Privacy Policy.

1. Who we are

Yuniyo is a residential community platform. Behind the brand sit two registered entities: GRAHMUR OÜ in Estonia (the European entity, which also serves customers in the rest of the world) and GRAHMUR INNOVATIONS PRIVATE LIMITED in India.

For your region (Estonia), the data controller is GRAHMUR OÜ, registered in Tallinn, Estonia. This policy covers the Yuniyo marketing website (yuniyo.com), the Yuniyo platform, and the white-label resident experiences we operate on behalf of developer partners.

2. What we collect

We collect three categories of information:

• Information you give us — your name, email, role, organisation, and anything else you enter on the contact form or provide to us directly.
• Information your building gives us — your unit, your role in the association or society, your payment history inside the platform, your votes, your maintenance requests, and documents you upload.
• Information we collect automatically — the IP address, browser, and approximate country of people visiting our website, plus basic usage analytics. We do not use cross-site tracking cookies.

3. How we use it

Strictly to:

• Operate the platform you signed up for
• Reply to messages you send us
• Comply with legal obligations in the markets we operate in
• Understand how the platform is used in aggregate so we can improve it

We do not sell personal data. We do not share personal data with advertisers. We do not train third-party AI models on your data.

4. Third parties we rely on

We use a small set of carefully chosen sub-processors — infrastructure (Google Cloud, Firebase), payment rails (Razorpay in India, SEPA partners in Europe), email delivery (Resend), and the local digital identity and signature stack of every market we operate in. Each sub-processor is bound by a data processing agreement; the up-to-date list is available on request.

5. Where your data lives

Data for European and rest-of-world customers is processed within the EU. We do not move your data between jurisdictions unnecessarily.

6. How long we keep it

While your account is active, plus a statutory retention period afterwards (typically 7 years for financial records, shorter for everything else). You can request deletion at any time subject to those legal holds.

7. Your rights

Access, correction, deletion, data export, and withdrawal of consent. Under the GDPR you also have the right to lodge a complaint with your local supervisory authority — in Estonia, the Andmekaitse Inspektsioon (AKI). Contact us to exercise any of these rights — we reply within one business day.

8. Cookies

We use a small number of first-party cookies to remember your detected country (so we route you to the right region) and to keep you signed in to the platform. We do not use third-party advertising cookies.

9. Security

We protect data with encryption in transit and at rest, role-based access control, audit logs for every privileged action, and regular backups. Security is treated as foundational infrastructure, not as an optional feature.

10. Changes to this policy

When we change this policy we update the “last updated” date at the top. For material changes we also email registered users.

11. Contact

For questions about this policy, or about the data we hold on you, email privacy@yuniyo.com or use the contact form. Address correspondence to GRAHMUR OÜ in Tallinn, Estonia. We reply within one business day.