DwellBridgeDwellBridge

Last updated: March 2026

Privacy Policy

Your privacy matters to us. This policy explains how DwellBridge collects, uses, stores, and protects personal data in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

1. Who We Are

DwellBridge is an AI-first housing operations platform operated by DwellBridge Ltd, a company registered in England and Wales. We provide compliance, maintenance, and tenancy management tools to UK property managers, letting agents, and housing associations.

For the purposes of data protection law, DwellBridge Ltd is the data controller. Where we process data on behalf of our customers (e.g. tenant records), we act as a data processor under a Data Processing Agreement.

2. Data We Collect

We collect the following categories of personal data:

  • Account data — name, email address, organisation name, and role when you create an account or are invited to a workspace.
  • Tenant and property data — information uploaded by our customers including tenant contact details, tenancy agreements, property addresses, and compliance records.
  • Communications data — messages exchanged via WhatsApp, SMS, email, Telegram, and voice calls routed through our platform, including call recordings where consent is obtained.
  • Usage data — pages visited, features used, session duration, browser type, and IP address for analytics and service improvement.
  • Payment data — billing information processed by our payment provider (Stripe). We do not store full card numbers.

3. How We Use Your Data

We process personal data to:

  • Provide and maintain the DwellBridge platform
  • Power AI agents that triage maintenance requests, track compliance deadlines, and manage tenant communications
  • Send transactional notifications (e.g. compliance alerts, maintenance updates, rent reminders)
  • Process payments and manage subscriptions
  • Improve our services through aggregated, anonymised usage analytics
  • Comply with legal obligations including housing regulations

4. Legal Basis for Processing

We rely on the following legal bases under UK GDPR:

  • Contract performance — processing necessary to deliver the services you have subscribed to.
  • Legitimate interests — improving our platform, preventing fraud, and ensuring security, where these interests are not overridden by your rights.
  • Legal obligation — processing required by law, such as maintaining records for housing compliance or responding to regulatory enquiries.
  • Consent — where required, such as for recording voice calls or sending marketing communications. You may withdraw consent at any time.

5. Data Retention

We retain personal data only for as long as necessary to fulfil the purposes for which it was collected:

  • Account data — retained while your account is active, plus 30 days after deletion request for recovery purposes.
  • Tenant and property data — retained for the duration of the customer's subscription, then deleted within 90 days of contract termination unless required by law.
  • Communications data — retained for up to 12 months, or longer where required by housing regulations or legal proceedings.
  • Usage data — anonymised after 24 months.

6. Your Rights

Under the UK GDPR, you have the following rights in relation to your personal data:

  • Access — request a copy of the personal data we hold about you.
  • Rectification — ask us to correct inaccurate or incomplete data.
  • Erasure — request deletion of your personal data where there is no compelling reason for continued processing.
  • Restriction — ask us to restrict processing in certain circumstances.
  • Data portability — receive your data in a structured, machine-readable format.
  • Objection — object to processing based on legitimate interests.

To exercise any of these rights, contact us at privacy@dwellbridge.io. We will respond within 30 days. You also have the right to lodge a complaint with the Information Commissioner's Office (ICO).

7. Cookies

We use cookies and similar technologies to maintain sessions, remember preferences, and understand how you use our platform.

  • Essential cookies — required for authentication and core functionality. Cannot be disabled.
  • Analytics cookies — help us understand usage patterns. You can opt out via your browser settings or our cookie preferences.

We do not use advertising cookies or sell your data to third parties.

8. Third-Party Services

We share data with trusted third-party service providers who process data on our behalf under strict contractual terms:

  • Supabase — database hosting and authentication
  • Anthropic — AI model provider for agent capabilities
  • Twilio — SMS and WhatsApp messaging delivery
  • Resend — transactional email delivery
  • Retell AI — voice call handling
  • Stripe — payment processing

Each provider is bound by data processing agreements and is required to implement appropriate security measures.

9. International Transfers

Where personal data is transferred outside the UK (for example, to service providers based in the United States), we ensure appropriate safeguards are in place. These include Standard Contractual Clauses (SCCs) approved by the ICO, adequacy decisions, or the provider's participation in recognised data protection frameworks.

10. Changes to This Policy

We may update this privacy policy from time to time to reflect changes in our practices or legal requirements. We will notify you of material changes by email or through a notice on our platform. The “Last updated” date at the top of this page indicates when the policy was last revised.

11. Contact

If you have questions about this privacy policy or how we handle your data, contact us at:

privacy@dwellbridge.io

This policy should be reviewed by a qualified solicitor before go-live.