Back to neighbors.fyi

Privacy Policy

Last updated May 20, 2026

This policy explains what information neighbors.fyi collects, how we use it, and the choices you have over your own data. Plain language first; legal language only where the law genuinely requires it.

1. Overview

neighbors.fyi (“we,” “our,” “the platform”) runs private community portals for HOAs, condos, co-ops, and residential neighborhoods. Each community lives at its own subdomain (for exampleyour-community.neighbors.fyi) with isolated data and resident-only access. This Privacy Policy applies to every resident-facing page on the platform, every community subdomain, and the marketing site at neighbors.fyi.

We treat resident data as the property of the community that produced it. We don’t sell it, we don’t advertise against it, and we don’t use it to train AI models.

2. Information we collect

2.1 Account data

When you create an account we collect your name, email address, password (stored as a one-way hash, never in plain text), and an optional profile picture. If you sign in with Google, we receive your name, email, and avatar URL from Google in place of a password. The OAuth scope we request is limited toemail and profile. You can revoke Google’s access at any time from your Google account settings; doing so will disable Google Sign-In but won’t delete your neighbors.fyi account.

2.2 Verification data (residential address)

To verify that you live in the community you’re joining, we collect your physical residential address within that community’s boundary. We use the address to confirm residency eligibility, link your account to the property record, and (where the community allows) display your home on a community-private map. Residential addresses are treated as sensitive personal information.

Your full street address is not displayed to other residents unless you opt in via your profile settings (show_address and show_on_map). Community administrators of your own community can see your address as part of the user-management screen so they can verify residency and resolve property linkage. Your address is never visible to anyone outside your community.

If we ever ask for documentary proof of residency (utility bill, deed snippet), those uploads are stored with the same protections as your address and are deleted within 60 days of successful verification, or sooner on request.

2.3 Content data

Posts, comments, channel messages, direct messages, polls, maintenance and architectural requests, RSVPs, photos, documents, vendor recommendations, and any other content you create inside the community portal. Direct messages between residents are visible only to the sender and the recipient. Channel messages are visible to members of that channel. Board and committee channels are restricted to members of those bodies.

2.4 Property & payment data

If your community uses the platform for dues and assessments, we record the property you’re associated with, payment history, late-fee status, and any auto-pay subscription you set up. Card numbers are stored only by Stripe and never touch our infrastructure; we receive a token, the last four digits, and the card brand for receipts.

2.5 Authentication & session data

We record successful sign-ins, password resets, and email change events (see Section 9 for retention). We also issue short-lived session cookies (HttpOnly, Secure, SameSite=Lax) and refresh tokens managed by our authentication provider (Supabase). For sensitive accounts we may issue or require multi-factor authentication challenges.

2.6 Operational metadata

IP addresses, browser type, operating system, and device identifiers needed for security, error reporting, and rate limiting. Pages you visit inside the product are recorded as an internal audit trail (page_views) so community administrators can investigate moderation incidents and so we can debug failures. Every administrative action by a community admin (approve user, remove post, edit settings) is recorded with the actor’s identity in the community’s audit log.

3. How we use your data

  • To provide the community portal: render your dashboard, deliver messages, process dues payments, send notifications.
  • To verify that new accounts are real residents of the community they’re trying to join.
  • To send transactional and community-critical emails: invite confirmations, password resets, dues receipts, maintenance updates, emergency alerts, and any digests you’ve opted into.
  • To keep the platform secure: detect suspicious sign-ins, throttle abusive traffic, investigate reports of harassment or impersonation, respond to security incidents.
  • To improve the product: understand which features are used, prioritize what we build next, fix bugs. Aggregated and de-identified data only.
  • To comply with law and respond to valid legal process.

We do not use your data for advertising, sell it to data brokers, or train AI models on the content of your community’s messages, documents, or member directories.

4. Who can see your data

Communities are private by default. A given resident sees only the content their role allows.

