WAHOA

Privacy

Last updated: 2026-05-01

WAHOA hosts portals for individual homeowners associations. This policy describes what we collect when you, as a resident or board member, use a WAHOA-hosted portal at {your-hoa}.wahoa.org.

What we collect

  • Account information — your email address, display name, and the role assigned to you (resident, board member, or admin).
  • Authentication metadata — hashed IP addresses and user-agent strings on each login, password reset, and document access. We use HMAC with a per-environment secret so a database snapshot cannot be reversed to your raw IP.
  • Documents you or your board upload — files are stored in Cloudflare R2 with per-HOA access scoping.
  • Audit log entries — every login, document view, and admin action is recorded against your user ID.

What we do not collect

  • Raw IP addresses or device fingerprints retained beyond the hashed audit entry.
  • Tracking cookies or third-party analytics.
  • Payment card data — billing, if applicable, is handled by your management company or our billing processor (Stripe), not by us.

Who has access

Within a given HOA, residents see all-visibility documents; board members and admins see board-only documents. No data is shared across HOAs. WAHOA staff access individual HOA data only when needed for support or in response to a documented request from the board.

Retention

Account records persist for the duration of your residency. Audit log entries are retained for 24 months and pruned nightly. Documents persist until deleted by your board.

Your rights

If you live in California, Washington, or another state with a consumer privacy law, you may request access to or deletion of your data. Email privacy@wahoa.org with your HOA name and we'll route the request to the responsible board within 30 days.

Contact

Privacy questions: privacy@wahoa.org