Privacy Policy

RentSDK ("we", "us", or "our") is committed to protecting your personal information. This Privacy Policy explains what data we collect, how we use it, who we share it with, and your rights regarding that data. It applies to all users of rentsdk.xyz and rentsdk.ca (collectively, the "Service").

By using the Service, you acknowledge that you have read and understood this Privacy Policy.

Account information

• Full name and email address when you register.
• Password (stored as a cryptographic hash — we never store plaintext passwords).
• Country (United States or Canada) selected at signup.
• Profile information you choose to add (phone number).

Property and lease data

• Property names and addresses you enter.
• Unit details (bedrooms, bathrooms, square footage).
• Lease terms, rent amounts, and due dates.
• Tenant names and email addresses added by landlords.
• Payment records, notes, and references.
• Maintenance requests and associated communications.
• Uploaded documents (lease agreements, receipts, inspection reports).

Payment information

• When you pay rent via the Service, bank account details are collected and processed by Stripe. RentSDK does not store full bank account numbers. We receive tokenised identifiers and metadata (bank name, last 4 digits) from Stripe to display in the app.
• For landlord subscriptions, card or bank details are stored by Stripe under Stripe's privacy policy.

Usage and technical data

• Log data (IP address, browser type, pages visited, timestamps).
• Device information (OS, screen resolution).
• Aggregate analytics via Google Analytics (see Section 7).

• Provide the Service: Create and manage your account, display your property and lease data, process rent payments, and send transactional emails (receipts, reminders, verification codes).
• Billing and subscriptions: Manage landlord Pro subscriptions via Stripe.
• Security: Verify your identity, detect fraud, and protect against unauthorized access.
• Communications: Send you Service-related notices, updates, and — only with your consent — marketing emails. You may unsubscribe from marketing emails at any time.
• Improvement: Analyse aggregated usage patterns to improve the Service. We do not use individual personal data for model training or sell data to advertisers.
• Legal compliance: Comply with applicable laws, regulations, and lawful requests from authorities.

We do not sell, rent, or trade your personal information. We share data only as follows:

• Stripe — payment processing for rent payments and subscriptions. Stripe is PCI-DSS Level 1 certified. See stripe.com/privacy.
• Supabase — database hosting and authentication infrastructure. Data is stored in encrypted form. See supabase.com/privacy.
• Email delivery provider — we use a transactional email service to deliver verification codes, receipts, and notifications. Only your name and email address are transmitted for delivery purposes.
• Google Analytics — aggregated, anonymised analytics. We have enabled IP anonymisation. See Google's Privacy Policy.
• Landlord ↔ Tenant relationship: When a landlord invites a tenant, the tenant's profile data (name, email) is accessible to that landlord within the Service. Tenants can see limited landlord information necessary to use the Service (e.g., property details and contact info).
• Legal requirements: We may disclose data if required by law, court order, or to protect the rights and safety of RentSDK or others.

We retain your personal data for as long as your account is active or as needed to provide the Service. If you close your account, we will delete or anonymise your personal data within 90 days, except where we are required to retain it for legal or regulatory purposes (such as tax records or dispute resolution). Payment transaction records may be retained for up to 7 years to comply with financial regulations.

We use industry-standard safeguards including TLS encryption in transit, encrypted storage at rest, role-based access controls, and row-level security policies to protect your data. Authentication is managed by Supabase Auth, which handles password hashing and session management. Despite these measures, no system is completely secure; we encourage you to use a strong, unique password and to contact us immediately if you suspect unauthorized access.

We use the following cookies and similar technologies:

• Authentication cookies: Set by Supabase to maintain your login session. These are strictly necessary and cannot be disabled without logging out.
• Analytics cookies: Set by Google Analytics to collect aggregated usage statistics. You can opt out using the Google Analytics opt-out browser add-on.

We do not use advertising or tracking cookies.

Depending on your location, you may have the following rights regarding your personal data:

• Access: Request a copy of the personal data we hold about you.
• Correction: Update inaccurate or incomplete data via your account settings or by contacting us.
• Deletion: Request deletion of your account and associated data (subject to legal retention requirements).
• Portability: Receive your data in a structured, machine-readable format.
• Objection / Restriction: Object to or restrict certain processing activities.
• Withdrawal of consent: Where processing is based on consent, you may withdraw it at any time without affecting prior processing.

To exercise any of these rights, email us at privacy@rentsdk.xyz. We will respond within 30 days.

For users in Canada, we comply with the Personal Information Protection and Electronic Documents Act (PIPEDA) and applicable provincial privacy laws. We collect only the information necessary for the stated purposes, obtain consent where required, and provide access to your personal data upon request. Our designated privacy contact is reachable at privacy@rentsdk.xyz.

The Service is not directed at individuals under the age of 18. We do not knowingly collect personal information from minors. If you believe we have inadvertently collected such information, please contact us and we will promptly delete it.

We may update this Privacy Policy from time to time. We will notify you of material changes by email or by posting a prominent notice in the Service before the changes take effect. Your continued use of the Service after the effective date constitutes acceptance of the updated policy.

For privacy-related questions or to exercise your rights, contact us at: privacy@rentsdk.xyz

Our business addresses are:

Canada: 120 Torresdale Avenue, Toronto, ON M2R 3N7
United States: 2765 JFK Blvd, Jersey City, NJ 07306