Privacy Policy

Last updated: February 2026

1. Information We Collect

Account Information

• Email address
• HOA community name
• State of residence
• Hashed password (bcrypt)

Photo Data

• Uploaded photo files
• EXIF metadata (GPS coordinates, timestamp, camera info)
• Perceptual image hash (for duplicate detection)

Biometric Data

• Facial recognition embeddings (512-dimensional vectors)
• Face crop images
• Quality metrics (confidence, sharpness, pose)

Usage Data

• IP addresses
• T&C / biometric consent timestamps
• Upload history

2. How We Use Your Information

We use collected information solely to:

• Authenticate your account
• Process uploaded photos through our face detection pipeline
• Match faces within your HOA community's database
• Generate color-coded alerts
• Send email notifications about matches

3. Data Sharing

We do not share your data with third parties except:

• AWS SES for email delivery (email addresses only)
• As required by law or valid legal process

We do not sell biometric data or any personal information.

4. Data Storage & Security

• All data is stored on our private server infrastructure
• Passwords are hashed with bcrypt
• Sessions use secure, HTTP-only cookies scoped to /postwatch
• Database connections use connection pooling with pre-ping health checks
• CSRF protection on all form submissions

5. Data Retention

Data is retained for the duration of your account's active participation. You may request deletion of your account and associated data by contacting your HOA administrator.

6. Your Rights

Depending on your jurisdiction, you may have the right to:

• Access your personal data
• Request correction of inaccurate data
• Request deletion of your data
• Withdraw consent for biometric processing

7. Biometric-Specific Privacy

For detailed information about our biometric data practices, see our Biometric Data Notice.

8. Contact

For privacy inquiries, contact your HOA board administrator or reach out via the HOAPOST platform.