top of page

Privacy Policy

Seven Property Group Mobile App

Android and iOS Application

1. Introduction

This Privacy Policy explains how Seven Property Group (“we”, “us”, or “our”) collects, uses, stores, and protects personal data when you use the Seven Mobile application (“the App”). The App is designed for property and estate management, serving residents, owners, committee members, external staff, and suppliers associated with properties managed by Seven Property Group.

By using the App, you acknowledge that your account and associated data are managed by Seven Property Group.

2. Who We Are

Seven Property Group Ltd acts as the Data Controller. It determines the purposes and means of processing and collects users’ personal data for the management of communal expenses, payments, and services provided to owners and tenants of the managed properties.

iSpiral Ltd acts as the Data Processor on behalf of Seven, providing the technical infrastructure of the application, data processing, security, data deletion, audit logs, and providing technical and organisational measures to support GDPR compliance as instructed by the Data Controller.

The App is operated by Seven Property Group as part of an estate management platform built on the Ethesis system. User accounts are not created through the App itself — all accounts are provisioned and managed by authorised administrators at Seven Property Group through the Ethesis platform. 

3. Data We Collect

3.1 Account and Identity Data

User accounts are created and managed externally via the Ethesis platform. The following data associated with your account is stored and used by the App:

  • Full name and surname

  • Email address

  • Username

  • Phone number (where provided)

  • User role (Committee Member, Owner/Tenant, External Staff, or Supplier)

  • Contact ID (linked to the Ethesis system)

  • Account status (Active/Inactive)

 

3.2 Authentication Data

  • JWT (JSON Web Token): Generated on login and stored securely on your device using encrypted storage (Android EncryptedSharedPreferences / iOS Keychain) to maintain your session.

  • Biometric Credentials: If you enable biometric login (fingerprint or Face ID), your authentication credentials are stored locally using device-level secure storage (iOS Keychain / Android Keystore) and never leave the device solely to re-authenticate you without re-entering credentials. This data never leaves your device.

 

3.3 Maintenance Requests

When you submit a maintenance request, the following data is collected:

  • Your name and contact phone number

  • Description of the issue, date noticed, location, and category

  • Whether the issue is an emergency and whether permission to enter is granted

  • Preferred visit times

  • Photographs of the issue (uploaded as attachments)

 

3.4 Building Documents

When documents are uploaded through the App, the following metadata is collected:

  • File name and file size

  • Document title, description, author, keywords, and comments

  • Uploader identity and date/time of upload

  • Building association and document category

Documents may include any file type (PDFs, images, spreadsheets, etc.).

 

3.5 Barcode / QR Code Scans

When using the building check-in feature:

  • Scanned barcode or QR code value

  • Visit type and any notes entered

  • Building identifier

  • Check-in and check-out timestamps

 

3.6 Payment Information

The App displays payment overview information retrieved from the Ethesis estate management system. This includes:

  • Unit number and owner name

  • Outstanding and paid amounts

  • Payment dates, methods, and reference numbers

  • Bank account name and number (as recorded in the Ethesis system)

 

3.7 Announcements

Announcements published to you may include your building or unit association as targeting criteria. No additional personal data is collected through the announcements feature.

 

3.8 Audit Log Data

For security, compliance, and operational purposes, the following information is automatically recorded for significant actions within the App:

  • User ID, username, and display name

  • Action performed (e.g., document upload, maintenance request creation)

  • Timestamp (UTC)

  • Success or failure status

  • Device user agent string

  • Before and after snapshots are not stored in full. Only the minimal necessary change data (e.g. modified fields and timestamps) is recorded where required for security and audit purposes.

 

4. Device Permissions

The App requests the following device permissions:

Permission

Purpose

Camera

Scanning QR codes for building check-in

Biometrics (Fingerprint / Face ID)

Secure login without re-entering credentials

The App does not request access to your location, contacts, microphone, or any other device features beyond those listed above.

 

5. How We Use Your Data

We use the data described above to:

  • Authenticate your identity and maintain a secure session

  • Display information relevant to your role and property (payments, announcements, maintenance requests, documents)

  • Allow you to submit and track maintenance requests, including photo evidence

  • Enable building check-in/check-out via QR code

  • Send email notifications for events such as maintenance updates, announcements, and password resets

  • Maintain an audit trail for security, dispute resolution, and regulatory compliance

  • Generate payment reports in PDF or CSV format on request

 

6. Email Notifications

The App may send you automated email notifications for:

  • New or updated announcements

  • Status changes to your maintenance requests

  • Password reset requests

Notification emails are sent from our configured SMTP server to the email address associated with your account. You may contact Seven Property Group to update your notification preferences.

