Siftt LogoSiftt.AI
← Back to HomeTerms of Service →

Siftt AI Ltd. Privacy Policy

Last Updated: January 2026

1. Introduction

Siftt AI Ltd. ("Siftt," "we," "us," or "our") is committed to protecting your privacy. This Privacy Policy explains what personal data we collect from users of our Service, how we use and share that data, and the rights and choices you have regarding your personal information. This Policy applies to all personal information collected through our website, the Siftt platform and related services, and any other interactions you have with Siftt in connection with our Service (collectively, the "Services").

It is designed to comply with applicable privacy laws, including the European Union General Data Protection Regulation ("GDPR"), the United Kingdom GDPR ("UK GDPR"), the Israeli Protection of Privacy Law (5741-1981) and regulations thereunder, and U.S. state privacy principles (such as the California Consumer Privacy Act, to the extent applicable). We operate in Israel, which the European Commission has recognized as providing an adequate level of data protection essentially equivalent to EU standards.

By using the Services, you acknowledge that you have read and understood this Privacy Policy. If you do not agree with our practices, please do not use the Services. We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements. If we make material changes, we will notify you by updating the "Last Updated" date above and, if required, through additional notice (such as on our website or via email). Your continued use of the Services after any update signifies your acceptance of the revised Privacy Policy.

2. Personal Information We Collect

We collect personal information from and about users in a few different ways. The types of information we collect depend on how you interact with our Services. Generally, we may collect information: (a) that you provide to us directly, (b) automatically as you use our Services, and (c) from third parties.

Information You Provide to Us

When you create an account or use Siftt's features, you provide certain personal information to us. This may include:

  • Account Registration Data: When you sign up, we ask for information such as your name, email address, and password. We may also collect your company or organization name and your role/title if you provide it (especially if you're using Siftt for business purposes).
  • Contact Information: If you fill out a form on our website, request customer support, or communicate with us (via email or chat), we collect the information you choose to provide, such as your name, email address, phone number, or mailing address. We will also collect the content of your communications and any additional information you provide.
  • Payment Information: If you purchase a subscription or any paid feature, our third-party payment processor (e.g., Stripe or similar) will collect your payment card details and billing information. Siftt itself does not store full credit card numbers. We may receive limited information from the payment processor, such as a billing address, the last four digits of your card, or a confirmation that payment was made.
  • Real Estate Deal Data: Through your use of the Service, you may upload real estate deal documents or data. This might include property addresses, financial figures, tenant or owner information, images, or other data relevant to the deal. To the extent any of this data is personally identifiable (e.g., a property owner's name or contact info embedded in a document), it will be considered personal data that you have provided. Please ensure that you have the right to share any personal information of third parties when you upload such deal data.
  • Feedback and Surveys: If you respond to surveys, provide feedback or product reviews, or participate in promotions, we will collect any information you choose to provide.

Information Collected Automatically

When you use our Services, we (or our service providers) automatically collect certain technical and usage information. This includes:

  • Usage Data: Details of your use of the Service, such as the features you use, pages or screens you view, the time and date of your visits, the links you click, and the actions you take.
  • Device and Log Information: We collect information about the device and browser you use to access the Service. This may include your IP address, device type, operating system version, browser type, language preferences, and unique device identifiers.
  • Cookies and Similar Technologies: Siftt uses cookies and similar tracking technologies (such as web beacons and pixels) to recognize you and collect information about your interactions with our Services. Cookies are small text files stored on your device that help us remember your preferences, understand usage patterns, and customize our content.
  • Location Information: We do not "track" your precise GPS location, but we might infer your general location (e.g., city or country) from your IP address or from the addresses you input for deals.

Information from Third Parties

We may receive personal information about you from third parties in the following scenarios:

  • Service Providers: If you make payments, we receive information from our payment processor confirming your payment and providing basic details. If we use authentication providers (for example, "Sign in with Google"), we may receive your name and email from such service in order to log you in.
  • Analytics Partners: We may use analytics partners (like Google Analytics) which may provide us aggregated demographic or preference data about our user base as a whole. This data does not identify individual users directly.
  • Public Sources or Business Partners: If you interact with Siftt on social media platforms, we may receive basic account information from the social media platform under their rules.

3. How We Use Your Personal Information

We use personal information for the following purposes, and pursuant to the following legal bases (where GDPR/UK GDPR applies):

