Privacy Policy

HALOFIX USA LLC ("HALOFIX," "we," "us," or "our") respects your privacy. This Privacy Policy explains how we collect, use, store, and protect your personal information when you use our website, mobile application, and platform services (collectively, the "Service").

We comply with the Florida Information Protection Act (FIPA), the Children's Online Privacy Protection Act (COPPA), and other applicable privacy laws. We write this policy in plain language so it is easy to understand.

We collect only the information needed to provide our services. We do not collect more than necessary.

We do not collect sensitive information like Social Security numbers, health records, or biometric data unless legally required for specific hero verification purposes.

We use your personal information to:

• Provide Services: Create your account, process bookings, and coordinate with heroes
• Match You with Heroes: Use your location and service needs to find available, qualified heroes
• Communicate: Send booking confirmations, arrival notifications, and service updates
• Process Payments: Handle billing and payments through our secure payment processor
• Ensure Compliance: Meet legal requirements, verify hero licenses, and prevent fraud
• Improve Our Service: Analyze usage patterns to make our platform better (using anonymized data only)

We only use your data for the purposes listed here. If we ever want to use it for something else, we will ask for your permission first.

We only share your data in these limited circumstances:

• With Your Hero: Once a hero accepts your job, we share your contact information and address so they can perform the service
• Service Providers: We use trusted companies (like Stripe for payments, Twilio for texts) that help us run our platform. They are contractually bound to protect your data.
• Legal Requirements: We may share data if required by law, such as to comply with a court order or government request
• Emergencies: To protect your safety or the safety of others in an emergency

We collect GPS location data, but only when you have an active booking. Here is how it works:

• When: dispatch updates is active only during the period between hero dispatch and job completion
• What: We track the hero's location to show you their estimated arrival time
• How Long: GPS coordinates are stored for 10 minutes in temporary memory (Redis cache) and then automatically deleted
• Permanent Records: We keep only milestone events (job started, hero arrived, job completed) — not continuous location history

We use artificial intelligence to help improve our services. Here is what you should know:

• AI Estimates: When you upload photos for an estimate, our AI analyzes them to provide an approximate cost range. These are estimates only — final quotes come from heroes after inspection.
• Hero Matching: Our system uses algorithms to suggest heroes based on location, availability, and expertise. You always choose which hero to book.
• Fraud Detection: Automated systems help us detect suspicious activity to protect your account.
• Human Review: Important decisions (like account suspension or dispute resolution) always involve human review.

You have the right to request human review of any automated decision that significantly affects you. Contact us at privacy@halofixusa.com to request a human review.

Under Florida Law §934.03 (two-party consent), we notify all callers that calls may be recorded. Here is how it works:

• Notice: An automated message plays at the start of each call informing you that the call may be recorded
• Purpose: We record calls for quality assurance, training, and to resolve disputes
• Retention: Call recordings are kept for 90 days unless related to a dispute, in which case they are kept until the dispute is resolved
• Access: You may request a copy of recordings involving you by contacting privacy@halofixusa.com

If you do not wish to be recorded, you may end the call and contact us via email or through our website chat.

By providing your phone number and checking the SMS consent box during booking, you agree to receive transactional text messages from HALOFIX USA LLC related to your home service bookings. These messages may include:

• Booking confirmations and appointment reminders
• Hero dispatch and arrival notifications
• Service completion and payment updates
• Digital warranty and receipt delivery

Message frequency varies based on your service bookings. Message and data rates may apply. You can opt out at any time by replying STOP to any message. For help, reply HELP or contact us at support@halofixusa.com or call (786) 550-2580.

Your consent to receive SMS is not a condition of purchasing services. We will never share your phone number with third parties for marketing purposes.

If you have separately opted in to receive promotional communications, HALOFIX USA LLC may also send you promotional SMS messages including seasonal maintenance reminders, exclusive discounts for existing customers, and warranty renewal offers. Promotional SMS consent is separate from transactional SMS consent and is not required to use our services.

No mobile information will be shared with third parties/affiliates for marketing/promotional purposes. All SMS opt-in data is retained solely by HALOFIX USA LLC and is not shared with service providers (Heroes) or partners for their independent marketing use.

Supported carriers include but are not limited to: AT&T, T-Mobile, Verizon, Sprint, and other major US carriers.

