almost fine·hustle
Pricing
home

What we collect and why

Privacy Notice

Last updated: 2026.

1. Who we are

Almost Fine Hustle is operated by Heather Andree, a sole proprietor ("we", "us", "our"). Heather Andree is the data controller responsible for personal data processed in connection with the Service and is responsible for ensuring that processing complies with applicable data-protection law.

2. Data we collect

We collect the following categories of personal data:

  • Account data — email address, password hash, public handle, account creation date, and (if you sign in with Google) your Google account identifier and basic profile info.
  • Content you create — community-wall posts, bookmarks, tracker entries (amounts, sources, notes, dates), task progress, messages you send to the AI Companion.
  • Subscription and billing data — your subscription status, plan, billing period, and the identifiers Stripe assigns to your customer and subscription. Card numbers, billing address, and tax details are collected and processed directly by Stripe as Merchant of Record — we do not see or store them.
  • Technical and usage data — IP address, device and browser information, pages visited, timestamps, and error logs.
  • Support communications — any messages you send us and our replies.

3. Why we use your data

  • Provide the Service — create your account, save your content across devices, deliver Premium features (contract performance).
  • Operate, secure, and improve the Service — diagnose errors, prevent abuse and fraud, monitor performance (legitimate interests).
  • Customer support — respond to your messages (contract performance / legitimate interests).
  • Legal compliance — meet tax, accounting, and other legal obligations (legal obligation).
  • Communications — send transactional emails (e.g. password reset, receipts via Stripe). We do not send marketing email without your consent.

4. Legal basis for processing

We rely on (a) performance of a contract with you to provide the Service you signed up for, (b) our legitimate interests in running, securing, and improving the Service, (c) compliance with legal obligations, and (d) your consent where required (for example, optional analytics or marketing cookies).

5. Who we share data with

We share personal data only with the following categories of recipients:

  • Stripe — our Merchant of Record. Stripe processes your payments, manages your subscription and renewals, calculates and remits sales tax, and handles invoices, refunds, and chargebacks. See Stripe's Privacy Policy for how they handle your data.
  • Hosting and infrastructure — Supabase (database and authentication) and Cloudflare (CDN and serverless compute) host the Service. They process data on our behalf under written agreements.
  • AI providers — when you use the AI Companion, the prompt content is sent to the underlying AI provider (e.g. OpenAI, Google) via the Lovable AI Gateway to generate a response.
  • Analytics and error tracking — limited usage data (browser, page, timing, errors) used to keep the Service running.
  • Professional advisers — accountants and lawyers where strictly necessary.
  • Authorities — where required by law, court order, or valid legal request.

We do not sell your personal data.

6. International transfers

Our service providers may process your data outside your country of residence, including in the United States and the European Economic Area. Where data is transferred from the UK or EEA to a country without an adequacy decision, we (and our processors) rely on appropriate safeguards such as the European Commission's Standard Contractual Clauses or the UK International Data Transfer Addendum.

7. How long we keep your data

  • Account and content data — for as long as your account is open. When you delete your account, we delete or anonymize your account and content data within 30 days, except where we are required to retain it.
  • Billing and tax records — retained for the period required by applicable tax, accounting, and consumer-protection law (typically 6–10 years), held primarily by Stripe as Merchant of Record.
  • Security and error logs — retained for a limited period (typically up to 90 days) for security investigations and debugging.
  • Support correspondence — retained for as long as reasonably necessary to resolve your issue and maintain records.

8. Your rights

Subject to your local law (including the GDPR if you are in the UK or EEA, and equivalent rights under other regimes such as CCPA), you have the right to:

  • Access the personal data we hold about you;
  • Request that we correct inaccurate data;
  • Request that we delete your data (right to erasure);
  • Request that we restrict or object to certain processing;
  • Request a portable copy of data you provided;
  • Withdraw consent where processing is based on consent;
  • Lodge a complaint with your local data-protection authority.

You can delete your account at any time from the account screen, which triggers deletion of your account and content data. For other rights requests, contact us at the address below. We aim to respond within one month.

9. Security

We use appropriate technical and organizational measures to protect your personal data, including encryption in transit (HTTPS/TLS), encryption at rest for our database, role-based access controls, row-level security on user data, secure password hashing, and regular software updates. No system is perfectly secure; we cannot guarantee absolute security but we work to reduce risk.

10. Cookies and similar technologies

We use a small number of essential cookies and local-storage items required for the Service to work — for example, to keep you signed in and remember your preferences. We do not use third-party advertising cookies. If we introduce optional analytics cookies in the future, we will ask for your consent first.

11. Children

The Service is not intended for children under 16 (or the minimum age in your jurisdiction). We do not knowingly collect personal data from children. If you believe a child has provided us with personal data, contact us and we will delete it.

12. Changes to this notice

We may update this Privacy Notice from time to time. Material changes will be announced in-app. The "Last updated" date at the top reflects the most recent revision.

13. Contact

For privacy questions or to exercise your rights, contact Heather Andree at privacy@almostfinehustle.com. For payment, refund, or invoicing questions, contact Stripe at support.stripe.com. See also our Terms of Service and Refund Policy.