Skip to content
dweller

Privacy

Privacy Policy

Version 1.0 · Effective 2026-05-14 · Last updated 2026-05-14

dweller is a small Canadian property-management product. We collect personal information so the product can work, and we'd rather you know exactly what we do with it than read a policy that hides behind legal language. If a section here is unclear, write to support@dwellerpm.com and we'll explain it.

1. Who this policy is for

This policy applies to anyone who uses dweller (“the Service”) — landlords with paid or trial accounts, accountants and property managers granted delegated access, tenants who use the tenant portal at their landlord's invitation, and rental applicants who submit applications through dweller links.

The Service is operated by Julian Pond, founder, based in Newfoundland and Labrador, Canada, under the trade name “dweller” (collectively “dweller,” “we,” “us”).

It is written to comply with Canada's federal Personal Information Protection and Electronic Documents Act(PIPEDA) and Quebec's Act respecting the protection of personal information in the private sector (as modernized by Law 25). It applies to all users regardless of province.

2. Person in charge of personal information

Under PIPEDA Principle 1 (Accountability) and Quebec Law 25 section 3.1, dweller has designated a person responsible for compliance with this policy and applicable privacy law:

Julian Pond, Founder

Email: support@dwellerpm.com

Province: Newfoundland and Labrador, Canada

Send privacy questions, access requests, correction requests, deletion requests, and complaints to that address. We aim to respond within 30 days. If you're not satisfied with our response, you can escalate to the relevant regulator — see section 13.

3. What we collect

We collect only what the Service needs to do the job we say it does. Specifically:

3.1 Landlord account information

  • First and last name
  • Email address (used to sign in and to send transactional notifications)
  • Password (stored as a salted hash by Supabase Auth — we never see your password)
  • Province of residence
  • Optional: company name, phone, HST number
  • Marketing-attribution parameters (UTM source / medium / campaign) if you arrived via a tracked link

3.2 Tenant information (entered by landlords)

Landlords enter information about their tenants so they can manage leases, rent, and maintenance. We store: first and last name, email, phone, lease start and end dates, rent amount, security deposit, and an optional emergency contact (name + phone).

A note on roles.When a landlord enters tenant data, the landlord is the “data controller” for that data — they decide what to collect and what to do with it. dweller is the “data processor” — we hold and process the data on the landlord's behalf, under the terms of this policy and our Terms of Service. Tenants can contact us directly using the address in section 2 to exercise their rights, and we will work with the landlord to fulfill those requests.

3.3 Tenant portal use

Tenants invited to the portal can submit maintenance tickets (description, optional photos), view their lease, message their landlord, and submit move-in / move-out condition reports. We store the content the tenant submits along with timestamps and the tenant's account email.

3.4 Rental application data

When a prospective tenant submits a rental application through a landlord's dweller link, we collect:

  • Identity: full name, email, phone, 18+ confirmation
  • Current address (street, city, province, postal code)
  • Employment: employer name and phone, job title, monthly income, employment duration
  • Two references: name, phone, and relation
  • Housing preferences: desired move-in date, lease term, occupants, pets
  • Emergency contact name and phone
  • Optional free-text notes (1000 character maximum)
  • Explicit, separate consent for: data collection, reference checks, and credit checks (the applicant checks each box themselves on the form)

We do notcollect: date of birth, Social Insurance Number, driver's licence number, ID document images, credit reports, or criminal-background information. Landlords may run their own external screening; dweller stores the application data, not screening results.

3.5 Property and asset data

Property addresses, year built, insurance details, building-system inventories (furnace, roof, water heater, etc.) with install dates and condition. Photos uploaded with inspections, maintenance tickets, and condition reports.

3.6 Financial data

Rent payments (amount, date, method, status), expense records (amount, category, payee, receipt image, CRA category for tax purposes), and mortgage information you choose to enter for forecasting.

3.7 Payment information

When you start a paid subscription, Stripe collects your card details directly. dweller receives only a Stripe customer ID, your subscription status, and your billing email — not your card number, CVV, or expiry. See section 5.

3.8 Usage and technical data

IP address, browser type, pages visited, timestamps. Used for security monitoring, error diagnosis, and aggregate analytics — never sold, never combined with profiles for advertising. See section 10 for cookie details.

4. How we use it

Under PIPEDA Principle 2 (Identifying Purposes), we list the purposes here at the time of collection. We use personal information only for these purposes — and we will ask for fresh consent if we ever want to use it for something else.

  • To provide the Service: property and tenant management, maintenance ticketing, rent and expense tracking, lease handling, year-end tax export, asset-lifecycle forecasting.
  • To authenticate users and keep accounts secure.
  • To send transactional emails: tenant invites, password resets, maintenance updates, rent and lease reminders, payment receipts and notifications. These are not marketing.
  • To process subscription billing through Stripe.
  • To answer support questions and respond to your inquiries.
  • To monitor system errors and prevent abuse (logged via Sentry; see section 5).
  • To measure aggregate usage to improve the product (Vercel Analytics; see section 10).
  • To comply with legal obligations, including CRA record-keeping for financial data.

