Privacy Protocol.

EasyBTL Data Stewardship

1. Data Roles & Accountability

Under UK GDPR and the Data Protection Act 2018, EasyBTL operates in two capacities:

  • Data Controller: We are the controller for the information provided by Landlords and Company Directors (Name, Email, Phone) used to manage your account and billing.
  • Data Processor: We are the processor for any information you upload regarding your tenants or individual properties. Processing of Tenant data is further governed by our Terms of Service.

2. Information We Process & Lawful Basis

We process data to deliver our institutional management suite and facilitate professional Elite-tier filing services. Under UK GDPR, every data category is mapped to a specific Lawful Basis.

Data CategoryScope & JustificationLawful Basis
Account DataDirector names, professional contact details, and organization identity managed via Clerk. Used to manage subscriptions and enforce secure access control.Contractual Necessity
Payment & Billing DataSubscription tier, billing status, and payment event history received via Stripe webhooks. Card details are collected and stored exclusively by Stripe; EasyBTL does not hold or process raw card numbers. Stripe may process your name and email address to generate payment receipts.Contractual Necessity
Tax, Financial & Statutory FilingPlatform-generated FRS 105 accounts, transaction metadata, and company authentication codes. Shared with partner accountants for Elite-tier reviews and Companies House submissions.Legal Obligation & Contract
Operational DataTenant contact details, tenancy agreements, compliance certification storage, and Property Financial Performance Tracking.Legitimate Interests
Site AnalyticsAnonymous events strictly to measure the effectiveness of our Pilot Program intake and institutional benchmarking tools. Gathered only after explicit opt-in via our cookie banner.Consent
Tech InfrastructureStrictly necessary cookies for Clerk Authentication and Row Level Security (RLS) enforcement. Includes local storage used to remember visual preferences.Legitimate Interests

3. Security Architecture

We employ a multi-layered security model to protect institutional and financial data:

  • Row Level Security (RLS): Every database query is strictly filtered by your Clerk Organization ID, ensuring absolute data isolation.
  • Elite Tier Data Sharing: Upon triggering an 'Approve and Lock' action, statutory data is securely shared with designated partner accountants for filing fulfillment.
  • Anonymized Integrity: Non-identifiable transaction metadata is retained post-closure to preserve 'Real Estate Alpha' benchmarking accuracy.

4. Your Rights

Under UK law, you have the right to access, rectify, or erase your personal data stored on EasyBTL. To exercise any of these rights regarding your Account Data, please contact our Data Protection lead at support@easybtl.co.uk. For Tenant data, please contact your Landlord directly. As we act as a processor for tenant data, tenants wishing to exercise these rights must contact the Landlord (the Data Controller) directly.

5. Sub-processors

In delivering the EasyBTL platform, we engage the following third-party sub-processors:

  • Clerk — Identity & Access Management

    Manages user authentication, session management, and organisation-level access control.

  • Stripe — Payment Processing

    Processes subscription payments on behalf of EasyBTL. Handles payment card data in accordance with PCI-DSS Level 1 standards. EasyBTL receives only payment status and webhook events; full card details are never transmitted to EasyBTL. Stripe's Privacy Policy applies to card data: stripe.com/privacy.

  • Supabase — Database & Encrypted Storage

    Hosts all platform data and compliance documents, isolated via Row Level Security (RLS).

  • Resend — Transactional Email

    Delivers system-generated transactional emails (e.g., compliance alerts, account notifications). Processes recipient email addresses solely for the purpose of message delivery.

  • Authorized Partner Accountants

    Provides Elite-tier review and statutory filing services for Companies House submissions.

Data Protocol v1.4 • Last Updated June 2026

Legal Notice: EasyBTL is a property management software portal. It is not a financial adviser and does not provide investment, legal, or tax advice. All financial figures — including Real Estate Alpha and ROE Engine outputs — are derived from user-inputted data and presented for informational purposes only. EasyBTL expressly excludes all liability for financial loss, tax penalties, or filing errors arising from inaccurate or incomplete input. On applicable plans, partner accountants assume independent responsibility for any verified submission.