What we collect, where it lives, and what we don’t do with it.

MAID OF HONOR HQ is operated by Belmont Mills LLC. Belmont Mills is also the merchant of record on every Stripe subscription charge — if you've paid for MOH HQ Unlimited, your card statement reflects Belmont Mills, not MAID OF HONOR HQ. The same entity operates BESTMAN HQ and Tour de Fore; subscriptions and account state are kept site-namespaced so the data behind one product never bleeds into another.

Accounts are email-based. We store your email address, a bcrypt-hashed password (we never see or store the plaintext), and the list of plans you've saved. Magic-link logins use a one-time token that lives in our session store (Upstash Redis) for 15 minutes and is deleted on first use; magic links never re-issue access after they've been redeemed once.

Sessions are tracked through a single first-party cookie (pmp-session) with a 30-day TTL. It contains no personal data — just a random ID that maps to your email in our session store. It is set HTTP-only and SameSite=Lax. There are no other identity cookies.

The trip-planning wizard collects what you enter: destination preferences, group size, budget, vibe, must-do activities, dietary or accessibility notes you share with us. To generate an AI-assisted itinerary we send the wizard inputs to Anthropic's Claude API via the @ai-sdk/anthropic provider. We do not include your email or any account identifier in the prompt — only the trip-planning inputs you supplied through the wizard. Anthropic's own privacy and data-retention practices govern that API call; see their privacy notice for the underlying detail.

Generated itineraries and any selections you save are stored under your account in Redis. You can delete a saved plan from your account dashboard at any time.

MOH HQ Unlimited is $19.99 a month, billed monthly by Stripe on behalf of Belmont Mills LLC. Stripe handles your card number directly — we do not see, store, or transmit it. We receive only Stripe's webhook signals (subscription active, renewed, past-due, canceled) and persist a minimal subscription state under your email so the product can gate features. Cancellation goes through Stripe's customer portal, accessible from your account.

If you submit the homepage checklist gate, a city-page lead form, or any “follow up with me” form, we capture your email plus the structured details you provide (city, group size, budget). That data lands in our Supabase wp_leads table tagged with the site (“moh”) and the source of the submission. If you opted into the welcome sequence, you’ll receive five lifecycle emails over the following days. Every email contains a one-click unsubscribe link backed by a per-email token; one click ends the sequence.

We use PostHog for product analytics — which destinations get viewed, which compare pages get clicked, which wizard steps users abandon — and Vercel Analytics + Speed Insights for traffic-level measurement and performance. Neither is configured for cross-site retargeting. We do not run advertising on this site, so there are no ad-network trackers.

We also use Google's Places API to fetch venue photos. Those requests originate from our server, not your browser, so Google sees our project key — not your IP — when a venue card loads its photo.

We do not sell your information. We do not share it with advertisers or with affiliates outside our own portfolio. We do not embed third-party social media pixels. We do not log raw Anthropic prompts on our side — only the structured wizard inputs that produced them, which are already covered above. We do not knowingly collect information from anyone under 16.

You can delete your account at any time by emailing help@maidofhonorhq.com from the address on file; deletion removes your session, password hash, saved plans, lead-form rows, and subscription state. We will respond within thirty days. California, EEA, UK, and other statutory-rights residents have the same access, deletion, and portability rights — same email, same person, same response.

Privacy questions, deletion requests, and corrections all go to help@maidofhonorhq.com. The merchant of record and data controller is Belmont Mills LLC.