Handld

Privacy Policy

Last updated: 1 May 2026

Placeholder: This policy has not been reviewed by a lawyer and is provided for informational purposes only. It must be reviewed and approved before the paid tier launches, before EU users are onboarded, and before CCPA obligations apply. See S-036 and S-037.

1. Introduction

Handld (“we”, “us”, “our”) provides recurring purchase automation software at justhandld.com and app.justhandld.com. This Privacy Policy explains how we collect, use, and protect information you provide when using our services.

2. Information We Collect

We collect information you provide directly:

  • Account registration details (email address, password hash)
  • Household profile (size, member details you choose to add)
  • Product lists and consumption preferences
  • Order history and approval decisions
  • Payment method details (processed by a third-party payment provider)

We also collect automatically:

  • Usage logs (pages visited, features used, error events)
  • Device and browser information
  • IP address (for security and fraud prevention)

3. Information We Never Share

The following categories of information are held to the highest standard of protection. They are never shared with third parties, never sold, and never used outside your own predictions:

  • Health information (conditions, medications, allergies)
  • Full payment method details (we receive only a tokenised reference)
  • Sensitive demographic information (religion, ethnicity, skin tone)
  • Children's personal information

4. How We Use Your Information

  • To provide and improve the prediction and ordering service
  • To authenticate your account and send transactional emails
  • To generate aggregate, anonymised cohort models that improve predictions for all users
  • To comply with legal obligations

5. Data Products and Revenue Sharing [PLACEHOLDER]

[PLACEHOLDER — legal review required] Handld may offer an optional data licensing programme in which aggregated, fully anonymised usage patterns are licensed to third parties. Participation is optional and requires explicit opt-in consent. No individual-level data is ever included. Details of the revenue sharing programme, if launched, will be published here and require fresh consent.

6. Your Rights and Choices

  • Access and download all your data at any time from account settings
  • Delete your account and all associated data
  • Opt out of all non-essential communications
  • GDPR rights (access, rectification, erasure, portability) — contact privacy@justhandld.com
  • CCPA rights (do not sell my data) — we do not sell personal data

7. Data Security

Handld uses industry-standard security measures including encryption in transit (TLS) and at rest, row-level security in our database, and access controls limiting employee access to personal data. We use Supabase for authentication and database hosting.

8. Children's Privacy [COPPA PLACEHOLDER]

[PLACEHOLDER — legal review required] Handld is not directed to children under 13. We do not knowingly collect personal information from children under 13. If we become aware of such collection, we will delete the information promptly. Parents or guardians who believe we have inadvertently collected information about a child should contact privacy@justhandld.com.

9. Contact

For privacy-related questions: privacy@justhandld.com

10. Changes

We may update this policy from time to time. Material changes will be communicated by email to registered users at least 30 days before taking effect. The “Last updated” date at the top of this page will always reflect the most recent version.