Privacy Policy

Last updated: March 22, 2026

1. Introduction

This Privacy Policy describes how Reconvene, operated by Reconvene LLC ("we," "us," or "our"), collects, uses, and protects your personal information when you use our property management platform ("the Service").

By using the Service, you consent to the practices described in this policy.

2. Information We Collect

Account Information

When you register or are invited to the Service, we collect:

  • Full name
  • Email address
  • Phone number (optional)
  • Password (stored as a cryptographic hash, never in plain text)
  • Unit number (assigned by your property manager)

Property Manager Registration

Property managers who register also provide:

  • Company name and title
  • Property/organization name

User-Uploaded Content

Documents, images, and other files you upload are stored securely. Announcement content, service request details, and meeting information are stored as part of the Service's operation.

Automatically Collected Information

  • IP address (used for rate limiting and security)
  • Browser type and device information (via Vercel Analytics)
  • Pages visited and usage patterns (via Vercel Analytics)

3. How We Use Your Information

We use your information to:

  • Provide the Service — authenticate your identity, display your organization's data, and enable communication within your community
  • Send transactional emails — account invitations, password reset links, and announcement notifications that you or your administrator have opted into
  • Maintain security — rate limiting login attempts, detecting unauthorized access, and preventing abuse
  • Improve the Service — understand usage patterns through aggregated, anonymized analytics

4. Information Sharing

We do not sell your personal information. We share your information only in the following circumstances:

  • Within your organization — your name, email, unit number, and role are visible to authorized users within your organization (e.g., property managers and administrators can see resident contact information)
  • Service providers — we use third-party services to operate the platform:
    • Neon (database hosting)
    • Vercel (application hosting and analytics)
    • Resend (transactional email delivery)
    • Vercel Blob (file storage)
  • Legal requirements — when required by law, court order, or governmental authority

5. Data Isolation

The Service uses a multi-tenant architecture with strict data isolation. Each organization's data is logically separated. Users can only access data within the organizations they belong to, and only according to their assigned role and permissions.

6. Data Security

We implement industry-standard security measures to protect your information:

  • All data transmitted over HTTPS with HSTS enforcement
  • Passwords hashed using bcrypt
  • Content Security Policy (CSP) and other security headers
  • Rate limiting on authentication endpoints
  • JWT-based sessions with 7-day expiration
  • Role-based access control on all API endpoints

No method of transmission or storage is 100% secure. While we strive to protect your data, we cannot guarantee absolute security.

7. Data Retention

We retain your account information and associated content for as long as your account is active or as needed to provide the Service.

If your account is terminated or your organization is removed, we will delete your personal data within 90 days, except where retention is required by law or for legitimate business purposes (e.g., billing records).

Uploaded documents and files are deleted when removed by an authorized user or upon account termination.

8. Your Rights

Depending on your jurisdiction, you may have the right to:

  • Access — request a copy of the personal data we hold about you
  • Correction — request correction of inaccurate personal data
  • Deletion — request deletion of your personal data
  • Portability — request your data in a structured, machine-readable format
  • Objection — object to processing of your personal data

To exercise any of these rights, contact us at the address below. We will respond within 30 days.

9. Cookies

The Service uses essential cookies for authentication and session management. These cookies are strictly necessary for the Service to function and cannot be disabled.

We use Vercel Analytics for aggregated, privacy-friendly usage analytics. Vercel Analytics does not use cookies and does not track users across sites.

10. Children's Privacy

The Service is not intended for children under the age of 16. We do not knowingly collect personal information from children. If you believe a child has provided us with personal information, please contact us and we will delete it.

11. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify registered users of material changes via email or in-app notice. The "Last updated" date at the top of this page reflects when the policy was last revised.

12. Contact

If you have questions about this Privacy Policy or wish to exercise your data rights, please contact us at:

Reconvene LLC
Email: support@reconvene.app