← BackPrivacy Policy
Last updated: 10 July 2026
Perched (“the Service”) is operated by Henry Eden-Mann, a sole trader based in New Zealand. This policy explains what personal information we collect, how we use it, and your rights under the New Zealand Privacy Act 2020. The Service is intended for use by people in New Zealand. You must be at least 18 years old to use the Service.
The short version
- We collect what you put in (properties, notes, photos, documents, collaborator emails), your account email, basic technical and usage data, and billing identifiers if you subscribe. We don’t ask for government IDs or health or financial account details.
- We use it to run and improve the Service and manage your account. We never use it for advertising or profiling, and never sell it.
- We rely on providers that hold data only on our behalf (Supabase, Vercel, Resend), and on Stripe and Google for payments and sign-in under their own policies. To show maps, travel times, and property details we also send the property address or coordinates to mapping and data services (LINZ, Walk Score, OpenStreetMap). Some of these are overseas.
- Some data is stored on your device so the app works offline.
- Anyone you share a property with can see its contents, including other members’ emails, and anyone you give editor access can export a full copy, so only share with people you trust. Public links can expose a lot (including collaborators’ contributions), so check before making one public.
- You can access, correct, or delete your data, and delete your account anytime. If you want your contributions to other people’s properties removed, just ask; it’s easiest before you delete your account, but we can do it afterward too.
- We take reasonable steps to protect your data and will tell you and the Privacy Commissioner about a serious breach.
This summary is for orientation only. The full policy below is what applies.
1. What we collect
- Account information: your email address, used to create and identify your account.
- Property information: addresses, descriptions, asking prices, bedrooms, bathrooms, floor and land area, property type, valuation data, photos, notes, a listing link if you add one, a sale price if you record one when archiving, and a property checklist you fill in. Most of this you provide; some fields (such as valuation or area) may be pre-filled from public records, as described in our Terms.
- Property documents: links you save to documents held elsewhere (such as a builders report, LIM, title, or auction documents), along with any notes you attach to them.
- Points of interest: locations (name, address, coordinates) that you save for commute calculations.
- Research notes and photos: free-text notes and photos you attach to individual research links for a property, and a record of which research steps you have marked as done.
- Custom research links: URL templates (with label, hint, and city scope) that you create to add your own research links to the Research tab.
- Collaborator details: if you invite someone to a property, or someone requests access to one, we collect the email address provided so we can manage that invitation or request. Invitations, removals, and role changes are also recorded in the property’s activity history, including the email address involved, and are visible to that property’s current members. You can also add a note about each collaboration; like other notes on a property it is visible to that property’s members and can appear in exports and on a public share link, so it is not private. If you link a partner we store their email address to connect your accounts.
- Usage data: basic technical information such as the device type and browser, collected automatically by our hosting infrastructure. We also record when you last opened each property, so the app can show you what has changed since your last visit. If you subscribe, we store the identifiers Stripe assigns to your customer and subscription records (see section 4).
- Feedback: if you choose to send feedback via the in-app form, we collect your message and, only if you opt in, diagnostic information you select (app version, a timestamp, the current page, your browser, operating system and device model, screen and viewport size, language and colour scheme, network and connection status, PWA mode, device memory and CPU core count, and service-worker state). Screenshots you attach are included only if you choose to attach them. We store your message, the diagnostics you chose to include, your browser’s user-agent string (recorded automatically), and a count of attached screenshots in our database; if you sent the feedback from an error screen, it is linked to that error report. The screenshots themselves are not stored in our database and reach us by email only. Feedback is not shared with anyone beyond our infrastructure and email providers listed in section 4. Resend, our email provider, processes the email on our behalf and keeps delivery records under its own policy.
- Error reports: if something in the app breaks, we automatically receive a report so we can fix it. It contains the error details, the page you were on, the app version, diagnostic basics (browser and operating system, screen and viewport size, language and colour scheme, network and connection status, device memory and CPU core count, and service-worker state), and, if you are signed in, which account it came from. Reports are stored in our database for up to 90 days. New issues are also emailed to us by Resend (our email provider), which processes the email on our behalf and keeps delivery records under its own policy. Error reports are not shared with anyone beyond the infrastructure and email providers listed in section 4.
