Privacy Policy

1. Information We Collect

1.1 Information You Provide

We collect information you provide directly when you create an account, use the Cloud Service, or communicate with us:

• Account Information: Name, email address, phone number, and password.
• Organization Information: HOA or property management company name, city, and state.
• Contact Information: First and last name, preferred and alternate email addresses, preferred and alternate phone numbers, birthday, company role, and profile photo.
• Payment Information: Credit card or debit card details are collected and processed by our third-party payment processor, Stripe. We do not store your full card number on our servers. We retain only the information necessary to manage your subscription, such as card type, last four digits, and expiration date.
• Customer Content: Any data, documents, information, or materials you or your Users submit to the Cloud Service, including but not limited to documents, tickets, calendar events, guest lists, and communications within the platform.
• Communications: Information you provide when you contact us for support or send us feedback.

1.2 Information Collected Automatically

When you access or use the Cloud Service, we automatically collect certain information:

• Usage Data: Information about how you interact with the Cloud Service, including features used, pages visited, actions performed, and time spent.
• Device and Technical Data: IP address, browser type and version, operating system, device type, and unique device identifiers.
• Session Recordings: We use analytics tools that may record user sessions to understand how the Cloud Service is used. All form inputs and sensitive fields are masked in these recordings.
• Cookies and Similar Technologies: We use session cookies to authenticate your account and maintain your session. See Section 7 (Cookies) for more information.

1.3 Information We Do Not Collect

We do not knowingly collect social security numbers, driver's license numbers, financial account numbers, health or medical information, or other categories of sensitive personal information as defined by applicable law. Our Terms of Service prohibit Users from submitting such data to the Cloud Service.

2. How We Use Your Information

We use the information we collect for the following purposes:

• Providing the Cloud Service: To operate, maintain, and deliver the features and functionality of the Cloud Service.
• Account Management: To create and manage your account, process payments, and manage your subscription.
• Support: To respond to your support requests, questions, and feedback.
• Improvement and Analytics: To understand how the Cloud Service is used, diagnose technical issues, and improve the Cloud Service's features and performance.
• Security: To detect, prevent, and respond to fraud, abuse, security incidents, and technical issues.
• Communications: To send you transactional messages related to your account, such as subscription confirmations, payment receipts, security alerts, and support responses. Phone numbers stored in the Cloud Service may also be used to deliver SMS text messages on behalf of your organization, such as emergency alerts, when initiated by an authorized administrator of your organization's account.
• Legal Compliance: To comply with applicable laws, regulations, legal processes, or governmental requests.

We do not use your information for targeted advertising. We do not send marketing emails unless you have opted in, and you may opt out at any time.

3. How We Share Your Information

We do not sell, rent, or trade your personal information to any third party.

We share your information only in the following limited circumstances:

3.1 Service Providers

We use trusted third-party service providers who process data on our behalf to help us operate the Cloud Service. These providers are contractually obligated to use your information only as necessary to perform services for us and to protect your information. Our current service providers include:

• Stripe — Payment processing. Stripe receives your name, address, and payment card details to process subscription payments. Stripe's privacy policy is available at stripe.com/privacy.
• Amazon Web Services (SES) — Transactional email delivery. AWS receives recipient email addresses and email content to deliver messages on our behalf. AWS's privacy policy is available at aws.amazon.com/privacy.
• Twilio — SMS text message delivery. Twilio receives recipient phone numbers and message content to deliver SMS communications on behalf of your organization's account when initiated by an authorized administrator. Twilio's privacy policy is available at twilio.com/legal/privacy.
• Cloudflare — File storage. Uploaded files such as documents and profile photos are stored on Cloudflare's infrastructure. Cloudflare's privacy policy is available at cloudflare.com/privacypolicy.
• PostHog — Product analytics and session recording. PostHog receives usage data, device information, and pseudonymized user identifiers to help us understand how the Cloud Service is used. Form inputs are masked in session recordings. PostHog's privacy policy is available at posthog.com/privacy.
• Sentry — Error monitoring. Sentry receives technical error data to help us identify and fix issues. Personal data transmission is disabled by default. Sentry's privacy policy is available at sentry.io/privacy.

3.2 Legal Requirements

We may disclose your information if required to do so by law, regulation, legal process, or governmental request, or if we believe in good faith that disclosure is necessary to (a) comply with a legal obligation; (b) protect and defend our rights or property; (c) prevent fraud or other illegal activity; (d) protect the safety of any person; or (e) protect against legal liability.

