Privacy Policy

Last updated: May 2026

1. Who We Are

TenancyCheck is an online service that analyses UK tenancy agreements using artificial intelligence. References to "we", "us", or "our" in this policy refer to TenancyCheck.

For any privacy-related enquiries, please contact us at: [tenancycheck@post.com]

2. What Data We Collect

We collect the minimum data necessary to provide our service:

• Payment information: Processed securely by Stripe. We never see or store your full card details.
• PDF document content: The text extracted from your uploaded tenancy agreement is sent to our AI provider for analysis. It is processed in real time and never stored on our servers.
• Technical data: Standard server logs including IP address and browser type, retained for up to 30 days for security purposes.

We do not create user accounts and do not store any documents you upload.

3. Legal Basis for Processing

Under UK GDPR, we process your data on the following legal bases:

• Contract performance: Processing your payment and delivering the analysis you have paid for.
• Legitimate interests: Maintaining security logs to protect against fraud and abuse.

4. How We Use Your Data

We use your data solely to:

• Process your payment via Stripe
• Analyse your tenancy agreement and return results to you
• Maintain security and prevent fraudulent activity

We do not sell, rent, or share your personal data with any third party for marketing purposes.

5. Third Parties

We use the following third-party services to operate:

• Stripe: Payment processing. Stripe is PCI-DSS compliant. See Stripe's privacy policy at stripe.com/privacy.
• Anthropic: AI analysis of document text. Text is sent to Anthropic's API for processing and is not retained. See Anthropic's privacy policy at anthropic.com/privacy.
• Vercel: Website hosting. See Vercel's privacy policy at vercel.com/legal/privacy-policy.

6. Data Retention

We retain data for the following periods:

• Document content: Not retained. Processed in real time and discarded immediately.
• Payment records: Retained by Stripe in accordance with their legal obligations (typically 7 years).
• Server logs: Retained for up to 30 days.

7. Your Rights Under UK GDPR

You have the following rights regarding your personal data:

• Right of access: Request a copy of the personal data we hold about you.
• Right to rectification: Request correction of inaccurate data.
• Right to erasure: Request deletion of your data where we have no legal obligation to retain it.
• Right to object: Object to processing based on legitimate interests.
• Right to complain: Lodge a complaint with the Information Commissioner's Office (ICO) at ico.org.uk.

To exercise any of these rights, contact us at: [CONTACT EMAIL]

8. Cookies

We use the following cookies:

• Strictly necessary cookies: Set by Stripe for fraud prevention during checkout. These do not require your consent.
• Preference cookies: Used to remember your cookie consent choice.
• Google Fonts: We load fonts from Google Fonts, which may set cookies. We only load these after you have given consent via our cookie banner.

9. Changes to This Policy

We may update this policy from time to time. The date at the top of this page will reflect when it was last revised. Continued use of the service after changes constitutes acceptance of the updated policy.

10. Contact

For any privacy-related questions or to exercise your rights, please contact us at: [CONTACT EMAIL]

You also have the right to contact the Information Commissioner's Office (ICO) if you have concerns about how we handle your data: ico.org.uk