This Privacy Notice for Reciti LLC ("Reciti", "we," "us," or "our"), describes how and why we might access, collect, store, use, and/or share ("process") your personal information when you use our services ("Services"), including when you:
- Visit our website at reciti.app, or any website of ours that links to this Privacy Notice
- Use Reciti. An amenity booking and scheduling platform for homeowner associations, condominium associations, and property management companies. Residents use Reciti to reserve shared spaces and amenities at their community. Board members and property managers use it to configure available resources, set booking rules, and manage reservations.
- Engage with us in other related ways, including any marketing or events
Questions or concerns? Reading this Privacy Notice will help you understand your privacy rights and choices. We are responsible for making decisions about how your personal information is processed. If you do not agree with our policies and practices, please do not use our Services. If you still have any questions or concerns, please contact us at privacy@reciti.app.
1. What Information Do We Collect?
Personal information you disclose to us
In Short: We collect personal information that you provide to us.
We collect personal information that you voluntarily provide to us when you register on the Services, express an interest in obtaining information about us or our products and Services, when you participate in activities on the Services, or otherwise when you contact us.
Personal Information Provided by You. The personal information that we collect depends on the context of your interactions with us and the Services, the choices you make, and the products and features you use. The personal information we collect may include the following:
- names
- phone numbers
- email addresses
- mailing addresses
- unit or address identifiers within a community (e.g., unit numbers)
- booking and reservation history (e.g., amenity reservations, dates, and times)
- contact or authentication data
This information includes identifiers such as your name and email address, community-specific information such as your unit identifier and booking history, and technical information collected automatically such as your IP address and device data.
Sensitive Information. We do not process sensitive information.
Multi-Tenant Data Isolation. Reciti is a multi-tenant platform, meaning multiple communities use the Services on a shared infrastructure. Each community's data is logically isolated from other communities. Users in one community cannot access the personal information or booking data of users in another community.
Administrative access is scoped to the community in which an administrator holds that role. Community administrators may access, view, and export personal information of members within their community, including names, email addresses, unit identifiers, and booking history, for community management purposes. If you are a resident or member of a community using Reciti, you should be aware that your personal information may be accessed and exported by your community's designated administrators.
All personal information that you provide to us must be true, complete, and accurate, and you must notify us of any changes to such personal information.
Information Received from Third Parties
We may receive personal information about you from third parties, including from your community's administrator as part of the invitation and onboarding process, from authentication providers if you use a third-party login method, and from our infrastructure and service providers in connection with the operation of the Services. This may include your name, email address, unit identifier, and other information necessary to provide you access to and use of the Services. We may also receive information about you from publicly available sources, third-party data providers, and business partners where relevant to providing the Services.
Information automatically collected
In Short: Some information — such as your Internet Protocol (IP) address and/or browser and device characteristics — is collected automatically when you visit our Services.
We automatically collect certain information when you visit, use, or navigate the Services. This information does not reveal your specific identity (like your name or contact information) but may include device and usage information, such as your IP address, browser and device characteristics, operating system, language preferences, referring URLs, device name, country, location, information about how and when you use our Services, and other technical information. This information is primarily needed to maintain the security and operation of our Services, and for our internal analytics and reporting purposes.
The information we collect includes:
- Log and Usage Data. Log and usage data is service-related, diagnostic, usage, and performance information our servers automatically collect when you access or use our Services and which we record in log files. Depending on how you interact with us, this log data may include your IP address, device information, browser type, and settings and information about your activity in the Services (such as the date/time stamps associated with your usage, pages and files viewed, searches, and other actions you take such as which features you use), device event information (such as system activity, error reports (sometimes called "crash dumps"), and hardware settings).
- Device Data. We collect device data such as information about your computer, phone, tablet, or other device you use to access the Services. Depending on the device used, this device data may include information such as your IP address (or proxy server), device and application identification numbers, location, browser type, hardware model, Internet service provider and/or mobile carrier, operating system, and system configuration information.
2. How Do We Process Your Information?
In Short: We process your information to provide, improve, and administer our Services, communicate with you, for security and fraud prevention, and to comply with law. We may also process your information for other purposes with your consent.
We process your personal information for a variety of reasons, depending on how you interact with our Services, including:
- To facilitate account creation and authentication and otherwise manage user accounts. We may process your information so you can create and log in to your account, as well as keep your account in working order.
- To deliver and facilitate delivery of services to the user. We may process your information to provide you with the requested service.
