opndoor
Login Book a demo
Legal · Document 01 of 03

Privacy Policy.

How OPNDOOR SERVICES LTD collects, uses, shares and looks after personal data when you apply for an opndoor guarantor, hold one, are guaranteed by one, or interact with our website. Written under the UK GDPR and the Data Protection Act 2018, in plain English.

RefOPN-LEG-PRV Versionv1.1 StatusIn force

This notice covers the entire relationship someone may have with opndoor, from a casual website visit to a fully approved twelve-month guarantor cover. Where one section applies only to a particular audience — tenants, letting agents, operators or partners — we say so at the top of that section.

01Who we are and how to reach us

opndoor is the trading name of OPNDOOR SERVICES LTD, a private limited company incorporated in England and Wales (company number 16483111), with its registered office at 128 City Road, London, EC1V 2NX. We are the data controller for the personal data described in this notice unless we tell you otherwise in a particular section.

You can contact us about anything in this document by writing to privacy@opndoor.co or by post at the address above, marked FAO Data Protection. We will acknowledge your message within five working days.

For routine product questions, please use the channels on our contact page; the privacy mailbox is for data-protection matters and tends to be slower for general enquiries.

02Scope of this notice

This notice applies to:

  • visitors to opndoor.co and its subdomains;
  • tenants, students and other applicants who apply for an opndoor guarantor, whether the application is approved, declined or withdrawn;
  • landlords, letting agents, build-to-rent operators and PBSA teams who refer applicants to opndoor or who consume our outputs in their lettings workflow;
  • introducers, brokers and other commercial partners; and
  • journalists, investors and members of the public who interact with our editorial, contact forms, demo bookings or hiring pages.
Note Where you apply for cover through a letting agent's or operator's portal that itself collects information from you, that organisation is a separate controller for the information they collect from you, and their own privacy notice applies to that handling. opndoor is the controller for the information we receive and for everything we do with it from that point onwards.

03The personal data we hold

The categories below are the maximum we may hold for an individual. The specific data we collect for any one person depends on the route they take and the decision we are making.

Identity & contact

Full name, preferred name, date of birth, nationality, residency status, photograph from a verification document, email address, mobile and landline numbers, current and previous UK addresses, address abroad if relevant.

Identity verification & right to rent

Document type, document number, issuing authority, expiry, scan or photo of the document, biometric facial-similarity result and liveness result returned by our identity verification supplier, and any share-code or status check returned by the Home Office for right-to-rent purposes where the agent or operator passes that to us.

Affordability, credit & financial

Stated annual income, employer or institution, role, start date, savings balance evidence, sponsor or scholarship documentation, payslips, bank statements you upload, the result of an open-banking categorisation if you choose that route, credit-bureau outputs (credit score, public-record summary, address links and CIFAS markers as applicable), self-declared CCJs or insolvency, and anti-money-laundering checks.

Tenancy & property

Property address, agent or operator, monthly rent, tenancy start date, expected length, fellow tenants where they are part of the same household for affordability, deposit-replacement product details where applicable, and any landlord or operator reference number we use for the file.

Guarantor performance

Whether cover was issued, when, the cover limit, any rent shortfall or arrears we are asked to cover under the policy, claims paid, recoveries pursued and the status of any account we hold with you after a payout.

Communications

The content of emails, SMS, in-app messages and recorded calls between us, plus the metadata that goes with them. We record telephone calls into our service line for training, complaint-handling and quality monitoring; we tell you at the start of the call.

Device, technical & usage

IP address, approximate location derived from IP, device and browser type, operating system, pages viewed, referring URL, timestamps and error logs from your interactions with our website and any logged-in product. See our Cookies Notice for the named identifiers involved.

Special-category & criminal-conviction data

We do not seek out special-category data (for example health or biometric data beyond facial similarity) and we ask you not to volunteer it. Where it is unavoidable — for example a brief reference to health in a written explanation of an arrears event — we hold it under the substantial-public-interest condition in Schedule 1 of the Data Protection Act 2018, only for the period needed to handle that matter.

