Letly Logo
Get your offer

Privacy

Letly Privacy Policy

This Privacy Policy explains how Letly (“we”, “us”) collects, uses and shares personal data when you visit our website or use our platform and related services (together, the “Services”).

If you do not agree with this Policy, please do not use the Services.

1. Who we are

Controller. For the purposes of the UK GDPR and the Data Protection Act 2018, Letly is the “data controller” for the personal data described in this Policy.

Letly entity details:

Letly Group (UK) Ltd, company number 16256509 Registered office: 15 Stratton Street, London, England, W1J 8LQ

Contact (privacy): privacy@letly.ai

If you have questions, or want to exercise your rights, contact us using the details above.

2. What this policy covers (and what it doesn’t)

This Policy covers personal data we process:

  • when you browse our website;
  • when you contact us;
  • when you use our platform (e.g. landlords, tenants, prospective tenants);
  • when you provide services to us (e.g. contractors, viewing hosts, photographers, inventory clerks).

Landlords and other third parties. In a rental transaction, we may share information with the relevant landlord, tenants, guarantors, contractors, referencing providers or schemes. Those parties may be separate controllers of your data for their own purposes and should provide their own privacy information.

3. Personal data we collect

We collect personal data in three ways: (a) from you, (b) automatically, and (c) from others.

A. Data you provide

Depending on how you use Letly, this may include:

  • Identity & contact: name, email, phone number, address, date of birth (where required), and information you submit in forms or messages.
  • Tenancy/application data: employment and income details, rental history, references, guarantor details, and documents you choose to upload.
  • Property & service data: property details you submit (e.g. address, availability, access instructions), preferences, and service requests.
  • Communications: messages and correspondence with us (including support requests). If we record calls, we will tell you at the point of recording.
  • Payments (limited): we may receive payment status and identifiers from payment and banking partners; we do not typically store full card details on our servers where a regulated payment provider processes them.

B. Data collected automatically

When you use the website or Services, we may collect:

  • Device & usage data: IP address, device and browser details, pages viewed, timestamps, and interaction data.
  • Cookies and similar technologies: see section 9.

C. Data we receive from others

We may receive personal data from:

  • Property portals or referral sources where you enquire about a listing;
  • Identity, right-to-rent, sanctions/AML and referencing providers (typically results, risk indicators, and verification status, and sometimes underlying data you provided to them);
  • Banks/payment providers (payment confirmation and account identifiers);
  • Deposit protection schemes and compliance providers (status confirmations and required reference numbers);
  • Landlords/tenants/guarantors involved in the same transaction (e.g. a landlord providing details about a tenant, or a tenant providing details about a guarantor).

Sensitive data. Some information used for compliance (e.g. identity documents) may reveal sensitive details (such as nationality or biometric identifiers). We only use this information where needed for compliance or to provide the Services, and we aim to minimise what we collect and store.

4. How we use your personal data (and our legal bases)

We only use personal data when we have a lawful basis. The main purposes are:

A. To provide and operate the Services

Including: onboarding, managing listings, responding to enquiries, scheduling viewings, progressing tenancies, handling maintenance coordination, and customer support.

Lawful basis: performance of a contract; legitimate interests (running and improving our business).

B. To run compliance, identity and fraud checks

Including: identity verification, right-to-rent, deposit protection workflows, financial checks, fraud prevention and security monitoring.

Lawful basis: legal obligation (where applicable); performance of a contract; legitimate interests (preventing fraud and protecting users).

C. To process payments and manage accounts

Including: rent collection flows, payout processing, reconciliation, dispute handling, and audit trails.

Lawful basis: performance of a contract; legal obligation; legitimate interests.

D. To improve the Services and keep them secure

Including: analytics, debugging, quality assurance, training, and preventing abuse.

Lawful basis: legitimate interests.

E. Marketing and communications

Including: sending service messages (non‑marketing) and, where permitted, marketing updates.

Lawful basis: legitimate interests (for B2B/relationship marketing where allowed) and/or consent (where required by law).

You can opt out of marketing at any time (e.g. via unsubscribe links or by contacting us).

5. AI and automated processing

Letly uses automation (including AI) to help operate the Services—for example to:

  • respond to and route enquiries;
  • summarise conversations and suggest draft replies;
  • classify requests and trigger operational workflows;
  • detect suspected fraud, abuse, or policy breaches.

Human oversight. We design our workflows so that material decisions in the rental process can be reviewed by humans where appropriate (especially where a decision could have a significant effect on you).

If you believe an automated outcome is incorrect, you can contact us to request review.

6. Who we share your personal data with

We share personal data only as needed to deliver the Services, including with:

  • Other parties in a transaction: landlords, tenants, guarantors (e.g. sharing an application pack with a landlord).
  • Operational partners: viewing hosts, photographers, inventory clerks, maintenance contractors, key/access partners.
  • Technology and support providers: hosting, analytics, communications tooling (email/SMS), customer support systems.
  • Payments, banking and verification providers: regulated payment/banking partners, payment initiation providers, identity/right-to-rent providers, referencing agencies, sanctions/AML screening providers, deposit protection schemes and compliance providers.
  • Professional advisers: lawyers, accountants, insurers.
  • Regulators and authorities: where required by law, or to protect rights, safety and prevent fraud.
  • Corporate transactions: if we’re involved in a merger, acquisition or asset sale, your data may be shared with advisers and relevant counterparties (with safeguards).

No “sale” of personal data. We do not sell your personal data in the ordinary sense. If we use advertising cookies for marketing, you can control this via cookie preferences (see section 9).

7. International transfers

Some of our service providers may process personal data outside the UK. Where we transfer personal data internationally, we use appropriate safeguards (such as adequacy regulations, or contractual protections like the UK International Data Transfer Agreement / addendum).

8. How long we keep your data

We keep personal data only for as long as needed for the purposes described above, including to meet legal, tax, accounting and regulatory requirements.

Typical retention periods:

  • Account and transaction records: kept while you use the Services and typically up to 6 years afterwards (to comply with legal obligations and manage claims).
  • Compliance records: kept for the period required by applicable law and industry practice.
  • Analytics data: kept for shorter periods or in aggregated/de-identified form where possible.

We may keep anonymised/aggregated data for longer, as it no longer identifies you.

9. Cookies and similar technologies

We may use cookies and similar technologies in our product:

  • Strictly necessary (to make the site work);
  • Analytics/performance (to understand usage and improve the Services);
  • Marketing (to measure and improve campaigns, where enabled).

You can manage non-essential cookies via Cookie Preferences and can also adjust your browser settings to block cookies. Blocking cookies may affect site functionality.

10. Your rights

Depending on your location and applicable law (including the UK GDPR), you may have rights to:

  • access your personal data;
  • correct inaccurate data;
  • request deletion (where applicable);
  • restrict or object to certain processing;
  • data portability (in some cases);
  • withdraw consent (where processing is based on consent).

To exercise rights, contact us at privacy@letly.ai. We may need to verify your identity before responding.

Complaints. If you’re unhappy with how we handle your data, you can file a complaint with the UK Information Commissioner’s Office (ICO).

11. Children

Our Services are not directed to children. If you believe a child has provided personal data to us, please contact us and we will take appropriate steps.

12. Changes to this policy

We may update this Policy from time to time. We will post the updated version on our website, and where appropriate we will notify you of material changes.

Last updated: 10 January 2026