Managrie
  • Home
  • Features
  • Pricing
  • Contact

Privacy Policy

Last Updated: January 1, 2025

At Managrie, Inc. ("Managrie," "we," "us," or "our"), we are committed to protecting your privacy and ensuring the security of your personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our property management platform and related services (the "Service").

By using the Service, you consent to the data practices described in this Privacy Policy. If you do not agree with our policies and practices, please do not use the Service.

Table of Contents

  1. Information We Collect
  2. How We Use Your Information
  3. Legal Basis for Processing
  4. Data Storage and Security
  5. Data Sharing and Third Parties
  6. Sub-Processors
  7. International Data Transfers
  8. Tenant and Vendor Data
  9. Data Retention
  10. Automated Decision-Making
  11. Your Rights
  12. CCPA Compliance (California)
  13. California "Shine the Light"
  14. Virginia CDPA Compliance
  15. Nevada Privacy Rights
  16. GDPR Compliance (European Users)
  17. Children's Privacy
  18. Cookies and Tracking Technologies
  19. Data Processing Agreements
  20. Changes to This Privacy Policy
  21. Contact Information

1. Information We Collect

1.1 Information You Provide Directly

We collect information you voluntarily provide when you use our Service, including:

Account Information

  • Name, email address, phone number
  • Company or organization name
  • Billing address and payment information
  • Username and password
  • Profile photo (optional)

Property Data

  • Property addresses and details
  • Unit information (number, size, amenities, rent amounts)
  • Property photos and documents
  • Ownership and management structure
  • Financial information (income, expenses, tax documents)

Tenant and Lease Information

  • Tenant names, contact information, and identification
  • Lease terms, rent amounts, and payment history
  • Application materials (employment, income, references)
  • Maintenance requests and communications

Vendor Information

  • Vendor company names and contact information
  • Service categories and rates
  • Insurance and licensing information
  • Work history and invoices

1.2 Information Collected Automatically

When you access the Service, we automatically collect certain information, including:

Usage Data

  • Pages viewed and features used
  • Time spent on the Service
  • Actions taken (clicks, searches, form submissions)
  • Error logs and performance data

Device and Technical Information

  • IP address and approximate location
  • Browser type and version
  • Operating system and device type
  • Screen resolution and language preferences
  • Referring URLs and exit pages

1.3 Information from Third Parties

We may receive information about you from third-party sources, including:

  • Payment processors (transaction confirmations)
  • Background check services (with your consent)
  • Credit reporting agencies (with tenant consent)
  • Integration partners (accounting software, etc.)
  • Public records and data providers

2. How We Use Your Information

We use the information we collect for the following purposes:

2.1 Providing the Service

  • Create and manage your account
  • Process property and tenant data
  • Enable rent collection and payment processing
  • Facilitate maintenance tracking and vendor management
  • Generate reports and analytics
  • Store and organize your documents

2.2 Communication

  • Send service-related notifications and alerts
  • Respond to your inquiries and support requests
  • Provide important updates about your account or the Service
  • Send marketing communications (with your consent)

2.3 Improvement and Development

  • Analyze usage patterns to improve the Service
  • Develop new features and functionality
  • Conduct research and analytics
  • Test and troubleshoot new products

2.4 Security and Compliance

  • Protect against fraud, abuse, and unauthorized access
  • Enforce our Terms of Service
  • Comply with legal obligations
  • Respond to legal requests and prevent harm

3. Legal Basis for Processing

We process your personal information under one or more of the following legal bases:

3.1 Contract Performance

We process data necessary to fulfill our contractual obligations to you, including:

  • Creating and managing your account
  • Providing the property management features you requested
  • Processing payments and billing
  • Providing customer support

3.2 Legitimate Interests

We process data where we have a legitimate business interest, including:

  • Improving and optimizing the Service
  • Analyzing usage patterns and trends
  • Protecting the security of our systems and users
  • Marketing our services to existing customers
  • Preventing fraud and enforcing our Terms of Service

We balance our interests against your rights and only process where our interests are not overridden by your data protection rights.

