Privacy

What we collect, where it lives, and what we don’t do with it.

This page describes what the site actually does: an account system, a Stripe subscription, an AI-assisted trip planner, a newsletter, and two analytics tools. It is not a template lifted from a generator.

Last updated: May 20, 2026

§ I

Who runs this site

MAID OF HONOR HQ is operated by Belmont Mills LLC. Belmont Mills is also the merchant of record on every Stripe subscription charge — if you've paid for MOH HQ Unlimited, your card statement reflects Belmont Mills, not MAID OF HONOR HQ. The same entity operates BESTMAN HQ and Tour de Fore; subscriptions and account state are kept site-namespaced so the data behind one product never bleeds into another.

§ II

What we collect when you create an account

Accounts are email-based. We store your email address, a bcrypt-hashed password (we never see or store the plaintext), and the list of plans you've saved. Magic-link logins use a one-time token that lives in our session store (Upstash Redis) for 15 minutes and is deleted on first use; magic links never re-issue access after they've been redeemed once.

Sessions are tracked through a single first-party cookie (pmp-session) with a 30-day TTL. It contains no personal data — just a random ID that maps to your email in our session store. It is set HTTP-only and SameSite=Lax. There are no other identity cookies.

§ III

What we collect when you plan a trip

The trip-planning wizard collects what you enter: destination preferences, group size, budget, vibe, must-do activities, dietary or accessibility notes you share with us. To generate an AI-assisted itinerary we send the wizard inputs to Anthropic's Claude API via the @ai-sdk/anthropic provider. We do not include your email or any account identifier in the prompt — only the trip-planning inputs you supplied through the wizard. Anthropic's own privacy and data-retention practices govern that API call; see their privacy notice for the underlying detail.

Generated itineraries and any selections you save are stored under your account in Redis. You can delete a saved plan from your account dashboard at any time.

§ IV

What we collect when you subscribe

MOH HQ Unlimited is $19.99 a month, billed monthly by Stripe on behalf of Belmont Mills LLC. Stripe handles your card number directly — we do not see, store, or transmit it. We receive only Stripe's webhook signals (subscription active, renewed, past-due, canceled) and persist a minimal subscription state under your email so the product can gate features. Cancellation goes through Stripe's customer portal, accessible from your account.

§ V

Newsletter and lead capture

If you submit the homepage checklist gate, a city-page lead form, or any “follow up with me” form, we capture your email plus the structured details you provide (city, group size, budget). That data lands in our Supabase wp_leads table tagged with the site (“moh”) and the source of the submission. If you opted into the welcome sequence, you’ll receive five lifecycle emails over the following days. Every email contains a one-click unsubscribe link backed by a per-email token; one click ends the sequence.

§ VI

Analytics and measurement

We use PostHog for product analytics — which destinations get viewed, which compare pages get clicked, which wizard steps users abandon — and Vercel Analytics + Speed Insights for traffic-level measurement and performance. Neither is configured for cross-site retargeting. We do not run advertising on this site, so there are no ad-network trackers.

We also use Google's Places API to fetch venue photos. Those requests originate from our server, not your browser, so Google sees our project key — not your IP — when a venue card loads its photo.

§ VII

Sharing and selling your information

When you give us explicit consent at an email-capture point — by checking the share box at the form — we may share or sell your personal information to relevant vendors and partners so they can follow up with offers for your trip. The categories that may be shared or sold are: your identifiers (name, email, phone) and your trip profile (destination, dates, group size, budget tier, the activities and preferences you selected, and the behavioral signals we recorded while you used the planner). We do not share or sell anything without that explicit consent — the box is unchecked by default, and a lead captured without it is used only to run the product for you.

Under the CCPA/CPRA and similar laws, this consent-based sharing is treated as a “sale” or “sharing” of personal information, and you have the right to opt out. You can opt out at any time at our Do Not Sell or Share My Personal Information page — or, if your browser sends a Global Privacy Control (GPC) signal, we treat that as an opt-out automatically.

§ VIII

What we still don't do

We do not embed third-party social media pixels. We do not run ad-network retargeting. We do not log raw Anthropic prompts on our side — only the structured wizard inputs that produced them. We do not share or sell information for any lead you didn't explicitly consent to share, and an opt-out (or a GPC signal) overrides any prior consent. We do not knowingly collect information from anyone under 16.

§ IX

Your rights and how to exercise them

You can delete your account at any time by emailing help@maidofhonorhq.com from the address on file; deletion removes your session, password hash, saved plans, lead-form rows, and subscription state. We will respond within thirty days. California, EEA, UK, and other statutory-rights residents have the same access, deletion, and portability rights — same email, same person, same response — plus the right to opt out of the sale or sharing of personal information, which you can exercise at /do-not-sell or via a Global Privacy Control signal.

§ X

Contact

Privacy questions, deletion requests, and corrections all go to help@maidofhonorhq.com. The merchant of record and data controller is Belmont Mills LLC.