3.3 Business Transfers

If we undergo a merger, acquisition, reorganization, bankruptcy, or sale of all or substantially all of our assets, your information may be transferred as part of that transaction. We will notify you of any such change by posting notice on the Cloud Service or by email.

4. Data Retention

We retain your personal information and Customer Content for as long as your account is active and for two (2) years following account cancellation or termination. After this retention period, we will securely delete or anonymize your information unless a longer retention period is required by applicable law.

Upon your request during the retention period, we will delete your Customer Content within 60 days, as described in our Terms of Service.

Payment transaction records may be retained longer as required for accounting, tax, or legal compliance purposes.

5. Data Security

We implement commercially reasonable technical and organizational measures to protect your personal information from unauthorized access, use, alteration, or destruction. These measures include encryption of data in transit, secure authentication mechanisms, and access controls.

However, no method of electronic transmission or storage is completely secure. We cannot guarantee the absolute security of your information. You are responsible for maintaining the confidentiality of your account credentials and for any activity that occurs under your account.

6. Your Rights and Choices

6.1 Account Information

You may access, update, or correct your personal information at any time through the Cloud Service's account settings.

6.2 Data Deletion

You may request deletion of your personal information by contacting us at [email protected]. We will process your request in accordance with applicable law. Certain information may be retained as described in Section 4 (Data Retention).

6.3 Communications

You may opt out of marketing communications by following the unsubscribe instructions in the email or by contacting us. You cannot opt out of transactional messages related to your account.

6.4 Do Not Track

Some browsers offer a "Do Not Track" signal. We do not currently respond to Do Not Track signals.

7. Cookies

The Cloud Service uses cookies, which are small text files stored on your device, for the following purposes:

• Session Cookies: Required to authenticate your account and maintain your session while you use the Cloud Service. These cookies are essential and cannot be disabled without losing access to the Cloud Service.
• Analytics Cookies: Used by our analytics provider (PostHog) to understand how the Cloud Service is used. You may disable analytics cookies through your browser settings, though this may affect our ability to improve the Cloud Service.

We do not use advertising cookies or tracking cookies from third-party advertisers.

8. Children's Privacy

The Cloud Service is not intended for children under the age of 16. We do not knowingly collect personal information from children under 16. If we become aware that we have collected personal information from a child under 16, we will take steps to promptly delete it. If you believe a child under 16 has provided us with personal information, please contact us at [email protected].

9. California Privacy Rights

If you are a California resident, you have additional rights under the California Consumer Privacy Act ("CCPA") and the California Privacy Rights Act ("CPRA"):

9.1 Right to Know

You have the right to request that we disclose the categories and specific pieces of personal information we have collected about you, the categories of sources from which your personal information was collected, the business purpose for collecting your personal information, and the categories of third parties with whom we share your personal information.

9.2 Right to Delete

You have the right to request that we delete personal information we have collected from you, subject to certain exceptions permitted by law.

9.3 Right to Correct

You have the right to request that we correct inaccurate personal information we maintain about you.

9.4 Right to Opt Out of Sale or Sharing

We do not sell your personal information. We do not share your personal information for cross-context behavioral advertising.

Because we do not engage in these activities, there is no need to opt out.

9.5 Right to Non-Discrimination

We will not discriminate against you for exercising any of your privacy rights.

9.6 How to Exercise Your Rights

To exercise your California privacy rights, contact us at [email protected]. We will verify your identity before processing your request. You may also designate an authorized agent to make a request on your behalf.

9.7 Categories of Personal Information

In the preceding 12 months, we have collected the following categories of personal information as defined by the CCPA:

We collect personal information for the business purposes described in Section 2 (How We Use Your Information). We do not sell personal information and have not done so in the preceding 12 months.

10. International Data Transfers

The Cloud Service is operated from the United States. If you access the Cloud Service from outside the United States, your information will be transferred to and processed in the United States. By using the Cloud Service, you consent to the transfer of your information to the United States.

If you are located in the European Economic Area, the United Kingdom, or Switzerland and are subject to the GDPR, please contact us at [email protected] before submitting personal data governed by such laws, as described in our Terms of Service.

11. Third-Party Links

The Cloud Service may contain links to third-party websites or services that are not owned or controlled by us. This Privacy Policy does not apply to those third-party services. We encourage you to review the privacy policies of any third-party services you access.

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. If we make material changes, we will notify you by posting the updated Privacy Policy on the Cloud Service and updating the "Last Updated" date above. We may also notify you by email for significant changes. Your continued use of the Cloud Service after the effective date of any changes constitutes your acceptance of the updated Privacy Policy.

13. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us at:

Two Jays Inc.
[email protected]