Privacy

Privacy Policy

Last updated: May 12, 2026

LLDesk (“LLDesk,” “we,” “us,” or “our”) provides a software-as-a-service platform that helps owners, property managers, and service vendors track New York City local-law compliance obligations for buildings. This Privacy Policy explains what information we collect about you when you use the LLDesk website, application, and related services (collectively, the “Service”), how we use that information, who we share it with, and the choices you have.

LLDesk is a business-to-business product designed primarily for organizations that own or manage real estate located in New York City and for vendors that serve those organizations. We currently operate the Service only in the United States and process personal information primarily within the United States.

1. Scope and definitions

This Privacy Policy applies to personal information we process when you visit our public website, sign up for an account, log into the Service, upload or generate content within the Service, fill out a form (including the lead-capture form on /check), or otherwise interact with us. It does not apply to third-party websites, datasets, or services that we link to or integrate with, each of which is governed by its own privacy notice.

“Personal information” means information that identifies, relates to, describes, or could reasonably be linked with a particular individual. “Customer” means an organization that has an account with LLDesk. “Authorized user” means an individual who accesses the Service on behalf of a Customer.

2. Information we collect

2.1 Account information

When you create an account or are invited to an organization on LLDesk, we collect your name, email address, password (stored as a salted hash by our authentication provider), role within your organization (for example, owner, manager, or vendor), and the organization name you are joining. If you are invited as a teammate, we also process the invitation token tied to your email address.

2.2 Organization and building information

Customers add building records to LLDesk so the Service can map applicable local laws and generate deadlines. For each building, we store the address; the Building Identification Number (BIN); the Borough-Block-Lot identifier (BBL); the borough, ZIP code, and coordinates; characteristics such as year built, number of stories, gross square footage, number of dwelling units, primary use, occupancy group, landmark status, gas service status, parapet, sprinkler, and other physical attributes relevant to local-law applicability; and any notes the Customer chooses to record. Most of this data is pre-populated from public New York City datasets and may be edited by the Customer.

2.3 Compliance documents

Customers can upload PDFs, photographs, and other files that document compliance work (for example, FISP technical reports, LL97 emissions filings, gas inspection certifications, and remediation photographs). These documents are stored in a private object-storage bucket operated by our infrastructure provider and are accessible only through short-lived signed URLs issued to authenticated members of the owning organization.

2.4 Vendor profiles and inquiries

Vendors that register on LLDesk may publish a business profile containing the company name, contact details, service categories, service area, licenses, certifications, and a short description. When a building owner submits an inquiry to a vendor through the Service, we store the message, the building it relates to, and the parties involved so that the inquiry can be delivered, replied to, and audited.

2.5 Lead-capture submissions

The free building check at /check collects a building address and an email address (and optionally a name and phone number) so we can return preliminary compliance results and follow up about LLDesk. We treat this as a marketing lead and process it on the basis of your consent to receive that follow-up.

2.6 Billing information

Paid subscriptions are processed by Stripe. When a Customer subscribes, Stripe collects the payment instrument and billing address directly. We do not store full payment-card numbers, CVV codes, or bank-account credentials on LLDesk infrastructure. We retain only the Stripe customer identifier, subscription status, plan, billing email, last four digits of the card, and invoice history that Stripe makes available to us.

2.7 Notifications and communication preferences

We record your preferences for transactional and reminder emails (deadlines, digests, violations, inquiries, payments) so that we can honor unsubscribe requests, including one-click List-Unsubscribe headers in email.

2.8 Log and device information

When you use the Service we automatically collect information that is typical for a web application: IP address, user-agent string, referring URL, the pages you visit, the actions you take, and timestamps. We use this information to operate, secure, and debug the Service.

2.9 Data from public NYC datasets

LLDesk mirrors information from NYC Open Data and related public sources, including PLUTO, HPD violations, DOB violations, OATH/ECB hearings, LL84 benchmarking submissions, and LL87 energy-audit filings. This information is public record. We associate it with buildings tracked by Customers so it can be displayed alongside compliance status. We make no claim of ownership over the underlying public data.

