This policy explains what personal data Rental Trust collects, how long we retain it, and the legal basis for each retention period — in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.
Last Reviewed
22 April 2026
Next Review Due
22 April 2027
Privacy Improvement — April 2026
Rental Trust no longer collects or stores household composition data (family structure descriptions such as "2 adults, 1 child"). This field has been permanently removed from our platform. Any previously stored household composition data has been deleted from our database. Only a neutral household size (person count) is retained where provided by the tenant.
Rental Trust Ltd ("we", "us", "our") is the data controller for all personal data processed through the Rental Trust platform at www.rentaltrust.co.uk. This Data Retention Policy applies to all personal data we hold about tenants, landlords, letting agents, and visitors to our platform.
Under UK GDPR Article 5(1)(e), personal data must not be kept in a form that permits identification of data subjects for longer than is necessary for the purposes for which the data is processed (the storage limitation principle). This policy sets out our retention periods for each category of personal data and the legal justification for each period.
For questions about this policy or to exercise your data rights, contact our Data Protection Officer at [email protected].
The following categories of data were previously collected but have been permanently removed from our platform as part of our ongoing privacy improvement programme. We do not collect, store, or process this data in any form.
| Removed Data Field | Description | Date Removed | Reason |
|---|---|---|---|
| Household Composition Description | Free-text description of family structure (e.g. "2 adults, 1 child", "single professional"). This field was displayed on tenant profiles visible to landlords and agents. | April 2026 | Privacy concern — family composition details are not necessary for tenancy referencing and could facilitate indirect discrimination. All previously stored values have been permanently deleted. |
Note on household size: We continue to collect a neutral household size (a simple integer, e.g. "2 persons") where voluntarily provided by the tenant. This is a count only — it contains no information about the age, relationship, or family structure of the occupants.
Tenant profiles are created voluntarily by tenants seeking to present their rental credentials to prospective landlords and agents. The table below details each data field, whether it is mandatory or optional, and the applicable retention period.
| Data Field | Required / Optional | Retention Period | Legal Basis |
|---|---|---|---|
| Full name | Required | Duration of active profile + 30 days after deletion | Contract performance |
| Email address | Required | Duration of active profile + 30 days after deletion | Contract performance |
| Phone number | Required | Duration of active profile + 30 days after deletion | Contract performance |
| Current address | Required | Duration of active profile + 30 days after deletion | Contract performance |
| Nationality | Optional | Duration of active profile + 30 days after deletion | Consent |
| Household size (person count only) | Optional | Duration of active profile + 30 days after deletion | Consent |
| Household composition description | REMOVED — no longer collected | N/A — all prior data deleted April 2026 | N/A |
| Employment status & length | Optional | Duration of active profile + 30 days after deletion | Consent |
| Income range (band only) | Optional | Duration of active profile + 30 days after deletion | Consent |
| Gross annual income (for affordability indicator) | Optional | Duration of active profile + 30 days after deletion | Legitimate interests |
| Target monthly rent (for affordability indicator) | Optional | Duration of active profile + 30 days after deletion | Legitimate interests |
| Profile photo | Optional | Duration of active profile + 30 days after deletion | Consent |
| Identity document (Right to Rent) | Optional | Minimum 12 months after tenancy end (legal obligation) | Legal obligation |
| Income proof document | Optional | Duration of active profile + 30 days after deletion | Consent |
| Personal summary | Optional | Duration of active profile + 30 days after deletion | Consent |
| University / educational institution | Optional | Duration of active profile + 30 days after deletion | Consent |
| Data Field | Retention Period | Legal Basis |
|---|---|---|
| Full name, email, phone | Duration of active account + 30 days after closure | Contract performance |
| Hashed password | Duration of active account + 30 days after closure | Contract performance |
| Unlock history (which profiles were accessed) | 7 years from transaction date | Legal obligation (tax/accounting) |
| Unlock credit balance | Duration of active account + 30 days after closure | Contract performance |
| Favourited profiles | Duration of active account + 30 days after closure | Legitimate interests |
| Login activity logs | 90 days | Legitimate interests (security) |
| Data Field | Retention Period | Legal Basis |
|---|---|---|
| Agency name, contact name, email, phone | Duration of active account + 30 days after closure | Contract performance |
| Business address and location | Duration of active account + 30 days after closure | Contract performance |
| Hashed password | Duration of active account + 30 days after closure | Contract performance |
| Subscription and billing records | 7 years from transaction date | Legal obligation (tax/accounting) |
| Tenant access history | 7 years from transaction date | Legal obligation (tax/accounting) |
| Login activity logs | 90 days | Legitimate interests (security) |
All payment processing is handled by Stripe, a PCI-DSS Level 1 certified payment processor. Rental Trust does not store full card numbers, CVV codes, or raw bank account details. We retain only the metadata necessary for accounting, dispute resolution, and legal compliance.
