Privacy Policy

Effective Date: March 10, 2026

1. Introduction

RentalPilot ("we," "us," or "our") respects your privacy and is committed to protecting your personal data. This Privacy Policy explains how we collect, use, store, and protect information when you use the RentalPilot platform and services (the "Service").

By using the Service, you consent to the data practices described in this policy. If you do not agree with this policy, please do not use the Service.

2. Data We Collect

2.1 Account Information

When you create an account, we collect:

  • Name and email address
  • Phone number (optional)
  • Company name (optional)
  • Billing and payment information (processed securely by our payment provider)

2.2 Property Data

When you add properties to the Service, we collect:

  • Property names, addresses, and descriptions
  • House rules, FAQ, check-in/check-out instructions
  • Amenities, WiFi information, and access codes
  • Knowledge base content and local recommendations
  • Revenue data and operational information
  • Contact information for cleaning crews, maintenance providers, and other vendors

2.3 Guest Conversations

When guests interact with the AI assistant, we collect:

  • Guest names and contact information (as provided)
  • Messages exchanged between guests and the AI
  • Maintenance requests and issue reports
  • Booking-related inquiries

2.4 Usage Data

We automatically collect:

  • Log data (IP addresses, browser type, pages visited, timestamps)
  • Device information (operating system, screen resolution)
  • Feature usage patterns and interaction data

3. How We Use Your Data

We use your data to:

  • Provide the Service: Power AI-driven guest communication, maintenance triage, cleaning coordination, and other property management features
  • Improve the AI: Analyze conversation patterns and outcomes to improve the quality, accuracy, and helpfulness of AI responses
  • Analytics: Generate insights and reports about your property operations, including occupancy trends, response times, and guest satisfaction
  • Communication: Send you service notifications, updates, billing information, and support responses
  • Security: Detect and prevent fraud, abuse, and unauthorized access
  • Legal Compliance: Comply with legal obligations, resolve disputes, and enforce our agreements

4. Data Storage and Security

We take the security of your data seriously and implement appropriate measures to protect it:

  • Encryption: All data is encrypted in transit (TLS/SSL) and sensitive data is encrypted at rest using AES-256 encryption
  • Database: Data is stored in a PostgreSQL database hosted on secure, SOC 2-compliant infrastructure
  • Access Controls: Access to production data is strictly limited to authorized personnel only
  • Authentication: User sessions are secured with JSON Web Tokens (JWT) with expiration
  • Sensitive Credentials: Access codes, WiFi passwords, and other sensitive information are stored with additional encryption

While we implement commercially reasonable security measures, no method of electronic storage or transmission is 100% secure. We cannot guarantee absolute security of your data.

5. Third-Party Sharing

We do not sell your personal data. We may share data with third parties only in the following circumstances:

  • AI Processing: Guest messages and property data are sent to OpenAI for AI processing. OpenAI processes this data in accordance with their data usage policies and does not use API data for training their models
  • Payment Processing: Billing information is processed by our payment provider (Stripe) to handle subscriptions and payments
  • Infrastructure: We use cloud hosting providers (Render, Cloudflare) to host the Service. These providers may process data as part of providing their services
  • Analytics: We use anonymized analytics to understand usage patterns. No personally identifiable information is shared with analytics providers
  • Legal Requirements: We may disclose data if required by law, regulation, legal process, or governmental request
  • Business Transfers: In the event of a merger, acquisition, or sale of assets, user data may be transferred to the acquiring entity

6. Your Rights

You have the following rights regarding your data:

  • Access: You can request a copy of the personal data we hold about you
  • Correction: You can update or correct your account information at any time through the Settings page
  • Deletion: You can delete your account and all associated data through the Settings page or by contacting us. Data is permanently deleted within 30 days of the request
  • Export: You can request an export of your data in a machine-readable format
  • Opt-out: You can opt out of non-essential communications at any time through notification settings
  • Restriction: You can request that we limit processing of your data in certain circumstances

To exercise any of these rights, contact us at rentalpilot@polsia.app. We will respond within 30 days.

7. Cookies and Tracking

We use a limited number of cookies and similar technologies:

  • Authentication Token: A session token stored in localStorage to keep you logged in. This is essential for the Service to function
  • Analytics: We use a lightweight, privacy-focused analytics script to understand page views and usage patterns. This does not track individual users across other websites

We do not use third-party advertising cookies or tracking pixels.

8. Data Retention

We retain your data for as long as your account is active or as needed to provide the Service. After account deletion:

  • Account data is deleted within 30 days
  • Backups containing your data are purged within 90 days
  • Anonymized, aggregated data may be retained indefinitely for analytics purposes

9. Children's Privacy

The Service is not intended for use by anyone under the age of 18. We do not knowingly collect personal data from children. If you believe we have collected data from a minor, please contact us immediately.

10. International Data Transfers

Your data may be processed in the United States or other countries where our service providers operate. By using the Service, you consent to the transfer of your data to these locations. We ensure appropriate safeguards are in place for international transfers.

11. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by updating the "Effective Date" at the top of this page and, for significant changes, by sending an email notification. Your continued use of the Service after changes are posted constitutes acceptance of the updated policy.

12. Contact

If you have any questions about this Privacy Policy or our data practices, please contact us:

Email: rentalpilot@polsia.app