Premisio
EN
English Eesti
Log in Start free beta
Open Premisio

Privacy Policy

How Premisio collects, uses, stores, and protects personal data. EU data residency, GDPR-native, and your rights as a data subject.

Premisio OÜ is in formation. The company is currently being registered with the Estonian Business Register (Äriregister). During this formation period, the service is operated by Asad Rizvi, a natural person resident in Estonia, who acts as the data controller (for purposes of the Privacy Policy) and the counter-party (for purposes of these Terms). All obligations and rights transfer to Premisio OÜ on its registration. This page will be updated within 7 days of registration.

Draft, pending legal review. This policy was last updated on 22 April 2026. It is a working draft and will be finalised by counsel before Premisio’s general release. If you have an urgent privacy question in the meantime, email hello@premisio.com.

Who we are

Premisio is a product operated by Premisio OÜ, a company registered in Estonia.

  • Registered address: J. Sütiste tee 41-181, Mustamäe district, 13414 Tallinn, Harju county, Estonia.
  • Contact: hello@premisio.com

Premisio OÜ is the data controller for personal data processed through the Premisio service, except where explicitly stated otherwise (for example, when your building’s board uses Premisio to manage its own records, that board is the controller for its own building’s data; Premisio OÜ acts as a processor in that case).

Scope of this policy

This policy covers personal data processed through:

  • The Premisio marketing website at premisio.com.
  • The Premisio application at app.premisio.com.
  • Public links that Premisio issues (for example, resident meter-reading submission links and public contact pages).
  • Email communications sent from Premisio.

It does not cover third-party sites, services, or integrations that Premisio links to or integrates with. Those third parties operate under their own privacy policies.

What we collect

Data you give us

When you sign up or use Premisio, you may provide:

  • Your name, email address, and phone number.
  • The building or buildings you are associated with, and your role in each (for example: board member, unit owner, tenant, property manager).
  • Unit and occupancy information about the buildings you manage.
  • Contacts you add to a building (vendors, professionals, other residents).
  • Meter readings you submit or record.
  • Documents you upload (reports, minutes, leases, invoices, and similar).
  • Messages or notes you write.

Data others add about you

If you are a resident, owner, or vendor of a building that uses Premisio, a building manager or board member may add you to the system. This typically includes your name, unit number, contact details, and role. The building’s board or manager is responsible for the lawful basis of adding you and for keeping that data accurate.

Data we collect automatically

When you use Premisio, we automatically collect:

  • Account and login metadata: timestamps, device and browser information, IP address.
  • Activity logs: actions taken in the app (for example, meter reading submissions, document uploads, permission changes), used for audit trails and the in-app activity log.
  • Aggregated usage analytics: page visits, feature usage, and error reports, via Google Analytics and PostHog. These tools load only after you have accepted optional cookies; see the Cookies Policy for the full list of cookies set, durations, and reject behaviour.

Data from Estonian registries

If your building is imported from the Estonian building registry (EHR or In-ADS), Premisio stores a synchronised copy of the public registry data associated with the building. This is covered by our legitimate interest in providing accurate building data to managers and boards.

Why we collect it

We process personal data on the following legal bases (GDPR Article 6):

  • Performance of a contract (Article 6(1)(b)): to provide the Premisio service you or your building signed up for.
  • Legitimate interests (Article 6(1)(f)): to secure the service, prevent fraud, debug problems, and improve the product, in ways that do not override your rights and freedoms.
  • Legal obligation (Article 6(1)(c)): to meet Estonian and EU legal requirements for business records, tax, and accounting.
  • Consent (Article 6(1)(a)): for optional things that require your explicit agreement (currently: none. We do not run behavioural advertising or third-party marketing cookies).

Who we share it with

We do not sell personal data. We share it only with:

  • Infrastructure providers who host or transmit data on our behalf, under data processing agreements. These processors are bound to operate within the EU.
  • Your building’s board and management for data that relates to that building (this is the whole point of a shared building-management system).
  • Public recipients, only where you have explicitly shared data (for example, a public contacts page that a board publishes deliberately).
  • Authorities, where required by law.

A current list of subprocessors will be published at premisio.com/privacy/subprocessors when the product leaves beta.

Where data is stored

All customer data is stored in European Union data centres. Premisio does not transfer personal data outside the EU except in narrow, documented cases (for example, email delivery to recipient addresses hosted outside the EU, which is a transfer you initiate).

How long we keep it

  • Active account data: for as long as your account is active, plus up to 90 days after closure to allow account recovery.
  • Building content (units, readings, contacts, documents): for as long as the building is managed in Premisio. When a building is removed or the organisation is closed, content is retained for up to 90 days and then permanently deleted, except where longer retention is legally required (for example, financial records kept for 7 years under Estonian accounting law).
  • Activity logs: 12 months rolling.
  • Security and audit logs: 18 months rolling.
  • Analytics: aggregated only, indefinite.

Your rights

You have the following rights regarding personal data we hold about you:

  • Access: ask what data we hold about you.
  • Rectification: correct inaccurate data.
  • Erasure: ask us to delete your data (subject to legal retention obligations).
  • Restriction: ask us to stop processing your data while a dispute is resolved.
  • Portability: receive your data in a structured, machine-readable format.
  • Objection: object to processing based on legitimate interest.
  • Withdraw consent: at any time, without affecting prior lawful processing.
  • Complaint: lodge a complaint with the Estonian Data Protection Inspectorate (Andmekaitse Inspektsioon, aki.ee) or your local EU supervisory authority.

To exercise any of these rights, email hello@premisio.com. We will respond within one month.

Security

We protect data with technical and organisational measures including:

  • Transport encryption (HTTPS/TLS) on all connections.
  • At-rest encryption in the database.
  • Policy-based authorisation (Cerbos) enforced at the service layer.
  • Regular security patching of dependencies.
  • Access controls that limit Premisio staff to the minimum data needed for support.

No system is absolutely secure. If you become aware of a security issue, email security@premisio.com.

Children

Premisio is not intended for use by anyone under 16. We do not knowingly collect personal data from children. If you believe a child has provided us with personal data, email hello@premisio.com and we will delete it.

Cookies

Premisio uses a small number of strictly-necessary cookies and preference cookies. See the Cookies Policy for the full list.

Changes to this policy

We may update this policy as the product evolves. When we make a material change, we will:

  • Update the “last updated” date at the top of this page.
  • Post a notice on the marketing website.
  • Email account holders where the change affects them.

Minor edits (typos, clarifications that do not change meaning) may be made without notice.

Contact

Questions, requests, or complaints: email hello@premisio.com or write to us at Premisio OÜ, J. Sütiste tee 41-181, Mustamäe district, 13414 Tallinn, Estonia.