RentMetrics

Privacy

Last updated: April 2026

This Privacy Policy describes how DJUMP, MB ("we", "us", or "our"), operating from Lithuania, EU, collects, uses, stores and protects your personal information when you use the RentMetrics website and services ("Service"). We are committed to complying with the General Data Protection Regulation (EU) 2016/679 ("GDPR") and applicable data protection laws.

1. Data controller

The data controller responsible for your personal data is:

DJUMP, MB
Lithuania, EU
Email: start@djump.io

2. Data we collect

We collect the following categories of personal data:

  • Account information: email address, full name, and profile picture (when signing in via Google OAuth).
  • Calculation data: property details, rental income estimates, mortgage parameters, and other inputs you enter into our calculator.
  • Usage data: pages visited, features used, calculator interactions, device type, browser type, IP address, referring URL, and timestamps.
  • Payment information: subscription plan selected, billing history, and payment status. Full payment card details are processed and stored exclusively by Stripe and are never stored on our servers.

3. How we use your data

We process your personal data for the following purposes:

  • Account management: to create and maintain your account, authenticate your identity, and manage your subscription.
  • Service delivery: to provide property investment calculations, save your scenarios, and enable comparison features.
  • Service improvement: to analyse usage patterns, diagnose technical issues, and improve the accuracy and functionality of our Service.
  • Communication: to send transactional emails (account confirmation, password resets, subscription updates) and, where you have opted in, product updates.
  • Legal compliance: to comply with applicable laws, regulations, and legal processes.

The legal bases for processing are: performance of a contract (Art. 6(1)(b) GDPR), legitimate interest (Art. 6(1)(f) GDPR), and your consent where applicable (Art. 6(1)(a) GDPR).

4. Third-party service providers

We share personal data with the following third-party processors:

  • Supabase (database and authentication) — our database is hosted in the EU. Supabase processes account data and saved calculation scenarios.
  • Stripe (payment processing) — processes your payment information for subscription billing. Stripe is PCI DSS Level 1 certified. See Stripe's Privacy Policy.
  • Vercel (hosting and CDN) — hosts our website and processes usage data including IP addresses and request logs.
  • Google (OAuth authentication) — if you choose to sign in with Google, we receive your name, email address, and profile picture from your Google account.

We do not sell, rent, or trade your personal information to third parties for marketing purposes.

5. Cookies

We use the following types of cookies:

  • Essential cookies: required for authentication, session management, and security. These cannot be disabled.
  • Analytics cookies: help us understand how visitors interact with our Service, which pages are most popular, and where users encounter issues. You can opt out of analytics cookies at any time.
  • Preference cookies: store your locale, currency, and display preferences to provide a consistent experience.

You can manage your cookie preferences through our cookie banner or your browser settings.

6. Data retention

We retain your personal data for as long as your account is active or as needed to provide you with the Service. Specifically:

  • Account data: retained until you delete your account or request erasure.
  • Calculation data: retained until you delete your saved scenarios or your account is closed.
  • Usage and analytics data: retained for up to 24 months, then anonymised or deleted.
  • Payment records: retained for up to 7 years as required by applicable tax and accounting laws.

7. Your rights under GDPR

As a data subject under the GDPR, you have the following rights regarding your personal data:

  • Right of access (Art. 15) — you may request a copy of the personal data we hold about you.
  • Right to rectification (Art. 16) — you may request correction of inaccurate or incomplete data.
  • Right to erasure (Art. 17) — you may request deletion of your personal data, subject to legal retention obligations.
  • Right to data portability (Art. 20) — you may request your data in a structured, commonly used, machine-readable format.
  • Right to restriction of processing (Art. 18) — you may request that we limit the processing of your data in certain circumstances.
  • Right to object (Art. 21) — you may object to the processing of your personal data based on legitimate interest.
  • Right to withdraw consent (Art. 7(3)) — where processing is based on consent, you may withdraw it at any time without affecting the lawfulness of prior processing.

To exercise any of these rights, contact us at start@djump.io. We will respond within 30 days.

You also have the right to lodge a complaint with the State Data Protection Inspectorate of Lithuania (vdai.lrv.lt) or the supervisory authority in your country of residence.

8. Data security

We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, alteration, disclosure, or destruction. These include encryption of data in transit (TLS), access controls, and regular security reviews. However, no method of transmission over the internet is 100% secure, and we cannot guarantee absolute security.

9. International data transfers

Your personal data is primarily processed within the European Union. Where data is transferred outside the EU/EEA (for example, to service providers based in the United States), we ensure appropriate safeguards are in place, such as Standard Contractual Clauses approved by the European Commission.

10. Children's privacy

Our Service is not directed to individuals under the age of 16. We do not knowingly collect personal data from children. If we become aware that we have collected data from a child under 16, we will take steps to delete it promptly.

11. Changes to this policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the updated policy on this page and updating the "Last updated" date. We encourage you to review this page periodically.

12. Contact

For questions, concerns, or requests regarding this Privacy Policy or your personal data, please contact us at:

DJUMP, MB
Lithuania, EU
Email: start@djump.io