3.3 Legal Obligation

We process data to comply with legal requirements, including:

  • Tax and accounting regulations
  • Responding to lawful requests from authorities
  • Fair housing and anti-discrimination laws
  • Data protection regulations

3.4 Consent

Where required by law, we obtain your consent before processing, including for:

  • Marketing communications
  • Non-essential cookies and tracking
  • Sharing data with third parties for their own purposes
  • Processing sensitive personal information

You may withdraw consent at any time by contacting us or using the relevant opt-out mechanisms.

3.5 Vital Interests

In rare circumstances, we may process data to protect vital interests, such as emergency contact information in case of property emergencies.

4. Data Storage and Security

4.1 Cloud Infrastructure

Your data is stored on secure cloud infrastructure provided by Amazon Web Services (AWS). Our servers are located in the United States, with data centers that maintain industry-leading physical and environmental security controls.

4.2 Security Measures

We implement comprehensive security measures to protect your data, including:

  • Encryption: All data is encrypted in transit (TLS 1.3) and at rest (AES-256)
  • Access Controls: Role-based access controls and multi-factor authentication
  • Network Security: Firewalls, intrusion detection, and DDoS protection
  • Regular Audits: Security assessments and penetration testing
  • Employee Training: Security awareness training for all staff
  • Incident Response: Documented procedures for security incidents

4.3 Data Backups

We perform regular automated backups of all data to ensure business continuity. Backups are encrypted and stored in geographically separate locations.

4.4 Data Breach Notification

In the event of a data breach that affects your personal information, we have established procedures to:

  • Detect and Assess: We monitor our systems for potential breaches and assess the severity and scope of any incident
  • Contain: We take immediate steps to contain the breach and prevent further unauthorized access
  • Notify Authorities: We notify relevant supervisory authorities within 72 hours of becoming aware of a breach, as required by GDPR and other applicable laws
  • Notify Affected Individuals: We notify affected users without undue delay when the breach is likely to result in a high risk to their rights and freedoms
  • Document: We maintain records of all breaches, including the facts, effects, and remedial actions taken

Our breach notification will include:

  • Description of the nature of the breach
  • Categories of data affected
  • Approximate number of individuals affected
  • Likely consequences of the breach
  • Measures taken or proposed to address the breach
  • Contact point for more information

4.5 Your Role in Security

While we implement robust security measures, you also play an important role in protecting your data. We recommend:

  • Using strong, unique passwords
  • Enabling two-factor authentication
  • Keeping your login credentials confidential
  • Logging out when using shared devices
  • Reporting any suspicious activity immediately

5. Data Sharing and Third Parties

4.1 We Do Not Sell Your Data

We do not sell, rent, or trade your personal information to third parties for their marketing purposes.

4.2 Service Providers

We share data with trusted third-party service providers who assist us in operating the Service, including:

  • Cloud Infrastructure: Amazon Web Services (AWS)
  • Payment Processing: Stripe, PayPal
  • Email Services: For transactional and marketing emails
  • Analytics: To understand usage patterns
  • Customer Support: Help desk and communication tools

These providers are bound by contractual obligations to keep your information confidential and use it only for the purposes for which we disclose it to them.

4.3 Integration Partners

If you choose to connect third-party services to Managrie (such as accounting software or bank accounts), we may share data with those services as necessary to enable the integration. You control which integrations are enabled.

4.4 Legal Requirements

We may disclose your information if required to do so by law or in response to:

  • Court orders or subpoenas
  • Government or regulatory requests
  • Law enforcement investigations
  • Protection of our rights, property, or safety
  • Prevention of fraud or illegal activities

5.5 Business Transfers

If Managrie is involved in a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction. We will notify you of any such change and any choices you may have regarding your information.

6. Sub-Processors

We engage the following categories of sub-processors to help provide the Service. All sub-processors are contractually bound to protect your data and only process it as instructed by us.

6.1 Infrastructure and Hosting

Sub-Processor Purpose Location
Amazon Web Services (AWS) Cloud infrastructure and data storage United States
Cloudflare CDN, DDoS protection, DNS Global

6.2 Payment Processing

Sub-Processor Purpose Location
Stripe Subscription billing and payment processing United States
Plaid Bank account verification United States

6.3 Communication Services

Sub-Processor Purpose Location
SendGrid Transactional emails United States
Twilio SMS notifications United States

6.4 Analytics and Support

Sub-Processor Purpose Location
Google Analytics Website and usage analytics United States
Intercom Customer support and chat United States

6.5 Sub-Processor Updates

We may update our sub-processors from time to time. For the most current list, contact us at legal@managrie.com. Enterprise customers with Data Processing Agreements may request notification of sub-processor changes.

7. International Data Transfers

7.1 Data Location

Our primary servers are located in the United States. When you use our Service from outside the United States, your data will be transferred to and processed in the United States.

7.2 Transfer Mechanisms

For transfers of personal data from the European Economic Area (EEA), United Kingdom, or Switzerland to the United States, we rely on the following legal mechanisms:

  • Standard Contractual Clauses (SCCs): We use EU Commission-approved Standard Contractual Clauses with our sub-processors
  • Supplementary Measures: We implement additional technical and organizational measures including encryption, access controls, and data minimization
  • Data Processing Agreements: All sub-processors are bound by DPAs that include appropriate safeguards

7.3 Adequacy Decisions

Where applicable, we may transfer data to countries that have received an adequacy decision from the European Commission, meaning they provide an adequate level of data protection.

7.4 Your Rights

Regardless of where your data is processed, you retain all rights under applicable data protection laws. If you have concerns about international transfers, you may contact us at legal@managrie.com to request information about the safeguards in place.

8. Tenant and Vendor Data

As a property management platform, Managrie enables you to collect, store, and manage information about your tenants, vendors, and other third parties. This section addresses important considerations regarding this data.

5.1 Your Role as Data Controller

When you use Managrie to manage tenant and vendor information, you act as the "data controller" for that data under privacy laws. This means:

  • You are responsible for obtaining appropriate consents from tenants and vendors
  • You must comply with applicable privacy laws (fair housing, tenant privacy rights, etc.)
  • You should have your own privacy policy that explains how you handle their data
  • You are responsible for responding to their privacy requests

5.2 Managrie as Data Processor

Managrie acts as a "data processor" on your behalf, meaning we process tenant and vendor data according to your instructions and for the purpose of providing the Service. We:

  • Only process this data as necessary to provide the Service
  • Implement appropriate security measures
  • Do not use this data for our own purposes
  • Assist you in responding to data subject requests

5.3 Tenant Portal Users

When tenants access the Managrie Tenant Portal, they become direct users of our Service and are subject to our Privacy Policy. We collect their account information and usage data as described in this policy.

5.4 Sensitive Data

The Service may enable you to collect sensitive information about tenants (such as Social Security numbers for background checks). You are responsible for:

  • Obtaining explicit consent before collecting sensitive data
  • Complying with applicable laws regarding sensitive information
  • Limiting access to authorized personnel only
  • Securely disposing of data when no longer needed

9. Data Retention

9.1 Retention Periods by Data Type

We retain different types of data for different periods based on legal requirements and business necessity:

Data Type Retention Period Reason
Account Information Duration of account + 90 days Service provision and reactivation
Property Data Duration of account + 90 days Service provision
Lease Records 7 years after lease end Legal and tax compliance
Financial Transactions 7 years Tax and accounting requirements
Maintenance Records Duration of account + 3 years Legal liability protection
Communication Logs 3 years Dispute resolution
Usage Analytics 2 years (anonymized) Service improvement
Security Logs 1 year Security and fraud prevention
Backups 90 days (rolling) Disaster recovery

9.2 Account Deletion Process

When you request account deletion:

  1. Request: Submit a deletion request through Account Settings or email legal@managrie.com
  2. Verification: We verify your identity within 5 business days
  3. Export Period: You have 30 days to export your data before deletion
  4. Active Deletion: Data is removed from active systems within 30 days of the export period
  5. Backup Removal: Data is removed from backups within 90 days
  6. Confirmation: We send confirmation when deletion is complete

Some data may be retained longer for legal compliance (e.g., financial records for tax purposes) or legitimate business purposes (e.g., fraud prevention).