We do not sell personal information. We do not share it with advertisers. We do not build behavioural profiles for targeted advertising. We do not engage in fully automated decision-making that legally or significantly affects you (see section 9.5).

5. Service providers and where data lives

Running a SaaS product requires service providers. Under Quebec Law 25 section 8 paragraph 2 and section 17, we disclose every provider we use and where they hold your information. Each provider receives only the data they need to perform their function, under a written agreement (their standard data-processing addendum) that requires them to safeguard the data and notify us of any incident.

ProviderPurposeLocation
SupabasePrimary database, file storage, authentication.Database: Canada (Montreal, ca-central-1). Corporate entity: USA.
StripeSubscription billing. Holds your card details directly; dweller never sees them.USA
ResendSending transactional emails.USA
VercelWeb hosting, edge functions, Analytics, Speed Insights.Global edge network; primary US.
SentryError monitoring. Receives stack traces, route, request metadata. May include your user ID in error context.USA

AI processing.dweller's planned AI features are not currently active. We do not transmit your personal information to any AI model provider in this release. If we activate AI features in a future version of dweller, we will update this Privacy Policy to re-list the model provider in the processors table above, and we will notify existing account holders by email at least 30 days before enabling AI processing.

Cross-border transfers.Most of these providers are based in or operate from the United States. By using dweller you acknowledge that your personal information may be transferred to, stored in, and processed in the United States. Information held in the United States may be subject to U.S. law, including lawful access by U.S. authorities. We mitigate this through Supabase's Canadian database region for primary storage, written data-processing agreements with each provider, and selecting providers with industry-standard security practices.

We do not sell, rent, or trade personal information. We share information only as described in this section, or where required by law (court orders, subpoenas, lawful regulatory requests), or in the limited circumstance of a business sale — in which case any successor would be bound by this policy or one substantially similar, and we would notify you in advance.

6. Consent

Under PIPEDA Principle 3 and Quebec Law 25, consent must be informed, freely given, and specific to the purposes described.

  • Account creation. By creating a dweller account, you consent to the collection and use of your personal information for the purposes listed in section 4.
  • Rental applicants. The application form collects separate, explicit consent for data collection, reference checks, and credit checks. Skipping any box prevents submission.
  • Tenants.Tenants who accept a landlord's invitation consent to having their information processed through dweller for property-management purposes. The landlord remains the data controller for that information.
  • AI features. Not currently active in this release of dweller. If we add AI features in a future release, we will obtain fresh, separate opt-in consent before processing your information through a model provider — and we will give you advance notice as described in section 5.
  • Marketing emails. dweller does not currently send marketing emails. If we ever start, we will obtain separate opt-in consent first.

Withdrawing consent. You can withdraw consent at any time by contacting us at the address in section 2. Withdrawal may make it impossible for you to continue using parts or all of the Service — we will explain the consequences before acting on a withdrawal request.

7. How long we keep it

Under PIPEDA Principle 5, we limit retention to what's necessary for the purpose it serves. dweller stores two kinds of data with different rules:

7.1 General data — 90-day soft-close

Most data you put into dweller falls under this track: account profile, property details, asset inventories, tenant contact information, maintenance tickets, condition reports, photos, messages, applicant data.

When you delete your account from Settings, we immediately:

  • Anonymize your landlord profile (name, email, phone replaced with “[DELETED]”)
  • Cancel your Stripe subscription with proration
  • Terminate all active sessions and refresh tokens
  • Start a 90-day soft-close window during which the underlying records (properties, tenants, tickets, photos, messages, etc.) are no longer accessible to anyone and are queued for permanent deletion

After the 90-day window ends, general data is permanently deleted from the database and storage. Backups roll forward over the following 30 days; we keep no copy beyond that point. We deliberately retain a short window so accidental deletions can be recovered on request — to request immediate hard-deletion that skips the 90-day window, email support@dwellerpm.com and we will cascade-delete on the same business day, subject to section 7.2.

7.2 Financial data — 7 years per CRA

Some data is subject to the Canada Revenue Agency's tax record-keeping requirements under the Income Tax Act (section 230) and related provincial laws. Specifically: rent payments, expense receipts, mortgage records, year-end financial summaries, and any tenant data tied to those financial records (for example, who paid which rent).

We retain financial data for 7 years from the end of the relevant tax year. After that period elapses, financial data is permanently deleted in the regular monthly retention sweep.

This obligation overrides individual deletion requests. If you ask us to delete your account, financial records and the tenant identifiers attached to them will be retained for the remainder of the 7-year window even though the rest of your account data is cleared in the 90-day window described above. We'll always tell you exactly what is being retained and why if you ask.

7.3 Tenant and applicant data

When a landlord enters information about a tenant or rental applicant, the landlord is the data controller and instructs dweller about retention. Two sub-cases apply:

  • Tenant data tied to financial records (e.g. rent payments). Retained for the 7-year CRA window described in section 7.2, even if the landlord deletes their account, because deleting it would corrupt the financial record itself.
  • Tenant or applicant data not tied to financial records (e.g. rejected rental applications, expired tenant invites, maintenance message threads, condition reports without a financial component). Deleted on the 90-day soft-close window when the controlling landlord deletes their account.