3. How we use information

We use information for the following purposes:

Operating the Service. Authenticating you, displaying your organization’s portfolio, evaluating local-law applicability, generating deadlines, surfacing violations, and storing your documents.
Compliance reminders. Sending you notifications about upcoming deadlines, expiring inspection cycles, new violations, vendor inquiries, and account events.
Vendor marketplace. Matching owners and managers with vendors based on building location, service category, and stated need; routing inquiries between the parties.
Billing and account administration. Charging subscription fees, generating receipts, applying credits, and managing trials and cancellations through Stripe.
Customer support. Responding to your questions, troubleshooting issues, and improving documentation.
Security and abuse prevention. Rate-limiting, detecting and mitigating fraud, and protecting our systems and users.
Product improvement. Analyzing how the Service is used in aggregate to prioritize features, fix bugs, and improve performance.
Legal compliance. Meeting our own tax, accounting, and regulatory obligations and responding to lawful requests.

4. Legal bases for processing

We process personal information primarily under U.S. law. Where European or U.K. data protection law might apply (for example, when an Authorized user is located in those regions), we rely on the following legal bases:

Performance of a contract. Most processing is necessary to provide the Service to you and to your organization under our Terms of Service.
Legitimate interests. We rely on our legitimate interests in operating and securing a B2B platform, preventing fraud, and improving our product, where those interests are not overridden by your rights.
Consent. We rely on consent for optional marketing communications and for any cookies that are not strictly necessary to operate the Service. You can withdraw consent at any time.
Legal obligation. Some processing (for example, retaining billing records) is required by law.

5. How we share information

We do not sell personal information. We share information only as described below.

5.1 Within your organization

Information you submit on behalf of an organization (buildings, documents, compliance status, vendor inquiries) is visible to other Authorized users of that organization in accordance with their assigned roles. Customer administrators control membership and permissions.

5.2 With KOW Building Consultants (compliance partner)

LLDesk is developed in partnership with KOW Building Consultants (“KOW”), our exclusive compliance services partner. KOW staff have read access to the building, organization, compliance, document, and violation records stored in your workspace so they can monitor portfolio-wide compliance posture and respond to support requests you initiate from inside LLDesk. KOW cannot edit your workspace data directly; all changes flow through your authorized users.

Every cross-organization access by KOW staff (each list view and each building view) is recorded in an internal audit log that captures the staff identity, the targeted organization, the action, and the time. You can request a copy of audit records concerning your workspace by contacting support.

When you submit a support request to KOW through the Service, we share the requesting organization name, the relevant building(s) and compliance item(s), the requesting user’s name and contact email, and the message body so KOW can respond.

5.3 Subprocessors

We use the following third-party service providers (“subprocessors”) to operate the Service. Each receives only the information needed to perform its function and is contractually required to protect that information.

Supabase — managed PostgreSQL database, authentication, and object storage. Receives all account, organization, building, document, vendor, and notification data. See supabase.com/privacy.
Stripe, Inc. — payment processing and subscription management. Receives the Customer’s billing email and payment instrument directly. See stripe.com/privacy.
Resend — transactional email delivery. Receives recipient email addresses, message content, and the unsubscribe headers we generate. See resend.com/legal/privacy-policy.
Vercel, Inc. — application hosting and edge networking. Receives request metadata (IP, user-agent, URL) needed to serve the Service. See vercel.com/legal/privacy-policy.
NYC Open Data and related City sources — read-only public datasets mirrored into the Service. We do not transmit personal information to these sources. See opendata.cityofnewyork.us.

5.4 Legal disclosures

We may disclose information if we believe in good faith that it is required by law, by a subpoena, court order, or other legal process, or that disclosure is necessary to protect the rights, property, or safety of LLDesk, our users, or the public.

5.5 Business transfers

If LLDesk is involved in a merger, acquisition, financing, reorganization, bankruptcy, or sale of assets, personal information may be transferred as part of that transaction. We will notify you of any such transfer and any choices you may have.

6. Data retention

We retain personal information for as long as your account is active and for a reasonable period afterward to operate the Service, support audits, comply with legal obligations, resolve disputes, and enforce our agreements.

