Compliance

Tenantree Mobile & Core API – Privacy Policy

This policy explains how Tenantree collects, uses, and safeguards data across our Android application (vc.codeblooded.tenantree) and the ASP.NET Core backend hosted at tenanttree-aadjhjbkf8g6e0dy.uaenorth-01.azurewebsites.net .

Last updated 06 Nov 2025
Applies to Tenantree Android + Core API

1. Overview

Tenantree powers rental journeys for guests, tenants, property managers, caretakers, and administrators. We process account profiles, property and lease records, maintenance workflows, communications, and payment data to deliver these experiences. This document outlines the data we collect, why we collect it, and the controls available to you.

2. Data We Collect

Category Details Purpose
Account details Names, email addresses, phone numbers, hashed passwords, role assignments, Google Sign-In identifiers. Authenticate users, personalize experiences, and enforce role-based access.
Property & lease data Properties, units, leases, invoices, payment status, arrears, uploaded documents (IDs, payslips, proof of payment). Enable property browsing, dashboards, rent tracking, and arrears reporting.
Maintenance & caretaking Maintenance requests, photos, task statuses, caretaker notes. Coordinate troubleshooting, assign work, and maintain audit history.
Communications Announcements, chatbot transcripts, escalation queues, notification history. Keep stakeholders informed, provide support context, and manage escalations.
Device & usage App version, locale, notification opt-in, timestamps of key actions. Improve stability, localize content, and manage notifications.
Payments PayFast payment references and tokens (no full card data stored). Facilitate rent payments and reconciliation.

Authentication tokens and preferences are stored in EncryptedSharedPreferences. Offline maintenance submissions and PDF exports live in private app storage and sync when connectivity returns.

3. How We Use Data

  • Provide and improve role-based experiences (guest, tenant, property manager, caretaker, admin).
  • Authenticate users via username/password or Google Sign-In.
  • Process rent payments and generate financial, occupancy, and arrears reports.
  • Handle maintenance workflows, caretaker assignments, and escalation steps.
  • Deliver in-app announcements plus push/WorkManager notifications for rent, maintenance, or admin updates.
  • Generate PDF exports for administrators and satisfy legal/audit obligations.

4. Data Sharing & Transfers

  • Hosting: Production workloads live on Microsoft Azure (SQL Database + App Service) in UAE North.
  • Payments: PayFast receives the minimum required data to process transactions and returns tokens/webhooks.
  • Storage: Media uploads (maintenance photos, supporting documents) reside in Azure Blob Storage.

We do not sell personal data. Access is restricted to Tenantree administrators and trusted service providers under confidentiality agreements.

5. Retention

  • Account and lease records persist for the tenancy duration plus legal requirements (minimum 5 years).
  • Maintenance logs, escalations, chatbot transcripts, and reports are stored for at least 3 years.
  • Offline cache on Android is cleared automatically after sync or when the user signs out.

6. User Controls

  • Update profile details, language preferences, and notification settings in-app.
  • Request account deletion or data export via the privacy contact below (identity verification required).
  • Revoke Google Sign-In from your Google Account security settings.
  • Disable push notifications inside the app or through Android system settings.

7. Security Measures

  • HTTPS/TLS enforced for all API traffic.
  • Azure SQL with Transparent Data Encryption, firewall rules, and role-based access.
  • JWT authentication with role claims; tokens stored via EncryptedSharedPreferences.
  • Sensitive secrets (PayFast, JWT keys) stored in Azure App Settings/Key Vault.
  • Maintenance/PDF files shared through FileProvider to avoid exposing raw paths.

8. Children’s Privacy

Tenantree targets adults who manage or occupy rental properties. We do not knowingly collect data from children under 13; any discovered records are removed promptly.

9. International Transfers

Data is stored and processed in the United Arab Emirates (Azure UAE North). Accessing Tenantree from another region may involve transferring your information outside your jurisdiction.

10. Updates

We may revise this policy as features evolve. Significant changes are communicated via in-app announcements or release notes. Continued use after an update signifies acceptance of the revised terms.

11. Contact

Send privacy questions, data requests, or incident reports to our privacy team.

Tenantree Privacy Office Email: mailtenantree@gmail.com