Privacy Policy

Effective date: May 2026  ·  Last updated: May 2026

1. Data We Collect

When you use LIVABILITY, we collect and store:

• Account data: username and bcrypt-hashed password. No plain-text passwords are ever stored.
• Analysis results: locations you analyze and the cost estimates returned, stored in your saved history if you choose to save them.
• Usage logs: AI token usage (input/output token counts, endpoint, timestamp) for operational monitoring. These logs reference your user ID, not personally identifiable information.
• Settings data: your home city, expense category presets, and hotspot want preferences.

We do not collect email addresses, payment information (processed externally by Stripe when applicable), or precise location data beyond what you type into the search form.

2. How We Use Your Data

• To provide personalized cost-of-living analysis and history
• To monitor and improve service reliability and performance
• To enforce usage quotas and prevent abuse
• To process payments (when applicable, via Stripe — we never see your card details)

3. Data Sharing

We do not sell, rent, or share your personal data with third parties except:

• Anthropic: location queries are processed by Anthropic's Claude AI. Your username is not sent to Anthropic — only the location string and prompt text.
• Stripe: when you subscribe to a paid plan, Stripe processes payment information under their own privacy policy.
• Legal requirements: we may disclose data if required by law or to protect the rights and safety of users.

4. Data Retention

Your account data and saved results are retained until you delete your account. Location cost estimates are cached for up to 30 days in a shared cache (not linked to your account). Usage logs are retained for operational purposes and may be anonymized after 90 days.

5. Your Rights

You have the right to:

• Access your data via the Dashboard tab in the app
• Delete your account and all associated data via Settings → Delete Account. This is permanent and immediate.
• Export your saved analysis history as CSV or PDF via the Dashboard export feature

For GDPR (EU) and CCPA (California) users: you may exercise your right to erasure at any time using the Delete Account feature. No separate request to us is required.

6. Security

We use HTTPS for all traffic, bcrypt for password hashing, and JWT tokens with expiry for session management. Security headers (CSP, X-Frame-Options, etc.) are applied to all responses. No security measure is 100% foolproof — please use a strong, unique password.

7. Cookies and Local Storage

We use browser localStorage to store your session token locally. No third-party tracking cookies are used. No analytics services are embedded in the app.

8. Changes to This Policy

We may update this Privacy Policy as the Service evolves. Material changes will be noted in the app. Continued use of the Service after changes are posted constitutes acceptance.

9. Contact

To exercise your data rights or ask questions about this policy, use the account deletion feature in Settings or review the Terms of Service.