Privacy Policy

Last updated: 01/12/25

This Privacy Policy explains how Operant Automations (“we”, “us”, “our”) collects, uses, and protects your personal data when you visit our website, interact with our content, or use our services.

We are committed to protecting your privacy and handling your data in a transparent and lawful way, in line with the General Data Protection Regulation (GDPR) and applicable EU and Maltese data protection laws.

1. Who We Are (Data Controller)

Operant Automations Malta-based, serving real estate professionals across Europe.

If you have any questions about this Privacy Policy or how we handle your data, you can contact us at:

Email: bertrand@operantautomations.com

Phone: +356 99333509

For the purposes of data protection law, we are the data controller of your personal data.

2. What Data We Collect

We may collect and process the following categories of personal data:

a) Information you provide directly

Contact details: name, email address, phone number, company/agency name, role.
Booking details: preferred time for calls, time zone, any notes you add when booking a lead conversion audit.
Service-related information: details about your lead volume, tools, workflows, and business context that you share during onboarding or discovery.
Communication data: emails, WhatsApp messages, and other communications you send to us.

b) Data collected automatically (website usage)

Technical data: IP address, browser type, operating system, device information.
Usage data: pages visited, time on page, click paths, referring URLs.
Cookies and similar technologies: used for basic site functionality, analytics, and (if enabled) marketing.

c) Leads processed through our systems (B2B client context)

When we configure and run automation workflows for you as a client, we may process lead data on your behalf, including:

Lead name and contact details (email, phone, messaging handle).
Property enquiry details.
Lead qualification data (budget, timeframe, location preferences, etc.).
Conversation history between the lead and your AI automation.

In these cases, you (the real estate professional/agency) are typically the data controller, and we act as your data processor based on our agreement.

3. Why We Collect Your Data (Purposes & Legal Bases)

We process your personal data for the following purposes and under these legal bases:

a) To provide and manage our services

Booking and conducting lead conversion audits
Designing, deploying, and maintaining automation workflows
Responding to your enquiries and support requests

Legal basis:

Performance of a contract or steps taken at your request before entering into a contract (Art. 6(1)(b) GDPR)
Legitimate interests in operating and improving our business (Art. 6(1)(f) GDPR)

b) To communicate with you

Sending confirmations, updates, and important information about your project
Responding to sales or partnership enquiries

Legal basis:

Performance of a contract (Art. 6(1)(b))
Legitimate interests (Art. 6(1)(f))

c) To improve our website and services

Analysing website usage and performance
Understanding how visitors and clients interact with our pages and content

Legal basis:

Legitimate interests in improving and securing our services (Art. 6(1)(f))

Where required by law (for example, for non-essential cookies or marketing emails), we rely on your consent (Art. 6(1)(a)), which you can withdraw at any time.

d) Marketing (B2B context)

Sending information about our services that may be relevant to your role or business
Retargeting or analytics-based marketing where applicable

Legal basis:

Legitimate interests in promoting our services to relevant business contacts (Art. 6(1)(f))
Consent where required (Art. 6(1)(a))

4. Cookies and Tracking Technologies

We may use cookies and similar technologies to:

Enable core website functionality
Measure site traffic and performance
Improve user experience
Support marketing/retargeting (if enabled)

Where required, you will be given the option to accept or manage non-essential cookies via a banner or settings panel.

You can also control cookies through your browser settings by blocking, deleting, or restricting them.

5. How We Share Your Data

We do not sell your personal data.

We may share your data with:

Service providers / processors who help us operate our website and deliver our services (e.g., hosting providers, analytics tools, scheduling tools, automation platforms such as n8n, communication tools such as email and WhatsApp).
Professional advisers (e.g., legal, accounting) where necessary.
Authorities or regulators where required by law or to protect our legal rights.

When acting as a data processor on behalf of a client, any sharing with third-party tools is done under the instructions of that client and governed by our agreement with them.

All such third parties are required to process personal data securely and only according to our instructions and applicable data protection law.

6. International Data Transfers

Our main operations are based in the European Union (Malta). Some of our service providers may be located outside the EU/EEA.

Where data is transferred outside the EU/EEA, we take appropriate safeguards, such as:

Using providers in countries with an adequacy decision from the European Commission; or
Using Standard Contractual Clauses (SCCs) or equivalent safeguards approved under GDPR.

7. Data Retention

We keep personal data only for as long as necessary for the purposes described in this Policy, including:

For website enquiries: typically up to 24 months after our last interaction, unless we need to keep data longer for legal or contractual reasons.
For client-related data: for the duration of our engagement and a reasonable period thereafter (for example, for invoicing, legal, or backup purposes), usually up to 6–7 years under applicable law.
For leads processed on behalf of clients: as agreed with the client, or until deleted in line with our data processing agreement.

When data is no longer needed, we delete it or anonymise it securely.

8. Your Rights (GDPR)

As a data subject in the EU/EEA, you have the following rights, subject to legal conditions:

Right of access

To know whether we process your data and to receive a copy.

Right to rectification

To correct inaccurate or incomplete data.

Right to erasure ("right to be forgotten")

To request deletion of your data in certain circumstances.

Right to restriction of processing

To limit processing in certain situations.

Right to data portability

To receive your data in a structured, commonly used, machine-readable format where applicable.

Right to object

To object to processing based on legitimate interests or direct marketing.

Right to withdraw consent

Where processing is based on consent, you may withdraw it at any time.

To exercise any of these rights, contact us at:

Email: bertrand@operantautomations.com

We may need to verify your identity before fulfilling your request.

9. Complaints

If you have concerns about how we process your data, we encourage you to contact us first.

You also have the right to lodge a complaint with your local data protection authority. In Malta, this is:

Office of the Information and Data Protection Commissioner (IDPC)

Website: https://idpc.org.mt/

10. Third-Party Links

Our website may contain links to third-party websites or services. We are not responsible for the privacy practices or content of those third parties. We recommend you review their privacy policies separately.

11. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in law, technology, or our services. The updated version will be posted on this page with a new "Last updated" date.

We encourage you to review this page periodically.

12. Contact

For any questions, concerns, or requests regarding this Privacy Policy or your personal data, please contact:

Operant Automations

Email: bertrand@operantautomations.com

Phone: +356 99333509

Home Privacy Policy