Privacy Policy

1. Information We Collect

Account information: email address, first and last name, and password (stored securely using industry-standard authentication services). Payment information: billing details are collected and processed by Stripe — we do not store credit card numbers on our servers. Documents: files you upload for redaction and compliance purposes. Usage data: pages visited, features used, and anonymized analytics events collected via Google Analytics 4. Technical data: IP address, browser type, and device information collected automatically through server logs.

2. How We Use Your Information

We use your information to: provide and operate the Service (document storage, PII detection, redaction); process subscription payments; send transactional emails (invitations, password resets, billing notifications); maintain security and prevent abuse; improve the Service based on aggregated usage patterns; comply with legal obligations. We do not use your information for advertising or sell it to third parties.

3. Document Data and PII

Documents you upload are stored in encrypted cloud storage. During the redaction process, document text is analyzed for PII detection — this processing occurs within United States data centers and document content is not retained beyond the analysis. Redacted documents have PII permanently removed from the PDF content stream — this is irreversible by design. Original (unredacted) documents are retained in private storage accessible only to board members. Published (redacted) documents are accessible to HOA members and, if configured, the public. Board members are responsible for reviewing redacted documents before approving publication.

4. Payment Information

Payment processing is handled by Stripe, Inc. We do not store credit card numbers or bank account details on our servers. We retain your Stripe customer ID and subscription status to manage your account. Stripe's privacy policy governs payment data — see stripe.com/privacy.

5. Data Storage and Security

All data is stored in United States data centers. Documents are encrypted at rest. Database records are encrypted at rest. All data in transit is encrypted using TLS/HTTPS. Access to production systems is restricted to authorized personnel only. We do not access your document content except as necessary to provide the redaction service.

6. Data Sharing

We do not sell, rent, or trade your personal information. We share data only with the following service providers, solely to operate the Service:

• Cloud infrastructure providers — document storage, data processing, authentication, email delivery
• Stripe — payment processing and subscription management
• Google Analytics — anonymized usage analytics (no personal data shared)

We may disclose information if required by law, court order, or to protect the rights and safety of our users or the public.

7. Data Retention

Active accounts: data is retained for the duration of your subscription. After cancellation: you have 30 days to export your documents. After 30 days, documents and account data are permanently deleted. Audit logs: retained indefinitely as required for legal compliance and proof of document posting under § 720.303. Backups: database backups are retained for 7 days and then automatically deleted.

8. Your Rights

You have the right to: access the personal information we hold about you; correct inaccurate information via your profile settings; request deletion of your account and associated data; request an export of your documents and data. To exercise these rights, contact us at support@snap720.com. We will respond within 30 days.

9. Cookies and Analytics

We use Google Analytics 4 (GA4) to understand how the Service is used. GA4 collects anonymized page view and event data — no advertising cookies or cross-site tracking is used. We use essential cookies only for authentication session management. You can opt out of analytics using browser privacy settings or the Google Analytics Opt-out Browser Add-on.

10. Children's Privacy

Snap§720 is not intended for use by individuals under 18. We do not knowingly collect personal information from children. If we become aware that a child has provided personal information, we will delete it promptly.

11. Changes to This Policy

We may update this Privacy Policy from time to time. Material changes will be communicated via email to the address on your account at least 30 days before taking effect. The "Last updated" date at the top reflects the most recent revision. Continued use of the Service after changes take effect constitutes acceptance.

12. Contact

Questions about this privacy policy? Contact us at support@snap720.com