Last updated: December 8, 2025
This Privacy Policy explains how QRentify ("QRentify", "we", "our", or
"us") collects, uses, stores, and protects the personal data of
agencies, tenants, and visitors who use our services through
qrentify.com (the "Site") and associated digital tools (the
"Services").
By using QRentify, you agree to the practices described in this
Privacy Policy.
QRentify is committed to complying with the General Data Protection
Regulation (GDPR) and applicable Estonian data protection
laws.
1. Data Controller & Data Processor Roles
1.1. Real-estate agencies
Real-estate agencies using QRentify are considered
Data Controllers for tenant data submitted through the
platform.
1.2. QRentify acts as:
-
A Data Processor for tenant data processed on behalf
of agencies
-
A Data Controller for data necessary to operate and
improve the platform (account data, analytics, technical logs, etc.)
1.3. Contact
2. Information We Collect
We collect personal data in three ways:
2.1. Information tenants provide directly
This may include:
- Name, email, phone number
- Identification documents
- Proof of income, employment documents
- Residence history
- Any additional information required by agencies
- Uploaded documents and attachments
2.2. Information agencies provide
This may include:
- Agency name
- Contact details
- Billing information
- Subscription and payment information
2.3. Information we collect automatically
When users access QRentify, we may collect:
- IP address
- Device type, operating system, browser information
- Pages visited, referring URLs
- Interaction logs
- Session duration
- Cookie data (see Cookie Policy)
This data is used to maintain platform stability, security, and
functionality.
3. How We Use Personal Data
3.1. To operate the Service
- Transmitting tenant applications to agencies
- Enabling agencies to receive and review dossiers
- Storing tenant documents for the defined retention period
- Managing agency accounts
- Processing subscription payments
- Sending invoices by email
- Maintaining platform security and performance
3.2. To communicate with users
- Service updates
- Technical notifications
- Customer support
- Payment confirmations
- Legal or policy updates
3.3. To improve QRentify
We may use aggregated, anonymized, or statistical data to:
- Improve platform features
- Analyse use patterns
-
Develop future business opportunities (e.g., aggregated market
insights)
⚠️
We never resell or share personally identifiable tenant data
without explicit consent.
3.4. Legal compliance
We may process or disclose data when required:
- To comply with Estonian or EU law
- To respond to legal requests
- To prevent fraud or abuse
4. Legal Basis for Processing (GDPR)
QRentify processes personal data based on:
-
Contract necessity (providing services to agencies
and tenants)
-
User consent (document uploads, cookies, optional
features)
-
Legitimate interests (fraud prevention, analytics,
improving services)
-
Legal obligations (tax, invoicing, data retention
laws)
5. Data Retention
5.1. Tenant data
Tenant documents and application data are stored for a
maximum of 3 months. After this period, files are
automatically deleted unless required by law or requested earlier.
5.2. Anonymized data
Aggregated and anonymized data may be stored indefinitely for
statistical or operational purposes.
5.3. Agency responsibility
Agencies may download tenant documents; once downloaded, they become the
agency's responsibility.
6. User Rights
Under GDPR, tenants and agencies have the right to:
- Access their personal data
- Correct inaccurate data
- Delete their data ("right to be forgotten")
- Restrict processing
- Object to processing
- Request data portability
- Withdraw consent at any time
7. Data Sharing
We may share data with:
- Agencies receiving tenant applications
- Payment processors (for agency subscriptions)
- Hosting providers
- Email service providers
- IT security or analytics tools
All third-party providers are selected for GDPR compliance.
⚠️
QRentify does not sell personal data or share identifiable tenant
information for marketing purposes.
8. International Data Transfers
Data may be processed or hosted outside Estonia. When transfers occur,
we ensure:
- Adequate protection under GDPR
- Data processing agreements
- Secure hosting environments
9. Security Measures
QRentify employs industry-standard safeguards:
- HTTPS + encryption
- Secure hosting infrastructure
- Access controls and authentication
- Regular backups
- 3-month automatic deletion cycles
- Periodic security updates
However, no system is completely secure; users share data at their own
risk.
10. Payments
10.1. Payments are processed securely by third-party
payment providers.
10.2. QRentify does not store credit card information.
10.3. An invoice is sent automatically after each
payment.
11. Cookies
QRentify uses essential cookies and may use optional analytics cookies.
For more information, see our
Cookie Policy.
12. Changes to This Privacy Policy
QRentify may update this Privacy Policy from time to time. Significant
changes will be noted on this page with a new "Last updated" date.
Continued use of the Services indicates acceptance of changes.
13. Contact