Privacy Policy for PropDesk
Last Updated: December 12, 2025
Introduction
PropDesk ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our Property Management mobile application ("App" or "Service").
By accessing or using PropDesk, you agree to the collection and use of information in accordance with this policy. If you do not agree with our policies and practices, do not use our Service.
Information We Collect
Personal Information
- Account Information: Name, email address, password (encrypted and hashed)
- Property Data: Property addresses, values, descriptions, purchase dates, and related information
- Tenant Information: Contact details, lease terms, rent information, payment history
- Documents: Property documents, tenant documents, owner documents, contracts, invoices, receipts
- User Roles: Access levels and permissions assigned to team members
- Financial Information: Property values, rent amounts, income data (stored securely)
Device Information
- Device identifiers and fingerprints for security and fraud prevention
- Biometric authentication data (stored locally on device only, never transmitted to our servers)
- Device integrity information for security purposes
- Operating system version and device model (for technical support)
Usage Information
- Login timestamps and session data
- Security events and authentication attempts
- App usage patterns (for security monitoring and service improvement only)
- Error logs and crash reports (anonymized)
Automatically Collected Information
- IP address (for security and fraud prevention)
- Browser type and version (if applicable)
- Time zone and location data (general, not precise)
- Cookies and similar tracking technologies
How We Use Your Information
We use the information we collect to:
- Provide, maintain, and improve the Property Management service
- Authenticate users and secure access to the application
- Send verification codes via email for two-factor authentication
- Manage properties, tenants, and related documentation
- Enforce security measures and detect suspicious activity
- Comply with legal obligations and respond to legal requests
- Provide customer support and respond to inquiries
- Send important service updates and notifications
- Analyze usage patterns to improve user experience
- Prevent fraud, abuse, and unauthorized access
Data Security
We implement industry-standard security measures to protect your information:
- Encryption: All data is encrypted in transit (HTTPS/TLS) and at rest using AES-256 encryption
- Authentication: Mandatory two-factor authentication (2FA) via email
- Password Security: Passwords are hashed using SHA-256 with salt and never stored in plain text
- Session Management: Automatic session timeout after 30 minutes of inactivity
- Rate Limiting: Protection against brute-force attacks and automated abuse
- Input Sanitization: Protection against SQL injection, XSS attacks, and other vulnerabilities
- Regular Security Audits: We conduct regular security assessments and updates
- Access Controls: Limited access to personal data on a need-to-know basis
Important: No method of transmission over the Internet or electronic storage is 100% secure. While we strive to use commercially acceptable means to protect your information, we cannot guarantee absolute security.
Data Storage
- All data is stored securely on our backend servers using PostgreSQL with encryption at rest
- Sensitive data is encrypted before storage using industry-standard encryption algorithms
- No sensitive information (passwords, financial data) is stored locally on your device
- Biometric data (Face ID/Touch ID) is stored locally on your device only and never transmitted to our servers
- Data backups are encrypted and stored in secure, geographically distributed locations
- We retain data in accordance with our Data Retention policy (see below)
Data Sharing and Disclosure
We do not sell, trade, or rent your personal information to third parties for marketing purposes. We may share information only:
With Your Consent
- With authorized team members based on their assigned access levels
- When you explicitly authorize sharing with third parties
Legal Requirements
- When required by law, legal process, or government request
- To comply with subpoenas, court orders, or other legal obligations
- To protect our rights, property, or safety, or that of our users or others
- In connection with any legal investigation or proceeding
Service Providers
- With trusted third-party service providers who assist in operating our Service (e.g., email delivery, hosting, analytics)
- These providers are contractually obligated to protect your information and use it only for specified purposes
Business Transfers
- In connection with any merger, acquisition, reorganization, or sale of assets, your information may be transferred as part of that transaction
Third-Party Services
SendGrid
We use SendGrid to send email verification codes and notifications. SendGrid's privacy policy applies to email delivery: https://www.sendgrid.com/policies/privacy/
Railway
Our backend infrastructure is hosted on Railway. Railway's privacy policy applies: https://railway.app/legal/privacy
Other Services
We may use additional third-party services for analytics, error tracking, and service improvement. These services are bound by their respective privacy policies and our data processing agreements.
