RentSure
    RentSure
    Start free trial

    Privacy Policy

    Last updated: 22 December 2025

    1. Introduction

    RSure Ltd. ("RentSure", "we", "us", or "our") is committed to protecting your privacy and ensuring the security of your personal data. This Privacy Policy explains how we collect, use, store, and protect your information in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

    RSure Ltd. is the data controller responsible for your personal data. If you have any questions about this Privacy Policy or our data practices, please contact us using the details provided at the end of this document.

    2. What Data We Collect

    We collect and process the following categories of personal data:

    CategoryExamples
    Identity DataFirst name, last name, date of birth, email address, phone number
    Property DataProperty addresses, property type, number of bedrooms/bathrooms, EPC ratings, HMO licence details
    Tenancy DataTenancy agreements, start/end dates, rent amounts, deposit details, deposit protection information
    Financial DataBank account numbers, sort codes, rent payment records, transaction references
    Compliance DataGas safety certificates, electrical certificates, right to rent check records, compliance documents
    Technical DataIP address, browser type and version, device information, usage data

    3. Legal Basis for Processing

    We process your personal data under the following legal bases as defined by UK GDPR:

    • Contract Performance (Article 6(1)(b)): Processing necessary to perform our contract with you and provide our property management services.
    • Legal Obligation (Article 6(1)(c)): Processing necessary to comply with UK landlord legislation, including gas safety regulations, electrical safety standards, deposit protection requirements, and right to rent checks.
    • Legitimate Interests (Article 6(1)(f)): Processing necessary for our legitimate business interests, such as improving our services, fraud prevention, and security.
    • Consent (Article 6(1)(a)): Where you have given explicit consent for specific processing activities, such as marketing communications.

    4. How We Use Your Data

    We use your personal data for the following purposes:

    • Managing your properties and tenancies
    • Processing rent payments and generating financial records
    • Tracking compliance deadlines and sending reminder notifications
    • Storing and organising compliance documents (gas certificates, EPC reports, etc.)
    • Managing tenant information and Right to Rent verification
    • Providing customer support and responding to your enquiries
    • Improving our platform and developing new features
    • Ensuring the security of our systems and preventing fraud

    5. Data Sharing and Sub-processors

    We share your personal data with carefully selected third-party service providers (sub-processors) who assist us in delivering our services. All sub-processors are bound by contractual obligations to process your data securely and in accordance with UK GDPR.

    Sub-processorPurposeLocation
    Amazon Web Services (AWS)Cloud infrastructure, file storage, data hostingEU (Europe West Region)
    SupabaseDatabase hosting, user authenticationEU
    PostmarkTransactional email deliveryEU/US (with EU SCCs)

    We may also share your data with regulatory authorities, law enforcement agencies, or other third parties where required by law or to protect our legal rights.

    6. International Data Transfers

    Your personal data is primarily stored and processed within the European Union and United Kingdom. Our primary infrastructure provider, Amazon Web Services, hosts data in the Europe West Region (Ireland/Frankfurt).

    Where data is transferred outside the UK or EU, we ensure appropriate safeguards are in place, including Standard Contractual Clauses (SCCs) approved by the UK Information Commissioner's Office and/or the European Commission, and adequacy decisions where applicable.

    7. Data Retention

    We retain your personal data for as long as necessary to fulfil the purposes for which it was collected, including:

    • Account data: Retained for the duration of your account and for 6 years after account closure for legal and regulatory purposes.
    • Tenancy records: Retained for 6 years after the tenancy ends, in line with limitation periods for legal claims.
    • Compliance documents: Retained for the legally required period (e.g., gas safety certificates for 2 years, or longer where required).
    • Financial records: Retained for 6 years as required by HMRC for tax purposes.

    8. Your Rights Under UK GDPR

    Under UK GDPR, you have the following rights regarding your personal data:

    • Right of Access: You can request a copy of the personal data we hold about you.
    • Right to Rectification: You can request correction of inaccurate or incomplete data.
    • Right to Erasure: You can request deletion of your data in certain circumstances ("right to be forgotten").
    • Right to Restrict Processing: You can request that we limit how we use your data.
    • Right to Data Portability: You can request your data in a structured, machine-readable format.
    • Right to Object: You can object to processing based on legitimate interests or for direct marketing.
    • Rights Related to Automated Decision-Making: You have rights regarding decisions made solely by automated means.

    To exercise any of these rights, please contact us using the details in Section 12. We will respond to your request within one month.

    9. Cookies

    Our platform uses cookies and similar technologies to enhance your experience, analyse usage, and provide certain functionality. We use the following types of cookies:

    • Essential cookies: Required for the platform to function correctly, including authentication and security.
    • Analytics cookies: Help us understand how users interact with our platform to improve our services.
    • Preference cookies: Remember your settings and preferences.

    You can manage cookie preferences through your browser settings. Please note that disabling certain cookies may affect platform functionality.

    10. Data Security

    We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, alteration, disclosure, or destruction. These measures include:

    • Encryption of data in transit (TLS/SSL) and at rest
    • Row-level security policies to ensure users can only access their own data
    • Secure authentication with password hashing and optional multi-factor authentication
    • Regular security assessments and monitoring
    • Access controls limiting data access to authorised personnel only

    11. Children's Privacy

    Our services are not intended for individuals under the age of 18. We do not knowingly collect personal data from children. If you believe we have inadvertently collected data from a child, please contact us immediately so we can delete it.

    12. Contact Us

    If you have any questions about this Privacy Policy, wish to exercise your data protection rights, or have concerns about how we handle your data, please contact us:

    RSure Ltd.

    Data Protection Officer

    Email: privacy@rentsure.io

    If you are not satisfied with our response, you have the right to lodge a complaint with the Information Commissioner's Office (ICO):

    Information Commissioner's Office

    Website: ico.org.uk

    Helpline: 0303 123 1113

    13. Changes to This Privacy Policy

    We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements. We will notify you of any material changes by posting a prominent notice on our platform or by sending you an email. We encourage you to review this Privacy Policy periodically.