AutoListing

    Privacy Policy

    Last updated: December 2024

    1. Introduction

    Streamlined Digital Tech Ltd ("we", "us", "our") is committed to protecting your personal data and respecting your privacy in accordance with the General Data Protection Regulation (GDPR) and the Irish Data Protection Act 2018.

    This Privacy Policy explains how we collect, use, store, and protect your personal data when you use our website and services.

    2. Data Controller

    The data controller responsible for your personal data is:

    Streamlined Digital Tech Ltd
    Registered in Ireland (CRO: 805162)
    Address: Castleblakeney, Ballinasloe, Co. Galway, Ireland, H53 YA97
    Email: peter@streamlinedai.tech

    Data Protection Officer: Peter Harris
    DPO Contact: privacy@autolisting.io

    3. What Personal Data We Collect

    We collect and process the following categories of personal data:

    3.1 Information You Provide

    • Account Information: Name, email address, password, organisation name
    • Billing Information: Payment card details (processed by Stripe), billing address, VAT number
    • Property Information: Property addresses, descriptions, images, valuations
    • Communications: Emails, support requests, feedback

    3.2 Information Collected Automatically

    • Technical Data: IP address, browser type and version, device information, operating system
    • Usage Data: Pages visited, features used, time spent on platform, click patterns
    • Cookies: See our Cookie Policy for details

    4. Legal Basis for Processing

    We process your personal data based on the following legal grounds under GDPR:

    • Contract Performance: Processing necessary to provide our services to you
    • Legitimate Interests: Improving our services, fraud prevention, security
    • Legal Obligation: Compliance with tax, accounting, and regulatory requirements
    • Consent: Marketing communications (where applicable)

    5. How We Use Your Data

    We use your personal data to:

    • Provide, maintain, and improve our services
    • Process transactions and send billing notifications
    • Respond to your enquiries and provide customer support
    • Send service-related communications (account updates, security alerts)
    • Analyse usage patterns to improve user experience
    • Prevent fraud and ensure platform security
    • Comply with legal obligations

    6. Data Sharing and Third Parties

    We may share your personal data with:

    • Supabase: Database hosting and authentication (EU servers)
    • Stripe: Payment processing (PCI-DSS compliant)
    • Google (Gemini AI): AI-powered features (with appropriate safeguards)
    • Resend: Email delivery services

    All third-party processors are bound by data processing agreements and are required to protect your data in accordance with GDPR requirements.

    We do not sell your personal data to third parties.

    7. International Data Transfers

    Some of our service providers may transfer data outside the European Economic Area (EEA). Where this occurs, we ensure appropriate safeguards are in place, including:

    • EU-US Data Privacy Framework certification
    • Standard Contractual Clauses (SCCs) approved by the European Commission
    • Binding Corporate Rules where applicable

    8. Data Retention

    We retain your personal data for the following periods:

    • Account Data: Duration of account plus 6 months after deletion
    • Billing Records: 7 years (Irish tax law requirement)
    • Property Listings: Duration of subscription plus 30-day grace period
    • Support Communications: 2 years
    • Usage Analytics: 26 months (aggregated/anonymised thereafter)

    9. Your Rights Under GDPR

    You have the following rights regarding your personal data:

    • Right of Access: Request a copy of your personal data
    • Right to Rectification: Correct inaccurate or incomplete data
    • Right to Erasure: Request deletion of your personal data
    • Right to Restrict Processing: Limit how we use your data
    • Right to Data Portability: Receive your data in a machine-readable format
    • Right to Object: Object to processing based on legitimate interests
    • Right to Withdraw Consent: Withdraw consent at any time (where processing is based on consent)

    To exercise any of these rights, please contact us at privacy@autolisting.io. We will respond within 30 days as required by GDPR.

    10. Data Security

    We implement appropriate technical and organisational measures to protect your personal data:

    • Encryption in transit (TLS 1.3) and at rest
    • Secure authentication with password hashing
    • Regular security assessments and updates
    • Access controls and audit logging
    • Employee training on data protection

    11. Children's Privacy

    Our services are not intended for individuals under 18 years of age. We do not knowingly collect personal data from children. If you believe we have inadvertently collected data from a child, please contact us immediately.

    12. Changes to This Policy

    We may update this Privacy Policy from time to time. We will notify you of material changes by email or prominent notice on our platform at least 30 days before the changes take effect. The "Last updated" date at the top indicates when changes were made.

    13. Complaints

    If you are not satisfied with our response to a privacy concern, you have the right to lodge a complaint with the Irish Data Protection Commission:

    Data Protection Commission (DPC)
    21 Fitzwilliam Square South, Dublin 2, D02 RD28, Ireland
    Website: https://www.dataprotection.ie

    14. Contact Us

    For questions about this Privacy Policy or our data practices, please contact:

    Email: privacy@autolisting.io
    Address: Castleblakeney, Ballinasloe, Co. Galway, Ireland, H53 YA97