Privacy Policy

Last updated: 27 August 2025

This Privacy Policy describes how PropVisions (“we”, “us”, “our”) collects, uses, shares, and safeguards information in connection with our websites, apps, and services (the “Service”). We act as data controller for personal data we determine the purposes and means of processing. Where we process personal data on a customer’s behalf (e.g., through a managed workspace), we act as data processor.

Who we are & how to contact us

Controller: PropVisions
Email: hello@propvisions.com
Registered company name/number and address will be added once incorporation completes.

We have not appointed a Data Protection Officer (DPO). For privacy questions or to exercise your rights, email hello@propvisions.com.

Scope & definitions

• Personal data: any information relating to an identified or identifiable natural person.
• Processing: any operation performed on personal data, incl. collection, storage, use, disclosure.
• UK GDPR: the UK General Data Protection Regulation and the Data Protection Act 2018.

Data we collect

• Account & contact data (you provide): name, email, role, company, optional phone.
• Property inputs (you provide): URLs, notes, assumptions, scenario toggles.
• Generated outputs: refurb line-items, valuations, rent bands, financial snapshots, exports (PDF/Excel).
• Usage & device data: IP address, device identifiers, browser/OS, pages viewed, actions, timestamps, diagnostics and error logs.
• Support content: messages you send via forms, email, or Discord, including attachments you choose to share.
• Cookies/trackers: essential cookies for auth/session; optional analytics as described on our Cookies page.

Sources of personal data

• Directly from you: forms, demo inputs, emails, support channels.
• Automatically: via our Service (logs, telemetry, cookies).
• Third parties: payment providers, analytics, error tracking, communications tools.

Purposes & lawful bases

• Provide the Service (Contract): account setup, runs/exports, user support.
• Improve & secure (Legitimate interests): monitoring, debugging, preventing abuse, QA, product analytics in aggregate.
• Communications (Legitimate interests/Consent): operational emails, updates; marketing only with consent or soft-opt-in where allowed.
• Compliance (Legal obligation): record-keeping, law enforcement requests where applicable.

Automated processing & profiling

The Service uses AI/ML to propose refurb line-items, rent bands, valuations, and scenario outputs. These are estimates intended to assist your workflow; they are not financial advice, nor a RICS valuation. Where we display confidence or ranges, they are indicative only.

How we share information

• Service providers (processors): hosting, storage, email delivery, analytics, error tracking, logging, payment processing. Access is limited to what is necessary under data processing agreements.
• Legal & safety: in response to valid legal requests or to protect rights, property, or safety.
• Business transfers: in a merger, acquisition, or asset sale; your data may transfer subject to this Policy’s protections.
• No sale of personal data.

International transfers

Where we transfer personal data outside the UK/EEA, we rely on appropriate safeguards such as the UK IDTA/EU SCCs (and any required addenda). We assess the destination’s laws and implement technical and organizational measures proportionate to risk.

Retention

• Account data: for as long as your account is active and for a reasonable period thereafter for records/security (typically up to 24 months) unless longer is legally required.
• Runs/outputs: for your access and auditability; you can request deletion. Aggregated statistics may be retained.
• Support tickets: typically up to 24 months from last interaction.
• Logs: short-lived operational logs (e.g., 30–180 days), longer for security as necessary.

Security

We employ reasonable and appropriate safeguards such as encryption in transit, least-privilege access, secrets management, backups, and monitoring. No method of transmission or storage is 100% secure; residual risk remains.

Your rights

• Access, rectification, erasure, restriction, portability, and objection under UK GDPR.
• Withdraw consent at any time (where processing relies on consent).
• Lodge a complaint with the UK Information Commissioner’s Office (ICO) or your local authority. See ico.org.uk.

To exercise rights, email hello@propvisions.com. We may need to verify your identity and will respond within applicable statutory timeframes.

Children

The Service is not directed to children under 16. We do not knowingly collect their personal data.

Third-party links

Our Service may link to third-party sites/services. Their privacy practices are outside our control.

Changes to this policy

We may update this Policy to reflect changes in law or our practices. We will update the “Last updated” date and, where appropriate, notify you.

Contact

Questions or requests? Email hello@propvisions.com.

This Privacy Policy is provided for transparency and does not constitute legal advice. Please consult a solicitor for tailored guidance.