- Contact enquiries: if you use the contact form on our public site, we collect the name (optional), email address, and message you submit so we can read and reply to your enquiry.
We do not ask you to provide government identifiers, health information, or financial account details. Be aware that anything you type into notes, or capture in a photo, is stored as you entered it. Payment card details are handled directly by Stripe and never stored by us (see section 4). We do not use any advertising trackers.
2. Why we collect it
We collect this information to provide and improve the Service: saving and organising property research for you and anyone you share access with, fixing bugs, understanding in aggregate how the Service is used, and managing your account. We do not use your information for advertising, profiling, or any purpose unrelated to the Service.
3. Local storage and device data
The Service stores data locally on your device to function correctly and to support offline use. This includes:
- Browser local storage: preferences such as theme, sort order, and display settings; a record of which properties you have recently viewed (property IDs and timestamps); your active user ID and last sign-in method; temporary redirect paths used during sign-in flows; and app version information used to detect breaking changes. Notes you write while offline are also held here until they can sync to our servers.
- IndexedDB: a copy of your recent property data (details, notes, checklist, timeline, photo listings, and the email addresses of collaborators on your properties) is kept in your browser’s IndexedDB for up to 24 hours so the app opens quickly and works offline. Photos, notes, and checklist changes you make while offline are also queued here until a connection is available and they can be synced to our servers.
- Service worker cache: the app caches pages and assets on your device so it can load when offline. This includes aerial imagery of properties you view, and pages you have visited (which can contain property content). Cached content stays on your device until you sign out, clear your browser data, or uninstall the app. One exception: photos you share into the app via the system share sheet stay until you attach them to a property or clear your browser data.
- Cookies: when you sign in, a secure session token is stored by your browser to keep you logged in. A small cookie also remembers your theme choice. These are essential for the Service to function and are not used for tracking or advertising.
Your preferences, recently-viewed list, and cached pages and imagery stay on your device and are not transmitted to us. The exceptions: notes, photos, and checklist changes you create offline sync to our servers once you reconnect (as described above); error reports that could not be sent while offline are sent automatically when you are back online; the session token is sent with your requests so we can verify you are signed in; and the app separately records on our servers when you last opened each property (see section 1). You can clear everything stored on your device at any time through your browser or device settings.
4. Third-party services
The Service relies on several third-party providers. By using the Service, you acknowledge that data may be processed by them:
- Supabase: database, authentication, and file storage. Your data (including property photos and notes) is stored on Supabase infrastructure, which may be located outside New Zealand. Supabase is subject to its own privacy policy.
- Google: sign-in. The sign-in page loads Google’s sign-in script, and if you choose to sign in with Google, Google confirms your Google account identity (email address and name) to us. Google processes the sign-in under its own privacy policy. If you sign in with email and password instead, we do not pass your account to Google, though its sign-in script still loads on that page.
- Nominatim / OpenStreetMap: address search. When you search for a property address, your search query is sent to the Nominatim geocoding service (nominatim.openstreetmap.org). When you place a property pin manually, its coordinates are sent to the same service to find the nearest address. No account information or personal identifiers are sent.
- OSRM / OpenStreetMap: travel-time estimates. Property coordinates and your saved points-of-interest coordinates are sent to OSRM routing servers (router.project-osrm.org for driving, and routing.openstreetmap.de for cycling and walking) to calculate drive, cycle, and walk times. No personal identifiers are sent.
- LINZ (Land Information New Zealand): satellite imagery, building outlines, and address data. To show the aerial thumbnail and property outline, the coordinates are sent to our server, which retrieves imagery and parcel data from LINZ basemaps and the LINZ Data Service (linz.govt.nz). Address searches that Nominatim cannot fully match are also checked against the LINZ address database. LINZ is a New Zealand government agency and this data is hosted in New Zealand. No personal identifiers are sent.
