Privacy Statement

Effective Date: October 7, 2018

Thank you for using Stessa, Inc. (“Stessa”). Stessa is a real estate portfolio management solution that enables real estate investors to track, manage, and communicate the performance of their residential real estate assets.

Our commitment to privacy:

We take our responsibility to protect the personal information provided to us seriously. This statement explains how we do that when you use our website, mobile app, products, and services (“Service”). It sets out what we do with the personal information we hold, how we protect it, and it explains your privacy rights (if applicable).

If we change this Privacy Statement:

Stessa might update this Privacy Statement from time to time. When we have to do this the revised statement will be posted on this page, and where appropriate, by notification on our homepage. You should check this page from time to time to review any changes we have made.

The personal information we collect:

When we collect personal information, we are open about how we will use it.

We collect various types of information in order to provide you the best Service. We collect Personal information, when you provide it to us, such as when you create an account, enter property data, or add new properties to your portfolio. Personal information collected can include email address, name, and information you may provide related to your real estate holdings including, but not limited to, property address, building details, rent roll, income, and expense information. We may also automatically collect information when you use the Service. We may get information from other companies or 3rd parties. We automatically collect information in a variety of ways including from web forms and through technologies like cookies and web logging.

Our legal basis for processing your information:

We rely upon a number of different legal bases for processing personal information and special category personal information – these include processing personal information where it is in our legitimate interests to do so, where this is necessary for the fulfilment of a contract or where the processing is necessary to carry out our obligations under employment law. Where we rely on our legitimate interests, this means that we use personal information to run our business and to provide the services we have been asked to provide. We only collect information that has been supplied voluntarily; you do not have to provide us with personal information. However, if you do not provide us with information we need by law or require for the Service to work, we may not be able to offer certain products and services.

How we use your information:

We use your personal information in compliance with all the relevant laws and may use it in one or more of the following ways:

○ We may combine information you enter or upload for the Service with that of other users of the Service. For example, we may use your and other users’ non-identifiable, aggregated data to improve the Service. We may use the contact information you supply to respond to your requests.
○ We may use identification verification documents to meet with regulatory and legal requirements to verify who you are as a condition of providing the Service.
○ We may use personal financial information to assess your eligibility for the Service.
○ Personal information may be used to inform you of services that may be of interest to you from Stessa.
○ Personal information is used to make your online experience as smooth as possible – for example by setting cookies and tailoring what you see on the website.

Cookies

What are cookies?

Cookies are text files stored on the device you use to visit our website. Some cookies are essential for our website to work, others collect anonymous or personal information to allow us to improve our website and to show you relevant content.

At Stessa we use different types of cookies and you can read more about these below. By continuing to use our website you agree to our use of cookies

How long are cookies stored on my device?

Two types of cookies can be stored:

○ Session cookies which are automatically deleted when you close your browser.
○ Persistent cookies which remain on your computer until they are deleted or expire. Persistent cookies can keep your user preferences to help make future browsing easier and more relevant.

How do I manage my cookie preferences?

You can manage your cookie preferences through your browser settings. Some browsers allow you to whitelist sites from which you accept cookies.

For more details on managing cookie preferences, see below:

○ Website Cookies: http://www.allaboutcookies.org/manage-cookies/
○ Mobile Cookies: http://www.allaboutcookies.org/mobile/index.html
○ Internet Advertising Bureau (IAB): http://www.youronlinechoices.com/uk/your-ad-choices
○ Network Advertising Initiative (NAI): http://optout.networkadvertising.org/?c=1#!/
○ The Digital Advertising Alliance (DAA): https://digitaladvertisingalliance.org/

Usage Data and Analytics:

We collect information that your browser sends whenever you visit our Service. This usage data may include information such as your computer’s IP address, browser type, browser version, the pages of our Service that you visit, the time and date of your visit, the time spent on those pages and other statistics.