9.3 Data Portability

You can export your data at any time in the following formats:

  • CSV: Properties, units, tenants, leases, transactions
  • PDF: Reports, statements, lease documents
  • JSON: Complete data export for system migration

Export functionality is available in Account Settings > Data > Export.

9.4 Anonymization

In some cases, instead of deleting data, we may anonymize it so that it can no longer be associated with you. Anonymized data may be retained indefinitely for analytics and research purposes. Anonymization involves removing or irreversibly transforming all identifying information.

10. Automated Decision-Making

10.1 Automated Processing

We use automated processing in limited circumstances to provide the Service:

  • Rent Payment Reminders: Automated emails and notifications based on payment due dates
  • Late Fee Calculations: Automatic calculation of late fees based on your configured rules
  • Maintenance Prioritization: Suggestions for prioritizing maintenance requests based on urgency indicators
  • Occupancy Alerts: Notifications about upcoming lease expirations or vacancies
  • Fraud Detection: Automated monitoring for suspicious payment activity

10.2 Human Oversight

All automated processes that may significantly affect users include human oversight:

  • You control the rules and thresholds for automated actions
  • You can review and override any automated decisions
  • Critical actions (like eviction proceedings) are never fully automated

10.3 Tenant Screening

If you use tenant screening features through our third-party partners:

  • Screening decisions are provided by third-party consumer reporting agencies, not Managrie
  • You are responsible for complying with the Fair Credit Reporting Act (FCRA) and fair housing laws
  • Applicants have the right to dispute information and request reconsideration
  • You must provide adverse action notices as required by law

10.4 Your Rights

You have the right to:

  • Request information about automated processing that affects you
  • Object to solely automated decisions with legal or significant effects
  • Request human review of automated decisions
  • Contest and express your point of view on automated decisions

11. Your Rights

Depending on your location, you may have certain rights regarding your personal information:

7.1 Access

You have the right to request a copy of the personal information we hold about you. You can access much of this information directly through your account settings.

7.2 Correction

You have the right to request that we correct inaccurate or incomplete personal information. You can update most information directly in your account.

7.3 Deletion

You have the right to request deletion of your personal information, subject to certain exceptions (such as legal retention requirements).

7.4 Data Portability

You have the right to receive your personal information in a structured, commonly used, machine-readable format. The Service provides data export functionality in CSV, PDF, and other formats.

7.5 Objection and Restriction

You have the right to object to certain processing of your data or request that we restrict processing in certain circumstances.

7.6 Withdraw Consent

Where we rely on your consent to process your data, you have the right to withdraw that consent at any time.

7.7 Exercising Your Rights

To exercise any of these rights, please contact us at legal@managrie.com. We will respond to your request within 30 days (or sooner if required by law). We may need to verify your identity before processing certain requests.

12. CCPA Compliance (California Residents)

If you are a California resident, the California Consumer Privacy Act (CCPA) provides you with additional rights regarding your personal information.

8.1 Categories of Information Collected

In the past 12 months, we have collected the following categories of personal information:

  • Identifiers (name, email, phone number, IP address)
  • Commercial information (transaction history, subscription details)
  • Internet or network activity (usage data, browsing history on our Service)
  • Geolocation data (approximate location based on IP address)
  • Professional or employment information (for verification purposes)
  • Inferences drawn from the above

8.2 Your CCPA Rights

  • Right to Know: You can request disclosure of the categories and specific pieces of personal information we have collected about you
  • Right to Delete: You can request deletion of your personal information, subject to certain exceptions
  • Right to Opt-Out: We do not sell personal information, so this right does not apply
  • Right to Non-Discrimination: We will not discriminate against you for exercising your CCPA rights

8.3 Submitting a CCPA Request

To submit a CCPA request, please:

  • Email us at legal@managrie.com with subject line "CCPA Request"
  • Include your name, email address, and the nature of your request
  • We will verify your identity before processing the request

You may designate an authorized agent to make a request on your behalf. We may require proof of authorization.