7.4 Other retention windows

  • Trial accounts that never converted: deleted after 90 days of inactivity.
  • Backups: rolling encrypted backups retained up to 30 days.
  • Maintenance ticket photos: auto-deleted from storage 6 months after the ticket is resolved (the audit record of the ticket itself is retained per sections 7.1–7.2).
  • Server logs: 30 days.
  • Confidentiality incident register: 24 months minimum, per section 12.

Note on legal retention: where CRA, provincial residential-tenancies law, or any other statute requires us to keep data longer than you would prefer, we are obliged to honour the statutory minimum. We will not retain data beyond the legal minimum without an active business need, and we will tell you which retention rule applies if you ask.

8. How we protect it

Under PIPEDA Principle 7, safeguards must match the sensitivity of the information. Our safeguards include:

  • TLS 1.2+ for all data in transit between you and our servers
  • Encryption at rest for the database (Supabase default) and storage buckets
  • Row-level security: every database query is scoped to your user; you cannot access another user's data even by accident
  • Passwords stored only as salted hashes (Supabase Auth); we never see your password
  • Optional two-factor authentication (TOTP) for landlord accounts
  • Audit logging of security-sensitive events (logins, exports, deletions)
  • Principle of least privilege: only the founder has access to production data, and only when necessary for support or operations
  • Service provider review: every service provider in section 5 is bound by their own privacy and security commitments under a written data-processing agreement

No system is perfectly secure. If we ever experience a confidentiality incident affecting your personal information, see section 12.

9. Your rights

You have the following rights regarding the personal information we hold about you:

9.1 Access

Under PIPEDA Principle 9, you can request a copy of the personal information we hold about you and information about how it has been used and disclosed. Most account information is already visible to you in the Service; for the rest, write to support@dwellerpm.com. We aim to respond within 30 days.

9.2 Correction

Under PIPEDA Principle 6, you can correct inaccurate or incomplete personal information. Most fields are editable directly in the Service.

9.3 Deletion

You can delete your account from Settings → Account (see section 7 for what soft-delete and hard-delete each do). Where retention is required by law, we will retain only the minimum necessary.

9.4 Portability

Under Quebec Law 25 section 27, in effect since September 22, 2024, you have the right to receive your personal information in a structured, commonly used format. dweller already supports this: visit Settings → Export to download all your data as JSON and CSV at any time, with no fee.

9.5 Automated processing

Under Quebec Law 25 section 12.2: dweller does not currently use AI or any other form of automated processing to make decisions about you that produce legal or similarly significant effects. No automated rental-application rejection, no automated rent calculation, no automated tenant scoring — a person makes every decision that involves you. If we ever introduce a feature that does make such decisions, we will give you advance notice, disclose the personal information used, and provide a way to request human review.

10. Cookies and analytics

Essential cookies. Used to keep you signed in and to remember navigation state. These cannot be disabled without breaking the Service.

Vercel Analytics + Speed Insights. Used to measure aggregate page loads and performance. No advertising profile is built, no third-party advertiser receives this data. We do not use Google Analytics, Meta Pixel, TikTok Pixel, or similar advertising trackers.

No tracking across sites. dweller does not track you across the web. We do not participate in cross-site advertising networks.

11. Age restriction

dweller is not intended for use by anyone under 18. All account holders must be at least 18 years old, and rental applicants must confirm they are at least 18 before submitting an application. We do not knowingly collect personal information from minors.

If we become aware that we have collected personal information from someone under 18, we will delete it. If you believe a minor has provided us with personal information, contact support@dwellerpm.com and we will act on the request.

12. Confidentiality incidents

Under PIPEDA section 10.1 and Quebec Law 25, we are required to respond to incidents that pose a real risk of significant harm or risk of serious injury.

  • We assess every incident against the threshold using the factors prescribed by the Office of the Privacy Commissioner of Canada (sensitivity of the information and probability of misuse).
  • If the threshold is met, we will notify affected individuals as soon as feasible, and the relevant regulator — the Office of the Privacy Commissioner of Canada for users outside Quebec, and the Commission d'accès à l'information du Québec for affected Quebec residents.
  • Where another organization (e.g. a payment processor or law enforcement) is in a position to reduce the harm, we will notify them too.
  • We maintain an internal register of confidentiality incidents (including those that do not meet the threshold) for at least 24 months, as required by section 10.1.

13. Complaints and escalation

Under PIPEDA Principle 10, you can challenge our compliance with this policy. Start by emailing support@dwellerpm.com — we aim to acknowledge within 5 business days and respond substantively within 30 days.

If you're not satisfied with our response, you can escalate:

14. Changes to this policy

We will update this policy when our practices change. Material changes will be communicated by email to active account holders at least 30 days before they take effect. The version number and effective date at the top of this page always reflect the current policy.

15. Contact

For anything related to this policy:

Julian Pond, Founder · dweller
Email: support@dwellerpm.com
Newfoundland and Labrador, Canada

Read the Terms of Service →