04Where we get it from

  • From you directly — when you fill in a form, upload a document, write to us, book a demo or pick up the phone.
  • From a letting agent, BTR operator or PBSA team — when they refer you for guarantor cover, with the data fields they have lawfully obtained from you.
  • From our identity, credit and open-banking suppliers — when they return checks we have asked them to run on the documents and data you have given us.
  • From your previous landlord or agent — where we have your consent to verify a tenancy reference.
  • From public sources — for example Companies House, the Insolvency Service register and the Land Registry, where relevant to a particular case.
  • Automatically from your device — through our website, in line with our Cookies Notice.

05Why we use it & the lawful bases we rely on

The table below shows the main purposes and the UK-GDPR lawful basis we rely on for each. Where the basis is legitimate interests, we have carried out a balancing test and we will share the result on request.

Purpose Lawful basis What this looks like in practice
Deciding whether to offer cover Performance of a contract; legitimate interests in running a documented eligibility process Identity, credit and affordability checks; review of the file by a human assessor; issuing or declining a quote.
Issuing & administering cover Performance of a contract Generating the certificate, communicating with the agent/operator, holding the file for the cover term.
Handling claims & recoveries Performance of a contract; legitimate interests in protecting our position Investigating arrears, paying the landlord under the cover, recovering from the tenant where due.
Anti-fraud, AML & sanctions screening Legal obligation; substantial public interest under Sch. 1 DPA 2018 Sanctions, PEP and CIFAS checks; reporting suspicious activity where required.
Service operations & security Legitimate interests in keeping our systems available, secure and auditable Logging, backups, fraud monitoring, incident response.
Customer service & complaints Performance of a contract; legitimate interests; legal obligation Answering questions, fixing mistakes, recording and resolving complaints.
Improving our product & eligibility framework Legitimate interests in improving outcomes and reducing decline rates Aggregated, de-identified analysis of approval and arrears patterns.
Marketing to professional customers (B2B) Legitimate interests; soft opt-in where we already have a relationship Newsletters and product notes for letting agents, operators and partners. You can opt out at any time.
Marketing to individual tenants Consent Newsletter sign-up on the public site or in-product opt-in. You can withdraw consent at any time.
Compliance with regulators & courts Legal obligation Responding to lawful requests from the ICO, HMRC, the police and the courts.

06Who we share it with

We do not sell personal data. We share it only with the categories of recipient set out below, and only to the extent necessary for the purpose.

  • The letting agent, operator or PBSA team who referred your application — to confirm the decision, the cover limit and any conditions.
  • The landlord or property provider named on the tenancy — to evidence cover and to handle demands made on the cover.
  • opndoor's professional indemnity insurer and that insurer's reinsurers, handlers and lawyers — where we need to make a claim under our own business indemnity arrangements to support our cover commitments. opndoor is the insured under those arrangements; you are not a party to them.
  • Identity, credit, open-banking, sanctions and CIFAS suppliers as our processors, on documented terms.
  • Cloud, payment, communications, analytics and IT-security suppliers as our processors.
  • Professional advisers — auditors, lawyers, accountants — under their own duties of confidentiality.
  • Regulators, law-enforcement and the courts where we are required by law to disclose.
  • An acquirer or successor in the event of a sale, merger or restructure of opndoor's business, subject to equivalent confidentiality undertakings.

A current list of our material processors and named third-country recipients is available on request from the privacy mailbox.

07International transfers

We process personal data in the United Kingdom by default. A small number of our suppliers process data in the European Economic Area, the United States or other third countries. Where that happens, we rely on one of:

  • an adequacy regulation made by the Secretary of State (for example the EEA, or the UK extension to the EU–US Data Privacy Framework where the importer is certified);
  • the UK International Data Transfer Agreement, or the EU Standard Contractual Clauses with the UK Addendum; or
  • another lawful safeguard recognised under Article 46 UK GDPR.

We carry out a transfer risk assessment for each material recipient, and we publish the outcome in summary on request.

08How long we keep it

We keep personal data only for as long as we need it for the purpose we collected it for, and to comply with our legal and regulatory duties. The default schedule is:

  • Application data, where cover was not issued — 12 months from the decision, then deleted from production systems and held in encrypted backup for a further six months.
  • Application & cover data, where cover was issued — for the term of the cover plus seven years, to evidence the cover and to handle complaints, claims and any regulatory file review.
  • Claims, recoveries & arrears files — seven years from the closure of the matter.
  • Anti-money-laundering records — five years from the end of the business relationship, in line with the Money Laundering Regulations.
  • Marketing preferences & suppression lists — indefinitely, so we can honour your opt-out.
  • Website analytics — see our Cookies Notice.
  • Recorded calls — 24 months, longer where a complaint or claim is open.