- Walk Score: walkability scores. The full property street address and coordinates are sent to the Walk Score API to retrieve a walkability rating. See Walk Score’s privacy policy.
- External research links: the Research tab contains links to council portals and mapping services (e.g. Google Maps, Google Earth, Auckland Council, Canterbury Maps). When you follow one of these links, the destination site may receive the property address or coordinates as part of the URL. Those sites operate under their own privacy policies.
- Vercel: hosting and edge infrastructure. Vercel may collect standard web server logs including IP addresses. Vercel Analytics separately collects anonymised, aggregated usage data (page views, referrers, device type) to help us understand how the Service is used; the analytics data does not identify you individually. See Vercel’s privacy policy.
- Stripe: payment processing for subscriptions. When you subscribe, your payment details are collected and stored directly by Stripe (we do not receive or store your card number). Stripe may collect billing name, email address, and payment method details. We store the identifiers Stripe assigns to your customer and subscription records so we can link your account to your subscription; we never see or store your card number. See Stripe’s privacy policy. Free-tier users who have never subscribed are not subject to Stripe’s data collection.
- Resend: email delivery. We use Resend to send and receive emails such as feedback and support enquiries, and to deliver account emails (sign-in, invites, recovery). When you submit feedback or use the contact form, your email address is included in the message content Resend processes to deliver it. Resend transmits email on our behalf. See Resend’s privacy policy.
Cross-border disclosure: Several of the providers above operate outside New Zealand, so your information may be stored or processed overseas (LINZ data, by contrast, is hosted in New Zealand). Most of them act strictly as our agents: Supabase, Vercel, and Resend hold or process your information only on our behalf, under contractual terms that require them to protect it and use it only to provide their service to us, so this is not a disclosure of your information to a separate party. A few others, including Stripe and Google, act as independent controllers of the limited data you give them directly (your payment details, or your Google sign-in), under their own privacy policies. We take reasonable steps to ensure your information is protected, but cannot guarantee the laws of those countries provide the same protections as the Privacy Act 2020.
5. Sharing with other users
If you share a property with other users via groups or direct invitations, they can see that property’s notes, photos, and details, and, depending on the access level you grant (editor or view-only), may also edit them. You control who you share with; do not share with anyone you do not trust.
When a collaborator is removed from a property or leaves it, remaining members no longer see their email address in the activity history shown in the app. Their past contributions stay visible, shown as coming from “Collaborator”. A data export taken before that person’s content is erased may still contain their email in the raw activity record.
If you generate a public share link for a property, anyone with that link can view a read-only snapshot of it. That snapshot includes more than the basics: the address and location, property stats (size, type, materials, capital and land value), uploaded photos, your notes and research notes with their photos, saved document links and their notes, your checklist progress, and the activity timeline. A collaborator’s commute labels and travel times may also appear unless they have turned that off in their settings (the destination address itself is not shown), and if you archive the property as sold with a sale price recorded, that price is shown. Where the snapshot shows who added something (in the timeline, on a note, or on a commute entry), that person is labelled with a partly hidden version of their email address, such as the first letter and the domain. Content contributed by collaborators may be included, so share publicly only what everyone involved is comfortable being public. You can revoke public access at any time from the property settings. Public links also lapse automatically after 30 days without activity (adding or editing notes, photos, details, checklist items, or documents; viewing alone does not count); any such change restarts that clock, and you can renew a lapsed link.
If you generate a research link share, anyone with that link can view and import your custom research links. The link does not expire automatically; you can delete it from Settings at any time.
We do not sell, rent, or share your personal information with any third party for their own purposes. We may disclose personal information where required or permitted by law, for example in response to a court order, a lawful request from the New Zealand Police, or an inquiry from the Office of the Privacy Commissioner.
6. Exporting your data
The Service lets you download an export of your data as a file. An export includes property details (with the listing link and any sale price), notes (including the previous version where a note has been edited), research notes and photos, your property checklist and completed research checks with any per-item notes, document links and their notes, your saved points of interest (names and addresses, not coordinates), your custom research links, any per-member notes, and the email addresses of anyone the property is shared with, as well as information contributed by collaborators. You can run a full-account export once per day, or export up to 10 individual properties per day. The export format may change over time.
