Privacy Policy

Last updated: April 3, 2026

1. Introduction

Flying Gizmo LLC ("we," "us," or "our") operates MyHomebase (the "Service"), a home management platform. This Privacy Policy explains how we collect, use, store, and protect your personal information when you use our Service. By creating an account or using MyHomebase, you agree to the practices described in this policy. If you do not agree with this policy, please do not use the Service.

2. Information We Collect

2.1 Personal Information

When you create an account and use the Service, we collect the following personal information:

  • Account information: Name, email address, and profile details
  • Phone number (if provided for contact preferences)

2.2 Home Data

To provide our home management features, we collect data about your home including:

  • Property details: Address, property type, square footage, year built
  • Assets and systems: Appliances, HVAC systems, roofing, plumbing, and other home components
  • Warranties: Warranty information, expiration dates, and coverage details associated with your home assets
  • Maintenance records: Service history, maintenance schedules, and task completion data
  • Contractor information: Names, contact details, and reviews of service providers you add

2.3 Financial Data

We collect financial information you enter into the Service to help you track home-related expenses:

  • Expense records and categories (maintenance costs, utility bills, improvement expenses)
  • Budget information and income data you choose to enter
  • Bill tracking information

Important: We do NOT collect or store bank account numbers, credit card numbers, or other direct financial account credentials. Payment processing (when activated) is handled entirely by Stripe, and we never have access to your full payment card details.

2.4 Documents

You may upload files to the Service, including receipts, contracts, warranties, home inspection reports, insurance documents, and other home-related files. These documents are stored securely and are accessible only to you and authorized members of your household. All uploaded files are scanned for malware using ClamAV before being stored.

2.5 Usage Analytics

We collect information about how you interact with the Service, including pages visited, features used, actions taken, timestamps, browser type, device information, and IP address. This data helps us improve the Service, diagnose technical issues, and understand usage patterns.

3. How We Use Your Information

We use the information we collect for the following purposes:

  • Providing the Service: To operate, maintain, and deliver all features of MyHomebase, including home management, expense tracking, document storage, and community features
  • AI-powered features: To process your data through artificial intelligence for document categorization, expense categorization, maintenance schedule recommendations, home health insights, and other intelligent features
  • Maintenance reminders: To send you timely notifications and reminders about upcoming maintenance tasks, warranty expirations, and scheduled service
  • Communication: To send you service-related notifications, respond to support requests, and notify you of important changes to the Service or these policies
  • Service improvement: To analyze usage patterns, diagnose technical issues, and improve the quality and functionality of the Service
  • Security: To detect, prevent, and address fraud, abuse, security risks, and technical issues

We do not sell your personal information. We do not use your personal data to train AI models. AI features process your data in real-time to provide insights and do not retain your data beyond the immediate processing session.

4. Anonymized and Aggregated Data Sharing

We may create anonymized, de-identified, and aggregated data ("Aggregated Data") from information collected through the Service. This Aggregated Data does not identify you personally and cannot be used to identify, contact, or locate any individual user.

We may share Aggregated Data with third-party partners for purposes including research, analytics, product development, and business intelligence. Examples of Aggregated Data include:

  • Warranty duration trends and failure rates by appliance type
  • Average home maintenance costs by region or property type
  • Seasonal maintenance patterns and common repair frequencies
  • Trending expense categories and cost benchmarks

This data NEVER identifies individual users. Our anonymization process irreversibly strips all personal identifiers — including names, email addresses, property addresses, financial details, and any other data that could reasonably be used to identify an individual — before any data is shared externally.

Your personal information (names, emails, addresses, financial details) is NEVER sold to any third party, under any circumstances.

5. Data Storage and Security

We take the security of your data seriously and implement multiple layers of protection:

  • Encryption at rest: All data stored in our database is encrypted at rest using industry-standard encryption
  • Encryption in transit: All data transmitted between your browser and our servers is encrypted using TLS/SSL
  • Row-level security (RLS): Our database enforces row-level security policies, ensuring that users can only access their own data. No user can view, modify, or delete another user's information
  • Hosting: Our database and authentication services are hosted on Supabase, a trusted infrastructure provider with SOC 2 Type II compliance
  • Data location: Your data is stored on servers located in the United States
  • Malware scanning: All uploaded files are scanned for malware before being stored

While we strive to use commercially acceptable means to protect your data, no method of transmission over the Internet or electronic storage is 100% secure. We cannot guarantee absolute security, but we are committed to protecting your information to the best of our ability.

6. Third-Party Services

We use the following third-party services to operate and improve MyHomebase. Each service receives only the minimum data necessary to perform its function:

  • Supabase — Authentication, database hosting, and file storage. Supabase stores your account credentials and all application data
  • Stripe — Payment processing (when activated). Stripe handles all payment card information directly; we never store your full card details
  • Google AI / Groq / RunPod — AI processing for document analysis, categorization, maintenance recommendations, and other intelligent features. Data sent to these providers for analysis is processed in real-time and is not stored by these providers beyond the immediate processing session
  • Resend — Email notifications including maintenance reminders, account alerts, and transactional emails
  • ClamAV — Malware scanning of uploaded files to protect against viruses and malicious content

These third-party providers are contractually obligated to protect your data and may only use it to perform services on our behalf. We do not permit these providers to use your personal data for their own marketing or commercial purposes.