- To respond to user inquiries/offer support to users. We may process your information to respond to your inquiries and solve any potential issues you might have with the requested service.
- To send administrative information to you. We may process your information to send you details about our products and services, changes to our terms and policies, and other similar information.
- To request feedback. We may process your information when necessary to request feedback and to contact you about your use of our Services.
- To protect our Services. We may process your information as part of our efforts to keep our Services safe and secure, including fraud monitoring and prevention.
- To evaluate and improve our Services, products, marketing, and your experience. We may process your information when we believe it is necessary to identify usage trends and to evaluate and improve our Services, products, marketing, and your experience.
- To comply with our legal obligations. We may process your information to comply with our legal obligations, respond to legal requests, and exercise, establish, or defend our legal rights.
3. When and With Whom Do We Share Your Personal Information?
In Short: We may share information in specific situations described in this section and/or with the following third parties.
Vendors, Consultants, and Other Third-Party Service Providers. We may share your data with third-party vendors, service providers, contractors, or agents ("third parties") who perform services for us or on our behalf and require access to such information to do that work. Each third-party service provider maintains its own privacy policy governing its collection and use of your personal information. We encourage you to review those policies for information about their data practices.
The third parties we may share personal information with are as follows:
| Purpose | Provider |
|---|---|
| Communicate and Chat with Users | Google Workspace and Resend |
| Functionality and Infrastructure Optimization | Supabase |
| User Account Registration and Authentication | Supabase |
| Website Hosting | Vercel |
The above list is not exhaustive. We may also share your personal information with third parties in the following categories as necessary to operate the Services: cloud storage and database providers, email and communication services, security and fraud prevention providers, and legal and compliance advisors.
We also may need to share your personal information in the following situations:
- Business Transfers. We may share or transfer your information in connection with, or during negotiations of, any merger, sale of company assets, financing, or acquisition of all or a portion of our business to another company.
- Links to Third-Party Websites. Our Services may contain links to third-party websites or services. We are not responsible for the content or privacy practices of those sites. Third-party websites maintain their own independent privacy policies, and we encourage you to review them before providing any personal information. We have no control over and assume no responsibility for the content or practices of any third-party sites accessible through our Services.
4. Do We Use Cookies and Other Tracking Technologies?
In Short: We use cookies and similar technologies for essential site functionality such as authentication and session management.
We use cookies and similar tracking technologies to maintain the security of our Services and your account, manage user sessions and authentication, prevent crashes, fix bugs, save your preferences, and assist with basic site functions. These cookies are essential to the operation of the Services and are not used for advertising or behavioral tracking purposes.
We do not serve targeted advertisements, and we do not permit third-party advertising networks to place tracking technologies on our Services.
You can usually choose to set your browser to remove cookies and to reject cookies. If you choose to remove cookies or reject cookies, this could affect certain features or services of our Services, including the ability to remain logged in.
Our website does not respond to "Do Not Track" (DNT) signals. We recognize opt-out preference signals, such as the Global Privacy Control (GPC), where required by applicable law.
If we introduce non-essential cookies or tracking technologies in the future, we will update this privacy notice, provide you with appropriate choices, and honor applicable opt-out preference signals as required by law.
5. How Long Do We Keep Your Information?
In Short: We keep your information for as long as necessary to fulfill the purposes outlined in this Privacy Notice unless otherwise required by law.
We will only keep your personal information for as long as it is necessary for the purposes set out in this Privacy Notice, unless a longer retention period is required or permitted by law (such as tax, accounting, or other legal requirements).
When we have no ongoing legitimate business need to process your personal information, we will either delete or anonymize such information, or, if this is not possible (for example, because your personal information has been stored in backup archives), then we will securely store your personal information and isolate it from any further processing until deletion is possible.
6. How Do We Keep Your Information Safe?
In Short: We aim to protect your personal information through a system of organizational and technical security measures.
We have implemented appropriate and reasonable technical and organizational security measures designed to protect the security of any personal information we process. However, despite our safeguards and efforts to secure your information, no electronic transmission over the Internet or information storage technology can be guaranteed to be 100% secure, so we cannot promise or guarantee that hackers, cybercriminals, or other unauthorized third parties will not be able to defeat our security and improperly collect, access, steal, or modify your information. Although we will do our best to protect your personal information, transmission of personal information to and from our Services is at your own risk. You should only access the Services within a secure environment.