We may use 3rd parties to help us analyze certain online activities. For example, these service providers may help us measure the performance and analyze activity as you use the Service. We may permit these 3rd parties to use cookies and similar technologies to perform these services. You may choose to opt out of Google Analytics by visiting the Google Analytics opt-out page.

Whom we share personal information with:

If you choose to link and aggregate your banking and other financial accounts, we will transmit the account credentials you provide to those 3rd party institutions where you hold accounts to gather and maintain account information including transactions and balances used to provide the Service.

We may share your information as needed to complete a transaction or provide a service you have requested or authorized; with our employees and vendors working on our behalf. We may share or make available anonymous or aggregate information that cannot be used to identify you.

We may disclose your information to third parties if we determine that such disclosure is reasonably necessary to a) comply with the law; b) perform under demanding conditions in an effort to safeguard the personal safety of users of Stessa and/or the general public; c)prevent fraud or abuse of Stessa or our users; d) maintain, safeguard, and/or preserve the rights and/or property of Stessa.

We will never sell your personal information, and we take steps to keep your details safe and secure.

Keeping your information safe:

We take the security of your data seriously. We use various technical and organizational security measures such as, but not limited to, firewalls, encryption techniques, and authentication procedures, among others, to work to maintain the security of your online session and personal information. For more information please visit our Security page.

Where we keep and process your information:

We might transfer and store the information we collect from you outside the European Economic Area (EEA). It may be processed by staff or our suppliers outside the EEA. When we do this, we aim to make sure the information is secure and properly protected.

Stopping us contacting you:

We may send periodic service-related alerts, account updates, portfolio summaries, notifications, newsletters, promotions, or other information via email. You may choose to stop receiving alerts, updates, summaries, newsletters, and promotions by sending an email to unsubscribe@stessa.com. You will not be able to opt-out of any service-related or critical alerts.

You may also follow the unsubscribe instructions in the email you receive. Please note that certain service-related messages that we send are necessary for the proper functioning and use of the Service and you may not have the ability to opt-out of those messages.

Links to other web sites:

Our Service may contain links to other sites that are not operated by us. If you click on a third party link, you will be directed to that third party’s site. We strongly advise you to review the Privacy Policy/Statement of every site you visit.

We have no control over, and assume no responsibility for the content, privacy policies/statements or practices of any third party sites or services. This Privacy Statement applies only and solely to the information collected by our Service.

Minors:

Stessa is intended solely for individuals who are 18 or older. We do not knowingly collect personal information from any person under the age of 18. If you are under the age of 18, please do not submit any personal information to Stessa.

Your Rights:

Where applicable you may have the following rights over your personal information:

Request a copy of the information we hold:

You can access the personal information we hold about you. To do so please contact us by email at privacy@stessa.com. There is no charge for us providing this information to you. You can also ask for information that you have provided to us in a machine-readable format, so you can transfer it to another organization if you want to.

Ask us to not use your information:

If for any reason you do not want us to hold or use your information, please contact us by email at privacy@stessa.com. We may need to keep some of your information for legal and business reasons, for example to comply with a regulatory requirement.

Have your information corrected:

If you think the personal information we hold is wrong please log in to your account and amend any details as necessary. If you have problems amending your personal information contact us at privacy@stessa.com and we will check and correct it if necessary. We are committed to holding personal information that is accurate and current.

How long we keep your information:

We endeavor to keep your information for as long as we need it for legitimate business or legal reasons. We will then delete it safely and securely. If you would like us to delete your information please contact us privacy@stessa.com.

How to complain:

If you need to make a complaint about our handling of your personal information, please contact us directly at privacy@stessa.com. If you are unhappy with how we deal with your complaint, you can contact your Country Data Protection Authority if applicable.

How else to contact us:

If you have any other questions about your personal information, please contact us by email at privacy@stessa.com.

For all enquiries not relating to your personal information, please contact us by email at contact@stessa.com