  • To Provide and Maintain the Service: We process your personal data to authenticate you, allow you to log in and use the Service, and to enable core features such as uploading deals, performing analyses, and managing your workflow. Legal basis: Performance of our contract with you (Art. 6(1)(b) GDPR).
  • Customer Support and Communications: We use your contact information and any information you provide in your requests to respond to your inquiries, troubleshoot issues, and provide technical support. Legal basis: Legitimate interests (Art. 6(1)(f) GDPR).
  • Service Improvements and Research: We analyze usage data and feedback to understand how our Services are used and to improve them. This includes debugging, data analysis, testing, research, and developing new features. Legal basis: Legitimate interests (Art. 6(1)(f) GDPR).
  • Marketing and Promotional Communications: With your consent where required, we may use your email or other contact info to send you newsletters, product updates, special offers, or other marketing communications. You can opt out at any time. Legal basis: Consent (Art. 6(1)(a) GDPR) or legitimate interests where allowed by law.
  • Compliance and Legal Obligations: We may process personal data as necessary to comply with our legal obligations, such as maintaining proper business records, handling data subject requests, or responding to lawful requests by public authorities. Legal basis: Legal obligation (Art. 6(1)(c) GDPR) and legitimate interests (Art. 6(1)(f)).
  • Business Transfers: If we engage in a merger, acquisition, financing due diligence, reorganization, bankruptcy, or sale of company assets, your personal information may be transferred as part of such a transaction. Legal basis: Legitimate interests.

We do not engage in any automated decision-making or profiling that produces legal effects or similarly significant effects on you.

4. How We Share Your Information

We understand that your personal information is important, and we only share it with others in certain circumstances. We do not sell your personal information to data brokers or third parties for their own marketing purposes. The categories of recipients are:

  • Service Providers ("Processors"): We share personal information with third-party companies that provide services to us, including hosting and infrastructure (such as AWS or Azure), payment processors (e.g., Stripe), email and communication tools, analytics services, and other software tools. These providers process data on our behalf and under our instructions, consistent with this Privacy Policy and applicable law.
  • Business Partners and Integrations: If Siftt offers integrations with third-party services or you choose to use third-party plugins, we will share data with those third parties at your direction.
  • Affiliates: We may share your information with our current or future affiliates. Any affiliate will be bound to treat your information in accordance with this Policy.
  • Legal and Compliance: We may disclose personal information to courts, law enforcement, regulatory authorities, or other competent bodies when we believe disclosure is necessary to comply with applicable law, enforce our Terms, detect or prevent fraud, or protect rights, property, or safety.
  • Business Transfers: If Siftt is involved in a corporate transaction such as a merger, acquisition, or sale of assets, your information may be transferred to the successor.
  • With Your Consent: Apart from the cases listed above, we will share your personal information with third parties only with your consent or at your explicit direction.

No Selling of Personal Data: We do not sell or rent your personal data to third-party companies for their independent marketing or commercial purposes.

5. International Data Transfers

Siftt is based in Israel, and our Service is accessible to users around the world. That means your personal information may be transferred to, and stored on, servers located in countries outside of your own. Specifically, user data is likely stored in data centers located in Israel or other jurisdictions, such as the United States or the European Union.

For individuals in the European Economic Area (EEA), United Kingdom, or Switzerland: Israel is recognized by the European Commission as providing an adequate level of data protection for personal data transferred from the EU. If we transfer your data from the EEA/UK to any other country not deemed "adequate" by regulators, we will ensure a valid transfer mechanism is in place, typically using the European Commission's Standard Contractual Clauses (SCCs) or UK International Data Transfer Agreement/Addendum as applicable.

By using the Service or providing us information, you consent to the transfer of your personal data to Israel and to any other country in which we or our service providers maintain facilities (subject to applicable legal rights you may have to object to such transfers).

6. Data Retention

We retain personal information for as long as necessary to fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required or permitted by law. In determining retention periods, we consider the minimum amount of time necessary to accomplish the purpose, the nature and sensitivity of the data, the potential risk of harm from unauthorized use or disclosure, and any applicable legal requirements.

  • Account Data: Basic account information is kept as long as you have an account. After account deletion, we generally remove this data within 30-60 days, except as required for legal purposes.
  • User Content: The real estate deals and data you input are stored until you delete them or your account is deleted.
  • Transactional Records: We may keep records of financial transactions for several years as required for accounting/tax purposes.
  • Communications: Support communications may be retained for up to a few years based on our legitimate interest in managing our support and legal obligations.
  • Legal Holds: If we are under a legal obligation to retain data, we will retain the data as required by the applicable law or order.

Once the retention period expires and we have no further legitimate need or legal obligation to retain the data, we will either delete it or anonymize it in our systems.

7. Your Rights and Choices

You have certain rights and choices regarding your personal information. These rights may vary based on your location and applicable laws, but we are committed to honoring the rights of users from all jurisdictions in a fair and transparent manner.

Data Subject Rights (GDPR/UK GDPR and similar laws)

If you are in the EEA, UK, Switzerland, or in another jurisdiction with similar data protection laws, you have the following rights:

  • Right to Access: Request confirmation of whether we are processing your personal information and, if so, request a copy of the personal data we hold about you.
  • Right to Rectification: Request that we correct or update any of your personal information that is inaccurate, incomplete or outdated.
  • Right to Erasure: Request deletion of your personal information (the "right to be forgotten").
  • Right to Data Portability: Obtain an electronic copy of the personal data you have provided to us in a structured, commonly used, and machine-readable format.
  • Right to Restrict Processing: Request that we limit the processing of your personal information in certain circumstances.
  • Right to Object: Object to our processing of your personal information where we are relying on a legitimate interest as the legal basis.
  • Right to Withdraw Consent: If we have collected or process your personal information based on your consent, you have the right to withdraw that consent at any time.

