Privacy Policy

1. Introduction

Welcome to HardChoice ("we," "our," or "us"). HardChoice is a decision-making tool designed to help couples make difficult choices together. We are committed to protecting your privacy and ensuring the security of your personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our service.

HardChoice is operated by ChamsDel Online LLC (the "Company"). By using HardChoice, you agree to the collection and use of information in accordance with this policy.

2. Information We Collect

2.1 Decision Data (Stored in Our Database)

When you use HardChoice, the following data is stored in our secure database (hosted on Supabase):

• Decision titles, descriptions, and deadlines
• Decision options you create
• Criteria ("what matters") you define, including category tags
• Must-haves and dealbreakers (text, type, and strength)
• Importance ratings (how you weight each criterion, 0-100 points)
• Fit ratings (how well each option fits each criterion, scale 1-10)
• Red flags and concerns (severity, who it affects, description)
• Final decision choice, confidence levels, reasoning bullets, and tradeoff notes
• Check-in data (satisfaction, stress, and friction ratings on a 0-10 scale, plus optional notes)
• Action items/tasks assigned to participants

2.2 AI Mediation Data (Stored in Our Database)

If you use the AI-powered mediation feature ("Clarity"), we store:

• Mediation session records (status, conflicts discussed, summary)
• Pre-mediation emotional check-in data (mood, biggest concern, flexibility notes)
• Mediation chat messages (your messages and AI responses)
• AI-generated insights and discussion messages about conflicts

AI mediation conversations are processed using OpenAI's API. Messages are sent to OpenAI for generating responses but are not used by OpenAI to train their models (per their API data usage policy).

2.3 Participant Information (Stored in Our Database)

We collect minimal participant information:

• Display names (nicknames you choose — not your real name unless you choose to use it)
• Avatar colors (for visual distinction between partners)
• Participant role (which partner you are in a decision)
• Submission status (whether you have completed your private evaluation)

2.4 Authentication Data

HardChoice supports two modes of use:

• Authenticated (Account) Mode: If you sign in, your email address is stored in Supabase Auth (our authentication provider). Your email is used solely for passwordless login verification (one-time passcode). Your identity in the database is stored as an HMAC-derived hash of your email — meaning your email address cannot be derived from your database records. Your email is never visible to your partner.
• Anonymous (Session) Mode: You can use HardChoice without providing an email address. A random session identifier is generated and stored in your browser's localStorage. No personally identifiable information is required.

2.5 Payment Information

If you purchase decision credits, payment processing is handled entirely by Stripe. We never see or store your full payment card number, CVV, or billing address. We only store:

• Credit balance (number of decision credits remaining)
• Transaction history (credit amount, reason, Stripe session ID, timestamp)

2.6 Feedback Data (Stored in Our Database)

If you submit feedback through the in-app feedback form, we store:

• Your message
• Your email address (only if you voluntarily provide it)
• The page you were on when submitting
• Your browser's user agent string

2.7 Waitlist Information

If you join our waitlist, we collect your email address through MailerLite. This information is used solely to notify you about product updates and new features. You can unsubscribe at any time. Waitlist data is stored by MailerLite, not in our database.

2.8 Usage Data (Analytics)

We use Google Analytics to collect anonymized usage data:

• Pages visited and interaction patterns
• Device type, browser type, and operating system
• Approximate geographic location (country/region level)
• Referral sources

Google Analytics data is anonymized and cannot be linked to your decision data or identity. We do not use Google Analytics to track individual users.

3. Data Stored in Your Browser

HardChoice stores certain data locally in your browser's localStorage. This data never leaves your device unless explicitly sent to our servers as part of normal app functionality (e.g., identifying you as a participant):

Important: If you clear your browser data or switch devices while using anonymous (session) mode, you will lose access to your decisions because the session ID that identifies you is stored only in your browser. Authenticated users can log in from any device.

HardChoice does not use cookies for tracking. Supabase Auth uses a secure HTTP-only cookie for authenticated session management only.

