Back to Home
Legal

Privacy Policy

Your privacy matters deeply to us. This policy explains what data we collect, why we collect it, and how we protect it — in plain, honest language.

Last updated: April 15, 2026GDPR & CCPA AwareWe never sell your data

Our Commitment to You

Haven is built on trust. We collect only what we need, protect it diligently, and never sell it. This policy governs all personal data processed through our platform in accordance with GDPR, CCPA, and applicable privacy regulations.

01

Information We Collect

We collect information to provide and continually improve the Haven experience. The data we gather falls into three categories:

Account Data
  • Full name
  • Email address
  • Profile picture (OAuth)
  • Authentication provider
Usage Data
  • Property searches & saves
  • Pages visited
  • Session duration
  • Feature interactions
Technical Data
  • IP address
  • Browser & version
  • Device & OS
  • Referring URLs

We use OAuth providers (Google and GitHub) for authentication. We do not store your OAuth passwords — only the tokens and profile data they provide.

02

How We Use Your Data

The data we collect is used exclusively to operate and improve Haven:

Service Delivery

Authenticating you and enabling core platform features

Personalization

Tailoring property recommendations to your investment profile

AI Improvement

Training and refining our models using anonymized, aggregated data

Communications

Sending important updates, alerts, and support responses

Security

Detecting fraud, abuse, and unauthorized platform access

Analytics

Understanding platform usage to guide product decisions

We will never use your personal data for purposes beyond those stated here without obtaining your explicit consent first.

03

Sharing & Disclosure

We do not sell, trade, or rent your personal information to any third party.

We may share your data only in these limited circumstances:

  • Service Providers: Trusted vendors (database hosting, analytics, email delivery) who process data strictly on our behalf under confidentiality agreements.
  • Legal Compliance: When required by law, court order, or governmental regulation. We will notify you when legally permitted.
  • Business Transfers: In the event of a merger, acquisition, or asset sale — subject to continued privacy protections for your data.
  • With Your Consent: Any other sharing only occurs with your explicit, informed consent.

04

Data Security

We implement industry-standard technical and organizational measures to protect your personal information:

🔐

Encryption

All data transmitted over TLS 1.3. Data at rest encrypted using AES-256.

🛡️

Access Control

Role-based access with principle of least privilege for all internal systems.

🔍

Monitoring

Automated monitoring for suspicious activity and anomalies.

🔄

Regular Audits

Periodic security reviews and penetration testing of our infrastructure.

No method of transmission over the Internet is 100% secure. While we strive to use commercially acceptable means to protect your data, we cannot guarantee absolute security.

05

Cookies & Tracking

Haven uses cookies and similar tracking technologies to maintain your session and understand platform usage.

Essential
Required for authentication and core platform functionality. Cannot be disabled.
Required
Analytics
Help us understand how users interact with Haven (anonymized). Privacy-respecting tools only.
Opt-out
Preferences
Remember your settings, saved searches, and display preferences.
Opt-out

06

Your Rights

Depending on your location, you have the following rights regarding your personal data:

Access
Request a copy of all personal data we hold about you in a portable format.
Rectification
Request correction of inaccurate or incomplete personal data.
Erasure
Request deletion of your personal data ('right to be forgotten') where legally applicable.
Restriction
Request that we limit the processing of your data in certain circumstances.
Portability
Receive your data in a structured, machine-readable format.
Objection
Object to processing of your data for direct marketing or legitimate interests.
To exercise any of these rights, email scouthaven.app@gmail.com. We respond to all requests within 30 days.

07

Data Retention

We retain your personal data only as long as necessary to provide our services:

  • Active account data: retained for the duration of your account
  • Usage and analytics data: retained for 24 months, then anonymized
  • Support communications: retained for 12 months after case closure
  • Legal compliance records: retained as required by applicable law

Upon account deletion, your personal data is removed from our active systems within 30 days. Some data may remain in encrypted backups for up to 90 days before permanent deletion.

08

Third-Party Services

Haven integrates with reputable third-party services to operate efficiently. Each maintains their own privacy policies:

Google OAuth

Authentication

GitHub OAuth

Authentication

Vercel

Hosting & CDN

Neon / Prisma

Database

Haven is not responsible for the privacy practices of these third-party services. We recommend reviewing their respective privacy policies.

09

Children's Privacy

Haven is not intended for use by children under the age of 16. We do not knowingly collect personal information from children under 16.

If we become aware that we have inadvertently collected data from a child under 16 without verified parental consent, we will immediately delete that information.

If you are a parent or guardian and believe your child has provided us personal information, please contact scouthaven.app@gmail.com.

10

Contact Us

For any questions or requests relating to this Privacy Policy, please reach out to our dedicated privacy team:

Privacy Teamscouthaven.app@gmail.comData Requestsscouthaven.app@gmail.com

We are committed to resolving your concerns within 30 days.

Back to HomeRead Terms & Conditions →