Privacy Policy

Xiaoshutong (内部小书童) — operated by JnDee Projects Limited
Effective date: 2 May 2026
Last updated: 2 May 2026

1. Who we are

This privacy policy applies to Xiaoshutong, an internal property management automation tool operated by JnDee Projects Limited, a company registered in England and Wales.

• Data controller: JnDee Projects Limited
• Contact: contact@jndee.com
• Registered address: London, United Kingdom

Xiaoshutong is used internally by JnDee Projects staff (no more than five users) to automate landlord/tenant compliance workflows. The tool is not a public-facing service. Tenants and landlords are not direct users; they may interact passively via SignWell e-signature emails.

2. What data we process

2.1 Internal staff data (active users)

• WhatsApp phone numbers (used to authenticate and contact JnDee staff)
• WhatsApp messages exchanged with the bot (text, file uploads, button responses)
• Display names from WhatsApp profiles

2.2 Property and tenant data (processed on behalf of JnDee)

• Property addresses, postcodes, and unit identifiers
• Compliance certificate metadata (issue date, expiry date, certificate type, issuer)
• Tenant names and email addresses (only for contract / deposit-protection workflows)
• Certificate PDF files (Gas Safe, EICR, EPC, HMO Licence, etc.)

2.3 What we do not collect

• We do not collect data from tenants or landlords directly.
• We do not use cookies or analytics on this privacy page.
• We do not sell or share data with third-party advertisers.

3. Why we process this data (lawful bases)

• Legitimate interests (UK GDPR Art. 6(1)(f)): Operating compliance workflows for our property portfolio.
• Legal obligation (Art. 6(1)(c)): Maintaining records of statutory certificates required under the Housing Act 1988, Renters' Rights Act 2025, and HMO licensing regulations.
• Contract (Art. 6(1)(b)): Generating tenancy agreements and deposit-protection prescribed information for active tenants.

4. How long we keep data

• WhatsApp message metadata: 90 days (idempotency and audit purposes)
• Certificate PDF originals (intake staging): 24-72 hours, then archived to Google Drive
• Certificate metadata: indefinitely (statutory record)
• Tenancy and contract records: 7 years after tenancy end (UK statute of limitations)
• Audit logs (state machine transitions): 2 years

5. Who we share data with

We use the following sub-processors. Each has its own privacy policy and is contractually bound to handle data only as instructed:

• Meta Platforms Ireland Ltd. — WhatsApp Business Cloud API for messaging
• Google LLC / Google Ireland Ltd. — Google Drive (file archive) and Cloud Vision API (OCR for scanned certificates)
• DeepSeek (Hangzhou DeepSeek Artificial Intelligence Co., Ltd.) — language model inference for document field extraction and intent classification
• SignWell, Inc. — e-signature service for tenancy agreements and deposit-protection prescribed information
• Functional Software, Inc. (Sentry) — application error monitoring (error stack traces only; PII excluded)
• Hetzner Online GmbH — server hosting (data residency: Germany / EU)

6. International transfers

Some sub-processors process data outside the UK / EEA. Where they do, we rely on the appropriate safeguards under UK GDPR (Standard Contractual Clauses or adequacy decisions). Hetzner hosting is located in Germany (EU). Sentry data residency is configured to de.sentry.io (Germany).

7. Your rights

Under UK GDPR, individuals whose data we process have the right to:

• Request access to their personal data
• Request rectification of inaccurate data
• Request erasure ("right to be forgotten") subject to statutory retention
• Request restriction of processing
• Request data portability
• Object to processing
• Lodge a complaint with the UK Information Commissioner's Office (ico.org.uk)

To exercise any of these rights, email contact@jndee.com. We will respond within one month.

8. Security

• All web traffic is encrypted via HTTPS (TLS 1.3) using certificates from Let's Encrypt
• WhatsApp webhook payloads are verified with HMAC-SHA256 signatures
• Server access requires SSH key authentication (no password login)
• Database, secrets, and storage are accessible only on the internal Docker network
• Daily encrypted off-site backups with 30-day retention

9. Changes to this policy

We may update this policy from time to time. Material changes will be notified to active staff users via the in-app channel. The "Last updated" date at the top of this page reflects the most recent revision.

10. Contact

For privacy-related questions, contact:

• Email: contact@jndee.com
• Postal address: JnDee Projects Limited, London, United Kingdom