Privacy Policy

1. Data Controller and Contact Information

Data Controller: Adema is a trading name of SH Proptech Ltd, a company registered in England and Wales under company number 15518685, with its registered office at 3rd Floor, 45 Albemarle Street, Mayfair, London, W1S 4JL.

Contact Details:
Email: info@adema.ai
Address: Adema AI / SH Proptech Ltd, 3rd Floor, 45 Albemarle Street, Mayfair, London, W1S 4JL

Data Protection Matters: For data protection matters, please contact us at info@adema.ai or at the above address, marking correspondence “FAO: Data Protection Officer”.

2. Purpose and Lawful Basis for Processing

We process your personal data for the following purposes and on the following lawful bases under UK GDPR:

2.1 Service Provision (Article 6(1)(b) - Contract Performance)

• Creating and managing your account
• Providing access to our AI-powered property services
• Processing transactions and billing
• Delivering customer support
• Communicating about your account and services

2.2 Legal Obligations (Article 6(1)(c) - Legal Obligation)

• Compliance with financial regulations and anti-money laundering requirements
• Tax reporting and record keeping
• Responding to lawful requests from authorities
• Maintaining records as required by law

2.3 Legitimate Interests (Article 6(1)(f) - Legitimate Interest)

• Improving and developing our services
• Fraud prevention and security measures
• Analytics and performance monitoring
• Business administration and operational efficiency
• Protecting our legal rights and interests

2.4 Consent (Article 6(1)(a) - Consent)

• Marketing communications (where consent is required)
• Non-essential cookies and tracking technologies
• Special category data processing (where applicable)

3. Categories of Personal Data We Collect

3.1 Information You Provide Directly

• Account Information: Name, email address, phone number, postal address
• Professional Information: Job title, company name, industry sector
• Financial Information: Billing address, payment method details (processed securely by third-party payment processors)
• Communication Data: Messages, support requests, feedback, survey responses
• Content Data: Property data, documents, images, and other content you upload or create using our services

3.2 Information We Collect Automatically

• Usage Data: Pages visited, features used, time spent, click patterns
• Device Information: IP address, browser type, operating system, device identifiers
• Technical Data: Log files, error reports, performance metrics
• Location Data: General geographic location based on IP address

3.3 Information from Third Parties

• Business Partners: Information from property platforms, integration partners
• Public Sources: Publicly available business information, property records
• Social Media: Information from social media platforms (with your consent)

4. How We Use Your Personal Data

We process your personal data for the following specific purposes:

4.1 Service Delivery and Account Management

• Creating, maintaining, and securing your account
• Providing access to our AI-powered property analysis tools
• Processing and fulfilling service requests
• Delivering customer support and technical assistance
• Managing billing, payments, and subscription services

4.2 Communication and Customer Service

• Sending service-related notifications and updates
• Responding to inquiries and support requests
• Providing training and onboarding assistance
• Conducting customer satisfaction surveys

4.3 Product Development and Improvement

• Analyzing usage patterns to improve our services
• Developing new features and capabilities
• Conducting research and development activities
• Testing and quality assurance

4.4 Security and Fraud Prevention

• Detecting and preventing fraudulent activities
• Monitoring for security threats and vulnerabilities
• Investigating suspected violations of our terms
• Maintaining system security and integrity

4.5 Marketing and Communications (With Consent)

• Sending promotional emails and newsletters
• Providing information about new features and services
• Inviting participation in events and webinars
• Personalizing marketing content and offers

5. Recipients of Personal Data

We may share your personal data with the following categories of recipients:

5.1 Service Providers and Processors

• Cloud Infrastructure: AWS, Google Cloud (data hosting and storage)
• Payment Processors: Stripe, PayPal (payment processing)
• Communication Tools: Email service providers, customer support platforms
• Analytics Providers: Google Analytics, monitoring and performance tools
• Security Services: Cybersecurity and fraud prevention providers

5.2 Business Partners

• Property data providers and real estate platforms
• Integration partners for enhanced service delivery
• Professional service providers (legal, accounting, consulting)

5.3 Legal and Regulatory Authorities

• Law enforcement agencies (when legally required)
• Regulatory bodies and supervisory authorities
• Courts and legal representatives
• Tax authorities and government agencies

5.4 Business Transactions

In the event of a merger, acquisition, sale of assets, or similar business transaction, your personal data may be transferred to the acquiring entity as part of the transaction, subject to appropriate safeguards and notice requirements.

