Privacy Policy

Last updated June 25, 2026

1. Scope & Roles

This Privacy Policy describes how RQ200 ("we", "us", or "our") collects, uses, and protects information when you use the RQ200 property-management platform ("Service").

RQ200 is a data processor, not a data controller, for most personal data in the Service. When your organization (property managers, admins, brokers) enters personal information about tenants, applicants, contractors, or other individuals, your organization acts as the data controller — it decides what to collect and why. RQ200 processes that data on your instructions, solely to provide the Service.

This policy applies to all users of the Service: organization admins, managers, contractors, brokers, and the individuals whose data is entered by those users. It does not apply to third-party websites or services we may link to.

2. What We Collect

Account information. When you create an account or are invited to an organization, we collect your name, email address, phone number (optional), username, and a securely hashed password. We store the date and version of your consent to our Terms of Service.

Content you create. We store the data you and your organization enter into the Service: buildings and addresses, maintenance tasks and jobs, contractor assignments, unit records, notes, photos and videos uploaded as documentation, and any other content submitted through the platform.

Tenant and applicant personal data. Organization admins and managers may enter personal information about tenants and rental applicants, including: full name, email, phone number, current and prior addresses, and employment and income details. The rental application does not request Social Security numbers or driver's license numbers. Any such identifiers collected before July 2026 were field-encrypted at the application layer and are no longer displayed or exported by the Service. We do not store raw payment card numbers (billing is handled by a third-party payment processor).

Usage and diagnostic data. We collect server-side logs of API requests (endpoint, HTTP status, approximate response time) and client-side error reports to identify and fix bugs. We do not use third-party analytics SDKs. Logs are retained for a short period and are not tied to individual user identities beyond what is needed to diagnose a specific issue.

Communications. If you contact us at support@rq200.com, we retain those communications to respond to your inquiry and improve the Service.

3. How We Use It

We use the information we collect to:

We do not use your data for advertising. We do not sell your data to any third party. We do not share your data with third parties except as described in Section 4 (Sub-processors) and Section 5 (Data sharing).

4. Sub-processors

To provide the Service, we use the following third-party sub-processors. Each receives only the data necessary to perform its function.

We will update this list when we add or replace sub-processors. Material changes to sub-processors will be communicated via the Section 12 change process.

5. Data Sharing

We do not sell your data — not to data brokers, advertisers, or any third party. Period.

We share data only in the following limited circumstances:

6. Retention

We retain your data for as long as your organization's account is active or as needed to provide the Service. Specifically:

To request data export or deletion, email support@rq200.com.

7. Security

We take reasonable technical and organizational measures to protect data against unauthorized access, disclosure, alteration, and destruction:

No security measure is perfect. We do not guarantee that the Service is immune to all security threats. We encourage organizations to use strong, unique passwords and to promptly report suspected security incidents to support@rq200.com.

8. Data Location

All data is stored and processed in the United States. Our servers and media storage are hosted in US-based data centers. Our content-delivery network may cache non-sensitive request metadata at edge locations outside the US, but Customer Data — your organizational content, tenant records, and media — resides in US data centers.

We do not currently offer data residency options in other geographic regions. If that changes, we will update this policy and notify affected organizations.

9. Your Rights & Choices

Organization administrators have the following controls within the Service:

Individual users (managers, contractors, brokers) may update their own name, email, and notification preferences from their account settings. To close their account or correct data they cannot edit themselves, they should contact their organization admin or email support@rq200.com.

Tenants and applicants whose data has been entered by an organization should contact that organization (the data controller) directly to exercise access, correction, or deletion rights with respect to their personal information. RQ200 will cooperate with organizations in honoring such requests. Applicants who have questions about their consumer report should contact the screening provider directly.

We will respond to verifiable requests within a reasonable time. We may ask you to verify your identity before acting on a request.

10. Breach Posture

In the event of a confirmed security incident that results in unauthorized access to or disclosure of personal data, RQ200 will:

To report a suspected security vulnerability or incident, contact us immediately at support@rq200.com. We take security reports seriously and will acknowledge receipt promptly.

11. Children

The Service is not directed at children under the age of 13, and we do not knowingly collect personal information from children under 13. The Service is designed for property management professionals and is intended for use by adults. If we learn that we have inadvertently collected personal information from a child under 13, we will delete it promptly. If you believe we have collected such information, please contact us at support@rq200.com.

12. Changes to This Policy

We may update this Privacy Policy from time to time as the Service evolves or as legal requirements change. When we make material changes, we will update the "Last updated" date at the top of this page and notify affected organization admins by email at least 7 days before the changes take effect where practicable.

Your continued use of the Service after the effective date of a revised policy constitutes your acceptance of the revised policy. If you do not agree to the revised policy, you should stop using the Service and request account closure.

13. Contact

For questions about this Privacy Policy, to exercise data rights, or to report a security concern, contact us at:

RQ200
Email: support@rq200.com

We will do our best to respond to privacy inquiries within a reasonable time.