Legal

Privacy Policy

Effective 28 April 2026

1. Who we are

LetSense ("we", "us", "our") is a UK-based property management platform operated by LetSense Ltd (company no. 17217228, registered in England & Wales). Our contact address is hello@letsense.co.uk.

We are registered as a data controller with the Information Commissioner's Office (ICO) under the UK GDPR and Data Protection Act 2018. Our ICO registration number is C1932184.

2. What personal data we collect

We collect data you provide directly and data generated by your use of the service:

  • Account data: name, email address, password (hashed), organisation name.
  • Property data: addresses, certificate dates, tenancy details you enter.
  • Tenant data: names, email addresses, phone numbers, portal access tokens.
  • Financial data: rent amounts, payment records, arrears notes — as entered by you. We do not store bank account or card numbers.
  • Usage data: pages visited, actions taken, browser type, IP address, timestamps.
  • Communications: emails you send us, support messages.

3. How we use your data

  • To provide and maintain the LetSense service.
  • To send compliance reminders and account notifications.
  • To process payments via Stripe (we do not store card data).
  • To improve the platform using aggregated, anonymised usage analytics.
  • To comply with legal obligations.

Our lawful basis for processing is contract performance (providing the service you signed up for) and legitimate interests (security, fraud prevention, service improvement).

4. Who we share your data with

We share data only with sub-processors necessary to deliver the service:

  • Vercel — hosting and serverless compute (EU/US).
  • Cloudflare R2 — document and file storage.
  • Resend / Nodemailer — transactional email delivery.
  • Stripe — payment processing.
  • Google — OAuth sign-in (if used).

We do not sell your data. We do not share it with advertisers or third-party marketers.

5. Data retention

We retain your data for as long as your account is active. If you delete your account, we remove personally identifiable data within 30 days, except where we are legally required to retain records (e.g. financial records for 6 years under UK law).

6. Your rights under UK GDPR

You have the right to:

  • Access — request a copy of the data we hold about you.
  • Rectification — correct inaccurate data.
  • Erasure — request deletion of your data ("right to be forgotten").
  • Restriction — limit how we process your data.
  • Portability — receive your data in a machine-readable format.
  • Object — object to processing based on legitimate interests.

To exercise any right, email hello@letsense.co.uk. We will respond within 30 days.

You also have the right to lodge a complaint with the ICO.

7. Cookies

We use essential cookies for authentication and session management. See our Cookie Policy for details.

8. Security

We use HTTPS throughout, bcrypt password hashing, and role-based access controls. Documents are stored in Cloudflare R2 with presigned URLs that expire after 1 hour.

9. Changes to this policy

We will notify active users by email if we make material changes. The effective date at the top of this page always reflects the latest version.

10. Contact

For any privacy questions, email hello@letsense.co.uk.