4. What We Do NOT Store

To be fully transparent, the following data is never stored by HardChoice:

• Credit card numbers, CVVs, or billing addresses (handled entirely by Stripe)
• Your real name (unless you choose it as your display name)
• Your partner's email address (we don't collect it for anonymous partners)
• Photos, files, or media uploads (HardChoice is text-only)
• Location data (GPS, precise geolocation)
• Contact lists or phone numbers
• Social media profiles or connections
• Browsing history outside of HardChoice

5. How We Use Your Information

We use the information we collect to:

• Provide and maintain the HardChoice service
• Enable decision-making features and real-time collaboration between participants
• Calculate decision scores and identify areas of agreement/conflict
• Power AI mediation features (via OpenAI API)
• Process payments and manage credit transactions
• Send waitlist updates and product notifications (if you've subscribed)
• Improve our service through anonymized analytics and user feedback
• Ensure security and prevent fraud
• Comply with legal obligations

6. Privacy-First Design

HardChoice is built with privacy as a core principle:

• Private by Default: Your answers are private until you choose to reveal them to your partner
• No Social Features: There are no public feeds, sharing, or social networking features
• Session-Based: You can use HardChoice without creating an account or providing an email address
• Row-Level Security: Our database uses Row-Level Security (RLS) to ensure participants can only access their own data until reveal
• HMAC-Hashed Identity: Authenticated users' email addresses are never stored alongside decision data — only a one-way cryptographic hash is used
• Encryption: All data is encrypted in transit (HTTPS/TLS) and at rest (Supabase platform encryption)
• CISO-Built: HardChoice is built by a Chief Information Security Officer (CISO) with deep security and privacy expertise

7. Data Sharing and Disclosure

We do not sell, trade, or rent your personal information to third parties. We may share your information only in the following circumstances:

7.1 With Your Partner

Once you choose to reveal your decision data, it becomes visible to your partner (the other participant in the decision). This is an intentional feature of the service. Before reveal, your partner cannot see your private ratings, importance scores, or red flags.

7.2 Service Providers

We use trusted third-party services to operate HardChoice:

7.3 Legal Requirements

We may disclose your information if required by law, court order, or government regulation, or if we believe disclosure is necessary to protect our rights, your safety, or the safety of others.

8. Data Retention

We retain your data for different periods depending on the type:

9. Data Security

We implement industry-standard security measures to protect your data:

• Encryption in transit: All connections use TLS/SSL (HTTPS)
• Encryption at rest: Database encrypted by Supabase platform
• Row-Level Security (RLS): Database policies ensure you can only access data you're authorized to see
• HMAC-hashed identity: Your email is never stored alongside your decision data
• Secure authentication: Passwordless OTP (one-time passcode) via email
• No password storage: We never store passwords because we don't use them
• Secure session cookies: HTTP-only, same-site cookies for auth sessions

However, no method of transmission over the Internet or electronic storage is 100% secure. While we strive to use commercially acceptable means to protect your information, we cannot guarantee absolute security.

10. Your Rights and Choices

You have the following rights regarding your data:

• Access: Request access to your personal data
• Correction: Request correction of inaccurate data
• Deletion: Request deletion of your data (subject to legal and operational requirements)
• Data Portability: Request a copy of your data in a portable format
• Opt-Out: Unsubscribe from waitlist emails at any time
• Browser Data: Clear localStorage data at any time through your browser settings

To exercise these rights, please contact us at the email address provided in the "Contact Us" section below.

11. Children's Privacy

HardChoice is not intended for users under the age of 18. We do not knowingly collect personal information from children. If you believe we have collected information from a child, please contact us immediately.

12. International Data Transfers

Your information may be transferred to and processed in countries other than your country of residence. Our infrastructure providers (Supabase, Vercel, Stripe) operate globally. These countries may have data protection laws that differ from those in your country. By using HardChoice, you consent to the transfer of your information to these countries.

13. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the "Last Updated" date. You are advised to review this Privacy Policy periodically for any changes.

14. Contact Us

If you have any questions about this Privacy Policy or our data practices, please contact us: