Back to home

Privacy Policy

Effective May 22, 2026

Flypt (“we”, “us”) builds an AI acquisitions platform for real estate investors. This policy explains what we collect when you use the app at flypt.io (the “Service”), how we use it, and the controls you have over it.

1. What we collect

We collect only what we need to run the Service for you.

  • Account information. Name, email address, and profile photo via Google OAuth when you sign in. We never receive your Google password.
  • Property data you provide. Addresses you upload, MLS exports, manual entries, and any notes attached to deals.
  • Derived analysis. Comparable sales, ARV estimates, photo analysis, deal scores, and offer drafts produced by our pipeline from the inputs you submit.
  • Email content. If you connect an email account or use our outreach features, we store the threads, your voice-fingerprint samples, and the messages our agent drafts on your behalf.
  • Billing information. Stripe handles payment cards directly; we receive only subscription status, plan, and the last four digits of the card.
  • Usage and logs. Request metadata, error logs, AI cost and token usage, and structured events used for product analytics and rate limiting.

2. How we use it

  • To run the agent pipeline that produces comps, ARV, MAO, and drafted outreach.
  • To authenticate you and protect your account (including MFA when enabled).
  • To bill your subscription via Stripe and send transactional emails.
  • To monitor performance, debug errors, and improve the product.

We do not sell your data. We do not use your property data, comps, or email content to train general-purpose AI models.

3. Third parties we share with

We use the following processors. Each receives only the data needed to perform their function.

  • Google — authentication (OAuth). Your Google account profile is provided to us; we do not access Gmail content unless you explicitly connect inbox features.
  • Stripe — payment processing and subscription management.
  • Google Gemini API — AI inference for analysis tasks (photo grading, comp ranking, email drafting). Content submitted to Gemini for inference is subject to Google's terms for paid API tier usage. We do not opt in to data sharing for model improvement.
  • RealtyAPI — third-party real estate data provider used to fetch property listings, comps, and market data.
  • AWS — hosting infrastructure (App Runner, CloudWatch logs, S3 for stored assets).
  • Resend — transactional email delivery.

4. Data retention

Your data is retained for the life of your account. When you delete your account, we delete or anonymize your data within 30 days, except where retention is required for legal or accounting purposes (for example, Stripe invoices we are obligated to keep).

5. Your rights

  • Access and export. You can export your deals, contacts, and offers from the app at any time. Email us if you need a broader export.
  • Correction. You can edit account, deal, and contact data directly in the app.
  • Deletion. You can delete your account from settings, or email us to request deletion.
  • Opt-out of marketing emails. All marketing emails include an unsubscribe link. Transactional emails (billing, security) cannot be opted out while your account is active.

6. Security

Data is encrypted in transit (TLS) and at rest (AWS-managed encryption). Access to production data is restricted to the engineering team and logged. We use row-level security in the database to isolate tenants from one another.

7. Children

The Service is not directed to anyone under 18 and we do not knowingly collect data from minors.

8. Changes to this policy

When we make material changes, we will update the effective date above and notify active subscribers by email at least 14 days before the changes take effect.

9. Contact

Questions about this policy? Email privacy@flypt.io.

Flypt is a beta product. This policy reflects current data practices and may be revised as we ship new features. Terms of Service.