Privacy Policy
Effective date: 2026-04-25 Last updated: 2026-04-25
This Privacy Policy describes how Domatia Property Management, LLC ("Domatia", "we", "us", or "our") collects, uses, shares, and protects information about you when you use our website, applications, APIs, and related services (collectively, the "Service"). It applies to landlords, property managers, tenants, residents, maintenance providers, partners, prospective customers, and visitors.
1. Information we collect
We collect information in three ways: (a) information you provide directly, (b) information collected automatically when you use the Service, and (c) information we receive from third parties.
Information you provide. Account profile information (name, email, phone, role, password); property and unit data (address, rent, fees, lease terms, photos); tenant, contractor, and service-provider contact information you enter; lease documents and addenda; maintenance descriptions, photos, and notes; messages you send through the Service; payment information you provide for processing (handled by Stripe — we do not store full card numbers); tax-identification information (W-9 details for service providers and partners); referral and partner-program information; and any other information you choose to provide.
Information collected automatically. Device, browser, and operating-system information; IP address; approximate location derived from IP; pages and features used; timestamps; referrers; error and crash reports; cookies and similar tracking technologies (including authentication cookies and analytics cookies described below).
Information from third parties. Information from sign-in providers (Google) when you choose to sign in with them; information from our payment processor (Stripe) about transactions, payouts, and account onboarding status; information from our communication providers (SendGrid for email, Twilio for SMS) about delivery and unsubscribes; information from our e-signature provider (DocuSeal) about document execution.
We do not intentionally collect information from anyone under the age of 18.
2. Categories of personal information (CCPA/CPRA)
In the past 12 months we have collected the following categories of personal information from California residents and other users:
| Category | Examples | Sources | Purposes (see § 3) |
|---|---|---|---|
| Identifiers | Name, email, phone, account ID, IP | You, sign-in providers | A, B, C, D, E |
| Customer records | Address, billing data, profile | You, payment processor | A, B, D, E |
| Commercial information | Transactions, payments, subscriptions | You, payment processor | A, B, D |
| Internet/network activity | Browser, device, pages viewed | Automatic | A, C, D, E |
| Geolocation | Approximate location from IP | Automatic | A, C, D |
| Professional information | Role (landlord, tenant, SP, partner), employment type | You | A, B, D |
| Inferences | Usage patterns, feature engagement | Automatic | A, B, D |
| Sensitive personal information | Account credentials; for service providers/partners only, government tax ID (SSN/EIN) on Form W-9 | You | B, D, E |
We do not collect biometric information, precise geolocation, or information about race, ethnicity, religion, union membership, health, sexual orientation, citizenship, or immigration status. We do not sell or share personal information for cross-context behavioral advertising.
3. How we use information
We use information to (A) provide, operate, secure, and maintain the Service; (B) create and administer accounts and process transactions; (C) communicate with you (including transactional notices, security alerts, and, only with your consent, marketing); (D) improve, debug, and develop the Service; and (E) comply with law, prevent fraud, enforce our Terms, and protect our rights and the rights and safety of our users.
We do not use your information to train any general-purpose machine-learning model. Where the Service uses AI features (for example, the in-product chat assistant), we send minimum necessary content to a third-party model provider solely to generate the response you requested, and we do not authorize the provider to use your content to train their models.
4. How we share information
We share information only as described below.
- With other users of the Service, as you direct. For example, when a landlord invites a tenant, the tenant sees the landlord's name and the property/unit; when a tenant submits a maintenance request, the assigned service provider sees the request.
- With service providers that operate the Service on our behalf, under written contracts that restrict their use of the information to the services we have asked them to perform. These currently include: Google Cloud / Firebase (Authentication, Firestore database, Cloud Storage, and Cloud Messaging push notifications); Vercel (hosting and edge delivery); Stripe (payment processing, Connect payouts, identity verification, and subscription billing); SendGrid (transactional email); Twilio (SMS and voice); DocuSeal (e-signature); Sentry (error monitoring and runtime diagnostics); and OpenAI / Anthropic (AI assistant features, on a no-training basis).
- For legal and safety reasons, when we believe in good faith that disclosure is necessary or appropriate to comply with law, legal process, or a government request; to enforce our Terms; or to protect the rights, property, or safety of any person.
- In connection with a business transaction such as a merger, acquisition, financing, or sale of assets, subject to standard confidentiality protections.
We do not sell personal information for money. We do not "share" personal information for cross-context behavioral advertising as those terms are defined under California law.
5. How long we keep information
We retain personal information for as long as your account is active and as needed to provide the Service, comply with our legal obligations (including tax, accounting, and audit requirements), resolve disputes, and enforce our agreements. When you close your account, we will delete or de-identify personal information we no longer need within a reasonable period, except for information we are required or permitted to retain by law (for example, transaction records and 1099 information).
You can request deletion of your account and personal information at any time using the self-service privacy request flow at /privacy/request or by emailing privacy@thedomatia.com (see § 6).