To exercise any of these rights, please contact us at support@siftt.ai. If you are not satisfied with our response, you have the right to lodge a complaint with your local data protection authority.

California Privacy Rights

California residents are entitled to certain rights under the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA). These include the right to know what personal information we collect, the right to access that information, the right to delete (with similar exceptions as under GDPR), the right to correct inaccurate information, and the right to opt out of "sale" or "sharing" of personal information. As stated above, Siftt does not sell personal information, nor do we share it for cross-context behavioral advertising.

Other U.S. State Laws

If you reside in a U.S. state with its own privacy law (such as Colorado, Virginia, Utah, Connecticut, etc.), you may have similar rights to access, correct, delete, or obtain a copy of your data. Siftt will honor such rights for all U.S. users to the extent applicable.

Managing Your Account and Communications

  • You can review and update certain personal information by logging into your Siftt account.
  • You can opt out of marketing emails at any time by clicking the "unsubscribe" link in those emails.
  • You can control cookies through your browser settings. If you choose to disable cookies, some features may not function properly.

8. Security Measures

Siftt takes the security of your personal information seriously. We implement appropriate technical and organizational measures to protect your data against unauthorized access, loss, misuse, or alteration. These measures include:

  • Encryption: We use encryption in transit (SSL/TLS) to protect data exchanged between your device and our servers. For sensitive data, we also employ encryption at rest in our databases.
  • Access Controls: We limit access to personal data to authorized personnel who have a legitimate need to know. We use role-based access controls and authentication safeguards.
  • Network Security: Our infrastructure is protected by firewalls, intrusion detection systems, and regular monitoring.
  • Organizational Practices: We train our employees about the importance of data privacy and security and have internal policies for handling personal data.

While we strive to protect our systems and Services, no method of transmission over the Internet or electronic storage is 100% secure. Therefore, we cannot guarantee absolute security of your information.

In the event of a data breach that affects your personal information, we will notify you and relevant authorities as required by law.

9. Children's Privacy

Our Services are not directed to individuals under the age of 16 (and in certain jurisdictions, under the age of 13), and we do not knowingly collect personal information from children. If you are under 16, please do not use Siftt or provide any personal data to us. If we learn that we have inadvertently collected personal information from a child under the relevant age without parental consent, we will take steps to delete that information promptly.

Note: We require all users to be at least 18 as per our Terms, so usage by minors is not expected.

10. Third-Party Links and Services

The Siftt website or application may contain links to third-party websites, products, or services as a convenience to you. If you choose to click on a third-party link, you will be directed to that third party's site. We do not control and are not responsible for the content or privacy practices of third-party websites or services. This Privacy Policy does not apply to your activities on those external sites.

We encourage you to review the privacy policies of any third-party site or service before providing any personal information to them.

11. Additional Privacy Disclosures for Certain Regions

  • Israel: Siftt abides by the Israeli Privacy Protection Law and regulations. Personal data may be stored in databases as defined under Israeli law, and we comply with data security regulations (2017) enacted under that law.
  • United Kingdom: All references to GDPR in this Policy include the UK GDPR. If you are in the UK, you have the same rights described above. You also have the right to lodge a complaint with the UK Information Commissioner's Office (ICO).
  • EEA/Switzerland: Siftt AI Ltd. is the controller for personal data processed. You can contact our support for any EU-specific inquiries.
  • Canada: We comply with Canada's Personal Information Protection and Electronic Documents Act (PIPEDA) to the extent applicable. Your personal data may be transferred outside of Canada; by using Siftt, you consent to the transfer of your data outside Canada.
  • Australia: If the Australian Privacy Act applies, note that by using our Service you consent to your personal information being transferred overseas as described.

12. Changes to this Privacy Policy

We may update this Privacy Policy from time to time. If we make changes, we will post the updated policy on our website and update the "Last Updated" date at the top. Material changes will be communicated to users through the Service or via email or other prominent notice, in accordance with applicable legal requirements.

We encourage you to review this Privacy Policy periodically to stay informed about how we are protecting your information. Your continued use of the Services after any changes to this Privacy Policy signifies your acceptance of the updated terms (to the extent permitted by law). If you do not agree to the changes, you should stop using the Services and deactivate your account.

13. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, you can contact us by email:

Siftt AI Ltd.
Email: support@siftt.ai

We will address your inquiries as promptly as possible. If you are contacting us to exercise a specific privacy right, please clearly describe your request and the region you are from (if relevant), and we may need to verify your identity for security reasons.

Thank you for trusting Siftt with your real estate deal data. We value your privacy and are committed to protecting your personal information in accordance with this Policy and applicable laws.

© 2026 Siftt.AI LTD.