Privacy Policy

For the purposes of this policy and your use of our website and account, The Letting Desk Ltd is the data controller. Where you use The Letting Desk to manage your own properties, tenancies and tenants, you are the controller of that data and we act as your processor — see our Data Processing Addendum.

Account and contact data

Your name, business name, email address, phone number, role, and billing details when you register, subscribe or contact us.

Usage and device data

Information about how you interact with the Service, including log data, IP address, browser type, and pages visited, collected through essential and (where you consent) analytics cookies.

Customer Data you upload

Property, tenancy, tenant, financial and compliance records you add to your account. This may include personal data about your tenants and applicants, which we process on your behalf as a processor.

We use personal data to:

• provide, maintain, secure and improve the Service;
• set up and administer your account and process payments;
• provide customer support and respond to your enquiries;
• send service and transactional messages, and (where permitted) relevant product updates;
• detect, prevent and investigate fraud, abuse and security incidents; and
• comply with our legal and regulatory obligations.

Under UK GDPR we rely on the following lawful bases: performance of a contract (to provide the Service to you); legitimate interests (to run, secure and improve our business, balanced against your rights); consent (for non-essential cookies and certain marketing); and legal obligation (for example, to keep accounting records).

We do not sell your personal data. We share it only with trusted sub-processors who help us run the Service — for example cloud hosting, payment processing, email delivery, and analytics providers. Each is bound by contractual obligations to protect your data. We may also disclose data where required by law or to protect our legal rights.

Where personal data is transferred outside the UK, we ensure an appropriate safeguard is in place, such as the UK International Data Transfer Agreement or addendum to the EU Standard Contractual Clauses, so that your data receives an equivalent level of protection.

We keep personal data only for as long as necessary for the purposes described in this policy, including to meet legal, accounting and reporting requirements. After you cancel, Customer Data remains available for export for a limited period before deletion, in line with the terms agreed with you.

We implement appropriate technical and organisational measures to protect personal data, including encryption in transit, access controls, and regular review of our practices. No system is completely secure, but we work hard to safeguard your information and will notify you and the ICO of a personal data breach where required.

Under UK GDPR you have the right to:

• access the personal data we hold about you;
• request correction of inaccurate or incomplete data;
• request erasure of your data in certain circumstances;
• object to or restrict processing, and to data portability; and
• withdraw consent at any time where we rely on consent.

To exercise any of these rights, contact us using the details below. You also have the right to lodge a complaint with the ICO at ico.org.uk, although we would welcome the chance to address your concerns first.

We use cookies and similar technologies as described in our Cookie Policy. You can change your preferences at any time using the “Cookie settings” link.

If you have questions about this policy or how we handle your data, contact us at support@thelettingdesk.com.