6. Your rights and choices
Depending on where you live, you may have rights with respect to your personal information, including the right to:
- Know / access the categories and specific pieces of personal information we hold about you;
- Correct inaccurate personal information;
- Delete personal information, subject to certain exceptions (such as transaction records we must retain by law);
- Receive a portable copy of your personal information;
- Opt out of "sale" or "sharing" of personal information and of cross-context behavioral advertising (we do not engage in any of these, but you may still submit a request);
- Limit the use of sensitive personal information (we use sensitive personal information only as necessary to provide the Service); and
- Not be discriminated against for exercising any of these rights.
To exercise any of these rights, email privacy@thedomatia.com or use the in-product self-service privacy request form at /privacy/request. We will verify your identity (typically by confirming control of the email address on file) and respond within the timeframe required by applicable law (generally 45 days, with a possible 45-day extension where permitted). You may designate an authorized agent to submit a request on your behalf.
State-specific notes. California (CCPA/CPRA), Virginia (VCDPA), Colorado (CPA), Connecticut (CTDPA), Utah (UCPA), and Texas (TDPSA) residents have the rights described above to the extent applicable under their state's law. Where state law provides a right to appeal a denial of a privacy request, you may submit an appeal by replying to our response or emailing privacy@thedomatia.com with the subject line "Privacy Appeal"; we will respond within the period required by your state's law. We do not use personal information for "profiling" that produces legal or similarly significant effects without human involvement, and we do not sell personal information or process it for targeted advertising.
If you are in the European Economic Area, the United Kingdom, or Switzerland, you also have the right to lodge a complaint with your local data-protection authority. The Service is currently directed at users in the United States; if you use the Service from outside the United States, you understand that your information will be transferred to and processed in the United States.
7. Cookies, analytics, and tracking
We use cookies and similar technologies to keep you signed in, remember your preferences, secure the Service, and understand how the Service is used. You can control cookies through your browser settings; disabling cookies may prevent some features from working. We do not use third-party advertising cookies.
We use first-party and service-provider analytics and diagnostics — currently Firebase analytics and Sentry runtime diagnostics — solely to operate, secure, debug, and improve the Service. These tools collect device, network, and usage signals (such as crash traces, error context, page and feature interactions, and approximate IP-derived location). They do not track you across other companies' apps or websites for advertising purposes.
App Tracking Transparency (iOS). If we ever enable functionality on iOS that would track your activity across other companies' apps and websites linked to your identity or device, we will request your permission through Apple's App Tracking Transparency prompt before doing so. You may grant or deny this permission, change it at any time in your iOS Settings, and declining will not degrade the core Service. As of the Effective date above, the Service does not engage in cross-app or cross-website tracking and does not use IDFA for advertising.
No sale; no cross-context behavioral advertising. We do not sell your personal information for money or other valuable consideration, and we do not "share" personal information for cross-context behavioral advertising as those terms are defined under California, Colorado, Connecticut, Virginia, Utah, or Texas privacy law.
8. Security and breach notification
We use commercially reasonable administrative, technical, and physical safeguards designed to protect personal information, including encryption in transit, access controls, and audit logging. No system is completely secure, and we cannot guarantee that unauthorized access or disclosure will never occur.
If we determine that a security incident has compromised your personal information, we will notify affected users without unreasonable delay and within the timeframes required by applicable state and federal law, and in no event later than 60 days from discovery, except where a longer period is permitted because (a) a law-enforcement agency determines that notification would impede a criminal investigation or harm national security, or (b) a longer period is otherwise required to determine the scope of the incident, restore the integrity of the system, or comply with applicable law.
Notification will be provided by email to the address associated with your account. Where email notification fails or is not reasonably available, we will use substitute notice consistent with applicable law (which may include conspicuous posting on our website and notice to major statewide media). Where required by law, we will also notify the relevant state Attorneys General, regulators, and consumer reporting agencies.
9. Communications
We send transactional messages necessary to provide the Service. With your consent, we may also send product updates, tips, and offers. You can opt out of non-transactional emails at any time by clicking "unsubscribe" in the email or by emailing privacy@thedomatia.com. You can opt out of SMS at any time by replying STOP to any message.
10. Third-party services and links
The Service integrates with and may link to third-party services. Their use of information is governed by their own privacy policies, not by this one. We encourage you to review them.
11. Children and minors
The Service is intended for users 18 years of age or older. It is not directed to children, and we do not knowingly collect personal information from anyone under 18. Consistent with the Children's Online Privacy Protection Act (COPPA), we do not knowingly collect personal information from children under 13. If we learn that we have collected personal information from a person under 18, we will delete it as soon as reasonably practicable. If you believe a minor has provided us with personal information, contact privacy@thedomatia.com.
12. Changes to this Privacy Policy
We may update this Privacy Policy from time to time. If a change is material we will notify you in advance (for example by email or in-product notice). The "Effective date" at the top reflects the most recent material change.
13. Contact
If you have questions about this Privacy Policy or our information practices, contact us at:
privacy@thedomatia.com
Domatia Property Management, LLC 30 N Gould St Ste R, Sheridan, WY 82801
Version 2026-04-25. Maintained at /legal/privacy.