Your Rights
You have the following rights regarding your personal information:
- Access: Request access to your personal information
- Correction: Correct inaccurate or incomplete information
- Deletion: Request deletion of your account and associated data
- Portability: Request a copy of your data in a portable format
- Objection: Object to certain processing of your information
- Restriction: Request restriction of processing in certain circumstances
- Withdrawal of Consent: Withdraw consent where processing is based on consent (may limit app functionality)
To exercise these rights, contact us at mehrshadghasemi77@gmail.com. We will respond to your request within 30 days.
Data Retention
We retain your information for as long as your account is active or as needed to provide services. We may retain certain information:
- For legal compliance (e.g., tax records, financial transactions)
- To resolve disputes and enforce agreements
- For security and fraud prevention purposes
- As required by applicable laws and regulations
Upon account deletion, we will delete or anonymize your personal information within 90 days, except where retention is required by law.
International Data Transfers
Your information may be transferred to and processed in countries other than your country of residence. These countries may have different data protection laws. We ensure appropriate safeguards are in place, including:
- Standard contractual clauses
- Adequacy decisions by relevant authorities
- Other legally recognized transfer mechanisms
Children's Privacy
Our app is not intended for users under the age of 18. We do not knowingly collect information from children under 18. If you believe we have collected information from a child under 18, please contact us immediately, and we will delete such information.
Data Breach Notification
In the event of a data breach that may affect your personal information, we will:
- Notify affected users within 72 hours of becoming aware of the breach (where required by law)
- Provide clear information about the nature of the breach
- Explain steps we are taking to address the breach
- Advise on steps you can take to protect yourself
User Responsibilities
You are responsible for:
- Maintaining the confidentiality of your account credentials
- All activities that occur under your account
- Ensuring the accuracy of information you provide
- Complying with all applicable laws and regulations when using the Service
- Not sharing your account with unauthorized persons
- Promptly notifying us of any unauthorized access or security breach
User Content and Intellectual Property
- You retain ownership of all content you upload to the Service
- By using the Service, you grant us a license to store, process, and display your content as necessary to provide the Service
- You are solely responsible for the content you upload and must ensure you have the right to share it
- We reserve the right to remove content that violates our terms or applicable laws
- Our Service, including its design, features, and functionality, is protected by intellectual property laws
Changes to This Policy
We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. We will:
- Update the "Last Updated" date at the top of this policy
- Notify you of material changes via email or in-app notification
- Provide a summary of significant changes when possible
Your continued use of the Service after changes become effective constitutes acceptance of the updated policy.
Disclaimer of Warranties
THE SERVICE IS PROVIDED "AS IS" AND "AS AVAILABLE" WITHOUT WARRANTIES OF ANY KIND, EITHER EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO:
- Warranties of merchantability
- Fitness for a particular purpose
- Non-infringement
- Accuracy, reliability, or completeness of data
- Uninterrupted or error-free operation
- Security of data transmission or storage
We do not guarantee that the Service will be available at all times, free from errors, or secure from unauthorized access.
Limitation of Liability
TO THE MAXIMUM EXTENT PERMITTED BY APPLICABLE LAW, PROPERTYDESK, ITS DEVELOPERS, AFFILIATES, AND SERVICE PROVIDERS SHALL NOT BE LIABLE FOR:
- Any indirect, incidental, special, consequential, or punitive damages
- Loss of profits, revenue, data, or use
- Business interruption
- Personal injury or property damage
- Any damages arising from use or inability to use the Service
OUR TOTAL LIABILITY SHALL NOT EXCEED THE AMOUNT YOU PAID FOR THE SERVICE IN THE 12 MONTHS PRECEDING THE CLAIM, OR $100, WHICHEVER IS GREATER.
Some jurisdictions do not allow the exclusion of certain warranties or limitation of liability, so some of the above limitations may not apply to you.
