Privacy Policy

1. Who we are


Estaita Ltd
Registered office address:
2000 Cathedral Square, Cathedral Hill, Guildford, Surrey, United Kingdom, GU2 7YL

Email: hello@estaita.com

Estaita Ltd is the data controller for personal data processed through the Estaita platform, unless stated otherwise.


2. Scope of this Policy


This Policy applies to:

  • Property managers and estate agents

  • Developers and landlords

  • Residents and tenants

  • Contractors and service providers

  • Website and app visitors

It applies to all Estaita powered software, mobile apps, dashboards, and communication tools.


3. Personal data we collect


We may collect and process the following categories of personal data.

3.1 Identity and contact data
  • Name

  • Email address

  • Phone number

  • Job title or role

  • Property or unit reference

3.2 Account and usage data
  • Login details

  • Platform activity logs

  • Device and browser information

  • IP address

  • Time zone and approximate location

3.3 Resident and property related data
  • Messages and chat transcripts

  • Maintenance requests

  • Photos and videos uploaded

  • Property related notes and metadata

3.4 Technical and analytics data
  • Cookies and similar technologies

  • Performance and error logs

  • Feature usage metrics

3.5 AI related data
  • Inputs submitted to AI systems

  • AI generated outputs

  • Interaction metadata used to improve system performance

Estaita does not intentionally collect special category data.


4. How we collect data


We collect data:

  • Directly from users

  • Automatically through platform usage

  • From property managers or developers providing resident access

  • From third party integrations used to operate the platform


5. How we use personal data


We use personal data to:

  • Provide and operate the Estaita platform

  • Enable communication between users

  • Automate workflows and issue routing

  • Generate AI assisted outputs and recommendations

  • Improve product performance and reliability

  • Monitor security and prevent misuse

  • Comply with legal obligations

We do not sell personal data.


6. Legal bases for processing


Under UK GDPR and EU GDPR, we process data on the following bases:

  • Contractual necessity

  • Legitimate interests

  • Legal obligations

  • Consent where required

Under CCPA, we act as a business processing personal information for business purposes.

Under UAE data protection laws, processing is based on contractual and legitimate interest grounds.


7. Automated decision making and AI


Estaita uses automated systems and artificial intelligence to:

  • Categorise requests

  • Route maintenance issues

  • Generate suggested responses

  • Optimise workflows

These systems may make automated decisions.
They do not replace human decision making and may be overridden by users.

AI outputs may be inaccurate or incomplete.
Responsibility for decisions remains with users.


8. Third party processors and AI providers


We use trusted third parties to operate the platform, including:

  • Cloud hosting providers

  • Analytics tools

  • AI providers including OpenAI

Data shared with third parties is limited to what is necessary for service delivery.

All processors are required to meet appropriate data protection standards.


9. International data transfers


Personal data may be transferred outside the UK, EU, or UAE.

Where this occurs, we use appropriate safeguards including:

  • Standard contractual clauses

  • Equivalent contractual protections

  • Secure infrastructure controls


10. Data retention


We retain personal data only for as long as necessary to:

  • Provide services

  • Meet legal or regulatory obligations

  • Resolve disputes

  • Enforce agreements

Data may be retained after account termination where legally required or operationally necessary.


11. Data security


We implement appropriate technical and organisational measures to protect personal data, including:

  • Access controls

  • Encryption where appropriate

  • Monitoring and logging

  • Secure infrastructure

No system is completely secure, and we cannot guarantee absolute security.


12. Your rights under GDPR and UK GDPR


You may have the right to:

  • Access your personal data

  • Request correction

  • Request deletion

  • Restrict processing

  • Object to processing

  • Request data portability

Requests can be made by contacting hello@estaita.com.


13. Rights of US residents under CCPA


If you are a California resident, you may have the right to:

  • Know what personal information is collected

  • Request deletion of personal information

  • Opt out of sale of personal information

Estaita does not sell personal information.

Requests can be made via hello@estaita.com.


14. UAE data subject rights


Where applicable, individuals may request:

  • Access to personal data

  • Correction or deletion

  • Information about processing purposes

Requests will be handled in accordance with applicable UAE laws.


15. Cookies and tracking


Estaita uses cookies and similar technologies to:

  • Enable platform functionality

  • Improve performance

  • Analyse usage

You can control cookies through browser settings.


16. Children’s data


Estaita is not intended for use by people under 18.
We do not knowingly collect data from children.


17. Changes to this Policy


We may update this Privacy Policy from time to time.

The latest version will always be available on our website or app.

Continued use of the platform constitutes acceptance of the updated Policy.


18. Contact


For questions or data requests, contact:
hello@estaita.com