  • Other verified residents in your community can see your display name, your profile picture, your role (resident, board member, admin), the posts and messages you make in channels they also have access to, and any community-profile fields you’ve opted to share (such as showing your home on the map).
  • Community administrators of your own community can additionally see your email address, residential address, account status, role-history, and the moderation audit log. Every administrative action is recorded with the actor’s identity and a timestamp.
  • People outside your community never see your name, address, posts, or any other community content. Each community subdomain is access-controlled at the database row level via Postgres Row Level Security policies that deny access by default and require an authenticated session in the correct community before any data is read.
  • neighbors.fyi staff with administrative database access can technically read data across communities. This access bypasses Row Level Security by design and is required for incident response, recovery from system failures, debugging, and compliance with legal process. Staff access is restricted to personnel with a need to know, every access is logged, and staff act under written confidentiality and data-handling obligations. This also includes support sessions, where authorized staff sign in to your community with administrative access to provide support or set up integrations on your behalf. Every support session is recorded in your community’s audit log and the community’s primary contact is notified by email when one begins.
  • Sub-processors (listed in Section 5) process limited data on our behalf under contract.

5. Sharing & third parties

We share data with third-party service providers (also called “sub-processors”) only to operate the product, and only to the extent each provider needs.

  • Supabase hosts the per-community Postgres database, authentication system, and object storage (photos, documents, attachments).
  • Vercel hosts the application code and performs edge networking for the marketing site and tenant subdomains.
  • Stripe processes dues, assessments, architectural review fees, and violation-fine payments. Card details are stored with Stripe, never with us.
  • Resend sends transactional emails and admin-initiated community broadcasts.
  • Anthropic powers optional AI features (meeting-minute generation, PDF budget extraction). See Section 8 for the specifics of what gets sent and our retention instructions.
  • Google Maps renders the community map for residents who opt to display their home.
  • Google OAuth handles Google Sign-In if you choose that method.

We may disclose data when required by a valid court order, subpoena, or similar legal process. When the law permits, we will notify the affected community administrators before responding so they can object or narrow the request. We will resist overbroad requests.

We do not sell personal information as that term is defined under the California Consumer Privacy Act (CCPA) and the California Privacy Rights Act (CPRA), and we do not share personal information for cross-context behavioral advertising. See Section 11.

If neighbors.fyi is ever acquired, merged, or sold, any successor entity must honor the commitments in this policy or notify residents at least 30 days in advance of any material change so they can export their data and leave.

6. Cookies & tracking

We use a small number of strictly necessary cookies to keep you signed in (Supabase session cookies), remember your dark-mode preference, and prevent CSRF attacks on form submissions. We do not use cross-site advertising cookies, third-party analytics that build a profile of you across the web, or ad-targeting pixels.

Server-side counts of which routes are visited and which features are used are kept for product analysis. Those counts are not joined to your account except when a community administrator views the per-user activity log for their own community.

7. Security

Every community runs on its own database with Row Level Security policies that deny access by default and require an authenticated session in the correct community before any data is read. Connections to the platform are HTTPS only. We rate-limit sensitive endpoints (signup, password reset, dues processing) to slow down abuse.

Residential addresses and other personal data are stored securely. Access is gated by strict Row Level Security controls, and the underlying database storage is encrypted at rest by our cloud infrastructure provider. Service-role credentials we store on behalf of each tenant are additionally wrapped with application-level envelope encryption. Card and bank-account details are stored only by Stripe and never touch our systems.

No system is invulnerable. If we ever discover a security incident affecting your personal data, we will notify you and any affected community administrators without undue delay and, where the law requires it, no later than 72 hours after we confirm the incident affects you. We will describe what happened, what data was involved, and what we are doing in response, in accordance with applicable law.

8. AI features and your content

Some optional features use a third-party large language model (Anthropic Claude) to generate text: drafting meeting minutes from a recorded transcript, extracting budget data from an uploaded PDF, and similar admin-initiated tasks. These features are off by default and can be enabled or disabled per community by an administrator.