Indemnification
You agree to indemnify, defend, and hold harmless PropDesk, its developers, affiliates, and service providers from and against any claims, liabilities, damages, losses, costs, or expenses (including reasonable attorneys' fees) arising from:
- Your use of the Service
- Your violation of this Privacy Policy or Terms of Service
- Your violation of any rights of another party
- Content you upload or share through the Service
Service Availability and Modifications
- We reserve the right to modify, suspend, or discontinue the Service at any time
- We are not liable for any loss or damage resulting from service interruptions
- We may perform maintenance that temporarily limits access to the Service
- We reserve the right to limit or terminate access for violations of our terms
Force Majeure
We are not liable for any failure or delay in performance due to circumstances beyond our reasonable control, including:
- Natural disasters
- War, terrorism, or civil unrest
- Internet or telecommunications failures
- Government actions or regulations
- Acts of third parties
Governing Law and Dispute Resolution
- This Privacy Policy is governed by applicable laws
- Any disputes arising from this policy or the Service shall be resolved through good faith negotiation, binding arbitration (if applicable), or courts of competent jurisdiction
Severability
If any provision of this Privacy Policy is found to be unenforceable or invalid, that provision shall be limited or eliminated to the minimum extent necessary, and the remaining provisions shall remain in full force and effect.
Entire Agreement
This Privacy Policy, together with our Terms of Service, constitutes the entire agreement between you and PropDesk regarding the collection and use of your information.
Support - PropDesk
Property Management Made Simple
Welcome to PropDesk Support! We're here to help you with any questions or issues you may have with the app.
Contact Support
Frequently Asked Questions
How do I create an account?
Open the PropDesk app and tap "Sign Up" on the welcome screen. Enter your name, email address, and create a secure password. You'll receive a verification code via email to complete the two-factor authentication setup.
I'm not receiving the email verification code. What should I do?
Please check your spam/junk folder. If you still don't receive the code, wait a few minutes and try again. Make sure you're using the correct email address. If the problem persists, contact support with your email address.
How do I add a property?
Navigate to the Properties tab, tap the "+" button, and fill in the property details including address, size, value, and description. Tap "Save" to add the property to your portfolio.
How do I add tenants?
Go to the Tenants tab, tap the "+" button, and enter the tenant's information including contact details, lease terms, and rent information. You can associate tenants with specific properties.
How do I upload documents?
Navigate to the Documents tab, tap the "+" button, select the document type (Property, Tenant, or General), choose a file from your device, and add any relevant notes. You can associate documents with specific properties or tenants.
What are user roles and how do I manage them?
User roles allow property owners to control access levels for team members. Only owners can manage roles. Available roles include: View Only (can view information), Edit (can view and edit), and Full (can view, edit, and delete). Navigate to Settings > User Management to assign roles.
How does two-factor authentication (2FA) work?
PropDesk requires two-factor authentication for all users. When you sign in, you'll receive a 6-digit verification code via email. Enter this code to complete the login process. This adds an extra layer of security to protect your account.
I forgot my password. How do I reset it?
On the sign-in screen, tap "Forgot Password" and enter your email address. You'll receive instructions to reset your password via email.
How do I enable Face ID or Touch ID?
After signing in with your credentials and 2FA, the app will prompt you to enable biometric authentication. You can also enable it later in Settings > Security. Biometric authentication allows quick access while maintaining security.
What notifications does the app send?
PropDesk sends automatic notifications for:
- Upcoming lease expirations (30 days before expiration)
- Overdue rent payments
You can manage notification preferences in Settings.
Is my data secure?
Yes. PropDesk uses industry-standard security measures including:
- End-to-end encryption (HTTPS/TLS)
- Mandatory two-factor authentication
- Secure password hashing
- Automatic session timeout
- Regular security audits
For more details, see our Privacy Policy above.
Is PropDesk free to use?
Yes, PropDesk is completely free to use. There are no subscriptions, in-app purchases, or paid features. All functionality is available to all users at no cost.
Can I use PropDesk on multiple devices?
Yes, you can sign in to PropDesk on multiple iOS devices using the same account credentials. Your data will sync across all devices where you're signed in.
How do I delete my account?
To delete your account and all associated data, please contact support at mehrshadghasemi77@gmail.com with your request. We will process your deletion request within 30 days.
App Information
- App Name: PropDesk
- Version: 1.0.0
- Platform: iOS