Privacy Policy

1. Who we are

Estaita Ltd
Registered office address:
2000 Cathedral Square, Cathedral Hill, Guildford, Surrey, United Kingdom, GU2 7YL

Email: hello@estaita.com

Estaita Ltd is the data controller for personal data processed through the Estaita platform, unless stated otherwise.

2. Scope of this Policy

This Policy applies to:

• Property managers and estate agents

• Developers and landlords

• Residents and tenants

• Contractors and service providers

• Website and app visitors

It applies to all Estaita powered software, mobile apps, dashboards, and communication tools.

3. Personal data we collect

We may collect and process the following categories of personal data.

3.1 Identity and contact data

• Name

• Email address

• Phone number

• Job title or role

• Property or unit reference

3.2 Account and usage data

• Login details

• Platform activity logs

• Device and browser information

• IP address

• Time zone and approximate location

3.3 Resident and property related data

• Messages and chat transcripts

• Maintenance requests

• Photos and videos uploaded

• Property related notes and metadata

3.4 Technical and analytics data

• Cookies and similar technologies

• Performance and error logs

• Feature usage metrics

3.5 AI related data

• Inputs submitted to AI systems

• AI generated outputs

• Interaction metadata used to improve system performance

Estaita does not intentionally collect special category data.

4. How we collect data

We collect data:

• Directly from users

• Automatically through platform usage

• From property managers or developers providing resident access

• From third party integrations used to operate the platform

5. How we use personal data

We use personal data to:

• Provide and operate the Estaita platform

• Enable communication between users

• Automate workflows and issue routing

• Generate AI assisted outputs and recommendations

• Improve product performance and reliability

• Monitor security and prevent misuse

• Comply with legal obligations

We do not sell personal data.

6. Legal bases for processing

Under UK GDPR and EU GDPR, we process data on the following bases:

• Contractual necessity

• Legitimate interests

• Legal obligations

• Consent where required

Under CCPA, we act as a business processing personal information for business purposes.

Under UAE data protection laws, processing is based on contractual and legitimate interest grounds.

7. Automated decision making and AI

Estaita uses automated systems and artificial intelligence to:

• Categorise requests

• Route maintenance issues

• Generate suggested responses

• Optimise workflows

These systems may make automated decisions.
They do not replace human decision making and may be overridden by users.

AI outputs may be inaccurate or incomplete.
Responsibility for decisions remains with users.

8. Third party processors and AI providers

We use trusted third parties to operate the platform, including:

• Cloud hosting providers

• Analytics tools

• AI providers including OpenAI

Data shared with third parties is limited to what is necessary for service delivery.

All processors are required to meet appropriate data protection standards.

9. International data transfers

Personal data may be transferred outside the UK, EU, or UAE.

Where this occurs, we use appropriate safeguards including:

• Standard contractual clauses

• Equivalent contractual protections

• Secure infrastructure controls

10. Data retention

We retain personal data only for as long as necessary to:

• Provide services

• Meet legal or regulatory obligations

• Resolve disputes

• Enforce agreements

Data may be retained after account termination where legally required or operationally necessary.

11. Data security

We implement appropriate technical and organisational measures to protect personal data, including:

• Access controls

• Encryption where appropriate

• Monitoring and logging

• Secure infrastructure

No system is completely secure, and we cannot guarantee absolute security.

12. Your rights under GDPR and UK GDPR

You may have the right to:

• Access your personal data

• Request correction

• Request deletion

• Restrict processing

• Object to processing

• Request data portability

Requests can be made by contacting hello@estaita.com.

13. Rights of US residents under CCPA

If you are a California resident, you may have the right to:

• Know what personal information is collected

• Request deletion of personal information

• Opt out of sale of personal information

Estaita does not sell personal information.

Requests can be made via hello@estaita.com.

14. UAE data subject rights

Where applicable, individuals may request:

• Access to personal data

• Correction or deletion

• Information about processing purposes

Requests will be handled in accordance with applicable UAE laws.

15. Cookies and tracking

Estaita uses cookies and similar technologies to:

• Enable platform functionality

• Improve performance

• Analyse usage

You can control cookies through browser settings.

16. Children’s data

Estaita is not intended for use by people under 18.
We do not knowingly collect data from children.

17. Changes to this Policy

We may update this Privacy Policy from time to time.

The latest version will always be available on our website or app.

Continued use of the platform constitutes acceptance of the updated Policy.

18. Contact

For questions or data requests, contact:
hello@estaita.com