We share data with the following service providers (processors) to operate our platform. Each processor is contractually bound to use your data only for the purposes described.

In-platform messages between Residents and Heroes are monitored by automated systems to enforce our Anti-Circumvention Policy. The system filters attempts to share personal contact information (phone numbers, email addresses, physical addresses, URLs, social media handles, and payment app handles) to protect both parties and maintain marketplace integrity.

Flagged messages are reviewed by automated systems and, where necessary, human moderators. Message content is retained per our data retention schedule below.

We keep your data only as long as necessary for business, legal, and tax purposes. Our retention periods comply with IRS and EEOC requirements:

After these periods expire, we securely delete or anonymize your data. You can request earlier deletion by exercising your right to deletion (see "Your Rights" below), though we may need to retain certain records for legal compliance.

We take security seriously and use industry-standard measures to protect your data:

• Encryption: All data is encrypted in transit (TLS 1.3) and at rest (AES-256)
• Database Security: We use Supabase with Row-Level Security (RLS) to ensure users can only access their own data
• Access Controls: Strict role-based access limits who at HALOFIX can view personal data
• Multi-Factor Authentication: Required for all administrative access
• Regular Reviews: We conduct security reviews on an ongoing basis and engage third-party security audits and penetration testing as appropriate to platform risk
• Employee Training: All staff are trained on data privacy and security practices

No system is 100% secure, but we work hard to protect your information. If you discover a security issue, please report it responsibly to security@halofixusa.com.

You have the right to:

• Access: Request a copy of the personal data we hold about you
• Correction: Ask us to fix inaccurate or incomplete information
• Deletion: Request that we delete your personal data (subject to legal retention requirements)
• Portability: Request your data in a machine-readable format
• Opt Out: Stop receiving marketing communications at any time
• Human Review: Request a human review of any automated decision

We comply with the Children's Online Privacy Protection Act (COPPA), a federal law designed to protect children's privacy online.

If you are a parent or guardian and believe your child under 13 has provided personal information to us, please contact us immediately at privacy@halofixusa.com. We will delete the information promptly.

HALOFIX USA honors the Global Privacy Control (GPC) browser signal. When we detect a GPC signal from your browser, we treat it as a valid opt-out of the sale or sharing of your personal information, as required by the CCPA/CPRA.

You can enable GPC in supported browsers (Firefox, Brave, DuckDuckGo) or via browser extensions. No additional action is required on your part.

If you apply to join HALOFIX as a Hero (independent service professional), we may obtain one or more consumer reports about you from a consumer reporting agency in accordance with the Fair Credit Reporting Act (FCRA), 15 U.S.C. § 1681b(b)(2)(A). These reports may include criminal history, identity verification, Florida DBPR license verification, motor vehicle records, and FDLE sex offender registry searches.

A standalone written disclosure and your written authorization are required and provided before any consumer report is obtained. See the full standalone disclosure at /fcra-disclosure.

You have the right under FCRA §1681g to request a copy of any consumer report obtained about you and to dispute inaccurate information directly with the consumer reporting agency. Before any adverse action is taken based on a consumer report, we will provide you with a pre-adverse action notice, a copy of the report, and a summary of your rights, with at least five business days to respond.

Florida Statute §540.08 protects your name, photograph, and likeness from commercial use without your express written or oral consent. Where HALOFIX USA LLC uses a Resident's or Hero's name, photograph, profile picture, before-and-after work photos, review excerpts, or other likeness in marketing materials (including the public website, social media, advertising, or case studies), we obtain your express consent in advance.

Default behavior: Profile photos, names, and content you upload are used only inside the platform for booking and review functionality. Marketing use requires a separate opt-in.

You may revoke consent for prospective marketing use at any time by emailing privacy@halofixusa.com. Revocation does not affect materials already printed or published before we receive your request, but we will not produce new marketing materials using your likeness after revocation.

We may update this Privacy Policy from time to time. When we make material changes:

• We will post the updated policy on this page with a new "Last updated" date
• We will notify you via email or through the platform at least 30 days before material changes take effect
• For significant changes affecting how we use your data, we may request your renewed consent

Your continued use of HALOFIX after the effective date of updated terms constitutes acceptance of the changes.

If you have questions about this Privacy Policy, want to exercise your privacy rights, or need to report a privacy concern:

For general support questions, please use the Help Center or contact support@halofixusa.com.