6. International Data Transfers

Your personal data may be transferred to and processed in countries outside the UK and EEA. When we transfer personal data internationally, we ensure appropriate safeguards are in place:

• Adequacy Decisions: Transfers to countries with adequacy decisions from the UK government
• Standard Contractual Clauses: Use of UK International Data Transfer Addendum (IDTA) and EU Standard Contractual Clauses
• Certification Schemes: Transfers under approved certification mechanisms
• Binding Corporate Rules: Where applicable for intra-group transfers

For more information about specific transfer mechanisms used for your data, please contact us at info@adema.ai.

7. Data Retention Periods

We retain your personal data for the following periods:

7.1 Account and Service Data

• Active Accounts: Throughout the duration of your account and service use
• Closed Accounts: 7 years after account closure (for legal and regulatory compliance)
• Transaction Records: 7 years after the transaction (legal requirement)

7.2 Communication and Support Data

• Support Requests: 3 years after resolution
• Marketing Communications: Until consent is withdrawn or 3 years of inactivity
• Email Communications: 2 years after last communication

7.3 Technical and Usage Data

• Log Files: 12 months (unless required for security investigations)
• Analytics Data: 26 months (aggregated and anonymized where possible)
• Cookie Data: As specified in our Cookie Policy

7.4 Legal and Compliance Data

• Legal Proceedings: 7 years after conclusion of proceedings
• Regulatory Requirements: As required by applicable law (typically 6-7 years)

Retention Criteria: We determine retention periods based on:

• Legal and regulatory requirements
• Legitimate business needs
• The nature and sensitivity of the data
• Risk of harm from unauthorized use or disclosure
• The purposes for which we process the data

8. Your Data Protection Rights

Under UK GDPR, you have the following rights regarding your personal data:

8.1 Right of Access (Article 15)

You have the right to obtain confirmation of whether we process your personal data and access to that data, along with specific information about the processing.

How to exercise: Submit a request to info@adema.ai with proof of identity.

Response time: Within 1 month (extendable by 2 months for complex requests).

8.2 Right to Rectification (Article 16)

You have the right to have inaccurate personal data corrected and incomplete data completed.

How to exercise: Contact us at info@adema.ai or update information through your account settings.

8.3 Right to Erasure (“Right to be Forgotten”) (Article 17)

You have the right to have your personal data erased in specific circumstances, including when the data is no longer necessary for the original purpose.

Limitations: This right does not apply when processing is necessary for legal compliance, legal claims, or freedom of expression.

8.4 Right to Restrict Processing (Article 18)

You have the right to restrict the processing of your personal data in certain circumstances, such as when you contest the accuracy of the data.

8.5 Right to Data Portability (Article 20)

You have the right to receive your personal data in a structured, commonly used, machine-readable format and transmit it to another controller.

Scope: Applies to data processed based on consent or contract performance.

8.6 Right to Object (Article 21)

You have the right to object to processing based on legitimate interests, direct marketing, or processing for research and statistical purposes.

Marketing: You can opt out of marketing communications at any time using the unsubscribe link or contacting us.

8.7 Rights Related to Automated Decision-Making (Article 22)

You have the right not to be subject to decisions based solely on automated processing, including profiling, which produces legal effects or significantly affects you.

8.8 How to Exercise Your Rights

To exercise any of these rights:

• Email: info@adema.ai
• Post: Data Protection Officer, Adema AI / SH Proptech Ltd, 3rd Floor, 45 Albemarle Street, Mayfair, London, W1S 4JL
• Account Settings: Some rights can be exercised directly through your account settings

Identity Verification: We may request proof of identity to verify your request and protect your personal data.

Response Time: We will respond to your request within 1 month, which may be extended by 2 months for complex requests.

No Fee: We do not charge for exercising your rights unless requests are manifestly unfounded or excessive.

9. Consent and Withdrawal

Where we process your personal data based on consent, you have the right to withdraw that consent at any time. Withdrawal of consent does not affect the lawfulness of processing before withdrawal.