Where we anonymise data for product analysis — by stripping identifiers and aggregating — we may keep the resulting dataset for longer, because it is no longer personal data.

09Automated decisions & profiling

opndoor's eligibility framework runs an initial automated assessment that scores each application on identity, affordability and credit. The output of that assessment can:

  • auto-approve a clearly in-policy application;
  • send a clearly out-of-policy application to a documented decline; or
  • route an application that needs judgement to a human assessor.

Where the result is a decline, that decision is reviewed by a human assessor before it is communicated, and you have the right to ask for the reasons, to give us your point of view and to ask for the decision to be reconsidered. Write to privacy@opndoor.co or use the appeal route in the decline message.

We do not use the data we hold for behavioural advertising, and we do not run profiling that has a legal or similarly significant effect on you outside the eligibility process described here.

10How we protect it

We run a documented information-security programme that covers access control, encryption in transit and at rest, supplier due diligence, vulnerability management, incident response and staff training. Access to live application data is on a least-privilege basis and is logged. We test our public surfaces regularly and we run a responsible-disclosure route for security researchers at security@opndoor.co.

If a personal-data breach is likely to result in a risk to your rights and freedoms, we will tell you and the ICO within the timeframes the UK GDPR requires.

11Your rights under the UK GDPR

You have the right to:

  1. be informed about how your data is used (this notice);
  2. access a copy of the data we hold about you;
  3. have inaccurate data corrected;
  4. ask for data to be erased, where one of the grounds in Article 17 applies;
  5. ask us to restrict processing while a question is resolved;
  6. port data you have given us to another controller in a structured, machine-readable form, where the processing is based on consent or contract and is carried out by automated means;
  7. object to processing based on legitimate interests, including direct marketing;
  8. not be subject to a decision based solely on automated processing that has a legal or similarly significant effect on you, except in the limited cases the law allows; and
  9. withdraw consent at any time where consent is the lawful basis.

Send a request to privacy@opndoor.co. We will respond within one calendar month, extendable by up to two further months for complex requests, and we will tell you if we extend. We may need to verify your identity first, in proportion to the sensitivity of the request.

12Marketing & preferences

For tenants and other individuals, we send marketing only where you have opted in, and you can opt out at any time using the unsubscribe link in the footer of our emails or by writing to the privacy mailbox.

For letting agents, operators and other professional contacts, we may send service notes, product updates and editorial under the legitimate-interests basis or the soft opt-in regime in PECR. You can opt out the same way.

We do not run third-party adtech on signed-in product surfaces. The only marketing-related identifiers on the public site are those listed in the Cookies Notice, and they fire only after consent.

13Cookies & analytics

The cookies and similar technologies we use, what each one does and how long it lasts are listed in the Cookies Notice. You can change your choices at any time from the Cookie settings link in the website footer.

14Children

opndoor is a guarantor service for adults who can lawfully enter into a tenancy. We do not knowingly collect personal data from anyone under 18 in connection with a guarantor application. If you believe we hold data about a child, please write to the privacy mailbox and we will delete it.

15Changes to this notice

We review this notice at least once a year and whenever we make a change to our processing that affects you. Material changes are flagged at the top of this page for at least 30 days and, where you have an active cover or pending application, by email. The version number and effective date in the document header always reflect the latest version.

16Complaints & the ICO

We would prefer to fix any issue ourselves. Please write to privacy@opndoor.co in the first instance, and we will work through it with you under our complaints procedure.

If you are not satisfied with our response, you have the right to complain to the Information Commissioner's Office, the UK supervisory authority for data protection. The ICO is at Wycliffe House, Water Lane, Wilmslow, Cheshire SK9 5AF, on 0303 123 1113, or at ico.org.uk. You can complain to the ICO at any time, but we would appreciate the chance to address your concern first.

Data protection contact

Write to us

OPNDOOR SERVICES LTD
FAO Data Protection
128 City Road, London, EC1V 2NX

privacy@opndoor.co

Sister documents

Read alongside

Terms of Service — the contract under which we provide cover.

Cookies Notice — what fires on the website, and what you can switch off.