Version 1.0
Effective Date: January 1, 2025
Last Updated: January 1, 2025
Pijexa ("we", "our", or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our property management platform.
This policy complies with the General Data Protection Regulation (GDPR), California Consumer Privacy Act (CCPA), and other applicable data protection laws.
We collect the following types of personal information:
Account Information: Name, email address, phone number, password
Profile Information: Profile photo, emergency contacts, preferences
Property Information: Property addresses, unit details, lease agreements
Financial Information: Bank account details (for ACH payments), payment history, invoices
Tenant Screening Data: Social Security Number, date of birth, credit reports, background checks, employment history, references
Communication Data: Messages, maintenance requests, support tickets
Document Uploads: Lease agreements, ID documents, proof of income, photos
Usage Data: Pages viewed, features used, time spent on platform
Device Information: IP address, browser type, operating system, device identifiers
Cookies: Session cookies, authentication tokens, analytics cookies
Location Data: IP-based location (not GPS tracking)
Screening Services: Credit reports from TransUnion, background checks from Checkr
Payment Processors: Transaction details from Stripe
Authentication Providers: OAuth profile data (if using social login)
Create and manage user accounts
Process rental applications and tenant screening
Facilitate rent and bill payments
Manage maintenance requests and work orders
Store and share lease documents
Track city violations and compliance
Enable communication between landlords, managers, and tenants
Improve and optimize our platform
Provide customer support
Detect and prevent fraud
Ensure platform security
Comply with legal obligations
Enforce our Terms of Service
Send transactional emails (payment confirmations, maintenance updates)
Send service notifications (lease renewals, payment reminders)
Send marketing communications (only with your consent)
Respond to your inquiries
4. Legal Basis for Processing (GDPR)
We process your personal data based on the following legal grounds:
Contractual Necessity: To fulfill our contract with you (service delivery)
Consent: For marketing communications and optional features
Legitimate Interests: Fraud prevention, security, platform improvement
Legal Obligation: Tax compliance, Fair Housing Act compliance, anti-money laundering
5. How We Share Your Information
Property owners can view information about their properties and tenants
Property managers can access data for properties they manage
Tenants can view their own lease, payment, and maintenance data
Super admins can access customer data for support and platform management (with audit logging)
We share data with third-party service providers who assist us:
Payment Processing: Stripe (credit card and ACH payments)
Tenant Screening: Rentspree, TransUnion, Checkr, TurboTenant
Email Services: Resend or SendGrid (transactional emails)
Cloud Hosting: Vercel (application hosting), AWS or Vercel Blob (file storage)
Analytics: Vercel Analytics (usage statistics)
Error Tracking: Sentry (application monitoring)
We may disclose your information when required by law:
In response to court orders, subpoenas, or legal process
To comply with government investigations
To protect our rights or property
To investigate fraud or security issues
To comply with Fair Housing Act reporting requirements
If Pijexa is acquired, merged, or sold, your information may be transferred to the acquiring entity. We will notify you before your information is transferred and becomes subject to a different privacy policy.
6. Data Security
We implement industry-standard security measures to protect your information:
Encryption: All data transmitted over HTTPS/TLS, sensitive data encrypted at rest
Access Controls: Role-based access control (RBAC), multi-factor authentication for admins
Audit Logging: All admin access to sensitive data is logged with justification
Data Masking: Personal identifiable information (PII) is masked by default in admin views
Regular Backups: Daily automated backups with encryption
Vulnerability Scanning: Regular security audits and penetration testing
Employee Training: Staff trained on data protection and privacy best practices
While we strive to protect your information, no method of transmission over the internet is 100% secure. We cannot guarantee absolute security.
7. Data Retention
We retain your information for as long as necessary to provide our services and comply with legal obligations:
Active Accounts: Data retained while account is active and for 7 years after account closure (for legal/tax purposes)
Inactive Accounts: Accounts inactive for 3+ years may be scheduled for deletion (with 30-day notice)
Financial Records: Retained for 7 years to comply with tax laws
Tenant Screening Reports: Retained for 7 years per Fair Housing requirements
Lease Documents: Retained for 7 years after lease termination
Communication Logs: Retained for 3 years
Audit Logs: Retained for 7 years for compliance purposes
Right to Access: Request a copy of your personal data
Right to Rectification: Correct inaccurate or incomplete data
Right to Erasure: Request deletion of your data ("right to be forgotten")
Right to Restriction: Limit how we use your data
Right to Data Portability: Receive your data in a machine-readable format (JSON, CSV, PDF)
Right to Object: Object to processing based on legitimate interests
Right to Withdraw Consent: Withdraw consent for marketing or optional processing
Right to Lodge a Complaint: File a complaint with your data protection authority
Right to Know: Request disclosure of data collected, used, and shared
Right to Delete: Request deletion of your personal information
Right to Opt-Out: Opt out of sale of personal information (we do not sell your data)
Right to Non-Discrimination: We will not discriminate for exercising your rights
To exercise any of these rights, contact us at:
Email: privacy@pijexa.com
In-app: Settings → Privacy → Request Data Export/Deletion
We will respond to your request within 30 days (GDPR) or 45 days (CCPA).
9. Children's Privacy
Pijexa is not intended for children under 18 years of age. We do not knowingly collect personal information from children. If you believe we have collected information from a child, please contact us immediately and we will delete it.
10. Cookies and Tracking
We use the following types of cookies:
Essential Cookies: Required for authentication and core functionality (cannot be disabled)
Analytics Cookies: Track usage patterns to improve the platform (can be disabled)
Preference Cookies: Remember your settings and preferences
You can control cookies through your browser settings. Disabling essential cookies may prevent you from using certain features.
Your information may be transferred to and processed in countries other than your own. We ensure appropriate safeguards are in place:
Standard Contractual Clauses (SCCs) for GDPR compliance
Data Processing Agreements (DPAs) with all service providers
Adequacy decisions where applicable
We will only send you marketing communications if you have opted in. You can unsubscribe at any time by:
Clicking the "Unsubscribe" link in any marketing email
Updating your preferences in Settings → Notifications
Emailing us at privacy@pijexa.com
Note: You cannot opt out of transactional emails (payment confirmations, lease renewals, security alerts).
Our platform may contain links to third-party websites (e.g., screening services, payment processors). We are not responsible for the privacy practices of these external sites. Please review their privacy policies before providing any information.
In the event of a data breach that affects your personal information, we will:
Notify affected users within 72 hours (GDPR requirement)
Notify relevant data protection authorities
Provide details about the breach and steps we are taking
Offer guidance on how to protect yourself
We may update this Privacy Policy from time to time. We will notify you of material changes by:
Sending an email to your registered email address
Displaying a prominent notice in the platform
Updating the "Last Updated" date at the top of this policy
Your continued use of the Service after notification constitutes acceptance of the updated policy.
If you have any questions or concerns about this Privacy Policy or our data practices, please contact us:
Email: privacy@pijexa.com
Data Protection Officer: dpo@pijexa.com
If you are located in the European Economic Area (EEA), you have the right to lodge a complaint with your local data protection authority.
If you are located in California, you can contact the California Attorney General's Privacy Enforcement office.
By using Pijexa, you acknowledge that you have read, understood, and agree to this Privacy Policy.