7. Cookies

We use cookies in a minimal and privacy-respecting manner:

  • Session cookies: We use essential session cookies for authentication and to keep you signed in. These are strictly necessary for the Service to function
  • No tracking cookies: We do not use cookies to track your browsing activity across other websites
  • No third-party advertising cookies: We do not place or allow any third-party advertising cookies on our Service

Because we only use strictly necessary cookies for authentication, no cookie consent banner is required. You may configure your browser to block cookies, but doing so may prevent you from signing in or using the Service.

8. Data Retention

We retain your data according to the following policies:

  • Active accounts: Your data is retained for as long as your account remains active. You may access, modify, export, or delete your data at any time
  • Deleted accounts: When you delete your account, all associated personal data (including profile information, home data, financial records, documents, and community posts) is permanently purged from our systems within 30 days
  • Soft-deleted documents: Documents you delete within the app are soft-deleted and can be recovered for up to 30 days. After 30 days, soft-deleted documents are permanently removed and cannot be recovered
  • Backups: Data may persist in encrypted backups for a limited period after deletion, but these backups are not used for any purpose other than disaster recovery and are purged on a rolling basis

9. Disclosure of Data

We may disclose your personal data only in the following limited circumstances:

  • Legal obligation: When required to comply with applicable law, regulation, legal process, or enforceable governmental request
  • Protection of rights: To protect and defend the rights, property, or safety of Flying Gizmo LLC, our users, or the public
  • Fraud prevention: To detect, prevent, or address fraud, security issues, or technical problems
  • Business transfer: In connection with a merger, acquisition, or sale of assets, in which case your data would remain subject to this Privacy Policy
  • With your consent: In any other circumstance, only with your explicit consent

10. Your Data Protection Rights

Regardless of your location, we provide all users with the following data rights:

  • Right to Access: You have the right to request copies of your personal data and know what information we hold about you
  • Right to Rectification: You have the right to correct any information you believe is inaccurate or incomplete, directly through your profile settings
  • Right to Erasure: You have the right to request that we delete your personal data. You can delete your entire account and all associated data at any time
  • Right to Data Portability: You have the right to export all of your data in a machine-readable format (JSON)
  • Right to Restrict Processing: You have the right to request that we restrict the processing of your personal data under certain conditions
  • Right to Object: You have the right to object to our processing of your personal data
  • Right to Opt-Out of Data Sharing: You have the right to opt out of any anonymized or aggregated data sharing by contacting us at admin@flyinggizmo.com

You can exercise your right to data portability and erasure directly within the Service by going to Settings → Data & Privacy:

  • Export All My Data: Instantly download a complete JSON file containing all your personal data
  • Delete Account & All Data: Permanently delete your account and all associated data

For any other data protection requests, please contact us at admin@flyinggizmo.com. We will respond to your request within 30 days.

11. CCPA and GDPR Compliance

California Consumer Privacy Act (CCPA)

If you are a California resident, you have additional rights under the CCPA:

  • Right to Know: You can request details about the categories and specific pieces of personal information we have collected about you
  • Right to Delete: You can request deletion of your personal information, subject to certain exceptions
  • Right to Opt-Out: You can opt out of the "sale" of personal information. Note: we do not sell your personal information as defined by the CCPA
  • Right to Non-Discrimination: We will not discriminate against you for exercising your CCPA rights

General Data Protection Regulation (GDPR)

If you are located in the European Economic Area (EEA) or the United Kingdom, you have additional rights under the GDPR, including:

  • The right to access, update, or delete your personal information
  • The right to data portability
  • The right to restrict or object to processing
  • The right to withdraw consent at any time
  • The right to lodge a complaint with a supervisory authority

Our legal basis for processing your personal data is: (a) your consent when you create an account, (b) the performance of our contract with you (the Terms of Service), and (c) our legitimate interests in operating and improving the Service, provided those interests do not override your fundamental rights.

To exercise any of these rights, contact us at admin@flyinggizmo.com or use the self-service tools in Settings → Data & Privacy.

12. Children's Privacy

MyHomebase is not intended for use by anyone under the age of 13. We do not knowingly collect personally identifiable information from children under 13 in compliance with the Children's Online Privacy Protection Act (COPPA). If you are a parent or guardian and believe your child has provided us with personal data, please contact us immediately at admin@flyinggizmo.com. If we become aware that we have collected personal data from a child under 13 without verification of parental consent, we will take steps to delete that information from our servers promptly.

13. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. When we make changes, we will update the "Last updated" date at the top of this page. For material changes that significantly affect how we handle your personal data, we will notify you via email at the address associated with your account at least 30 days before the changes take effect. Your continued use of the Service after the effective date of any changes constitutes your acceptance of the updated Privacy Policy.

14. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

Flying Gizmo LLC

Email: admin@flyinggizmo.com

We aim to respond to all privacy-related inquiries within 30 days.

© 2026 Flying Gizmo LLC. All rights reserved.