Data Breach Notification
In the event of a security breach that results in the unauthorized access, acquisition, or disclosure of personal information, we will investigate the incident and take appropriate steps to contain and remediate it. Where required by applicable law, we will notify affected individuals and relevant regulatory authorities within the timeframes required by law. Such notification will describe the nature of the breach, the types of information involved, the steps we have taken in response, and any steps individuals can take to protect themselves. We will provide notification by email to the address associated with your account, or by other means as required by applicable law.
7. Do We Collect Information from Minors?
In Short: We do not knowingly collect data from or market to children under 18 years of age.
We do not knowingly collect, solicit data from, or market to children under 18 years of age, nor do we knowingly sell such personal information. By using the Services, you represent that you are at least 18. If we learn that personal information from users less than 18 years of age has been collected, we will deactivate the account and take reasonable measures to promptly delete such data from our records. If you become aware of any data we may have collected from children under age 18, please contact us at privacy@reciti.app.
8. Your Privacy Rights
In Short: Depending on your location, you may have certain rights regarding your personal information, including the right to access, correct, delete, or obtain a copy of your data. These rights may be limited in some circumstances by applicable law.
Your Rights
You have rights under certain US state data protection laws. However, these rights are not absolute, and in certain cases, we may decline your request as permitted by law. These rights include:
- Right to Know: You may have the right to request information about the personal information we collect, use, disclose, or share.
- Right to Access: You may have the right to request access to your personal information.
- Right to Data Portability: Upon request, we will provide you with a copy of your personal information in a structured, commonly used, and machine-readable format such as CSV or JSON, including your account information, booking and reservation history, and any other personal data we hold about you. For certain export requests, we may need to coordinate with your community's administrator to fulfill your request.
- Right to Delete: You may have the right to request deletion of your personal information, subject to certain exceptions under applicable law. We may not be able to comply with a deletion request if it is necessary to complete transactions or provide services you have requested, detect security incidents or protect against fraudulent activity, debug or repair errors in our systems, comply with legal obligations, or fulfill other legitimate business purposes permitted by law.
- Right to Correct: You may have the right to request correction of inaccurate personal information.
- Right to Limit Use of Sensitive Personal Information: You may have the right to limit the use and disclosure of sensitive personal information to purposes necessary to provide the services you have requested.
- Right to Opt-Out: You may have the right to opt out of the sale, sharing, or use of your personal information for targeted advertising, profiling, or automated decision-making, as well as the collection of personal data through voice or facial recognition features. You may also have the right to review, understand, question, and correct how your personal data has been used in profiling. We do not currently sell or share your personal information for targeted advertising purposes, but you may opt out of any future such practices should they change.
- Right to Non-Discrimination: We will not discriminate against you for exercising your privacy rights.
How to Exercise Your Rights
To exercise these rights, you or your authorized agent can submit a verifiable request by:
- Email: privacy@reciti.app
- Mail: Reciti LLC, 8690 Aero Dr, Ste 115 #4055, San Diego, CA 92123
Under certain US state data protection laws, you may designate an authorized agent to make a request on your behalf. We may deny a request from an authorized agent that does not submit proof that they have been validly authorized to act on your behalf in accordance with applicable laws.
Verification Process: We will need to verify your identity before processing your request. This may include requesting additional information to confirm you are the person about whom we have collected personal information.
Response Timeline: We will respond to verifiable requests within 45 days of receipt, unless we notify you that we require additional time up to 90 days total.
Appeals Process: If we deny your request, you have the right to appeal our decision by contacting us using the same method as your initial request, clearly stating that you wish to appeal. We will respond to your appeal within 45 days. If your appeal is denied, you may submit a complaint to your state attorney general.
Administrator Data Export: Community administrators may export member data through the platform's administrative tools as part of their community management functions. This is a separate function from the individual data portability right described above and is governed by the Customer's agreement with Reciti. If you have questions about data exported by your community's administrator, please contact your administrator directly.
9. Do We Make Updates to This Notice?
We may update this Privacy Notice from time to time. The updated version will be indicated by an updated "Revised" date at the top of this Privacy Notice. If we make material changes to this Privacy Notice, we may notify you either by prominently posting a notice of such changes or by directly sending you a notification. We encourage you to review this Privacy Notice frequently to be informed of how we are protecting your information.
10. How Can You Contact Us About This Notice?
If you have questions or comments about this notice, you may email us at privacy@reciti.app or contact us by post at:
Reciti LLC
8690 Aero Dr, Ste 115 #4055
San Diego, CA 92123
United States