Privacy Policy

LandingPoint is operated by Jody Roberts as a sole operator. There is no parent company, no corporate group, and no venture-backed entity behind this service. When we say "we" or "us" in this policy, we mean Jody Roberts operating as LandingPoint.

LandingPoint is a relocation platform designed to help families and individuals moving to London. It brings together housing listings, school information, preschool data, and estate agency locations onto a single interactive map — so you can research neighbourhoods and compare options in one place.

If you have any questions about this privacy policy or how we handle your data, you can reach us at jodydavidroberts@gmail.com.

We collect only the data we need to make LandingPoint work for you. Here's a breakdown of every category, with specific detail on what each one includes and why we need it.

We use one session cookie. Its sole purpose is to keep you logged in between page loads so you don't have to re-authenticate every time you navigate. This cookie is essential to making the service work — without it, you couldn't stay signed in.

We also store a small number of preferences in your browser's localStorage. These include your selected theme (light or dark mode) and display density setting (how compact or spacious the interface appears). Technically, localStorage is not the same as cookies — the data never leaves your browser or gets sent to our servers. We mention it here for complete transparency about what gets stored on your device.

We use no third-party trackers, no analytics cookies (no Google Analytics, no Mixpanel, no Hotjar), and no marketing or advertising cookies. We don't fingerprint your browser. We don't build behavioural profiles.

Legal basis: UK PECR Regulation 6(4)(a) provides a "strictly necessary" exemption for cookies required to deliver a service you requested. GDPR Article 6(1)(f) covers our legitimate interest in maintaining your authentication session. Because all storage we use falls under these exemptions, we are not required to show a cookie consent banner — and we don't.

We don't show a cookie banner because all storage we use is strictly necessary for the service to function.

We use a small number of third-party services (data processors) to operate LandingPoint. Each one has a specific role, and we've listed exactly what data flows to each service and where it's hosted.

• Supabase — our PostgreSQL database and authentication provider. Supabase hosts your account data, saved entities, notes, and all workspace content. Hosted on multi-tenant infrastructure across EU and US regions. Your data is stored in the region assigned to our project. See Supabase's privacy policy for details on their data handling practices.
• Railway — our application hosting provider. Railway runs the LandingPoint web server in the US-east region. Server request logs (IP addresses, request paths, user-agent strings) are stored by Railway for up to 30 days. See Railway's privacy policy for more information.
• Resend — our transactional email provider. Resend handles email delivery for account invitations and any notification emails you've opted into. The only data shared with Resend is your email address and the content of the email being sent. Resend processes data in the US.
• Sentry — our error monitoring service, only active when the SENTRY_DSN environment variable is configured on our infrastructure. When enabled, Sentry receives error traces that include the request path, your user ID, and browser version — just enough to help us diagnose and fix crashes. Sentry processes data in the US. If Sentry is not configured, no error data leaves our servers.
• Mapbox / OpenStreetMap — map tile providers. When you view the map on LandingPoint, your browser loads map tiles directly from tile servers. This means your IP address is visible to those tile servers, as with any web request. No account data or listing data is shared with Mapbox or OpenStreetMap — only the standard connection information your browser sends with every web request.
• Anthropic — powers AI features such as web search. Anthropic is only used when you supply your own API key via our bring-your-own-key (BYOK) feature. When you do, your queries are sent directly to your Anthropic account — we don't store your API key on our servers beyond the active session, and the data goes to your Anthropic account, not ours. If you don't use BYOK, no data is sent to Anthropic.

We use your data for four specific purposes — nothing more. We don't run advertising, we don't build marketing profiles, and we don't sell or share your information with data brokers.

Authentication: Your email address is used to sign you in via magic link and maintain your session. This is the core reason we collect your email — without it, we can't identify your account or show you your saved data.

Service delivery: Your saved entities, notes, ratings, and commute anchor are stored so we can display them on the map, in search results, and on listing detail pages. This is the primary function of LandingPoint — helping you organise and compare relocation options.

Communications: If you've opted into notifications (for example, by inviting family members to your workspace), we send transactional emails through Resend. We don't send marketing emails, newsletters, or promotional content.

Debugging and security: Server logs and error traces help us identify and fix crashes, detect abuse (such as automated scraping), and maintain the security of the platform. These logs are retained for 30 days and then automatically deleted.

