Privacy Policy

Last updated: 09 March 2026

1. Who we are

This Privacy Policy explains how MainDesk ("we", "us", "our") collects, uses, stores, and protects personal data when you use our software and services.

2. Data we collect

  • Account data (name, email, role, authentication identifiers)
  • Organisation and property management data entered by users
  • Maintenance records, attachments, and related notes
  • Technical usage data (logs, diagnostics, browser/device metadata)
  • Billing and subscription metadata from Stripe (not full card details)

3. How we use data

  • Provide and operate the MainDesk platform
  • Authenticate users and enforce permissions/security controls
  • Process subscriptions, invoices, and account status
  • Improve reliability, performance, and product features
  • Communicate operational notices and support responses
  • Comply with legal obligations and enforce our Terms

4. Legal bases (UK/EU)

We process personal data where necessary for contract performance, legitimate interests, legal obligations, and (where required) consent.

5. Sharing and subprocessors

We use trusted service providers to deliver the service (for example hosting, database, email, and payments). We do not sell personal data. We may disclose data where required by law, court order, or to protect rights, safety, and platform integrity.

6. Stripe and payment data

Payments are processed by Stripe. We do not store full card numbers or CVV data. We store limited billing metadata (such as customer IDs, subscription IDs, and status) necessary to manage access and billing operations.

7. Retention

We retain data for as long as required to provide services, meet legal/accounting obligations, resolve disputes, and enforce agreements. We may delete or anonymise data when no longer required.

8. Security

We use reasonable technical and organisational safeguards. No system is completely secure, and we cannot guarantee absolute security.

9. International transfers

Your data may be processed in countries outside your own. Where required, we use appropriate safeguards for cross-border transfers.

10. Your rights

Depending on your location, you may have rights to access, correct, erase, restrict, object to processing, or request portability of your personal data. You may also have the right to lodge a complaint with a supervisory authority.

11. Changes to this policy

We may update this Privacy Policy from time to time. Continued use of the service after an update means you accept the updated policy.

Terms of ServiceContact