Privacy
Privacy Policy
How SmartProp AI Inc. collects, uses, discloses and protects personal information under Canadian privacy law.
Last updated: 10 July 2026
1. Organization identity
This Privacy Policy describes the practices of SmartProp AI Inc. ("SmartProp AI", "we", "us", "our"), a British Columbia corporation providing AI-driven real-estate analytics and intelligence services. Our registered office is at 525 Seymour Street, Suite 105, Vancouver, BC V6B 3H7, Canada. Business Number: BN 359 742 810 RC0001.
We are accountable for personal information under our control. This policy applies to information collected through smartpropai.life, our contact forms, email correspondence, analytics engagements and related business activities.
2. Scope and applicable law
We comply with Canada's Personal Information Protection and Electronic Documents Act (PIPEDA) for interprovincial and international commercial activities. Where we collect, use or disclose personal information about British Columbia residents in the course of our commercial activities within BC, we also adhere to BC's Personal Information Protection Act (PIPA BC) to the extent it applies to our operations.
This policy covers personal information — information about an identifiable individual. It also describes our handling of client property data, market datasets and business information provided under contract, which may contain personal information embedded in leases, CRM records or transaction files.
3. Privacy Officer
Our Privacy Officer oversees compliance with this policy and responds to privacy enquiries and access requests. Contact:
Privacy Officer
SmartProp AI Inc.
525 Seymour Street, Suite 105, Vancouver, BC V6B 3H7, Canada
Email: [email protected]
Phone: +1 (604) 631-2748
4. What we collect
4.1 Website and enquiry data
When you submit our contact form or email us, we may collect your name, email address, phone number, organization name, message content and the subject of your enquiry. We record your explicit consent to collection under PIPEDA via the consent checkbox on our form. We do not pre-check consent boxes.
4.2 Client engagement data
During analytics projects and retainers, clients may provide property records, rent rolls, lease documents, MLS extracts, CRM exports, market data, geospatial files, financial operating statements and correspondence. These datasets may contain personal information about tenants, buyers, sellers, employees or contacts. We process such data only as directed by the client and our engagement agreement.
4.3 Technical and usage data
Our website may collect technical information such as IP address, browser type, device identifiers, referring URLs and pages visited. Where analytics cookies are enabled with your consent, we use this information to understand site traffic patterns. See our Cookie Policy for details.
4.4 What we do not collect
We do not purchase or broker lists of property leads for resale. We do not collect information unrelated to our analytics services without informing you of the purpose.
5. Purposes of collection and use
We collect and use personal information for purposes that a reasonable person would consider appropriate in the circumstances, including:
- Responding to enquiries and scheduling analytics reviews;
- Delivering contracted market intelligence, forecasting, portfolio analytics and related studio services;
- Integrating with client CRM, MLS, ERP and cloud systems as authorized;
- Training, evaluating and monitoring machine learning models within agreed data boundaries;
- Managing billing, contracts and client communications;
- Complying with legal obligations and protecting our legal rights;
- Improving website security and, with consent, analysing site usage.
We will identify other purposes at or before the time of collection, or seek your consent when new purposes arise.
6. Consent
PIPEDA and PIPA BC require meaningful consent for the collection, use and disclosure of personal information. Consent may be express (e.g., checking the contact form consent box) or implied where appropriate and permitted by law (e.g., providing a business card at a meeting).
You may withdraw consent for certain uses, subject to legal or contractual restrictions. Withdrawal may limit our ability to continue an engagement. To withdraw consent, contact the Privacy Officer. We will inform you of any consequences.
For client datasets containing third-party personal information (e.g., tenant names in rent rolls), the client is responsible for ensuring it has authority to share that data with us. We rely on client representations in our data processing agreements.