We keep your data only as long as it's needed for the purpose it was collected. Here are the specific retention periods for each category:

• Account data: retained until you delete your account. Once you delete your account, your email and display name are permanently removed from our database. We chose this approach because account data is only useful while you're actively using the service.
• Listing and family data: retained until you delete the individual items, or until you delete your account (which removes everything). You're in full control — you can remove a saved school or delete a note at any time, and it's gone from our database immediately.
• Server logs: 30 days. This is Railway's default retention period. After 30 days, request logs (IP addresses, paths, user-agent strings) are automatically purged. We chose not to extend this period because 30 days gives us enough time to investigate any security incidents or performance issues.
• Sentry errors: 30 days. Error traces are automatically deleted after this period. We keep them long enough to identify patterns in recurring bugs, but not longer than necessary.

Under the UK GDPR and EU GDPR, you have the following rights over your personal data. You can exercise any of these rights by emailing us at jodydavidroberts@gmail.com. We aim to respond to all requests within 30 days.

• Access — you have the right to request a copy of all personal data we hold about you. Email us and we'll compile and send you a complete export of your account data, saved entities, and any associated metadata.
• Erasure — also known as the "right to be forgotten." You can delete your account yourself from the /account/security page, which permanently removes all your data from our database. Alternatively, email us and we'll handle the deletion for you within 30 days.
• Portability — you have the right to receive your data in a structured, commonly used, machine-readable format. We provide CSV exports on request, covering your saved entities, notes, and ratings.
• Rectification — if any of your personal data is inaccurate, you have the right to have it corrected. Most data can be edited directly within the app (notes, ratings, display name). For anything else, email us.
• Object to processing — you have the right to object to our processing of your data. The simplest way to exercise this right is to close your account, which stops all processing immediately.
• Lodge a complaint — if you're unhappy with how we handle your data, you have the right to complain to a supervisory authority. In the UK, that's the Information Commissioner's Office (ICO) at ico.org.uk. In the EU, you can contact your local data protection authority.

Under the California Consumer Privacy Act (CCPA), the Virginia Consumer Data Protection Act (VCDPA), and similar state privacy laws, you have specific rights regarding your personal information. Here's how each one applies to LandingPoint:

• Know what's collected — you have the right to know what personal information we collect, how we use it, and who we share it with. This privacy policy is our primary disclosure — it covers everything in detail. If you want a personalised summary of the specific data we hold about you, email us and we'll provide one.
• Delete your data — you can request deletion of your personal information. The process is the same as the Erasure right described above: delete your account from /account/security, or email us and we'll handle it. Deletion is permanent and applies to all your data across our systems.
• Opt-out of sale — we do not sell your personal information. Period. We don't share it with data brokers, advertising networks, or any other third party for monetary or other valuable consideration. There is no "sale" to opt out of.
• Non-discrimination — we won't deny you service, charge you different prices, or provide a different quality of service because you exercised any of your privacy rights. Your rights are your rights — exercising them has no impact on your LandingPoint experience.

LandingPoint is not directed to anyone under 16 years of age. We don't knowingly collect personal data from children. The service is designed for adults who are researching relocation options — there is no content, feature, or marketing targeted at minors.

If we learn that we've inadvertently collected personal data from a child under 16, we'll delete it promptly. If you're a parent or guardian and believe your child has provided personal data to LandingPoint, please contact us at jodydavidroberts@gmail.com and we'll take immediate steps to remove the data and close the account.

Your data is processed in the EU and US (Supabase's multi-region infrastructure) and US-east (Railway's hosting region). Because LandingPoint serves users in both the UK/EU and the US, your data may cross international borders depending on which services are processing it.

Where required by law, we rely on the UK International Data Transfer Agreement (IDTA) and EU Standard Contractual Clauses (SCCs) to provide appropriate safeguards for cross-border transfers. In plain terms, the IDTA is the UK's legal mechanism for approving data transfers to countries outside the UK that don't have an adequacy decision. SCCs are the EU's equivalent — pre-approved contractual terms that ensure your data receives the same level of protection regardless of where it's processed. Our data processors (listed in the "Where your data is stored" section) each maintain their own compliance with these transfer mechanisms.

This policy is versioned — you can see the version number and date at the top of this page. Versioning means you can always tell exactly which version of the policy was in effect at any given time.

If we make material changes — for example, adding a new data processor, collecting a new category of data, or changing retention periods — we'll email all account holders before the changes take effect. We consider a change "material" if it meaningfully affects what data we collect, how we use it, who we share it with, or how long we keep it. Minor wording clarifications or formatting changes won't trigger an email notification, but will be reflected in the version number and date.

If you have questions about this privacy policy, want to exercise any of your rights, or need to report a data concern, the fastest way to reach us is by email.

Email: jodydavidroberts@gmail.com

Postal: Operator: Jody Roberts, Davidson, NC, USA — full address available on request.

We aim to respond to all privacy-related enquiries within 30 days, as required by GDPR. In practice, we usually respond much faster than that.