Household HQ
Privacy
Last updated 2026-04-27
Household HQ is a private prototype for shared household admin. We collect only the data you enter or upload, and the minimum needed to run the service. This page describes what we collect, why, who processes it, and how you remove it.
What we collect
- Account: email address, name, hashed password, and a Supabase Auth user ID. Used to sign you in and link you to your household.
- Household records you create: providers, contracts, calendar events, maintenance tasks, expected costs, projects, and setup-checklist decisions. We store exactly what you enter — no automatic enrichment.
- Documents you upload: the file itself plus title, category, dates and optional notes. Stored in private object storage with short-lived signed URLs for access.
- AI-analysis logs:when you click “Analyse with AI”, we log the model used, token counts, duration, success/failure, and an error message on failure. We do not store the document contents in this log.
- Audit log: a record of who created/edited/deleted what and when, scoped to your household.
- Standard server logs: request paths, IP address, user agent. Held by our hosting provider for operational and security reasons; no advertising or tracking cookies.
What we do not collect
- No bank account access, Open Banking, or transaction data.
- No Gmail, Outlook, or other inbox access in this version.
- No advertising identifiers, cross-site tracking, or analytics cookies.
- No marketing email lists; transactional email only when needed.
How we use it
To run the service: authenticate you, render your household’s records on the calendar, generate reminders, and execute features you trigger (AI extraction, ICS feed, export). We do not sell your data, share it with advertisers, or use it to train models.
Subprocessors
We rely on the following third-party services to provide Household HQ. Each handles only what is required for its function.
| Provider | Purpose | Region |
|---|---|---|
| Supabase | Authentication, Postgres database, private file storage | EU (eu-west-2) |
| Vercel | Web hosting, server-rendered pages, API routes | Global edge / EU |
| Anthropic | AI document extraction (when you click Analyse with AI) | USA |
| OpenAI | Optional alternative AI provider for image-only document extraction | USA |
Anthropic and OpenAI process the document only at the moment you click Analyse. They are contractually committed not to train on data submitted via their API. We do not enrol household data in any other model-training programme.
Where data is stored
Postgres database and file storage are hosted in Supabase’s eu-west-2 region (UK). Web requests are served via Vercel’s edge; AI calls go to Anthropic / OpenAI in the USA. Where data leaves the UK/EEA, we rely on the providers’ standard contractual clauses.
Retention
- Active records are kept while your household exists.
- Audit log entries are kept while your household exists, even if the originating record is deleted, so members can see what was changed.
- AI-analysis logs are kept indefinitely (no document contents — only metadata), and are used to enforce the monthly cap and to investigate incidents.
- Server logs are kept by our hosting provider for up to 30 days.
- Deleted households have all their records and uploaded files removed from our database and storage immediately. Backups are retained by Supabase under their standard policy and are purged within 30 days.
Security
- Authenticated, household-scoped access on every request — server-side checks, not client-side.
- Row-Level Security policies on every household-owned table protect against direct database API access.
- Documents stored in a private bucket; access via short-lived signed URLs.
- HTTPS for every connection. Passwords are hashed by Supabase Auth.
- No service-role keys in client code.
Your rights
You can export, edit, or delete your household’s data at any time from the Settings page. Under UK GDPR you also have the right to access, rectify, restrict processing, object, and lodge a complaint with the Information Commissioner’s Office (ico.org.uk).
Children
Household HQ is for adults running a household. We don’t knowingly collect data from anyone under 16. If a child’s details are recorded as part of household admin (e.g. school fees), the responsible adult is the data controller for those entries within the household.
Cookies
We use a small number of cookies strictly necessary to keep you signed in (Supabase Auth session cookies). No advertising or tracking cookies.
Changes to this policy
If we change anything material, we’ll update the date above and surface a notice inside the app on next sign-in. Older versions are kept in our git history.
Contact
Questions, requests for export/deletion, or complaints: email jakewillis0@gmail.com.