12.4 Financial Incentives

We do not offer financial incentives for the collection, sale, or deletion of personal information.

13. California "Shine the Light" Law

Under California Civil Code Section 1798.83, California residents who have an established business relationship with us may request information about our disclosure of personal information to third parties for their direct marketing purposes.

To make such a request, please send an email to legal@managrie.com with "California Shine the Light Request" in the subject line. We will respond within 30 days.

Note: We do not share personal information with third parties for their own direct marketing purposes. If our practices change, we will update this policy and provide you with an opt-out opportunity.

14. Virginia CDPA Compliance

If you are a Virginia resident, the Virginia Consumer Data Protection Act (VCDPA) provides you with specific rights regarding your personal data.

14.1 Your Virginia Privacy Rights

  • Right to Know: Confirm whether we are processing your personal data and access that data
  • Right to Correct: Correct inaccuracies in your personal data
  • Right to Delete: Delete personal data you have provided
  • Right to Portability: Obtain a copy of your personal data in a portable format
  • Right to Opt-Out: Opt out of targeted advertising, sale of personal data, or profiling

14.2 Exercising Your Rights

To exercise your Virginia privacy rights, contact us at legal@managrie.com with "Virginia Privacy Request" in the subject line. We will respond within 45 days and may extend by an additional 45 days if reasonably necessary.

14.3 Appeal Process

If we decline your request, you may appeal by responding to our decision within 60 days. We will respond to your appeal within 60 days. If your appeal is denied, you may contact the Virginia Attorney General.

15. Nevada Privacy Rights

Under Nevada law (SB 220), Nevada residents may opt out of the sale of their personal information. While we do not currently sell personal information as defined under Nevada law, you may submit a verified request to opt out of future sales.

To submit a request, email legal@managrie.com with "Nevada Opt-Out Request" in the subject line. Include your name and email address associated with your account. We will respond within 60 days.

16. GDPR Compliance (European Users)

If you are located in the European Economic Area (EEA), United Kingdom, or Switzerland, the General Data Protection Regulation (GDPR) provides you with additional rights and protections.

9.1 Data Controller

Managrie, Inc. is the data controller for the personal information we collect directly from you. For tenant and vendor data you enter into the Service, you are the data controller and we are the data processor.

9.2 Your GDPR Rights

In addition to the rights described in Section 7, you have:

  • Right to Lodge a Complaint: You have the right to lodge a complaint with a supervisory authority in your country of residence
  • Right to Restrict Processing: You can request that we limit how we use your data in certain circumstances
  • Right to Object: You can object to processing based on legitimate interests, including profiling

9.3 International Data Transfers

Your data may be transferred to and processed in the United States, where our servers are located. We ensure appropriate safeguards are in place for such transfers, including:

  • Standard Contractual Clauses approved by the European Commission
  • Data Processing Agreements with all service providers
  • Technical and organizational security measures

16.4 Right to Lodge a Complaint

You have the right to lodge a complaint with a supervisory authority if you believe our processing of your personal data violates the GDPR. You may lodge a complaint with the supervisory authority in your country of residence, place of work, or place of the alleged infringement.

Common supervisory authorities include:

  • UK: Information Commissioner's Office (ICO)
  • Germany: Federal Commissioner for Data Protection
  • France: Commission Nationale de l'Informatique et des Libertés (CNIL)
  • Ireland: Data Protection Commission

We encourage you to contact us first at legal@managrie.com so we can address your concerns directly.

