00 — Preamble
PropNT operates as a controlled access layer for residential property discovery. Our privacy architecture is not an afterthought—it is the foundation. We designed this system to minimize data exposure by default, not to collect and then protect.
By using PropNT, you enter a protocol where information is siloed, contact is mediated, and identity is verified before it is shared. This policy explains what we hold, why we hold it, and—critically—what we deliberately do not hold.
01 — Information Architecture
What We Collect
Intent Signals (Users)
- → Conversational queries and search patterns (anonymized until qualification)
- → Qualification responses: timeline, budget range, purpose, flexibility
- → Verification documents (government ID, income proof) — encrypted, siloed
- → Contact information — released only post-qualification to verified mediators
Supply Signals (Providers)
- → Property characteristics: type, location zone, specifications, availability
- → Ownership verification documents — encrypted, access-logged
- → Exact addresses — geofenced, never displayed in discovery phase
- → Direct contact details — held in escrow, released only through mediation
System Telemetry
- → Interaction metadata: session duration, qualification completion rates
- → Matching patterns: what queries convert, where intent drops
- → Mediation outcomes: deal progression, closure signals
02 — Information We Deliberately Exclude
The Negative Space
Our privacy model is defined as much by what we refuse to collect as what we hold. The following data categories are systematically excluded from our architecture:
Precise Geolocation (Users)
We don't track real-time location. Discovery is zone-based, not coordinate-based.
Browsing History (External)
No cookies for cross-site tracking. No pixels. No retargeting infrastructure.
Social Graph Data
No integration with social platforms. No friend lists, no network analysis.
Biometric Data
No facial recognition, no voice prints, no behavioral biometrics.
03 — The Silo Protocol
How Information Flows
PropNT operates a tiered information architecture. Data is not freely accessible within our system—it is compartmentalized and released only through verified gates.
Discovery Layer (Public)
Anonymous query processing. No user identification. No property identification. Only pattern matching against anonymized supply signals.
Qualification Layer (Authenticated)
Identity verified. Intent documented. Access to restricted summaries granted. Contact information remains encrypted. Exact addresses remain hidden.
Mediation Layer (Controlled)
StayBroker mediators access verified identities and escrowed contact details only when facilitating structured introductions. All access is logged, time-bound, and purpose-limited.
Transaction Layer (Released)
Direct contact authorized only after mediation checkpoint. Both parties notified of information release. Post-transaction data retention minimized.
04 — Data Custody
Storage & Security
All data is stored in encrypted form at rest (AES-256) and in transit (TLS 1.3). Verification documents are held in isolated storage with access logging. We maintain no permanent backups of conversational content—only structured intent signals and metadata are retained for system improvement.
Our infrastructure is region-locked. Data does not cross jurisdictional boundaries without explicit processing authorization. We conduct no automated profiling that produces legal or similarly significant effects.
In the event of a security breach, our protocol prioritizes containment over continuity. Systems may be taken offline to prevent data exposure. Users will be notified within 72 hours of confirmed unauthorized access.
05 — Your Rights
Control & Erasure
Because we minimize collection, your privacy rights are structurally easier to exercise. You may:
- Request complete deletion of your account and associated data (30-day processing)
- Withdraw qualification data before mediation initiation
- Access logs of who has viewed your verification documents
- Request export of your intent history in machine-readable format
- Object to any processing beyond core service provision
To exercise these rights, contact: privacy@propnt.network
06 — Retention & Decay
Data Lifespan
| Data Category | Retention Period | Disposition |
|---|---|---|
| Conversational queries (raw) | 7 days | Cryptographic purge |
| Intent signals (structured) | 24 months | Anonymization, aggregation |
| Verification documents | Active + 90 days | Secure deletion, certificate |
| Contact details (escrowed) | Transaction + 180 days | Archive or delete per user choice |
| Mediation logs | 36 months | Pseudonymization, compliance hold |
07 — Third Parties
Information Sharing
PropNT does not sell data. We do not engage in programmatic advertising. Limited sharing occurs only with:
Verified StayBroker Mediators
Access limited to matched parties, time-bound, logged
Infrastructure Providers (AWS, encryption services)
Contractual data processing agreements, no independent access
Legal Authorities (compelled disclosure only)
Valid legal process required, user notification where permitted
08 — Changes
Policy Evolution
This protocol may be updated to reflect system evolution or regulatory requirements. Material changes will be notified 30 days in advance via email and platform notice. Continued use constitutes acceptance. Archived versions available upon request.
09 — Contact
Privacy Office
Data Protection Officer
privacy@propnt.network
Response within 48 hours
Physical Correspondence
PropNT Privacy Office
[Registered Address]
Bangalore, India