Login
Renterlyst logo Renterlyst

Renterlyst Data Handling Policy

Legal Articles
June 14, 2025

At Renterlyst, we take data management seriously. This Data Handling Policy outlines how we manage all types of data across our platform—from personal user information to operational business data. While our Privacy Policy focuses specifically on how we collect and use personal data and protect individual privacy rights, this Data Handling Policy takes a broader approach. It applies to all data collected, stored, shared, or processed by Renterlyst, ensuring it is handled with integrity, security, and compliance throughout its entire lifecycle.

Renterlyst Data Handling Policy

Last updated: June 10, 2025

At Renterlyst, effective data management is critical to our operations, our users' trust, and our legal obligations. This Data Handling Policy outlines how we manage all categories of data across our platform, including personal information, sensitive business records, operational datasets, and platform-generated content.

Unlike our Privacy Policy, which specifically details how we collect, use, and protect personal information and uphold individual privacy rights, this policy takes a broader view. It governs the entire lifecycle of data—from collection and classification to storage, sharing, and secure disposal.

Policy Scope

This policy applies to all data types handled within Renterlyst’s ecosystem, including but not limited to:

  • Personal data (e.g., names, emails, contact details, payment information)

  • Sensitive data (e.g., ID verification documents, background checks)

  • Operational data (e.g., property listings, transaction records, platform analytics)

  • Internal business information (e.g., employee records, performance metrics)

Policy Objectives

This Data Handling Policy is designed to ensure:

  • Integrity – that data remains accurate, reliable, and consistent

  • Confidentiality – that sensitive and personal information is protected from unauthorized access

  • Availability – that critical data is accessible to authorized users when needed

  • Compliance – All data practices align with applicable laws, regulations, and industry best practices

Key Components

1. Data Classification and Access Control

  • All data is categorized by sensitivity level (e.g., public, internal, confidential, highly sensitive).

  • Access is granted on a need-to-know basis using role-based permissions ensuring only authorized personnel can access protected data.

  • Multi-factor authentication is required for accessing sensitive systems or information.

2. Data Collection and Storage

  • Data is collected only when necessary to support platform functionality or business operations.

  • All digital data is stored in secure, encrypted environments.

  • Physical records (if any) are stored securely and subject to restricted access.

3. Data Sharing and Transfer

  • Personal and sensitive data may be shared with trusted third-party services (e.g., payment gateways, background check providers), as outlined in our Privacy Policy.

  • Business or operational data may be shared internally or externally only with appropriate authorization and under confidentiality agreements where applicable.

  • Cross-border data transfers comply with legal and regulatory requirements, including GDPR if applicable.

4. Data Backup and Recovery

  • Automated, encrypted backups are performed regularly to prevent data loss.

  • Business continuity plans ensure recovery in case of outages, cyber incidents, or natural disasters.

5. Data Retention and Disposal

  • Data is retained only as long as necessary for its intended use or as required by law.

  • Expired or obsolete data is disposed of securely using data erasure protocols or document shredding.

  • Personal data retention timelines are aligned with our Privacy Policy.

6. Monitoring and Auditing

  • Systems are regularly monitored for unauthorized access or anomalies.

  • Periodic audits ensure adherence to internal data handling protocols and external compliance standards.

7. User Rights and Controls

  • Users may request access, correction, or deletion of their personal data, as detailed in the Privacy Policy.

  • We are committed to honoring these requests in accordance with GDPR, CCPA, and other relevant privacy laws.

8. Incident Response and Breach Notification

  • A formal incident response plan is in place to detect, contain, and respond to data breaches.

  • Affected parties will be notified promptly in line with applicable laws and platform procedures.

Conclusion

Renterlyst is committed to a high standard of data stewardship. Through strong policies, secure systems, and a culture of accountability, we ensure that all data—personal, sensitive, and operational—is treated with the care and responsibility it deserves.

For more information on how we handle personal data and user privacy, please refer to our Privacy Policy.