Nutzungsbedingungen

Nutzungsbedingungen


Privacy Policy



Last updated: March 12, 2026


Welcome to the privacy policy of athaus.ai.

This policy explains what data we collect, why we collect it, and what rights you have regarding your personal data.


Owner and Data Controller


Andrual Technologies UG

Torstraße 166

10115 Berlin

Germany


Website:

https://www.athaus.ai


Types of Data Collected


We collect the following categories of data:


Account Information


Name, email address, phone number, and business details such as company name, team size, and role provided during registration and onboarding.


Business Data


Information you enter into the platform including contacts, properties, leads, deals, documents, and notes.


Usage Data


Technical information such as IP address, browser type, device information, and usage patterns collected automatically to improve our services.


Google User Data


When you connect your Google account, we access specific Google data with your explicit consent. Full details are provided in the Google User Data section below.



Mode and Place of Processing the Data


Data is processed at the Owner’s operating offices and on Google Cloud Platform infrastructure located in the European Union.


Data is transmitted using TLS 1.2+ encryption.

For any transfers outside the EU, appropriate safeguards under GDPR are applied.



The Purposes of Processing


We process your data for the following purposes:


  • Providing, maintaining, and improving the CRM platform

  • Managing real estate transactions, contacts, properties, and deals

  • Sending notifications related to your account and CRM activity

  • Generating AI-powered insights, property descriptions, email drafts, and meeting preparation

  • Synchronizing email, calendar, contacts, and files when you connect third-party accounts (e.g., Google)

  • Ensuring security and preventing unauthorized access

  • Analytics and service improvement



Google User Data


When you connect your Google account to our platform, we request access to specific Google services with your explicit consent.


Our handling of Google user data complies with the Google API Services User Data Policy, including the Limited Use requirements.



What Google Data We Access


With your authorization, we may access the following Google user data:


  • Google Account Information

    Email address and profile name used for authentication and account identification.

  • Gmail

    Email messages, drafts, and labels used to synchronize your communications inside the CRM.

  • Google Calendar

    Calendar events and schedules used to display, create, and manage appointments and generate AI-powered meeting insights.

  • Google Contacts

    Saved contacts and interaction-based contacts used to import and enrich CRM contact records.

  • Google Drive

    Files created or uploaded through the CRM used for document management and property file organization.




How We Use Google Data


Google user data is used solely to provide CRM functionality:


  • Authenticating your identity and maintaining your session

  • Synchronizing emails so you can read and send messages within the CRM

  • Displaying and managing calendar events and generating AI meeting briefs

  • Importing Google Contacts into the CRM

  • Storing and organizing property-related documents and media files in Google Drive



We do not use Google user data for advertising, user profiling, or market research.


Google Data Sharing, Transfer, and Disclosure



We do not sell, rent, or trade Google user data.


Google user data may only be shared in the following limited cases:



AI Processing


Email and calendar data may be processed by AI services hosted on Google Cloud Vertex AI to generate meeting briefs, email drafts, and task suggestions.

Data is processed in real time and is not retained by the AI service.



Infrastructure Providers


We use Google Cloud Platform for hosting, storage, and compute. Data remains within Google’s infrastructure.



Legal Obligations


Data may be disclosed if required by law, regulation, subpoena, or court order.


We do not transfer Google user data to unrelated third parties.




Google Data Protection Mechanisms


We implement multiple security measures to protect your Google user data.



Encryption in Transit


All communication between your browser, our servers, and Google APIs uses TLS 1.2 or higher.



Encryption at Rest


Google OAuth tokens and credentials are encrypted using Fernet symmetric encryption before being stored in our database.



Least-Privilege Access


We request only the minimum OAuth scopes required for each feature.



Tenant Isolation


Our multi-tenant architecture enforces strict row-level isolation so organizations cannot access each other’s data.



Token Revocation


You can disconnect your Google account at any time. This immediately revokes access tokens and deletes stored credentials.



Audit Logging


All data access operations are logged for monitoring and incident response.



Access Controls


Only authenticated users within your organization can access connected Google data. Administrative access is restricted and logged.


Our use and transfer of information received from Google APIs complies with the Google API Services User Data Policy, including the Limited Use requirements.



Services Using Personal Data



We use the following third-party services:


  • Google Analytics — website usage insights and service improvement

  • Google Cloud Platform — hosting, storage, and infrastructure

  • Google APIs (Gmail, Calendar, Contacts, Drive) — CRM integrations

  • LinkedIn — social profile enrichment and advertising

  • Calendly — appointment scheduling



Each service operates under its own privacy policy.

We only share the minimum data required for functionality.



Legal Basis for Processing and GDPR Rights


Data is processed in accordance with GDPR under the following legal bases:


  • Consent — connecting third-party accounts and optional features

  • Contract Performance — providing the CRM service

  • Legitimate Interest — security, fraud prevention, and service improvement



Under GDPR you have the right to:


  • Access your personal data

  • Correct inaccurate data

  • Delete your personal data (“right to be forgotten”)

  • Restrict or object to processing

  • Request data portability

  • Withdraw consent at any time


To exercise these rights, please contact us.



Cookies and Tracking


We use cookies and tracking technologies to improve the service.


These include:


  • Essential cookies for authentication and session management

  • Analytics cookies such as Google Analytics



You can manage or disable cookies via your browser settings or our cookie preferences.



Definitions and Legal References



Terms such as Personal Data, Data Subject, Processing, Controller, and Processor follow the definitions established in the General Data Protection Regulation (EU) 2016/679 (GDPR).



Contact


For any privacy inquiries or data requests:


Andrual Technologies UG

Torstraße 166

10115 Berlin

Germany


Website

https://www.athaus.ai

Starte richtig durch als moderner KI Makler

Starte jetzt durch als

moderner KI Makler

Starte jetzt durch als

KI Immobilienmakler

Starte jetzt durch als

KI Immobilienmakler

Starte richtig durch als
KI Immobilienmakler

Starte richtig durch als
KI Immobilienmakler

Mehr als KI für Real Estate: Athaus AI schenkt Maklern Freiheit, versorgt sie mit Leads und unterstützt schnelles Wachstum ohne Limits.

Mehr als KI für Real Estate: Athaus AI schenkt Maklern Freiheit, versorgt sie mit Leads und unterstützt schnelles Wachstum ohne Limits.

Über uns
Preise
Kontakt
Follow us
LinkedIn

Copyright © 2025. Andrual AI. All rights reserved.

Nutzungsbedingungen

Impressum