Privacy Policy

Effective date: April 7, 2026 · Last updated: April 7, 2026

This Privacy Policy describes how Harbor Group Holdings Inc. ("Harbor Group Holdings," "we," "us," or "our") collects, uses, and protects information when you use the Octo platform, website at joinocto.ai, and related services (collectively, the "Service"). By using the Service, you consent to the practices described in this policy.

1. Information We Collect

Information you provide directly

  • Account information: Name, email address, and password when you create an account
  • Business information: Business name, industry, team size, revenue range, and expense data you enter during the cost analysis process
  • Uploaded documents: Profit & loss reports or other financial documents you choose to upload
  • Payment information: Processed by our third-party payment provider (Polar); we do not store your credit card details

Information from connected accounts

If you connect your Intuit QuickBooks account, we access your financial data on a read-only basis, including:

  • Profit and loss reports
  • Expense categories and transaction amounts
  • Vendor and account names

We access only the data necessary to perform your cost analysis. You may disconnect your QuickBooks account at any time, and we will delete the associated financial data from our servers.

Information collected automatically

  • Usage data: Pages visited, features used, and actions taken within the Service
  • Device information: Browser type, operating system, and screen resolution
  • Analytics: We use PostHog for product analytics to understand how the Service is used and to improve the user experience

2. How We Use Your Information

We use the information we collect to:

  • Provide, operate, and improve the Service
  • Generate your cost analysis report and savings recommendations
  • Compare your costs against industry benchmarks
  • Send you your analysis report via email (with PDF attachment)
  • Process payments and manage your subscription
  • Provide consultation services when purchased
  • Communicate with you about the Service, including updates and support
  • Detect, prevent, and address technical issues or abuse

3. How We Share Your Information

We do not sell your personal information or financial data to third parties. We may share information in the following limited circumstances:

  • Service providers: We use third-party services to operate the platform, including Postmark (email delivery), Polar (payment processing), PostHog (analytics), and Microsoft Azure (hosting). These providers only access information necessary to perform their services and are bound by their own privacy policies.
  • Consultation services: If you purchase a consultation, your cost analysis data may be reviewed by our cost analysts to provide the service you requested.
  • Vendor negotiations: If you engage us to negotiate on your behalf, we may share relevant cost data with your vendors or suppliers as necessary to negotiate better rates. We will only do so with your explicit consent.
  • Legal requirements: We may disclose information if required by law, regulation, legal process, or governmental request.
  • Business transfers: In the event of a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction.

4. Data Security

We implement reasonable technical and organizational measures to protect your information against unauthorized access, alteration, disclosure, or destruction. This includes:

  • Encryption of data in transit (TLS/HTTPS)
  • Encrypted database connections
  • Access controls and authentication for all administrative functions
  • Regular security reviews of our infrastructure

However, no method of transmission or storage is 100% secure. We cannot guarantee absolute security of your data.

5. Data Retention

We retain your information for as long as your account is active or as needed to provide the Service. If you delete your account, we will delete or anonymize your personal information within 30 days, except where we are required to retain it for legal or regulatory purposes.

Cost analysis reports generated from the free analyzer (without an account) are retained for up to 12 months for follow-up purposes, after which they are automatically deleted.

6. QuickBooks Data

When you connect your QuickBooks account to Octo:

  • We request read-only access to your financial data
  • We use your data solely to generate your cost analysis report
  • We do not modify, write to, or alter your QuickBooks data in any way
  • You can disconnect your QuickBooks account at any time from within the Service
  • Upon disconnection, all QuickBooks-sourced data is deleted from our servers
  • Our use of QuickBooks data complies with Intuit's developer terms and policies

7. Cookies and Tracking

We use essential cookies for authentication and session management. We use PostHog for product analytics, which may use cookies or similar technologies to track usage patterns. You can opt out of analytics tracking through your browser settings or PostHog's opt-out mechanism.

8. Your Rights

Depending on your jurisdiction, you may have the right to:

  • Access the personal information we hold about you
  • Request correction of inaccurate information
  • Request deletion of your personal information
  • Object to or restrict processing of your information
  • Request portability of your data
  • Withdraw consent where processing is based on consent

To exercise any of these rights, contact us at admin@harborholding.com. We will respond within 30 days.

9. Children's Privacy

The Service is not intended for individuals under the age of 18. We do not knowingly collect personal information from children. If we learn that we have collected information from a child under 18, we will delete it promptly.

10. Changes to This Policy

We may update this Privacy Policy from time to time. If we make material changes, we will notify you by email or by posting a notice on the Service prior to the changes taking effect. Your continued use of the Service after the effective date constitutes your acceptance of the updated policy.

11. Contact Us

If you have questions or concerns about this Privacy Policy or our data practices, contact us at:

Harbor Group Holdings Inc.
Email: admin@harborholding.com

POWERED BY OCTO · A HARBOR GROUP HOLDINGS COMPANY