Privacy Policy

1. Who we are

STATR (“we”, “us”, “our”) operates the property AI platform at statr.co. We are based in Larnaca, Cyprus. If you have questions about this policy, contact us at ceo@statr.co.

2. What data we collect

• Contact details you provide directly (name, email, phone, company name, role) when you submit the contact form, register as a developer, or sign in.
• Conversation data you share with our AI consultant (property preferences, budget, timeline, location, financing position, free-text messages).
• Account and authentication data (email, session tokens) provided by our identity provider (Clerk) when you log in.
• Usage analytics (pages visited, clicks, session duration, device type) via Google Tag Manager, Google Analytics 4, LinkedIn Insight Tag, and Microsoft Clarity.
• Technical data (IP address, browser type, operating system, referring URL) logged automatically by our servers and analytics providers.

3. Why we collect it

• To qualify property buyers and match them to relevant developer inventory — the core of what StatR does.
• To deliver structured leads to developer CRM workflows (when a buyer consents to contact).
• To respond to enquiries submitted via the contact form.
• To operate, secure, and improve the platform (debugging, abuse prevention, performance monitoring).
• To comply with legal obligations where applicable.

4. Legal basis (GDPR)

We process personal data on the basis of your consent (analytics, marketing cookies), contract (delivering the service you requested), legitimate interest (security, fraud prevention, product improvement), and legal obligation (tax, audit, statutory requirements).

5. Who we share data with

• Service providers who help us run the platform: Clerk (authentication), Supabase (hosted database), Vercel and Railway (hosting), Google Cloud (analytics, maps).
• Real estate developers — only when you explicitly request to be connected to a specific project or submit a contact request through our platform.
• Legal and regulatory authorities where required by law.
• We do not sell your personal data to third parties.

6. Cookies and tracking

We use cookies and similar technologies for authentication, analytics (Google Analytics 4, Microsoft Clarity), and marketing attribution (LinkedIn Insight Tag). Essential cookies are required for the platform to function; non-essential cookies load via Google Tag Manager and can be blocked at the browser level.

7. How long we keep your data

We retain personal data for as long as your account is active or as required to provide the service. Conversation transcripts and lead records are kept to support developer follow-up and platform improvement. Analytics data is retained according to the providers' default retention periods (Google Analytics 4 defaults to 14 months). You can request deletion at any time.

8. Your rights

• Access — request a copy of the personal data we hold about you.
• Rectification — correct inaccurate or incomplete data.
• Erasure — request deletion of your data, subject to legal retention requirements.
• Restriction and objection — limit or object to specific processing.
• Portability — receive your data in a machine-readable format.
• Withdraw consent — where we rely on consent, you can withdraw it at any time.
• To exercise any of these rights, email ceo@statr.co.

9. Security

We use encryption in transit (HTTPS), encrypted credentials storage, Clerk-managed authentication, row-level security on our database, and reasonable operational safeguards. No system is perfectly secure — if you suspect a breach affecting your data, email ceo@statr.co.

10. International transfers

Our providers (Clerk, Supabase, Google, Vercel, Railway) may process data outside Cyprus/the EU. Where this happens, we rely on their standard contractual clauses and equivalent safeguards to protect your data.

11. Changes to this policy

We may update this policy as the platform evolves. Material changes will be communicated via the website; the "last updated" date at the top of this page tells you when the current version took effect.

12. Contact us

Questions, requests, or complaints about this policy or how we handle your data — email ceo@statr.co or write to Spyrou Kyprianou 41-43, Larnaca 6051, Cyprus.