N4ZN4ZLandlord
Log inGet started
Back to n4z.co.uk

This policy is in final review. The substance is complete; a few corporate details (company number, registered office, ICO registration) are being confirmed before launch.

N4Z Landlord · Vaitly Ltd

Privacy Policy

Last updated 9 June 2026

This policy explains how Vaitly Ltd ("we", "us") handles personal data when you use N4Z Landlord — our web app, the tenant portal at tenant.n4z.co.uk, and our mobile apps (together, the "Service"). We take privacy seriously and only use data for the purposes set out below.

1. Who we are

N4Z Landlord is operated by Vaitly Ltd, a company registered in England and Wales (company number to be confirmed), registered office to be confirmed. We are registered with the UK Information Commissioner's Office (ICO) under registration to be confirmed.

For privacy questions or to exercise your rights, contact us at [email protected].

2. The roles we play (controller vs processor)

Data protection law distinguishes between a controller (who decides why and how data is used) and a processor (who acts on a controller's instructions). Our role depends on the data:

  • We are the controller for landlord and account-holder data — the information you give us to create and run your account, manage your subscription, and operate the Service.
  • We act as a processor on behalf of the landlord for the personal data a landlord enters or invites into the Service about their tenants, occupants and contacts. In that case the landlord is the controller of that data and decides how it is used. If you are a tenant and want to access, correct or delete information held about you, please contact your landlord; we will support them in responding.

3. The personal data we collect

Account & profile data

  • Name, email address, phone number and password (stored only as a salted scrypt hash — never in plain text).
  • Business/branding details you add (business name, address, logo, registration numbers).
  • Role and permissions of team members you invite.

Property & tenancy data

  • Property addresses, types, certificates and compliance records.
  • Tenancy terms (rent, deposit, dates), rooms, the rent ledger and reminders.
  • Tenancy agreements and other documents generated or uploaded.

Tenant & contact data (usually entered by a landlord)

  • Tenant/occupant names, email, phone, date of birth, current address and emergency contacts.
  • Information tenants submit through the portal — employment/reference notes, occupant and pet requests, repair reports, notice to move out, and messages.
  • Right to Rent / identity reference notes where a landlord records them (England).
  • Electronic signature records (typed name, email, IP address and timestamp) when an agreement is signed.

Communications

  • Emails we send (invitations, reminders, notifications) and in-app messages between landlord and tenant.
  • Support enquiries and your correspondence with us.

Technical & usage data

  • Sign-in session tokens and the small set of cookies described in our Cookie Policy.
  • Device, browser and IP information needed to deliver and secure the Service, plus aggregated usage of features.

4. Special category data

We do not ask for special category data (such as health, ethnicity or immigration status). However, free-text fields (for example pet, accessibility or reference notes, or Right to Rent records) may occasionally contain such information if you choose to enter it. Please share only what is necessary. Where this data is processed, we rely on Article 9(2) conditions such as your explicit consent or the establishment/exercise of legal claims, and the landlord (as controller) is responsible for having an appropriate lawful condition for tenant data they record.

5. How and why we use your data, and our lawful bases

PurposeLawful basis (UK GDPR)
Create your account, authenticate you and provide the ServicePerformance of a contract
Operate the tenancy onboarding journey, generate agreements, schedule rent and remindersPerformance of a contract; legitimate interests
Send service emails (invitations, reminders, notifications)Performance of a contract; legitimate interests
Process tenant data on a landlord's behalfProcessor acting on the landlord's instructions
Take payment and manage subscriptionsPerformance of a contract; legal obligation (tax/accounting)
Secure the Service, prevent fraud and abuse, keep audit logsLegitimate interests; legal obligation
Improve and support the ServiceLegitimate interests
Optional marketing emails to account holdersConsent (you can opt out at any time)

Where we rely on legitimate interests, we have balanced those interests against your rights and consider them not to override your interests. You can object at any time (see section 10).

6. Who we share data with

We never sell your personal data. We share it only with:

  • Your landlord or their team (for tenant data) — the people running your tenancy.
  • Hosting & infrastructure providers that run our servers and database.
  • Encrypted object storage for documents. Tenancy agreements and sensitive documents are encrypted by the Service before storage, so the storage provider cannot read their contents.
  • Email delivery provider used to send transactional emails.
  • Integrations you choose to enable — for example e-signature and accounting connectors — which receive only the data needed for that feature. These are off unless enabled.
  • Professional advisers, authorities or successors where required by law, to protect our rights, or in connection with a business sale or reorganisation.

All processors are bound by contracts requiring appropriate security and to act only on our instructions. A current list of sub-processors is available on request at [email protected].

7. International transfers

We aim to keep personal data within the UK or the European Economic Area. Where a provider processes data outside these areas, we put in place appropriate safeguards — such as UK adequacy regulations, the UK International Data Transfer Agreement, or Standard Contractual Clauses — so your data remains protected.

8. How long we keep data

  • Account data: for as long as your account is active, then deleted or anonymised within a reasonable period after closure.
  • Tenancy and document records: retained while the landlord needs them and to meet legal obligations (for example, records that may be needed for tax or possession proceedings).
  • Financial records: kept for at least 6 years to meet UK tax and accounting requirements.
  • Audit and security logs: kept for a limited period necessary for security and accountability.

When data is no longer needed, we securely delete or anonymise it.

9. How we protect your data

  • Encryption in transit (HTTPS/TLS) and application-level encryption of sensitive documents at rest.
  • Passwords stored only as salted scrypt hashes; session tokens are signed and time-limited.
  • Role-based access controls, creator-only document access, and audit logging.
  • Optional biometric unlock on the mobile app.

No system is perfectly secure, but we work hard to protect your data and review our measures regularly.

10. Your rights

Under UK GDPR you have the right to:

  • be informed about how your data is used (this policy);
  • access a copy of your data;
  • have inaccurate data corrected;
  • have your data erased in certain circumstances;
  • restrict or object to processing;
  • data portability (receive your data in a portable format);
  • withdraw consent at any time where we rely on consent; and
  • not be subject to solely automated decisions with legal or similarly significant effects (we do not carry these out).

To exercise any right, email [email protected]. If your request concerns data a landlord controls (tenant data), please contact your landlord; we will assist them. We will respond within one month. You also have the right to complain to the ICO at ico.org.uk — though we'd appreciate the chance to resolve things first.

11. If you are a tenant

Your tenant portal account lets you see your tenancy, documents, rent and messages. We process most of your information on behalf of your landlord, who is the controller of that data. For requests about information your landlord holds about you, please contact your landlord directly. For questions about the portal itself, or your sign-in account, contact us at [email protected].

12. Cookies

We use a small number of strictly-necessary cookies to keep you signed in and run the Service. We do not use advertising or third-party tracking cookies. See our Cookie Policy for the full list.

13. Children

The Service is intended for landlords, their teams and adult tenants. It is not directed at children, and we do not knowingly collect data from anyone under 18 as an account holder.

14. Changes to this policy

We may update this policy from time to time. We will change the "last updated" date above and, for significant changes, give you reasonable notice.

15. Contact us

Vaitly Ltd, to be confirmed. Privacy enquiries: [email protected]. General support: [email protected].