Privacy Policy
Last updated: 2026-07-03
Service operator: Tomislav Trgovac. Croatian obrt registration details, business address, OIB, and VAT status will be published before paid commercial launch.
Who we are
Tenant Drive is operated by Tomislav Trgovac in preparation for launch by a Croatian sole proprietorship (obrt). Final registered business name, address, OIB, and VAT status will be published before paid commercial launch.
Privacy requests can be sent to tenantdrive@gmail.com. Support requests can be sent to tenantdrive@gmail.com.
GDPR roles
For account, authentication, support, security, service operation, SaaS billing, and platform administration data, Tenant Drive generally acts as controller.
For tenant, lease, rent, document, property, and payment workflow data entered by landlords about their rentals, the landlord is generally the controller and Tenant Drive acts as processor under the Data Processing Addendum.
Data we process
We process account data, authentication data, Google OAuth identifiers when used, landlord profile and invoice-profile data, tenant contact and lease data, property and utility data, billing and invoice records, payment status metadata, document metadata and uploaded files, support messages, technical logs, device/browser information, and security events.
We do not intentionally collect special-category data. Users should not upload special-category data unless necessary for their lawful rental-management purpose.
Purposes and legal bases
We use data to provide the service, authenticate users, secure accounts, manage billing and payments, generate landlord-requested records, send operational notifications, provide support, prevent abuse, comply with legal obligations, and improve reliability.
Legal bases may include contract performance, legitimate interests, legal obligations, consent where required, and landlord controller instructions for processed tenant/rental data.
Recipients and subprocessors
We share data only where needed for service operation, security, support, payment processing, email delivery, hosting, legal obligations, or landlord/user instructions.
Current expected subprocessors include hosting/database infrastructure, email delivery, Google OAuth, Stripe payment services, and operational tooling listed on the Subprocessors page.
International transfers
We prefer EU/EEA processing where practical. Some providers, such as Google or Stripe, may process data internationally. Where required, transfers rely on adequacy decisions, Standard Contractual Clauses, or other lawful transfer mechanisms.
Retention
We keep account and service data while the account is active. Billing, invoice, payment, tax, audit, and security records may be kept longer where needed for legal obligations, fraud prevention, disputes, backups, and accounting.
Landlord-entered tenant/rental data can be deleted or exported on request subject to account permissions, backups, legal obligations, dispute handling, and processor obligations to the landlord controller.
Security and breaches
We use technical and organizational measures such as authentication, role-based access, transport security, access controls, backups, logging, and limited administrative access.
If a personal-data breach creates a legal notification obligation, we will notify affected controllers, users, AZOP, or affected individuals as required by GDPR.
Your rights
Depending on your role and the data involved, you may request access, correction, deletion, restriction, portability, objection, or withdrawal of consent. For landlord-controlled tenant data, we may need to direct the request to the landlord controller.
Requests can be sent to tenantdrive@gmail.com. You may also complain to the Croatian Personal Data Protection Agency (AZOP).
Contact
General inquiries: tenantdrive@gmail.com
Support: tenantdrive@gmail.com
Privacy requests: tenantdrive@gmail.com
See Terms of Service, Cookie Policy, Data Processing Addendum, Subprocessors, and Contact.