Your data, on your terms.

• Your phone number (E.164 format) for sign-in via WhatsApp OTP.
• Your name as you provide it on the registration form.
• Optionally, your email address — only if you choose to provide it.
• The agent flag if you self-identify as a real-estate agent.
• The mortgage scenarios you create: property price, down payment, interest rate, term, nationality category (UAE national / expat), and the resulting computed figures.
• Share-link metadata when you generate one: the link's expiry, view count, and anonymized hashes of viewer IP and user-agent.
• Behavioural events tied to your account (login, logout, scenario save, share create) for security audit and product analytics.

• Your password — we use passwordless WhatsApp OTP, no passwords stored.
• Your raw IP address in long-term storage. IPs are hashed with a daily-rotating salt before persistence.
• Browsing data outside Mortdan (no third-party trackers, no advertising pixels).
• Payment information — Mortdan doesn't process payments.

• To verify your phone number when you register or sign in.
• To compute and persist the mortgage scenarios you save.
• To enable share links you explicitly create.
• To pass relevant data to GoHighLevel (Yazdan Properties' CRM) so a mortgage specialist can follow up if you save a scenario or request pre-approval. You can request a do-not-contact tag at any time.
• To detect and prevent abuse (rate limiting, fraud detection).

• Postgres on Neon — primary store for user records, scenarios, share links. EU-region.
• Upstash Redis — short-term storage for OTP envelopes (10-minute TTL), rate-limit counters, replay-prevention ledgers.
• 360Dialog — WhatsApp message delivery for OTP codes. Your phone number passes through their service for the duration of the message.
• GoHighLevel — Yazdan Properties' CRM, EU-region, when you opt in by saving a scenario.
• Vercel — application hosting. Request logs retain for 14 days with phone numbers redacted to last-2-digit masks.

• Access: see everything we have on you. Visit Profile → Export my data, or call GET /api/v1/auth/me/export.
• Erasure: delete your account immediately. Visit Profile → Delete account, or call DELETE /api/v1/auth/me. Your account is soft-deleted instantly, hard-deleted after 30 days. During the 30-day window you can still export your data and we can recover the account if you change your mind — email privacy@yazdanproperties.example.
• Rectification: update your name or email by contacting us.
• Objection / withdrawal of consent: withdraw consent to data processing at any time. Note that removing consent for OTP delivery means you can no longer sign in.

• Active accounts: indefinitely while you use the service.
• Deleted accounts: 30 days, then hard-deleted.
• Audit logs: 12 months online, then archived to encrypted JSONL.
• OTP attempt telemetry: 90 days.

• All data in transit uses TLS 1.3. HSTS preloaded on production domain.
• Session tokens are httpOnly + Secure + SameSite=Lax cookies.
• OTP codes stored as HMAC-SHA256 hashes only — never plaintext.
• 5-attempt lockout per OTP issuance.
• We follow the OWASP ASVS Level 2 baseline. Independent review summary on request.

Questions, complaints, or right-to-erasure requests: privacy@yazdanproperties.example.

Mortdan is operated by Yazdan Properties (UAE). For UAE PDPL escalation contact the UAE Data Office.