9.1 Marketing Consent

You can withdraw marketing consent by:

• Clicking the unsubscribe link in marketing emails
• Updating your preferences in your account settings
• Contacting us at info@adema.ai

9.2 Cookie Consent

You can withdraw cookie consent by:

• Adjusting your browser settings
• Using our cookie preference center
• Clearing your browser cookies

10. Automated Decision-Making and Profiling

We may use automated decision-making and profiling in the following circumstances:

10.1 Service Personalization

• Purpose: Personalizing property recommendations and service features
• Logic: Based on usage patterns, preferences, and service history
• Significance: Improves service relevance but does not produce legal effects

10.2 Fraud Prevention

• Purpose: Detecting potentially fraudulent activities and account security
• Logic: Analysis of behavioral patterns, device information, and transaction data
• Significance: May result in temporary account restrictions pending manual review

10.3 Your Rights

For automated decision-making that produces legal effects or significantly affects you, you have the right to:

• Obtain human intervention in the decision-making process
• Express your point of view regarding the decision
• Contest the decision and request manual review

11. Cookies and Similar Technologies

We use cookies and similar technologies to enhance your experience, analyze usage, and provide personalized content. Our use of cookies is governed by our separate Cookie Policy, which provides detailed information about:

• Types of cookies we use (essential, functional, analytics, marketing)
• Purpose and duration of each cookie
• Third-party cookies and tracking technologies
• How to manage cookie preferences
• Browser settings for cookie control

Essential Cookies: Required for basic site functionality and security

Non-Essential Cookies: Used with your consent for analytics, personalization, and marketing

You can access our Cookie Policy or manage your cookie preferences through our cookie banner.

12. Data Security

We implement comprehensive technical and organizational measures to protect your personal data:

12.1 Technical Safeguards

• Encryption: Data encrypted in transit (TLS 1.3) and at rest (AES-256)
• Access Controls: Multi-factor authentication and role-based access
• Network Security: Firewalls, intrusion detection, and monitoring systems
• Secure Development: Secure coding practices and regular security testing

12.2 Organizational Measures

• Staff Training: Regular data protection and security training
• Access Management: Principle of least privilege and need-to-know basis
• Incident Response: Documented procedures for security incidents
• Vendor Management: Due diligence and contractual safeguards for third parties

12.3 Data Breach Notification

In the event of a personal data breach likely to result in high risk to your rights and freedoms, we will notify you without undue delay. We will also notify the ICO within 72 hours of becoming aware of the breach, where required by law.

13. Children's Privacy

Our services are not intended for children under 16 years of age. We do not knowingly collect personal data from children under 16. If we become aware that we have collected personal data from a child under 16, we will take immediate steps to delete that information.

If you are a parent or guardian and believe your child has provided us with personal data, please contact us immediately at info@adema.ai.

14. Third-Party Links and Services

Our services may contain links to third-party websites, applications, or services. This Privacy Policy does not apply to those third-party services. We encourage you to review the privacy policies of any third-party services you access through our platform.

We are not responsible for the privacy practices or content of third-party services, even if accessed through our platform.

15. Business Transfers

If we are involved in a merger, acquisition, asset sale, or other business transaction, your personal data may be transferred as part of that transaction. We will provide notice of such transfer and any choices you may have regarding your personal data.

Any successor entity will be bound by the terms of this Privacy Policy or will provide notice of any material changes to data processing practices.

16. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. When we make material changes, we will:

• Post the updated Privacy Policy on our website
• Update the “Last Updated” date at the top of this policy
• Notify you by email if you have an account with us
• Provide prominent notice on our website or services
• Where required by law, obtain your consent for material changes

We encourage you to review this Privacy Policy periodically to stay informed about how we collect, use, and protect your personal data.

17. Complaints and Supervisory Authority

If you have concerns about how we handle your personal data, please contact us first at info@adema.ai. We are committed to resolving any privacy concerns you may have.

17.1 Information Commissioner's Office (ICO)

You have the right to lodge a complaint with the UK's supervisory authority for data protection:

Information Commissioner's Office (ICO)
Website: https://ico.org.uk
Phone: 0303 123 1113
Address: Information Commissioner's Office, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF

17.2 How to Make a Complaint

• Online: Through the ICO website complaint form
• Phone: Call the ICO helpline at 0303 123 1113
• Post: Write to the ICO at the address above

18. Contact Information

For any questions, concerns, or requests regarding this Privacy Policy or our data practices:

18.1 General Inquiries

Email: info@adema.ai

18.2 Data Protection Officer

Email: info@adema.ai
Address: Data Protection Officer, Adema AI / SH Proptech Ltd, 3rd Floor, 45 Albemarle Street, Mayfair, London, W1S 4JL

18.3 Company Information

Legal Entity: SH Proptech Ltd (trading as Adema AI)
Company Number: 15518685
Registered Address: 3rd Floor, 45 Albemarle Street, Mayfair, London, W1S 4JL
Country of Incorporation: England and Wales