 

7. Data Storage and Retention

7.1 Server-Side Storage

All data submitted through the App (user profiles, maintenance requests, documents, audit logs, etc.) is stored on servers managed by Seven Property Group. Data is retained for as long as your account is active or as required by applicable law and Seven Property Group’s obligations.

 

7.2 Local Device Storage

The following data is stored locally on your device:

  • Encrypted secure storage: JWT session token, biometric re-authentication credentials (if enabled)

  • Temporary cache: Downloaded files and images may be cached temporarily via the device’s standard temporary file storage and are cleared when the app session ends or the cache is cleared

The App does not use analytics SDKs, crash reporting services, or any third-party tracking libraries. No usage data or behavioural analytics are collected.

Certain personal data may be retained beyond account deactivation for compliance with legal, tax, or accounting obligations, for a period of up to 3–5 years, depending on the purpose of processing, Indicative retention periods are set out below:

• User profile data: retained for as long as the account remains active

• Maintenance requests: retained for 2–3 years after closure

• Audit logs are retained for as long as necessary for security, compliance, and operational purposes, and in any case not longer than required by applicable law.

• Payment and accounting records: retained for up to 7 years to comply with legal and tax obligations

After these periods, data is securely deleted or anonymised unless required by law.

 

8. Data Sharing

We do not sell or rent your personal data to third parties. Ethesis acts as the system of record for account and property data. Where applicable, data is synchronised between systems operated within the estate management platform. 

  • Ethesis Platform: User and property data is synchronised with the Ethesis management system, which is the authoritative source for your account and property records.

  • JCC Payment Systems: JCC acts as an independent data controller for payment processing; Seven Property Group does not process payment card data.

  • Email Service Provider: Your email address is used to deliver transactional notifications via our configured SMTP service.

  • Legal Requirements: We may disclose data if required by law, court order, or regulatory authority.

 

9. Data Security

We implement the following security measures to protect your data:

  • All communication between the App and our servers uses HTTPS (TLS encryption)

  • Authentication is JWT-based; tokens are stored in encrypted device storage

  • Biometric credentials are stored exclusively in the device’s secure enclave and never transmitted

  • Access to all API endpoints requires a valid authenticated session

  • Audit logs capture all significant data operations for accountability

Despite these measures, no method of transmission over the internet or electronic storage is completely secure. We cannot guarantee absolute security.

Users are obliged to keep their access credentials confidential and must not share their account with third parties.

 

10. Your Rights

Data subject requests will be reviewed and handled by Seven Property Group in accordance with the General Data Protection Regulation (EU) 2016/679 and the relevant legislation of the Republic of Cyprus, and in accordance with all applicable rights of data subjects, including but not limited to the rights of access, rectification, erasure, restriction of processing, objection, data portability, and withdrawal of consent where applicable.

 

11. Children’s Privacy

The App is not intended for use by individuals under the age of 18. 

 

12. Changes to This Policy

We may update this Privacy Policy from time to time. Κάθε ανανεωμενη έκδοση θα αναρτάται. 

In the event of significant changes to processing procedures or the operation of the application, users will be informed via the Ethesis application, with at least 30 days’ prior notice, where technically feasible and necessary.

 

13. Contact

For questions, concerns, or data rights requests related to this Privacy Policy, please contact

  1. Seven Property Group: 

Address : 37 Eleftherias Ave. , 7102 Aradippou, Larnaca, Cyprus

Email: [email protected]

Phone: +357 70 00 10 07 / +357 24 001077

 

I Spiral: 

Address: iSPIRAL IT Solutions Ltd ,178 Omirou,1st Floor 7102, Aradippou, Larnaca,Cyprus

Email: [email protected],  or [email protected] 

Phone: +357 24 531 975

Processing is based on contractual necessity, legal obligations, and legitimate interests (such as system security and fraud prevention). Where consent is required (e.g. optional communications), it is collected separately.

This Privacy Policy applies to the Seven Mobile application available on Google Play and the Apple App Store.

For the privacy policy of I-Spiral, click here:: https://www.i-spiral.com/privacy-policy/ 

CONTACT US!

Thanks for submitting!

  • Facebook
  • Instagram
  • LinkedIn
  • TikTok

© 2023 by Next Level

bottom of page