When an admin uses an AI feature, the content needed for that specific request (a transcript, a PDF) is sent to Anthropic. Because shared content may include statements made by other residents (for example, attendees speaking at a board meeting that was transcribed), this means a resident’s contribution can be processed by the AI as part of an admin-initiated task even though the resident did not personally invoke it.

We mitigate this by:

  • Sending only the content required for that specific task; never your full message history or directory.
  • Instructing Anthropic, via API parameters, not to retain the data for training. Anthropic retains content only for the duration required to process the request and for a short safety/abuse review window per their data-processing terms.
  • Logging every AI invocation in the community’s audit log so the source of any generated content is traceable.

We do not use AI to make automated decisions that produce legal or similarly significant effects concerning you (GDPR Art. 22). AI-generated text is always reviewed and published (or discarded) by a community administrator before it appears anywhere.

9. Retention, deletion & your rights

You have the right to access, correct, export, and delete the personal data we hold about you.

9.1 Exporting your data

You can download your account data and any content you’ve authored at any time from your profile page. Communities can export their full record set (CSV for tabular data, PDF for documents, JSON for the audit trail) from the admin portal.

9.2 What happens when you delete your account

You can request permanent deletion at any time by emailing us at the address in Section 15 or, when the in-product flow is available, from your profile settings. After we confirm the request and complete it (within 30 days, or 45 days if you’re a California resident, with the possibility of an extension where the law permits):

  • Purged: your auth.users row, your profiles row (name, email, avatar, bio), your user_addresses row, your auto-pay payment methods at Stripe, and any documentary verification artifacts.
  • Anonymized: content you authored that other residents have already interacted with (chat messages, comments, poll responses, vendor reviews, RSVPs). The text remains so the community’s record stays coherent, but the author field is replaced with a "Deleted user" placeholder.
  • Retained in anonymized form: moderation audit-log entries, dues-payment receipts, special-assessment records, refund records, and other financial transactions that we are required to retain for tax and accounting compliance. Your name is removed from these records; the transaction itself stays.

9.3 Backups & point-in-time recovery

Our database provider keeps point-in-time-recovery snapshots for up to 7 days and routine backups for up to 30 days. After a deletion, your data may persist in these backup systems for up to 30 days before it is overwritten in the normal backup-rotation cycle. We do not restore from backup except in the case of a disaster, and we will not restore a deleted user from backup at the request of any community without your explicit consent.

9.4 Authentication and security logs

Sign-in events, password-reset events, email-change events, and rate-limit logs are retained for 90 days for security investigations and then deleted automatically. Logs of suspected abuse or fraud may be retained longer for the duration of an active investigation.

9.5 Community cancellation

When a community cancels, we keep a full backup of their data for 14 days in case the board reactivates. After the grace window, the community’s database is archived. Communities can request immediate purge in writing. Archived backups are permanently deleted after 12 months unless the community’s service agreement specifies otherwise.

9.6 Retention summary

How long we keep each category of data
Data categoryRetentionNotes
Account profile (name, email, avatar, bio)Until you delete your accountPurged within 30 days of request.
Residential addressUntil you delete your accountLinked to property record; admin-visible.
Verification artifacts (if any)60 days after successful verificationDeleted sooner on request.
Posted content (chat, polls, comments, RSVPs)Until you delete it, or until account deletionAuthor field anonymized on account deletion.
Direct messagesUntil either participant deletes the thread or their account
Dues payments & receipts7 yearsTax & accounting compliance; anonymized after account deletion.
Authentication & rate-limit logs90 daysSecurity investigations.
Moderation audit log2 yearsCommunity oversight; actor field anonymized after account deletion.
Database backups (PITR)Up to 7 daysDisaster recovery only.
Nightly backupsUp to 30 daysDisaster recovery only.
Archived community after cancellation12 monthsReactivation grace window + recovery.

