Privacy Policy

Privacy Policy

Effective Date: April 20, 2025

TownHallOS ("TownHallOS," "we," "our," or "us") respects your privacy and is committed to protecting your personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard information when you use our website, applications, and services (collectively referred to as the "Service"). By accessing or using our Service, you consent to the practices described in this policy.

1. Information We Collect

1.1 Information You Provide Directly

When you register, set up, or update your profile, you may provide (and we collect) the following:

  • Google OAuth Credentials & Profile Data: Your unique OAuth identifier, name, email address, profile picture URL, and other authentication metadata.
  • Twilio Verify Phone Verification: Your phone number, verification status, and related metadata.
  • Profile Attributes:
    • Identifiers: id (UUID)
    • Contact & Location: first_name, last_name, avatar_url, phone, email, address1, address2, city, state, zip_code
    • Demographics: age_range, gender, education_level, party_affiliation
    • Interests & Preferences: policy_interests (array of topic codes or names)
    • Status Flags: personal_info_complete, demographics_complete, interests_complete, onboarding_complete
    • Timestamps: created_at, updated_at

Future Collection: We may introduce email verification via a magic link. If implemented, we will collect verification tokens and timestamps.

1.2 Information Collected Automatically

  • Cookies & Session Data: We use cookies, localStorage, and similar technologies to manage user sessions, remember preferences, and prevent fraud.
  • Analytics & Usage Metrics: We leverage Vercel Analytics (and similar services) to collect IP addresses, device and browser details, pages visited, feature usage, performance metrics, and referral data.

1.3 Information From Third Parties

We may receive information about you from third-party services (e.g., OAuth providers) if you connect your account to them. We rely on their data to authenticate and personalize your experience.

2. How We Use Your Information

We use the information we collect to:

  1. Provide & Maintain the Service: Authenticate users, secure accounts, manage profiles, and enable features such as content personalization and social interactions.
  2. Communication: Send transactional messages (e.g., account confirmations, security alerts), and, where consented, occasional product updates or newsletters.
  3. Analytics & Improvement: Analyze usage patterns to optimize performance, enhance the user interface, and develop new features.
  4. Compliance & Security: Detect and prevent fraud or abuse, enforce our Terms of Service, and comply with applicable laws and regulations.
  5. Research & Aggregation: Create de-identified, aggregated reports on demographics, feature adoption, and usage trends.

3. Legal Basis for Processing (if applicable)

Where required by applicable law, our legal bases include:

  • Consent: You consent to certain processing activities when you opt in (e.g., email newsletters).
  • Performance of Contract: Processing necessary to fulfill our contractual obligations to you.
  • Legitimate Interests: Ensuring security, improving services, and preventing abuse, balanced against your privacy rights.
  • Legal Obligations: Complying with laws, regulations, or lawful requests from authorities.

4. Data Sharing and Disclosure

We prioritize data protection and do our best to safeguard your information; data security is a high priority for us.

We do not sell your personal information. We may share your data when it is required:

  • Service Providers: With vendors who perform services on our behalf (e.g., hosting, analytics, communications) under confidentiality agreements.
  • Legal & Safety: When required by law, to protect rights, safety, property, or to prevent fraud or illegal activity.
  • Business Transfers: In connection with any merger, acquisition, financing, or sale of assets, with notice and contractual safeguards.
  • User Consent: When you authorize or direct us to share your information.

5. Data Retention & Deletion

We retain your personal data only as long as necessary to fulfill the purposes in this policy, comply with our legal obligations, resolve disputes, and enforce our agreements.

User-Initiated Deletion: Upon receiving a verified deletion request via email to dev@townhallos.org, we will permanently delete and destroy all of your personal information, including backups and archives, within 30 calendar days of receipt. You will receive a confirmation once the process is complete.

6. Data Residency & International Transfers

Your information is stored and processed in the United States to the best of our knowledge, using Supabase as our database provider.

Your information may be transferred to and processed in countries other than your residence. We implement appropriate safeguards, such as standard contractual clauses, to ensure the adequate protection of your data.

7. Security Measures

Our databases are hosted in the United States on Supabase, which employs robust encryption, access controls, and security best practices to safeguard your data.

We maintain reasonable administrative, technical, and physical safeguards to protect your information. However, no method of transmission or storage is completely secure; we cannot guarantee absolute security. In the event of a data breach, we will notify you and the authorities as required by law.

8. Your Rights and Choices

Depending on your jurisdiction, you may have rights to:

  • Access & Portability: Obtain a copy of your personal data in a structured format.
  • Correction: Update or correct inaccurate or incomplete data.
  • Deletion: Request the erasure of your personal data, subject to any applicable legal exceptions.
  • Restriction: Limit processing of specific data.
  • Objection: Object to processing based on legitimate interests.
  • Withdraw Consent: Where processing is based on consent, you may withdraw it at any time without affecting prior processing.

To exercise these rights, please get in touch with us at dev@townhallos.org. We may need to verify your identity before processing requests.

9. Children's Privacy

Our Service is not intended for individuals under 13. We do not knowingly collect information from individuals under the age of 15. If notified that we have inadvertently collected such data, we will delete it promptly.

10. Changes to This Privacy Policy

We reserve the right to update this Privacy Policy from time to time. We will post the updated policy, along with its new Effective Date, at the top. We encourage you to review this Privacy Policy periodically.

11. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy, please get in touch with us:

📧 dev@townhallos.org

🏢 Address: TownHallOS, 8401 Mayland Drive, Suite A, Richmond, VA 23294

Thank you for trusting TownHallOS with your information. We are committed to protecting your privacy and providing a secure service experience.

Return to Homepage