Only owners and editors can export a property. That export includes the property’s full contents, including its notes, photos, and the email addresses of everyone it is shared with. View-only members can see everything on the property but cannot export it. Giving someone editor access therefore means trusting them with a complete copy of that property’s data. Using personal information from an export (including co-members’ email addresses) for anything other than your own property research is prohibited by our Terms of Service.
Once an export has been downloaded, the file is stored on your own device and is entirely outside our control. We cannot track, recall, or delete it, and we accept no liability for what happens to it after download. If you share, lose, or otherwise allow a downloaded export to be leaked, any information it contains, including other people’s personal information, may be exposed. You are responsible for storing and handling your downloaded exports securely.
7. Data retention and erasure
Your data is retained for as long as your account exists. You can permanently delete your account at any time from Settings. This removes your account, your properties, notes, uploaded photos, document links, saved points of interest, custom research links, and settings from our live systems immediately. Backup copies are overwritten in the ordinary backup cycle (currently up to 7 days). Cached copies held on your own or collaborators’ devices expire separately, as described in section 3. We may also remove accounts that have been inactive for an extended period (for example, more than three years), giving reasonable notice to the account email first where practicable.
Automatic error reports (see section 1) are kept for up to 90 days and then deleted. Feedback you send is kept until we no longer need it, and is stored without your email address. If you delete your account, any of your error reports and stored feedback are unlinked from you immediately.
Notes and photos you have contributed to properties owned by other users remain on those properties after your account is deleted, and are not removed automatically. To other members they are no longer identified as yours: your email is removed and your notes and photos are shown as coming from “Deleted member”, though the content you wrote stays as you left it. We keep an internal reference (not visible to other members) so we can still find and erase these if you ask. They remain on those properties unless you ask us to erase them.
This applies to the shared notes, photos, and checklist entries on the property itself. The note you can add about your own collaboration on a property (described in section 1) is treated differently: it is deleted along with your membership when your account is removed, rather than kept and shown as coming from a deleted member.
You can ask us to remove content you have contributed to other people’s properties, either before or after you delete your account, by contacting us at henry@perched.nz. This is done manually and is not instant. After your account is deleted your activity is shown as “Deleted member” and your email is no longer linked to it, so to find your contributions we may ask you to identify them (for example, your former email address and which properties you added to). It is quicker and more certain if you ask before deleting, but we can still act afterward. We confirm your identity before acting, and may decline or charge for requests that are manifestly unfounded, excessive, or repetitive, as the Privacy Act 2020 permits. Where content is removed, other users see a placeholder indicating that content existed there.
8. Security and data breaches
We take reasonable technical measures to protect your data, including encrypted connections (HTTPS), row-level security on our database, and access controls. However, no system is completely secure. We cannot guarantee that your data will never be accessed, disclosed, altered, or destroyed as a result of a security breach of our systems or those of our third-party providers (in particular Supabase and Vercel).
In the event of a privacy breach that is likely to cause serious harm, we will notify affected users and the Office of the Privacy Commissioner as required by the Privacy Act 2020.
9. Your rights
Under the Privacy Act 2020 you have the right to:
- Ask whether we hold personal information about you
- Request access to that information
- Ask where we obtained it, where that is reasonably practicable
- Request correction of any inaccurate information
- Complain to the Office of the Privacy Commissioner if you believe we have breached the Act
Separately from the Act, you can delete your account and its data at any time from Settings, or contact us to request deletion.
10. Changes to this policy
We may update this policy from time to time. When we make a material change to how we collect or use your information, we will prompt you, in the app, to review and accept the revised policy before you continue using the Service. The “Last updated” date above always reflects the current version.
11. Contact
For any privacy enquiry or request, contact us at henry@perched.nz. For access and correction requests we will respond within 20 working days, as required by the Privacy Act 2020, and may extend that time where the Act permits. Other enquiries are answered within a reasonable time.
Suite 1049
Unit A Level G
26 Hobson Street
Auckland City 1010
New Zealand