← Back to CommandLife

Privacy Policy

Last updated: March 27, 2026

1. Overview

HOLO LLC (“we”, “us”, “our”) operates CommandLife. This Privacy Policy explains what data we collect, how we use it, and your rights regarding your information.

2. Data We Collect

Account Information

Name, email address, and password hash when you create an account. If you use Google OAuth, we receive your name and email from Google.

User-Entered Data

Financial records, goals, tasks, habits, health logs, journal entries, notes, contacts, and other data you voluntarily enter into the platform. This data belongs to you.

Usage Data

Basic analytics (page views, feature usage) to improve the Service. We do not track individual behavior for advertising purposes.

3. How We Use Your Data

  • To provide and maintain the Service
  • To display your data back to you (dashboards, charts, reports)
  • To power AI features (categorization, insights, chat)
  • To send transactional emails (password resets, billing)
  • To improve the Service based on aggregated, anonymized usage patterns

4. AI Data Processing

When you use AI features, relevant data (such as transaction descriptions or your question) is sent to our AI provider (Anthropic) for processing. This data is used solely to generate your response and is not stored by the AI provider for training purposes. We only send the minimum data needed for each AI request.

5. Data Storage & Security

Your data is stored in a managed MySQL database hosted on DigitalOcean infrastructure. All connections are encrypted in transit (TLS). Passwords are hashed using bcrypt. We implement access controls to prevent unauthorized access to your data.

6. Data Sharing

We do not sell your personal data. We may share data only:

  • With your explicit consent
  • With service providers who help operate the platform (hosting, AI processing)
  • When required by law or legal process
  • To protect our rights or prevent fraud

7. Your Rights

You have the right to:

  • Access— View all data we store about you via the Settings > Export feature
  • Export — Download your data in CSV format at any time
  • Delete — Request deletion of your account and all associated data
  • Correct — Update or correct any inaccurate data

8. Cookies

We use essential cookies only — specifically for authentication session management (NextAuth). We do not use tracking cookies, advertising cookies, or third-party analytics cookies.

9. Data Retention

We retain your data for as long as your account is active. If you delete your account, all associated data is permanently removed within 30 days. Anonymized, aggregated analytics data may be retained indefinitely.

10. Children's Privacy

CommandLife is not intended for users under 18 years of age. We do not knowingly collect data from children.

11. Changes to This Policy

We may update this policy from time to time. We will notify you of significant changes via email or in-app notification. The “Last updated” date at the top indicates when the policy was last revised.

12. Contact

For privacy-related questions, contact us at [email protected].