Privacy Policy

Last updated: May 17, 2026

This Privacy Policy describes how HandyBid ("we", "us") collects, uses, and shares information about you when you use the HandyBid website and mobile application (the "Service"). By using HandyBid you agree to this policy.

1. Information we collect

• Account information: name, email, phone, location, role (homeowner / contractor), business name and service categories (contractors).
• Authentication data: hashed password, login timestamps, failed-login counters used to prevent abuse.
• Listings and transactions: jobs posted, bids placed, messages exchanged, reviews left, payment status.
• Payment data: processed by Stripe. We do not see or store your full card number. We retain transaction IDs to support refunds and dispute resolution.
• Technical data: IP address, user-agent, request logs (for security and debugging).

2. How we use your information

• To operate the marketplace: showing your jobs to contractors and bids to homeowners, routing messages.
• To process payments through Stripe and Stripe Connect.
• To send transactional email (verification, password reset, payment receipts, account changes).
• To prevent fraud and abuse (rate limiting, account lockout, anomaly detection).
• To comply with legal obligations (tax, anti-fraud, lawful requests).

3. Sharing

We share information with:

• Other users on the platform as needed to facilitate the marketplace (e.g., your name and listing details are visible to potential bidders).
• Stripe, our payment processor, who collects payment information directly from you under their own privacy policy.
• Email delivery providers for sending transactional messages.
• Law enforcement when required by valid legal process.

We do not sell your personal information.

4. Your rights

• Access and correction: edit your profile in Settings.
• Deletion: delete your account at any time from Account → Delete. This removes your personal data; anonymized transaction records may be retained where required by law.
• Email opt-out: transactional email is required for account security; marketing email (if any) can be unsubscribed via the email footer.
• If you are in the EU/UK, you have additional rights under GDPR/UK-GDPR including data portability and the right to lodge a complaint with your supervisory authority.
• If you are a California resident you have rights under the CCPA/CPRA.

5. Data retention

Account data is retained while your account is active and deleted upon request, except for transaction records we are legally required to keep (typically 7 years for tax purposes).

6. Security

Passwords are stored as one-way hashes. All traffic is served over HTTPS. We use industry-standard practices (CSRF protection, rate limiting, security headers, account lockout) but no system is perfectly secure.

7. Children

HandyBid is not directed to children under 13. We do not knowingly collect personal information from children under 13.

8. Changes

We may update this policy. Material changes will be communicated by email and announced in-app at least 7 days before they take effect.

9. Contact

Questions or requests: support@handy.bid.

This template is a starting point and is not legal advice. Have it reviewed by a lawyer before launch.