| Data | Retention Period | Legal Basis |
|---|---|---|
| Transaction amount, date, and reference | 7 years | Legal obligation (HMRC / Companies Act 2006) |
| Stripe customer ID and payment intent ID | 7 years | Legal obligation |
| Subscription plan and billing cycle | 7 years | Legal obligation |
| Refund and chargeback records | 7 years | Legal obligation |
| Card last 4 digits (for display only) | Duration of active account + 30 days | Contract performance |
When a complaint is submitted through our formal complaints procedure, we create a complaint record with a unique reference number (format: RT-YYYY-NNNN). This record is retained to allow us to investigate, respond, and demonstrate compliance with our complaints handling obligations.
| Data | Retention Period | Legal Basis |
|---|---|---|
| Complaint reference number and submission date | 6 years from resolution | Legitimate interests (legal defence) |
| Complainant name and contact details | 6 years from resolution | Legitimate interests (legal defence) |
| Complaint description and category | 6 years from resolution | Legitimate interests (legal defence) |
| Internal notes and assignee records | 6 years from resolution | Legitimate interests (legal defence) |
| Status history and resolution outcome | 6 years from resolution | Legitimate interests (legal defence) |
| Data | Retention Period | Legal Basis |
|---|---|---|
| Transactional email logs (sent/delivered status) | 90 days | Legitimate interests (debugging, delivery confirmation) |
| Support email correspondence | 3 years from last contact | Legitimate interests (dispute resolution) |
| Marketing email consent records | Until consent withdrawn + 3 years | Legal obligation (PECR compliance) |
| In-platform messages between tenants and landlords | Duration of active accounts + 30 days | Contract performance |
| Data | Retention Period | Legal Basis |
|---|---|---|
| Server access logs (IP address, request path, timestamp) | 90 days | Legitimate interests (security, fraud prevention) |
| Authentication event logs (login attempts, failures, lockouts) | 90 days | Legitimate interests (security) |
| Session tokens | Until session expiry or logout | Contract performance |
| Cookie consent records | Until consent withdrawn + 3 years | Legal obligation (PECR) |
| Analytics data (anonymised, aggregated) | Indefinite (no personal identifiers) | Legitimate interests |
When a retention period expires, or when a valid erasure request is received, personal data is deleted or anonymised using the following procedures:
When a user requests account deletion, their profile data is flagged for deletion and permanently removed within 30 days. Payment records required for legal compliance are anonymised rather than deleted.
Log data and session tokens are automatically purged on a rolling basis according to the retention periods above. No manual intervention is required.
Erasure requests are processed within 30 days. Where data must be retained for legal reasons (e.g. payment records), we will inform you of the applicable legal obligation.
Where deletion is not possible due to legal obligations, we anonymise data by removing all direct and indirect identifiers, so the remaining record cannot be linked back to any individual.
Under UK GDPR, you have the right to access, correct, delete, restrict, or port your personal data. You may also object to processing based on legitimate interests. To exercise any of these rights, contact:
Data Protection Officer
[email protected]We will acknowledge your request within 5 working days and respond in full within 30 calendar days. Complex requests may be extended by a further 60 days, in which case we will notify you.
You also have the right to lodge a complaint with the Information Commissioner's Office (ICO) at ico.org.uk or by calling 0303 123 1113.
We review this Data Retention Policy at least annually and whenever there is a material change to our data processing activities. When we make significant changes, we will notify registered users by email and update the "Last updated" date at the top of this page. Continued use of the platform after notification constitutes acceptance of the revised policy.
We use cookies to enhance your experience, analyse site traffic, and serve personalised content. You can accept all, reject all, or customise your preferences below.