Privacy Policy — Dealyze

We built Dealyze to help real estate investors work faster — not to harvest your data. This policy explains what we collect, why we collect it, and how we protect it. We've written it in plain language so you actually understand it.

1. Information We Collect

We collect only what we need to provide the service:

Uploaded documents — PDFs you upload (rent rolls, T12s, offering memos, appraisals). These are processed to generate your underwriting analysis.
Account email — Your email address, used to send your customer ID, receipts, and product updates (with your consent).
IP address and device info — Collected automatically for security, fraud prevention, and basic usage analytics.
Usage data — Pages visited, features used, and actions taken within the app. Used to improve the product.

2. How We Use Your Information

We use your information solely to provide and improve the Dealyze service:

Process your uploaded documents to generate underwriting analyses.
Send transactional emails (receipts, customer ID, account notices).
Improve the product based on how it's being used.
Detect and prevent fraud or abuse.

        We do not use your documents to train AI models. We do not use your data for advertising. We do not sell your information to third parties — ever.
      

3. Data Retention

We keep your data only as long as necessary:

Uploaded documents — Automatically deleted within 24 hours of processing. We do not store your financial documents long-term.
Analysis results — Stored and associated with your account so you can review past analyses. Deleted when you close your account.
Account data — Retained while your account is active. Deleted within 30 days of account closure upon request.
Billing records — Retained as required by law (typically 7 years) for tax and accounting purposes.

4. Data Security

We take reasonable and industry-standard steps to protect your data:

All data transmitted between your browser and our servers uses 256-bit TLS encryption.
Data stored on our servers is encrypted at rest using AES-256.
Access to production systems is restricted to authorized personnel with multi-factor authentication.
We conduct regular security reviews.

No system is 100% secure. If you discover a security vulnerability, please contact us at [email protected].

5. Third-Party Services

We use a small number of trusted third-party services to operate Dealyze:

OpenAI — Used to extract financial data from your uploaded documents. Documents are processed via OpenAI's API and are subject to OpenAI's data processing terms. OpenAI is GDPR-compliant and does not use API inputs to train models by default.
Stripe — Used to process payments. Stripe is PCI-DSS compliant and GDPR-compliant. We never store your full card details.
Railway — Used to host the Dealyze application. Railway operates on infrastructure that meets SOC 2 compliance standards.

We do not use advertising networks, social media trackers, or analytics services that sell your data.

6. Your Rights

Depending on where you live, you have certain rights regarding your personal data:

California residents (CCPA):

Right to know what personal information we collect and how it's used.
Right to delete your personal information.
Right to opt out of the sale of personal information (we don't sell it, but you have this right).
Right to non-discrimination for exercising your privacy rights.

EU/UK residents (GDPR):

Right of access — request a copy of your personal data.
Right to rectification — correct inaccurate data.
Right to erasure — request deletion of your data.
Right to data portability — receive your data in a structured format.
Right to object — object to certain types of processing.

To exercise any of these rights, email us at [email protected]. We will respond within 30 days.

7. Do Not Sell My Personal Information

        We do not sell personal information. Ever. Dealyze does not sell, rent, or trade your personal information to any third party for commercial purposes.
      

If you have any questions about this, contact us at [email protected].

8. Changes to This Policy

We may update this Privacy Policy from time to time. When we do, we'll update the "Last updated" date at the top of this page. For material changes, we'll notify you by email. Your continued use of Dealyze after changes take effect means you accept the updated policy.

9. Contact Us

Questions about this Privacy Policy? We're happy to help.

Email: [email protected]
Website: getdealyze.com