Our Commitments

These are the privacy promises we make to every Estaty user. They are not legal boilerplate — they are how we actually intend to run this business. We hold ourselves accountable to them.

1. We will never sell your data

Your data and your clients' data are yours. We will never sell, rent, trade, or monetise it in any way. Our business model is subscriptions — not data brokerage. We have no interest in or incentive to sell what you've entrusted to us.

2. We collect only what we need

We practise data minimisation. We ask for information only when it is genuinely necessary to provide the Service. We do not collect data speculatively in case it becomes useful later. If a feature can work without collecting personal data, we build it that way.

3. You own your data

Everything you create on Estaty — your listings, your profile, your leads — belongs to you. You can export it or delete it at any time. When you delete your account, we erase your data within 30 days. We will never hold your data hostage.

4. We will tell you if something goes wrong

If we ever experience a data breach that affects your account, we will notify you promptly — within 72 hours if required by GDPR, and always as soon as we are confident about what happened. We will be direct about what was affected, what we've done to fix it, and what you should do.

5. We will respond to your rights requests

If you ask to see your data, correct it, delete it, or take it elsewhere, we will act on that request within 30 days. We won't make it hard. Email hello@estaty.io and we'll get it done.

6. We will not use dark patterns

We won't try to trick you into sharing more data than you intend to. Cookie banners will have a genuine 'Reject' option. Unsubscribing from emails will work the first time. We won't pre-tick data-sharing boxes or bury opt-outs in settings menus.

7. We will keep our policies readable

We publish this Commitments page because most privacy policies are written by lawyers for lawyers. We believe you should be able to understand how your data is handled without a law degree. We commit to maintaining plain-language versions of our key policies alongside the legal text.

8. We will not share your data to train AI

Your listing content, your lead data, and your business information will not be used to train any AI model — ours or anyone else's. When we use AI features (like description generation), the data sent to the AI provider is used only for that single request and is not retained for training purposes.

9. We will give you advance notice of major changes

If we ever decide to change how we handle your data in a material way — for example, adding a new type of data collection or changing our sub-processors — we will email you at least 14 days before the change takes effect. You will always have the option to delete your account if you disagree with the change.

10. We keep security a priority, not an afterthought

We apply security best practices throughout our development process: encryption in transit and at rest, least-privilege access controls, row-level database security, dependency monitoring, and regular security reviews. Security is not a product feature we added later — it is built into the foundation of how Estaty works.

Questions or concerns?

If you ever feel we are not living up to these commitments, tell us. Email hello@estaty.io. We take every message seriously and will respond personally.