Privacy Policy
Effective Date: January 6, 2026
Last Updated: January 6, 2026
Important: This Privacy Policy applies to the VEstate CRM mobile application ("App") for real estate professionals. By using our App, you agree to the collection and use of information as described in this policy.
1. Information We Collect
1.1 Personal Information You Provide
When you register and use the VEstate CRM App, we collect:
- Account Information: Email address, first name, last name, password (encrypted), and profile image
- Professional Information: Your role (admin, manager, agent), team assignments, and permissions
- Business Data: Properties, clients, leads, tasks, notes, and communication logs you create or manage
- Communication Data: Messages, call logs, meeting schedules, and WhatsApp conversation data
1.2 Information Automatically Collected
When you use our App, we automatically collect:
- Device Information: Device model, operating system version, unique device identifier (stored securely), device name, platform (Android/iOS)
- Usage Data: App features accessed, screen views, actions performed, session duration, and timestamps
- Network Information: IP address, connection type, and network performance metrics
- Push Notification Token: Expo Push Token for sending notifications about tasks, leads, and activities
1.3 Permissions We Request
The App requests the following permissions:
- Camera: To scan QR codes for quick instance login and capture property photos
- Notifications: To receive push notifications for tasks, leads, and important updates
- Storage (Secure): To securely store authentication tokens and app preferences locally on your device
2. How We Use Your Information
2.1 Core App Functionality
- Authenticate your identity and provide secure access to your CRM data
- Enable property, client, lead, and task management
- Facilitate communication tracking (calls, emails, WhatsApp messages)
- Display dashboard analytics and performance metrics
- Synchronize data across your devices
2.2 Notifications & Alerts
- Send push notifications for task reminders, new lead assignments, and urgent updates
- Alert you about WhatsApp messages and client inquiries
- Notify you about system updates and important announcements
2.3 Performance & Analytics
- Monitor app performance, identify crashes, and fix bugs
- Track network request metrics to optimize speed for 4G connections in Egypt
- Analyze feature usage to improve user experience
- Generate usage reports for billing and subscription management
2.4 Security & Compliance
- Detect and prevent unauthorized access
- Maintain activity logs for security audits
- Comply with legal obligations and enforce our Terms of Service
3. Data Storage & Security
3.1 Data Storage
- Cloud Storage: Your CRM data is stored securely on our production servers with encrypted connections (HTTPS/TLS)
- Local Storage: Authentication tokens are stored in secure device storage (Expo SecureStore) and never shared
- Theme Preferences: App theme settings are stored locally using AsyncStorage
3.2 Security Measures
- All data transmission uses TLS/HTTPS encryption
- Passwords are hashed using industry-standard algorithms (bcrypt/SHA-256)
- JWT tokens with expiration for session management
- Device-based authentication requires device registration
- Regular security audits and vulnerability assessments
3.3 Data Retention
- Active Accounts: Your data is retained as long as your account is active
- Inactive Accounts: Data may be retained for 90 days after account deactivation
- Deleted Accounts: Upon account deletion, personal data is permanently removed within 30 days (excluding data required for legal compliance)
- Activity Logs: Security and audit logs are retained for 12 months
4. Data Sharing & Third Parties
4.1 Third-Party Services
We use the following third-party services that may process your data:
- Expo Push Notifications: To deliver push notifications to your device
- Firebase (Google): For analytics and crash reporting (Android only)
- WhatsApp Business API: To facilitate WhatsApp messaging (when you use this feature)
- Email Service Provider: To send transactional emails (password resets, notifications)
4.2 We Do NOT Sell Your Data
We do not sell, rent, or trade your personal information to third parties for marketing purposes.
4.3 Legal Disclosures
We may disclose your information if required by law, court order, or government request, or to:
- Protect our legal rights and property
- Prevent fraud or illegal activity
- Ensure user safety and security
5. Your Rights & Choices
5.1 Access & Correction
- You can view and update your profile information within the App (Settings → Profile)
- Request a copy of your data by contacting support
5.2 Data Deletion
- You can request account deletion by contacting your organization's admin or our support team
- Upon deletion, all personal data will be permanently removed within 30 days
5.3 Notification Preferences
- Disable push notifications in your device settings (Settings → Apps → VEstate CRM → Notifications)
- Control notification categories within the App
5.4 Opt-Out Rights
- Revoke camera permissions in device settings (the App will prompt when needed)
- Decline analytics tracking by contacting support
6. Children's Privacy
The VEstate CRM App is designed for professional business use and is not intended for individuals under the age of 18. We do not knowingly collect personal information from children. If we become aware that we have inadvertently collected data from a child under 18, we will take steps to delete it immediately.
7. International Data Transfers
Your data may be stored and processed in data centers located outside your country of residence. We ensure that adequate safeguards are in place to protect your information in accordance with this Privacy Policy and applicable data protection laws.
8. Changes to This Privacy Policy
We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements. When we make material changes, we will:
- Update the "Last Updated" date at the top of this policy
- Notify you via push notification or email
- Request your consent if required by law
Continued use of the App after changes constitutes acceptance of the updated policy.
9. Contact Us
10. Compliance
This Privacy Policy is designed to comply with:
- Google Play Store Requirements: Transparent disclosure of data collection and permissions
- GDPR (EU): Rights to access, rectification, erasure, and data portability
- CCPA (California): Consumer rights regarding personal information
- Egyptian Data Protection Laws: Local privacy regulations
Acknowledgment: By using the VEstate CRM mobile application, you acknowledge that you have read and understood this Privacy Policy and agree to the collection, use, and disclosure of your information as described herein.
© 2026 VEstate CRM. All rights reserved.