Privacy Policy

The Simple Truth

I'm Mike C Singer, and I built HandoffKit to solve my own problem with AI session continuity. This privacy policy reflects how I'd want my own data to be treated: with respect, transparency, and absolutely no bullshit.

Your data is never sold or shared with third parties for marketing purposes. Period.

What We Collect

Account Information

• Email address (for authentication and support)
• Password (encrypted by Supabase)
• Subscription status (managed by Stripe)

Your Content

• Projects, personas, and cells you create
• This is YOUR content - we just store it for you
• We never read, analyze, or use your content for any purpose other than providing the service

Usage Data

• Basic analytics via Google Analytics (page views, general usage patterns)
• This helps me understand if people are finding and using HandoffKit
• It's for my education as a solo developer, not for selling data

Payment Information

• Handled entirely by Stripe - we never see your credit card number
• We only store your Stripe customer ID to manage subscriptions

How We Use Your Data

• To provide the HandoffKit service (storing and organizing your AI context)
• To manage your subscription and billing
• To send critical service updates (not marketing spam)
• To respond to your support requests

Who Has Access

Service Providers

• Supabase: Hosts our database and handles authentication
• Stripe: Processes payments
• Vercel: Hosts the application
• Google Analytics: Basic usage analytics

These are reputable companies with their own privacy policies. I chose them specifically because they're trustworthy with user data.

Not Shared With

• Advertisers (never)
• Data brokers (never)
• Marketing companies (never)
• Any other third parties for commercial purposes

Your Rights

• Access: You can export your data anytime from the app
• Deletion: Email me to delete your account and all associated data
• Correction: You can update your information in the app
• Portability: Your content is always exportable in plain text

Data Security

Your data is protected by:

• Encrypted connections (HTTPS/TLS)
• Encrypted passwords (bcrypt via Supabase)
• Row Level Security (RLS) in the database - you can only access your own data
• Secure authentication tokens

I take security seriously, but no system is perfect. If there's ever a breach, I'll notify affected users within 72 hours.

Cookies

We use essential cookies for:

• Keeping you logged in
• Remembering your preferences
• Basic analytics (Google Analytics)

No tracking cookies. No advertising cookies. No creepy cross-site tracking.

Children's Privacy

HandoffKit is not intended for children under 13. If you're under 13, please don't use HandoffKit without parental supervision.

Changes to This Policy

If I need to update this policy, I'll:

• Post the new policy here
• Update the "Last updated" date
• Notify you by email for significant changes

Contact Me

Questions? Concerns? Just want to chat?

Email: support@handoffkit.com

I'm a solo developer, not a corporation. I'll personally read and respond to your message.