Privacy Policy

Check Easy (hereinafter "Check Easy", "we", "our") places the utmost importance on protecting the privacy and personal data of its clients. The purpose of this privacy policy is to inform users of our web application (hereinafter the "Service") about how we collect, use, share, and protect their personal data, in accordance with Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 (General Data Protection Regulation or "GDPR").

This Policy applies to all data collected in connection with the use of our web application.

In connection with the provision of the Service, we collect different categories of personal data:

• Client identification and contact data: Surname, first name, professional email address, professional phone number, and information relating to the company you represent (name, address, VAT number).
• Transaction data: Information relating to subscriptions taken out and payments made (subscription type, transaction date, partial payment method). We do not store your complete credit card information, which is processed directly by our secure payment provider Stripe (Stripe Inc., San Francisco, CA, USA).
• Connection and usage data: IP address, browser type and version, connection dates and times, event logs, and browsing data within the Service.
• Content data: Photographs that you upload to the Service for the purpose of carrying out a property inspection. These photographs may incidentally contain personal data (reflection of a person, portrait, visible document). It is your responsibility to minimise the capture of such data.

Your personal data is processed for determined, explicit, and legitimate purposes:

In accordance with Article 22 of the GDPR, we inform you that the main functionality of the Service relies on fully automated decision-making.

Our artificial intelligence analyses and compares photographs of a property taken at two different times (tenant move-in and move-out). The algorithm automatically identifies visual changes (deterioration, modifications, missing items).

The report generated by the AI constitutes a decision-support tool. You have the right not to be subject to a decision based solely on automated processing. You have the right to obtain human intervention, to express your point of view, and to contest the automated decision by contacting us (see article 11).

Your data is processed in strict confidence and shared only when necessary:

• Authorised Check Easy personnel: Access limited to data necessary for their functions.
• Sub-processors:
  • Hosting provider: UAB Hostinger, Jonavos g. 60C, LT-44191 Kaunas, Lithuania (European Union)
  • Payment solution: Stripe Inc., San Francisco, CA, USA (EU-US Data Privacy Framework)
  • Artificial intelligence: OpenAI, L.L.C., San Francisco, CA, USA
• Judicial or administrative authorities: Upon request, within the limits of applicable regulations.

Check Easy undertakes to host and process all your data within the European Union or in countries recognised as ensuring an adequate level of protection.

In cases where certain data may be transferred to sub-processors located outside the EU (in particular Stripe and OpenAI in the United States), Check Easy ensures that such transfers are governed by appropriate safeguards, such as the European Commission's Standard Contractual Clauses or the EU-US Data Privacy Framework, to ensure an equivalent level of protection.

• Client account data (identification, contact, transaction): Retained for the duration of the contractual relationship, then archived for the applicable statutory limitation period (5 years).
• Photographs and reports: Retained for the duration of the active subscription, then deleted or anonymised within one year after the end of the contract.
• Data for AI training: Anonymised as soon as technically possible. In anonymised form, they no longer constitute personal data.
• Connection data (logs): Maximum retention period of one year.

Check Easy implements technical and organisational security measures: communication encryption (HTTPS), strict access rights management, server security, and regular backups.

In accordance with the GDPR, you have the following rights:

• Right of access (Article 15): Obtain confirmation that your data is being processed and access it.
• Right to rectification (Article 16): Have inaccurate information corrected.
• Right to erasure (Article 17): Request the deletion of your data, subject to our legal obligations.
• Right to restriction (Article 18): Request the temporary suspension of the use of certain data.
• Right to data portability (Article 20): Receive your data in a structured, commonly used format.
• Right to object (Article 21): Object to processing for marketing purposes or based on legitimate interest.
• Right relating to automated decision-making (Article 22): Obtain human intervention and contest a fully automated decision.

To exercise these rights, contact us at: claire@checkeasy.co. A copy of a proof of identity may be requested.

The Service uses cookies and other trackers. Strictly necessary cookies are exempt from consent. Analytical cookies are only placed after your explicit consent via our cookie banner.

For a detailed list of cookies used, their purposes, their retention periods, and your management options, please consult our dedicated Cookie Policy.

If you believe, after contacting us, that your data rights are not being respected, you have the right to lodge a complaint with the competent supervisory authority. For France, this is the Commission Nationale de l'Informatique et des Libertés (CNIL), whose website is accessible at www.cnil.fr.

We reserve the right to amend this Policy at any time. In the event of a substantial amendment, we will inform you by email or via a notification on the Service before the amendments take effect.

For any questions regarding this policy, please contact us at: claire@checkeasy.co