10. Your privacy rights by region

10.1 California (CCPA / CPRA)

If you’re a California resident, you have the right to:

  • Know what personal information we have collected about you in the past 12 months, the sources, the purposes, and the categories of sub-processors we’ve shared it with.
  • Delete personal information we have collected, subject to the exceptions in CCPA § 1798.105(d) (legal compliance, security incidents, contractual obligations, etc.).
  • Correct inaccurate personal information.
  • Opt out of the sale or sharing of your personal information. We do not sell or share personal information; see Section 11.
  • Limit the use of sensitive personal information. We treat residential addresses as sensitive personal information and use them only for the purposes described in this policy.
  • Non-discrimination for exercising any of these rights.

To exercise these rights, contact us at hello@neighbors.fyi or use the contact form. We will respond within 45 days, with an extension of up to 45 additional days where the law permits and we notify you of the extension.

You may designate an authorized agent to exercise these rights on your behalf. We will require reasonable verification of the agent’s authority and of your identity before acting on the request.

10.2 Other U.S. states

Residents of Virginia (VCDPA), Colorado (CPA), Connecticut (CTDPA), Utah (UCPA), Texas (TDPSA), Oregon (OCPA), and Montana (CDPA) have rights similar to those described in Section 10.1: the right to access, correct, delete, port, and opt out of certain processing. Use the same contact path to exercise these rights. We will respond within the time frame the applicable statute requires.

10.3 EU / UK (GDPR / UK GDPR)

If you are in the European Union, the United Kingdom, or another jurisdiction with GDPR-style protections, neighbors.fyi is the controller of your personal data. Our lawful bases for processing are:

  • Contract (Art. 6(1)(b)): providing the community portal you signed up for.
  • Legitimate interests (Art. 6(1)(f)): keeping the platform secure, preventing abuse, and improving the product. We balance these against your rights.
  • Consent (Art. 6(1)(a)): optional features you choose to enable (showing your home on the community map, opting into a community email digest).
  • Legal obligation (Art. 6(1)(c)): tax, accounting, and law-enforcement-response retention.

You have the right to access, rectify, erase, restrict processing, port your data, and object to processing based on legitimate interests. You also have the right to lodge a complaint with your local supervisory authority. Contact us at hello@neighbors.fyi; we will respond within 30 days, extendable by up to 60 additional days for complex requests where we notify you of the extension.

We transfer EU/UK personal data to the United States. Where the law requires it, we rely on the Standard Contractual Clauses approved by the European Commission and the UK International Data Transfer Addendum.

11. Do not sell or share my information

neighbors.fyi does not sell or share personal information as those terms are defined under the California Privacy Rights Act (CPRA), the Virginia Consumer Data Protection Act (VCDPA), or similar state laws. We do not engage in cross-context behavioral advertising. There is no advertising product on the platform.

If that ever changes, we will notify you in advance and provide a working opt-out at this same anchor.

12. Children’s privacy

neighbors.fyi is not intended for children under 13. We do not knowingly collect personal information from anyone under 13, in compliance with the U.S. Children’s Online Privacy Protection Act (COPPA). If you believe a child under 13 has created an account, email us at hello@neighbors.fyi and we will remove the account and any associated data promptly.

Communities may set their own minimum-age requirements above 13. Where a community does, that requirement applies in addition to the platform-wide minimum.

13. International users

neighbors.fyi is operated from the United States, and the data we collect is processed and stored on servers located in the United States. By using the platform from outside the United States, you consent to the transfer of your information into the United States. See Section 10.3 for EU/UK transfer mechanisms.

14. Changes to this policy

We will update this policy when our practices change. The “Last updated” date at the top of this page reflects the most recent revision. For material changes (anything that broadens how we use or share your data), we will notify community administrators by email at least 30 days before the change takes effect so residents have time to review.

15. Contact us

Routine privacy questions: open a request via the contact form.

Formal requests under the laws referenced in Section 10 (CCPA, CPRA, GDPR, etc.) and other legal notices: hello@neighbors.fyi.