DueNotice
Sign Up

Privacy Policy

Our privacy policy and how we use your data

Effective Date: April 1, 2026

1. Information We Collect

We collect the following information when you use DueNotice:

  • Account information: Email address and password (managed by Supabase Auth)
  • Property data: Property addresses, year built, property type, unit details, current rents, security deposit amounts, and move-in dates
  • Usage data: Pages visited and features used (for service improvement only)

2. How We Use Your Information

  • Provide and operate the compliance tracking service
  • Calculate your compliance obligations (rent caps, deposit interest, registration fees)
  • Generate compliance documents (rent increase notices)
  • Send email reminders about upcoming deadlines (if you opt in)
  • Improve the service and fix issues

3. Data Storage

Your data is stored in Supabase (hosted on AWS in the United States). All data is encrypted at rest and in transit via TLS. Row-level security policies ensure that you can only access your own data.

4. Data Sharing

We do not sell, rent, or share your personal data with third parties for marketing purposes. We share data only with:

  • Supabase: Database hosting and authentication
  • Resend: Email delivery for reminders and notifications
  • Vercel: Application hosting

These providers process data solely on our behalf and are bound by data processing agreements.

5. Your Rights

You have the right to:

  • Access and download your data at any time
  • Correct inaccurate data through your account settings
  • Delete your account and all associated data
  • Opt out of email reminders per property

California residents (CCPA): You have the right to know what personal information we collect, request deletion, and opt out of any sale of personal information. We do not sell personal information. To exercise your rights, contact us via our contact page.

Response timelines: We will acknowledge your request within 10 business days and provide a substantive response within 45 calendar days. If we need additional time, we will notify you of the extension and the reason.

Verification: To protect your privacy, we will verify your identity before fulfilling any data request. We may ask you to confirm your email address or provide information that matches our records.

Non-discrimination: We will not discriminate against you for exercising your CCPA rights. You will not receive different pricing or service quality for making a data request.

6. Cookies

We use only essential cookies required for authentication (Supabase session cookies). We do not use analytics, advertising, or tracking cookies.

7. Data Retention

Your data is retained as long as your account is active. When you delete your account, all associated data (properties, units, completions, audit logs) is permanently deleted within 30 days.

8. Security

We implement industry-standard security measures including: encrypted data storage, row-level security policies, HTTPS encryption for all connections, and secure authentication via Supabase Auth.

9. Children

DueNotice is not intended for use by anyone under the age of 18. We do not knowingly collect data from children.

10. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes via email or in-app notification. Continued use after changes constitutes acceptance.

11. Contact

For privacy-related questions or to exercise your data rights, contact us at our contact page.