Privacy Policy

REOS ("we", "our", or "us") operates the REOS platform (reos.app), a real estate operating system connecting US investors with Israeli properties. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our platform. We are committed to protecting your privacy in compliance with applicable laws including the California Consumer Privacy Act (CCPA/CPRA), General Data Protection Regulation (GDPR), and Israeli Protection of Privacy Law (PPL).

Personal Information You Provide

When you create an account or use our services, we may collect: your name and email address, phone number (optional), investment preferences and risk tolerance, professional credentials (for service providers), property search history and saved properties, chat messages and communications, and financial preferences (budget range, investment goals).

Information Collected Automatically

We automatically collect: device and browser information, IP address and approximate location, usage data (pages visited, features used, time spent), cookies and similar tracking technologies, and language and locale preferences.

We use your information to: provide and maintain the REOS platform, match investors with suitable properties and service providers, process AI-powered property recommendations and search, facilitate communications between investors and service providers, improve our platform and develop new features, send notifications about deal updates and new listings, comply with legal obligations, and prevent fraud and ensure platform security.

We use the following third-party services to process your data:

• Clerk (authentication and identity management) — US-based, SOC 2 Type II certified
• Convex (database and real-time backend) — US-based, SOC 2 compliant
• Anthropic (AI-powered features including property search and recommendations) — US-based, responsible AI practices

Each processor is contractually bound to process data only as instructed and to maintain appropriate security measures.

REOS operates across the United States and Israel. Your data may be transferred between these jurisdictions. For transfers from the EU/EEA, we rely on Standard Contractual Clauses (SCCs) as approved by the European Commission. Israel has been recognized by the European Commission as providing an adequate level of data protection. For US-Israel transfers, we implement appropriate safeguards consistent with the Israeli Protection of Privacy Law and applicable US state privacy laws.

We do not sell your personal information. We may share your information with: service providers you choose to connect with through the platform, our data processors listed above, law enforcement when required by law, and in connection with a business transfer (merger, acquisition, or sale of assets). When you request a service provider (broker, mortgage advisor, or lawyer), your relevant profile information is shared with that provider to facilitate the service.

Depending on your location, you may have the following rights:

California Residents (CCPA/CPRA)

Right to know what personal information we collect and how it is used, right to delete your personal information, right to opt-out of the sale or sharing of personal information (we do not sell data), right to non-discrimination for exercising your rights, right to correct inaccurate personal information, and right to limit use of sensitive personal information.

EU/EEA Residents (GDPR)

Right of access to your personal data, right to rectification of inaccurate data, right to erasure (right to be forgotten), right to restrict processing, right to data portability, and right to object to processing.

Israeli Residents

Right to access your personal data held in our databases, right to request correction of inaccurate data, and right to request deletion of data no longer needed for the purpose it was collected.

We implement appropriate technical and organizational measures to protect your personal information, including encryption in transit (TLS/SSL) and at rest, access controls and authentication, regular security assessments, and employee training on data protection.

We use essential cookies for authentication and session management. We use analytics cookies to understand platform usage and improve our services. You can manage cookie preferences through your browser settings. For details on specific cookies, see our Cookie Notice.

We retain your personal information for as long as your account is active or as needed to provide services. Deal and transaction records are retained for 7 years for legal compliance. You may request deletion of your account and associated data at any time by contacting us.

REOS is not intended for users under 18 years of age. We do not knowingly collect personal information from children. If we learn we have collected data from a child under 18, we will delete it promptly.

We may update this Privacy Policy from time to time. We will notify you of material changes by posting the updated policy on our platform and updating the "Last updated" date. Continued use of the platform after changes constitutes acceptance of the updated policy.

For privacy-related questions or to exercise your rights, contact us at: privacy@reos.app