Active customer data is retained for the duration of the subscription.
Billing records are retained for at least seven (7) years after the transaction date to satisfy tax and accounting obligations.
Compliance documents uploaded by Customers are retained while the Customer’s account is active and for thirty (30) days after termination, unless the Customer requests earlier deletion.
Lead-capture submissions are retained for up to twenty-four (24) months unless the lead becomes a Customer or you ask us to delete the record sooner.
Server logs are retained for up to ninety (90) days for security and debugging purposes.

You may request deletion at any time as described in “Your rights and choices” below. We may retain a minimal record of the deletion request itself, and any information we are legally required to keep.

7. Security

We take reasonable administrative, technical, and physical safeguards to protect personal information. These include:

Transport encryption (HTTPS/TLS) for all traffic between your browser and the Service.
Encryption at rest for the underlying PostgreSQL database and object storage, as provided by Supabase.
Postgres row-level security (RLS) policies that restrict access to a Customer’s data to that Customer’s Authorized users.
Short-lived signed URLs for accessing private documents in object storage.
Principle-of-least-privilege access controls for LLDesk staff and audit logging of administrative actions.
Rate limiting and abuse detection on public endpoints.

No system can be guaranteed to be completely secure. If we become aware of a security incident affecting your information, we will notify you and the appropriate authorities to the extent required by applicable law. LLDesk has not yet completed a SOC 2, ISO 27001, or comparable formal certification, and you should not assume otherwise.

8. Your rights and choices

Depending on where you live, you may have the following rights:

Access and portability. You may request a copy of the personal information we hold about you. Authorized users can self-serve a structured export of their organization’s data from /settings/export within the Service.
Correction. You may correct inaccurate information through the in-product settings, or by contacting us.
Deletion. You may request that we delete personal information associated with your account, subject to the retention exceptions described above.
Opt out of marketing. You may unsubscribe from marketing emails using the link in any such message or by adjusting your notification preferences in the Service. Transactional messages (for example, billing receipts and security alerts) are not subject to opt-out.
Withdraw consent. Where we rely on consent, you may withdraw it at any time without affecting the lawfulness of prior processing.
California, Colorado, Virginia, and other state-law rights. If you are a resident of a U.S. state with a comprehensive privacy law, you may have additional rights, including the right to appeal a denied request and the right to be free from discrimination for exercising your rights. We do not sell or share personal information for cross-context behavioral advertising.

If you submitted information to LLDesk on behalf of an organization (for example, as one of its employees), the organization is the controller of that data. Please contact your organization’s administrator first; we will route your request to them where appropriate.

To exercise a right, email hello@lldesk.ai from the address associated with your account. We may need to verify your identity before responding.

9. Cookies and similar technologies

LLDesk uses a small number of first-party cookies. We do not currently use third-party analytics, advertising, or session-replay cookies.

Authentication cookies. Required to keep you signed in to the Service. Without these, the application cannot function.
Demo-mode cookie. Used to render the read-only demo experience without a real account. Set only when you opt into the demo.
Preference cookies. Used to remember UI choices such as expanded panels.

Most browsers let you block or delete cookies. Blocking authentication cookies will prevent you from using the Service.

10. Children

The Service is intended for use by businesses and adults. We do not knowingly collect personal information from anyone under the age of 18. If you believe a child has provided us with personal information, please contact us so we can delete it.

11. International users

LLDesk is operated from the United States. If you access the Service from outside the United States, you understand that your information will be transferred to, stored, and processed in the United States, where data-protection laws may differ from those in your jurisdiction. We do not currently rely on any approved transfer mechanism (such as the EU Standard Contractual Clauses or the EU–U.S. Data Privacy Framework) and we do not target the Service to data subjects outside the United States.

12. Changes to this policy

We may update this Privacy Policy from time to time. The “Last updated” date at the top of this page reflects the most recent revision. If we make material changes, we will provide notice through the Service or by email before the changes take effect. Your continued use of the Service after the effective date constitutes acceptance of the revised policy.

13. Contact us

For privacy questions, requests, or complaints, contact hello@lldesk.ai. For general support, see our contact page. We aim to respond to verified privacy requests within thirty (30) days.