Privacy Policy

PadRep (“PadRep,” “we,” “us,” or “our”) provides a managed AI assistant for real estate agents. This Privacy Policy explains what information we collect, how we use it, where it lives, and the choices you have. It applies to padrep.com and the PadRep service (the “Service”).

PadRep is built around a simple principle: your operational data — emails, contacts, CRM records, conversations — lives on a private server that we provision exclusively for you. We do not pool customer data into shared databases, and we do not train AI models on your data.

We collect three categories of information.

a. Account information

When you sign up, we collect your email address, name (if you provide it), password hash, profession, and the agent name you choose during onboarding. We also collect billing details through our payment processor (see Section 4).

b. Connected-service data

To operate your AI agent you may connect third-party services. Specifically:

• Google (Gmail and Calendar): if you connect a Google account, we receive an OAuth refresh token and read access to the scopes you approve (typically Gmail message metadata + bodies and Calendar events). We use this access to read messages so the AI agent can summarize them, draft replies, and build your morning brief. We do not send email or modify your calendar without your explicit approval through the action queue.
• CRM (Follow Up Boss): if you connect a CRM, we receive an API key and use it to read contacts, deals, notes, and tasks so the agent can reason about your pipeline. CRM writes only happen after you approve them.
• Telegram: if you create a Telegram bot, you give us a bot token. We use it solely to deliver your morning brief and to receive messages from you to your own bot. We do not have access to any other Telegram chats.
• AI provider key: you supply an API key for OpenRouter, Anthropic, OpenAI, or Google. We store it encrypted and use it only to call the model you selected on your behalf. AI usage is billed by your provider against your account, not ours.

c. Usage and operational data

We collect basic application logs (request timestamps, error traces, IP address, user agent) and aggregate usage metrics (number of briefs sent, number of actions approved). This data is used to keep the Service running and to diagnose issues.

We use the information we collect to:

• Provision and operate the AI agent that runs on your private server.
• Generate your morning brief, surface pending actions for approval, and respond to messages you send your bot.
• Authenticate you, manage your subscription, and send service-related emails (billing receipts, security alerts, downtime notices).
• Diagnose bugs, prevent abuse, and improve reliability.
• Comply with legal obligations.

We do not sell your personal information, share it with advertisers, or use your emails, contacts, or conversations to train AI models.

When you become a paying customer, we provision a dedicated virtual machine on DigitalOcean — a private server with its own IP address, dedicated to you. Your AI agent, its short- and long-term memory, your indexed Gmail/CRM context, and your conversation history all live on that server. We do not replicate this data into a shared multi-tenant database.

Sensitive credentials — OAuth refresh tokens, AI provider API keys, Telegram bot tokens, CRM API keys — are encrypted at rest with AES-256-GCM using a key held only by PadRep. We never log credential values, and we never display them back to you in full once stored.

Account-level metadata (your email, subscription state, server IP, onboarding progress) is stored in our hosted Supabase project. Data in Supabase is encrypted in transit (TLS) and at rest, and is protected by row-level security policies.

PadRep relies on the following sub-processors. Each operates under its own privacy policy and security commitments:

• Supabase — authentication and account-level metadata storage.
• DigitalOcean — hosts the dedicated virtual machine that runs your AI agent.
• Stripe — payment processing. PadRep never sees or stores your full card number; Stripe handles checkout and stores the payment method.
• Google — if you connect a Google account, OAuth and API calls go directly to Google. Our use of information received from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements. We do not use Google user data to train AI models or to serve advertising.
• Anthropic, OpenAI, OpenRouter, Google AI Studio — the AI model provider you choose receives the prompts your agent sends. They operate under their own privacy and data-retention policies.
• Telegram — receives messages between you and your bot.

When you cancel your subscription, we destroy your dedicated DigitalOcean server immediately. All data on that server — agent memory, indexed emails, conversation history, encrypted credentials — is deleted with the volume. This is not recoverable.

Account-level metadata in Supabase (email, subscription record) is retained for up to 30 days after cancellation so we can reinstate the account if you change your mind, then permanently deleted. Billing records are retained for 7 years to comply with tax and accounting obligations.

You can request deletion at any time by emailing privacy@padrep.com. We will respond within 30 days.

We protect your data with the following controls:

• TLS 1.2+ for all network traffic.
• AES-256-GCM encryption at rest for credentials.
• Per-customer server isolation — one customer’s data cannot be accessed from another customer’s agent.
• Supabase row-level security on all account-level tables.
• Principle-of-least-privilege access for the PadRep team.
• No write actions (sending email, updating CRM, sending calendar invites) execute without an explicitly approved record in your action queue.

No system is perfectly secure. If we discover a breach affecting your data, we will notify you without undue delay.

Depending on where you live (notably the EU/UK under GDPR or California under CCPA/CPRA), you may have the right to:

• Access the personal data we hold about you.
• Correct inaccurate data.
• Request deletion of your data.
• Export your data in a portable format.
• Object to or restrict certain processing.
• Withdraw consent (e.g., disconnect a Google or CRM integration).

To exercise any of these rights, email privacy@padrep.com. We will not discriminate against you for exercising them.

PadRep is operated from the United States. If you access the Service from outside the U.S., your information will be transferred to and processed in the United States. We use standard contractual clauses or equivalent safeguards where required.

PadRep is intended for licensed real estate professionals. We do not knowingly collect data from anyone under 18. If you believe a minor has provided us personal data, contact privacy@padrep.com and we will delete it.

We may update this Privacy Policy as the Service evolves. If we make material changes, we will email active customers at least 14 days before the change takes effect. The “Effective” date at the top of this page reflects the latest revision.

Questions, requests, or concerns about this policy or your data:

PadRep
privacy@padrep.com