Privacy Policy

HomeHuddle is a private household coordination app. We respect your privacy and collect only what is necessary to provide the service. We do not track you, profile you, or sell your data.

We collect and store only the data you actively provide:

• Account information — name, email address, and a securely hashed password
• Content you create — tasks, notes, events, chores, comments, and weekly schedules
• Household members — names and categories (adult, child, other) of people you add

We do not collect device information, IP addresses, location data, or browsing behavior.

HomeHuddle uses a single session cookie to keep you signed in. This cookie is essential for the service to function and contains no personal data.

We do not use any third-party analytics, tracking pixels, advertising cookies, or fingerprinting technologies. There are no third-party scripts loaded on any page.

We send transactional emails for:

• Password reset requests
• Weekly schedule previews (opt-in)
• Task notifications such as assignments, overdue reminders, and @ mentions in comments (opt-in)

All notification emails can be disabled in your notification preferences. We do not send marketing emails.

Emails are sent via Amazon SES (SMTP relay) routed through the eu-central-1 (Frankfurt) region — your email content stays in the EU. Amazon processes only the delivery metadata necessary to send the email; they do not have access to your HomeHuddle account.

All your account and household data is stored on a server located in Switzerland, operated by Infomaniak. Data lives in a per-household SQLite database file — your tenant DB contains only your household's data, never anyone else's.

Backups are streamed continuously to Infomaniak's S3-compatible Object Storage, also in Switzerland (Geneva or Zurich). Backups are retained for 30 days for disaster recovery, then expire automatically.

Passwords are hashed with bcrypt; access tokens (for Claude / API integrations) are stored as SHA-256 digests. All connections use TLS (HTTPS).

Encryption at rest. Sensitive fields are encrypted in the database itself with AES-256-GCM (Rails Active Record Encryption). This means that even someone with file-system access to the raw SQLite file — or to a backup snapshot — cannot read the protected fields without the encryption keys, which live separately in the application's credentials.

Encrypted fields cover the categories most likely to contain private detail:

• Your email address and display name
• Task descriptions, comments on tasks, event notes
• Daily handoff notes (which often contain health info, schedules, etc.)
• Rich text on topics, including weekly private commentary

Short display labels (task titles, topic names, room names) and non-content columns (dates, statuses, positions) are stored unencrypted so that the app can search and sort them in the database. These labels do not generally contain sensitive personal information.

Log redaction goes alongside. Our web-request logs filter the same content fields (plus passwords, tokens, and OAuth secrets) before anything is written to disk, so sensitive payloads don't survive in log files either.

HomeHuddle is operated by a single person (see Terms). Troubleshooting a bug report or a password-reset issue may occasionally require looking up an account through an administrative console.

Those sessions are protected by console1984, Basecamp's open-source audit system:

• Every production console session must declare a written reason (e.g. "support ticket #42 — password reset") before any query runs.
• The full command trail of each session — every query issued, every record accessed — is recorded to an append-only audit log in the primary database.
• Any access to encrypted fields (your name, email, task descriptions, comments, notes) is flagged as a "sensitive access" in that log, so later review can focus on which sessions touched private content and why.

If a regulator, auditor, or you yourself ever ask us "who looked at my data, when, and for what reason" — there is a single authoritative answer rather than an informal promise.

We use a small number of service providers to operate HomeHuddle. They process your data only as needed to provide their service:

• Infomaniak (Switzerland) — server hosting and encrypted backup storage
• Amazon Web Services (Frankfurt, EU) — transactional email delivery via SES

We do not share, sell, rent, or disclose your personal data to any other third parties, except where required by Swiss law or a valid court order.

HomeHuddle lets you connect a third-party AI assistant (such as Anthropic's Claude, OpenAI's ChatGPT, or others) to your household. This is fully optional and disabled by default — nothing happens until you explicitly authorize a connection from your profile page.

If you choose to connect one:

• You authorize that assistant to read and write your household data on your behalf, scoped to your account only.
• The assistant's provider (e.g. Anthropic, OpenAI) processes that data under their terms and privacy policy — which may include processing in the United States or other jurisdictions. Review your chosen provider's terms before connecting.
• You can revoke the connection at any time from your profile page; the assistant will lose access immediately.

HomeHuddle does not initiate any AI processing on its own. We don't send your data to AI services in the background, and we don't use AI to generate content or insights without your explicit instruction via a connected assistant.

Your data is retained for as long as your account is active. If you request account deletion, all your data — including any backups stored beyond 30 days — will be permanently removed within 30 days.

Under the Swiss Federal Act on Data Protection (nFADP) and, where applicable, the EU General Data Protection Regulation (GDPR), you have the right to:

• Access your personal data
• Correct inaccurate data
• Delete your data and account
• Export your data in a portable format
• Object to processing of your data

To exercise any of these rights, contact us at hello@homehuddle.io.

HomeHuddle is designed for adults managing a household. Children do not have user accounts, cannot sign in, and cannot interact with the service directly.

A child's first name (and optionally their school schedule, activities, etc.) may be added by a parent or guardian as a reference label — for example, "Emma" assigned as the person responsible for a chore, or as a participant in a recurring routine. The parent or guardian is responsible for what they choose to record about their own children.

If you become aware that a child has nevertheless created or accessed an account (for example by using a parent's credentials), please contact us at hello@homehuddle.io and we will remove the account.

You may add other household helpers (nanny, cleaner, grandparents, etc.) by name in HomeHuddle as references for chores, schedules, or notes. Before doing so, please ensure you have informed those people that you are recording their name and schedule in a household coordination tool — and consider using a generic label (e.g. "Nanny") rather than their full name if you prefer not to.

We may update this privacy policy from time to time. Significant changes will be communicated to registered users via email. The "last updated" date at the top reflects the most recent revision.

For privacy-related questions or requests, contact:

hello@homehuddle.io
Zurich, Switzerland