16.5 Data Protection Contact

For GDPR-related inquiries, you may contact our Data Protection team at legal@managrie.com.

17. Children's Privacy

The Service is not intended for use by children under the age of 18. We do not knowingly collect personal information from children under 18. If you are a parent or guardian and believe that your child has provided us with personal information, please contact us immediately.

If we become aware that we have collected personal information from a child under 18 without verification of parental consent, we will take steps to delete that information from our servers.

18. Cookies and Tracking Technologies

11.1 What Are Cookies?

Cookies are small text files that are stored on your device when you visit a website. They help the website remember your preferences and understand how you interact with the site.

11.2 Types of Cookies We Use

Cookie Type Purpose Duration
Essential Required for the Service to function (authentication, security) Session
Functional Remember your preferences and settings 1 year
Analytics Understand how users interact with the Service 2 years
Marketing Deliver relevant advertisements (with consent) 90 days

11.3 Third-Party Cookies

We may use third-party services that set cookies on your device, including:

  • Google Analytics (usage analytics)
  • Stripe (payment processing)
  • Intercom or similar (customer support)

11.4 Managing Cookies

You can control cookies through your browser settings. Most browsers allow you to:

  • See what cookies you have and delete them individually
  • Block third-party cookies
  • Block cookies from specific sites
  • Block all cookies
  • Delete all cookies when you close your browser

Note that blocking essential cookies may prevent you from using certain features of the Service.

18.5 Do Not Track

Some browsers have a "Do Not Track" (DNT) feature that signals to websites that you do not want to be tracked. There is no standard for how websites should respond to DNT signals. Currently, we do not respond to DNT signals, but you can use the cookie controls described above to manage tracking.

California law requires us to disclose our DNT practices. We honor the Global Privacy Control (GPC) signal as a request to opt out of the "sale" or "sharing" of personal information under California law, where applicable.

19. Data Processing Agreements

For business users who require a formal Data Processing Agreement (DPA) to comply with GDPR, CCPA, or other regulations, we offer the following:

19.1 Standard DPA

Our standard DPA is available for all users and covers:

  • Scope and nature of processing
  • Duration of processing
  • Types of personal data processed
  • Categories of data subjects
  • Obligations and rights of the controller
  • Sub-processor engagement terms
  • Data security measures
  • Data breach notification procedures
  • Assistance with data subject requests
  • Audit rights
  • Data deletion upon termination

To request a copy of our standard DPA, contact legal@managrie.com.

19.2 Enterprise DPA

Enterprise customers may negotiate custom DPA terms, including:

  • Specific security requirements
  • Custom audit provisions
  • Sub-processor notification and approval processes
  • Specific data localization requirements
  • Custom indemnification terms

19.3 Your Responsibilities

As a property manager using Managrie, you may act as a data controller for tenant and vendor data. You are responsible for:

  • Providing appropriate privacy notices to your tenants and vendors
  • Obtaining necessary consents for data collection
  • Responding to data subject requests from your tenants
  • Ensuring your use of the Service complies with applicable laws
  • Having appropriate agreements with your own sub-processors

20. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors.

When we make material changes, we will:

  • Update the "Last Updated" date at the top of this policy
  • Notify you by email (for significant changes)
  • Post a prominent notice on the Service
  • Provide at least 30 days' notice before changes take effect (for material changes)

We encourage you to review this Privacy Policy periodically. Your continued use of the Service after changes are posted constitutes your acceptance of the revised policy.

21. Contact Information

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

Managrie, Inc.

Privacy Team

Email: legal@managrie.com

Website: https://managrie.com

For GDPR-related inquiries:

Email: legal@managrie.com

For general support or other inquiries, please visit our Contact page.

We aim to respond to all privacy-related inquiries within 30 days.

By using Managrie, you acknowledge that you have read and understood this Privacy Policy and agree to the collection, use, and disclosure of your information as described herein.

Home Features Pricing Contact
Privacy Policy Terms of Service

© 2025 Managrie, Inc. All rights reserved.