Privacy Policy

Last updated: May 3, 2026

Boilerplate placeholder. Have a qualified attorney review and customize for your jurisdiction (GDPR, CCPA, etc.) before going live.

Houses360 (“we”, “us”) takes your privacy seriously. This policy explains what we collect, how we use it, and the rights you have.

1. Information We Collect

  • Account info: name, email, phone, password (hashed). Provided when you register.
  • Tour content: 360° panoramas, photos, video, floor plans, property details, branding, and any other content you upload.
  • Lead data: contact details visitors submit through your tours’ contact forms.
  • Payment info: card details are handled directly by Stripe; we never see or store your card number. We retain your Stripe customer/subscription ID and invoice history.
  • Usage data: anonymized analytics (tour views, scene navigation, hotspot clicks). IP addresses are hashed before storage.
  • Cookies: session cookies for login, signed cookies for private-tour unlocks. No third-party tracking cookies.

2. How We Use Your Information

  • To operate the Service and serve your tours to viewers.
  • To process payments and manage subscriptions.
  • To send transactional emails (verification, password resets, lead notifications, billing receipts).
  • To improve features and diagnose issues.
  • To enforce our Terms of Service and prevent abuse.

3. How We Share Information

We do not sell your personal information. We share with these third-party processors:

  • Stripe — payment processing.
  • Email provider (e.g., SendGrid, Postmark, AWS SES) — transactional email delivery.
  • Hosting / CDN — serving the Service.

We may disclose information if required by law, to protect our rights, or in connection with a merger or acquisition.

4. Data Retention

We retain account and tour data for as long as your account is active. After account closure, we retain financial records as required by law and may retain anonymized analytics indefinitely.

5. Your Rights

Depending on where you live, you may have rights to access, correct, delete, or export your personal data. Contact us at the address below to exercise any of these rights.

6. Security

We use industry-standard security practices including encrypted connections (HTTPS), bcrypt password hashing, CSRF protection, and signature verification on webhooks. No system is perfectly secure, however — you use the Service at your own risk.

7. Children

The Service is not intended for users under 16. We do not knowingly collect data from children.

8. Changes

We may update this policy. Material changes will be communicated by email or in-app notice.

9. Contact

Privacy questions? Get in touch.