Privacy Policy

Last updated: 24 February 2026

1. Data Controller

House of The People ("HoTP", "we", "us") is the data controller for the personal information collected through this platform. For any privacy-related queries, contact us at charlie@houseofthepeople.com.

2. Data We Collect

We collect the following personal data when you use HoTP:

  • Account information — email address (for authentication)
  • Profile data — postcode, constituency, MP name and party
  • Voting history — your votes on parliamentary bills
  • Device tokens — push notification tokens for your devices
  • Citizenship status — citizenship type and document type (for voting eligibility)
  • Payment information — processed by Stripe; we store only the Stripe session ID and payment intent, never card details

3. How We Use Your Data

  • To authenticate you and maintain your account
  • To match you with your constituency and MP
  • To record and display your votes on bills
  • To send push notifications about bills you follow
  • To generate anonymised aggregate voting statistics
  • To determine UK voting eligibility
  • To process founding member payments

4. Third-Party Services

We share data with the following services, only as necessary to operate the platform:

  • Supabase — database and authentication (stores your account and profile data)
  • Stripe — payment processing for founding member purchases
  • Anthropic & OpenAI — AI-generated bill summaries (no personal data is sent)
  • MySociety MapIt — postcode-to-constituency lookup (your postcode is sent to resolve your constituency)
  • Apple Push Notification Service — delivering push notifications to your iOS devices

We do not sell your data to any third party. We do not use any advertising or tracking pixels.

5. Legal Basis

We process your personal data on the basis of your consent, given when you create an account. You may withdraw consent at any time by deleting your account from Settings > Account.

6. Your Rights (GDPR & UK Data Protection Act 2018)

Under GDPR and UK data protection law, you have the right to:

  • Access — request a copy of all your personal data (Settings > Account > Export Data)
  • Rectification — correct inaccurate data by updating your profile
  • Erasure — delete your account and all associated data (Settings > Account > Delete Account)
  • Portability — export your data in machine-readable JSON format
  • Objection — contact us to object to specific processing

To exercise any of these rights, use the tools in Settings > Account or email us at charlie@houseofthepeople.com.

7. Cookies & Tracking

We use only essential session authentication cookies required for the platform to function. We do not use any analytics cookies, advertising pixels, or third-party tracking scripts.

8. Data Retention

We retain your data for as long as your account is active. When you delete your account, all personal data is permanently removed from our systems, including your profile, votes, notification subscriptions, device tokens, and authentication record.

9. Data Security

All data is transmitted over HTTPS. Passwords are hashed and never stored in plain text. We use Supabase Row Level Security to ensure users can only access their own data. Administrative operations use a separate service role key.

10. Changes to This Policy

We may update this privacy policy from time to time. Material changes will be communicated via email notification. Continued use of the platform after changes constitutes acceptance of the updated policy.

11. Contact

For privacy concerns or to exercise your rights, contact: charlie@houseofthepeople.com

Back to home