Privacy Policy
Last updated January 2025
This Privacy Notice for ResiDesk, Inc. ("we", "us", or "our") explains how we collect, store, use, and share your personal information when you use our services. This includes, for example:
- Visiting our website at hello.theresidesk.com or any site that links to this notice;
- Using ResiDesk – our AI-powered resident communication and property management platform;
- Interacting with us through sales, marketing, or events.
We do not sell your personal information. ResiDesk does not sell, rent, or trade your personal information to third parties for their marketing purposes.
Summary of Key Points
- What We Collect: Personal details you provide and technical data collected automatically.
- How We Process: To operate, improve, and secure our services and comply with law.
- We Do Not Sell Data: We never sell or share your personal information for third-party marketing.
- Sharing Information: Only with trusted service providers under contractual safeguards.
- AI Data Protection: Customer data is not used to train AI models.
- Data Location: All data is processed and stored in the United States.
- Data Security: SOC 2 Type 2 compliant infrastructure with encryption and access controls.
- Your Rights: Access, correction, deletion, and restriction depending on location.
1. What Information Do We Collect?
We collect personal information that you voluntarily provide, as well as technical details collected automatically via cookies and similar technologies.
Categories of personal data we process on behalf of our customers include:
- Resident names and contact information (phone, email)
- Lease information and property details
- Ledger balances and payment history (no payment card data)
- Maintenance request records
- Communication and conversation history
We do not process payment card data. All financial transactions are handled through secure, external payment gateways.
2. How Do We Process Your Information?
Your information is used to deliver and improve our services, communicate with you, prevent fraud, and comply with legal requirements. Specifically, we process data to provide:
- Resident communication and messaging
- Maintenance request management
- Rent collection communication
- Lease renewal tracking
- AI-powered resident assistance
3. What Legal Bases Do We Rely On?
We process personal information based on consent, contractual necessity, legal obligation, or legitimate business interests.
4. When and With Whom Do We Share Your Information?
We may share your data with service providers (subprocessors) who help operate our business. These include:
| Category | Providers |
|---|---|
| Cloud Infrastructure | Heroku (Salesforce), Amazon Web Services |
| AI/ML Services | OpenAI, Anthropic, Google, Groq |
| Monitoring | New Relic, Bugsnag |
All service providers are bound by contractual obligations to protect your data. For details, see our Data Processing Agreement.
We do not sell or share your personal information. We do not share information collected through our SMS program with third parties for marketing purposes.
5. Do We Use Cookies and Other Tracking Technologies?
Cookies and similar tools help us analyze usage and improve the experience. You can manage preferences in your browser.
6. Do We Offer AI-Based Products?
Yes. ResiDesk uses artificial intelligence and machine learning to power features such as:
- AI-powered resident assistance and leasing
- Conversation analysis and summarization
- Content safety and moderation
- Intelligent search and discovery
AI Data Protection: All AI provider integrations operate under enterprise agreements. Your data is not used to train AI models and is not retained by providers beyond what is required for secure processing.
7. Data Location and Transfers
All data is processed and stored within the United States. Our infrastructure is hosted on SOC 2 Type 2 compliant platforms (Heroku and Amazon Web Services) in US data centers.
We do not transfer personal data outside the United States without prior consent.
8. How Long Do We Keep Your Information?
We retain personal information for as long as needed to provide our services to our customers, including maintaining records, conversation history, and related data that our customers rely on for operational, legal, or business purposes.
Retention may therefore depend on the nature of the customer relationship, the type of data involved, and applicable legal or regulatory requirements.
When personal information is no longer required for these purposes, we take steps designed to delete, de-identify, or anonymize it in accordance with our internal practices and applicable law.
Upon termination of a customer agreement, we delete customer data within 30 days unless retention is required by applicable law.
9. How Do We Keep Your Information Safe?
We implement appropriate technical and organizational security measures, including:
- Encryption of data in transit (TLS/SSL) and at rest
- Access controls and multi-factor authentication
- Regular security monitoring and logging
- SOC 2 Type 2 compliant infrastructure providers
No system is completely secure, but we take reasonable steps to protect your information.
10. Do We Collect Information From Minors?
We do not knowingly collect personal information from individuals under 18.
11. What Are Your Privacy Rights?
Your rights vary by location and may include:
- Access: Request a copy of your personal information
- Correction: Request correction of inaccurate information
- Deletion: Request deletion of your personal information
- Restriction: Request restriction of processing
- Portability: Request a portable copy of your data
To exercise these rights, contact us at hello@theresidesk.com.
12. Controls for Do-Not-Track Features
We currently do not respond to browser DNT signals. However, we do not sell your personal information regardless of DNT settings.
13. Do U.S. Residents Have Specific Privacy Rights?
Yes. Residents of California and other U.S. states have additional privacy rights under laws such as the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA).
California Residents: You have the right to know what personal information we collect, request deletion, and opt out of the sale of personal information. We do not sell personal information.
For business customers, ResiDesk acts as a "Service Provider" under the CCPA, processing data only for the purposes specified in our Data Processing Agreement.
14. Mobile Text Messaging
Recipients may opt out at any time using STOP and opt back in using UNSTOP.
SMS information is not shared with third parties for marketing purposes.
15. Do We Make Updates to This Notice?
Updates will be posted here with a revised "Last updated" date. Material changes will be communicated with reasonable notice.
16. How Can You Contact Us About This Notice?
Contact us at:
ResiDesk, Inc.hello@theresidesk.com
www.theresidesk.com
17. How Can You Review, Update, or Delete Your Data?
You may request access, correction, or deletion of your data by contacting us at hello@theresidesk.com.
For business customers, please refer to our Data Processing Agreement for data handling procedures.