code), embedded scripts, and other tracking technologies to collect Usage Information, such as pages visited, time spent on pages, links clicked, mouse movements, heatmaps, session recordings, device information, and other interaction data. This information helps us analyze traffic, improve user experience, diagnose technical issues, and measure the effectiveness of our features or marketing campaigns. You may be able to limit some automatic data collection through your browser or device settings, or by using opt-out tools provided by these third parties.

2.3 Information We Do Not Intentionally Collect:

We do not intentionally collect sensitive personal information such as financial account details (except as necessary for payment processing via Stripe), health information, racial or ethnic origin, or political opinions. Our Services are not directed to children under the age of 13, and we do not knowingly collect Personal Information from children under 13. If we learn that we have collected Personal Information from a child under 13, we will take steps to delete such information promptly. If you believe we have inadvertently collected such information, please contact us.

3. HOW WE USE YOUR INFORMATION

We may use your Personal Information for the following purposes:

• To provide, operate, maintain, and improve our Services.
• To process your content and generate Embeddings as part of the Service functionality.
• To train our machine learning models to enhance the quality, accuracy, and features of our Services.
• To authenticate users and ensure the security of our Services.
• To process payments through our secure payment processor (Stripe).
• To communicate with you, including responding to your inquiries and sending service-related notifications.
• For internal business purposes, such as data analysis, identifying usage trends, improving user experience, and auditing.
• To enforce our Terms of Service and other policies.
• To comply with legal obligations and protect our rights and the rights of others.
• As otherwise disclosed to you at the time of collection or with your consent.

4. HOW WE SHARE YOUR INFORMATION

We may share your Personal Information, without further notice to you unless required by applicable law, as described below or otherwise in this Privacy Policy:

4.1 Service Providers:

We share Personal Information with third-party vendors and service providers who perform services on our behalf. This includes:

• Cloud hosting providers.
• Authentication service providers (Clerk).
• Payment processing providers (Stripe).
• Third-party AI language model providers: We may share Embeddings derived from your content with these providers to enable certain Service features or improve AI capabilities. While initial content uploads might contain identifiable details, the derived Embeddings shared are typically designed to be anonymized or pseudonymized, though complete anonymization cannot always be guaranteed.
• Analytics and tracking providers (Google, Microsoft, potentially Meta, Reddit, etc.).
• Customer support tool providers *(if applicable)*.

These service providers are typically bound by confidentiality obligations and are restricted from using your Personal Information for purposes other than providing services for us.

4.2 Legal Requirements:

We may disclose your Personal Information if required by law, subpoena, court order, or other governmental request, or when we believe in good faith that disclosure is necessary to protect our rights, protect your safety or the safety of others, investigate fraud, or respond to a government request.

4.3 Business Transitions:

In the event HostReception.ai goes through a business transition, such as a merger, acquisition by another company, sale of all or a portion of its assets, bankruptcy, or other corporate change, your Personal Information will likely be among the assets transferred. We will provide notice of such a change in ownership or control of your Personal Information if required by law.

4.4 Aggregated or De-identified Data:

We may share aggregated or de-identified information, which cannot reasonably be used to identify you, for various purposes, including analysis, research, and service improvement.

4.5 With Your Consent:

We may share your Personal Information with third parties when we have your consent to do so.

5. YOUR CHOICES AND RIGHTS

• Account Deletion: You may delete your account at any time through your account settings or by contacting us. As described in the Data Retention section, deleting your account will trigger the deletion process for your associated Personal Information.
• Access and Correction: You may have the right to access or update the Personal Information we hold about you. You can often review and modify certain information through your account settings. For other requests, please contact us.
• Tracking Technologies Opt-Outs: As mentioned in Section 2.2, you may be able to manage or opt-out of certain automatic data collection via your browser settings or third-party opt-out tools (like the Google Analytics Opt-out Browser Add-on).
• Jurisdictional Rights: Depending on your location (e.g., EEA, UK, California), you may have additional rights regarding your Personal Information, such as the right to rectification, erasure, restriction of processing, data portability, and the right to object to processing. If you are subject to regulations like GDPR or CCPA and wish to exercise your rights, please contact us directly using the information in the "Contact Information" section below.

6. SECURITY MEASURES

We implement and maintain commercially reasonable technical, administrative, and physical security measures designed to protect your Personal Information from unauthorized access, use, disclosure, alteration, or destruction. These measures include:

• Secure user authentication and identity management (via Clerk).
• JWT-based authentication for secure data access.
• Middleware restricting unauthorized route access.
• Comprehensive session management.
• Row-Level Security (RLS) on databases where applicable.
• Double verification of access rights at API and database levels.
• Secure API route authentication and input validation.
• Use of HTTPS (TLS/SSL) for secure data transmission.
• Implementation of security headers (e.g., X-Content-Type-Options, X-Frame-Options, X-XSS-Protection).
• Secure payment processing integration with Stripe.
• SHA-256 content hashing and secure storage practices.
• PIN-based guest access mechanisms with temporary, expiring tokens, where applicable.

Despite these measures, please be aware that no method of transmission over the Internet or method of electronic storage is 100% secure. Therefore, while we strive to use commercially reasonable means to protect your Personal Information, we cannot guarantee its absolute security.

7. DATA RETENTION

We retain your Personal Information for as long as necessary to fulfill the purposes outlined in this Privacy Policy, including providing the Services, complying with our legal obligations, resolving disputes, and enforcing our agreements, unless a longer retention period is required or permitted by law. When you delete your account, we will initiate the deletion of your associated Personal Information from our active systems. This process may take up to 90 days, after which the data will be permanently deleted or fully anonymized, unless retention is required for legal or regulatory reasons.

8. INTERNATIONAL DATA TRANSFERS

Our Services are operated and primarily intended for users located in the United States. If you access the Services from outside of the United States, please be aware that information we collect, including Personal Information, will be transferred to, processed, and stored in the United States. Data protection laws in the United States may differ from those of your country of residence. By using the Services or providing us with any information, you consent to this transfer, processing, and storage of your information in the United States.

9. THIRD-PARTY LINKS AND SERVICES

Our Services may contain links to third-party websites or services that are not operated or controlled by HostReception.ai. This Privacy Policy does not apply to the practices of third parties, and we are not responsible for the privacy practices or content of such third parties. We encourage you to review the privacy policies of any third-party services you interact with.

10. CHILDREN'S PRIVACY

Our Services are not intended for or directed to individuals under the age of 13. We do not knowingly collect Personal Information from children under 13. If we become aware that we have inadvertently collected Personal Information from a child under 13, we will take reasonable steps to delete such information from our records. If you are a parent or guardian and believe your child has provided us with Personal Information without your consent, please contact us using the details below.

11. CHANGES TO THIS PRIVACY POLICY

We may update this Privacy Policy from time to time to reflect changes in our practices or for other operational, legal, or regulatory reasons. If we make changes, we will notify you by revising the "Last Updated" date at the top of this policy and, in the case of material changes, we may provide additional notice (such as adding a statement to our website homepage or sending you a notification via email). We encourage you to review this Privacy Policy periodically to stay informed about our information practices and the choices available to you. Your continued use of the Services after any changes constitutes your acceptance of the revised Privacy Policy.

12. CONTACT INFORMATION

If you have any questions, comments, or concerns about this Privacy Policy or our privacy practices, please contact us at:

Email: support@hostreception.ai

Phone: +1 (774) 993-4405