7. Disclosure to third parties
We do not sell personal information. We may disclose information to:
- Service providers and sub-processors who assist with hosting, cloud infrastructure, email delivery, analytics (where consented) and security monitoring — bound by confidentiality and data protection obligations;
- Professional advisors (legal, accounting) under privilege;
- Regulators, courts or law enforcement when required by law or to protect rights and safety.
A current list of material sub-processors is available on request for enterprise clients. Where personal information is processed outside Canada, we assess risks and implement contractual safeguards consistent with PIPEDA's cross-border guidance.
8. Retention
We retain personal information only as long as necessary to fulfil the purposes for which it was collected, meet legal requirements and resolve disputes. Typical retention periods:
- Contact form enquiries: up to twenty-four months unless an engagement proceeds;
- Client project data: per the engagement letter, often six to thirty-six months after project completion unless earlier deletion is requested;
- Retainer client data: duration of retainer plus agreed wind-down period;
- Cookie consent records: six months;
- Financial and tax records: as required by Canadian law (generally six to seven years).
Secure deletion or anonymization is performed when retention periods expire.
9. Security safeguards
We implement administrative, technical and physical safeguards appropriate to the sensitivity of the information, including access controls, encryption in transit and at rest where applicable, employee confidentiality obligations, least-privilege access for project teams and logging of administrative actions. No method of transmission or storage is completely secure; we commit to notifying affected parties and regulators of significant breaches as required by law.
10. Individual access and correction
Under PIPEDA and PIPA BC, you have the right to request access to personal information we hold about you and to challenge its accuracy. Submit a written request to the Privacy Officer. We will respond within thirty days unless an extension is permitted. We may charge a minimal fee for transcription where allowed. If we refuse access, we will explain why and inform you of your right to complain to the Office of the Privacy Commissioner of Canada.
11. Office of the Privacy Commissioner
If you believe we have not addressed your privacy concern adequately, you may contact:
Office of the Privacy Commissioner of Canada
30 Victoria Street, Gatineau, QC K1A 1H3
Toll-free: 1-800-282-1376
Website: www.priv.gc.ca
BC residents may also contact the Office of the Information and Privacy Commissioner for British Columbia regarding matters under PIPA BC.
12. Cookies and online tracking
We use cookies and similar technologies as described in our Cookie Policy. Non-essential cookies are placed only with your consent via our cookie banner. You may change preferences at any time by clearing cookies and revisiting the site, or through browser settings.
13. Children's privacy
Our services are directed to business clients and professionals. We do not knowingly collect personal information from individuals under eighteen years of age through our website.
14. Changes to this policy
We may update this Privacy Policy to reflect changes in law, technology or our practices. The "Last updated" date at the top will change accordingly. Material changes will be communicated via the website or direct notice where appropriate. Previous versions are available on request.
15. Automated decision-making and profiling
Our analytics services may involve automated processing of property and market data, including machine learning models that generate scores, forecasts and classifications. These outputs support human decision-making; they are not automated decisions with legal or similarly significant effects made solely by algorithm without review. Clients may request information about how a model contributed to a specific deliverable and may request human reconsideration of model-assisted conclusions as set out in the engagement agreement.
We do not use website visitor data for automated profiling that produces legal effects. Any profiling in client engagements is contractually scoped, documented and subject to the human-in-the-loop review described in our service terms.
16. Data processing agreements
Enterprise clients may request a Data Processing Agreement (DPA) or Personal Information Processing Agreement supplementing this policy. Such agreements specify sub-processor lists, breach notification timelines, data return or deletion at engagement end, permitted processing locations and technical security measures. Standard DPAs are available from the Privacy Officer upon request.
Where we process personal information solely on a client's behalf, the client remains the organization responsible for determining purposes and means of processing with respect to that data, and we act as a service provider processing under documented instructions.
17. Contact
Questions about this policy or our privacy practices:
Email: [email protected]
Mail: Privacy Officer, SmartProp AI Inc., 525 Seymour Street, Suite 105, Vancouver, BC V6B 3H7, Canada