PropertyOne
Product Features Pricing About
Sign in Book a demo
PropertyOne
Product Features Pricing About Sign in
Book a demo
Legal

Data Processing Agreement

PropertyOne (Novola SAS) · Last Updated: February 22, 2026

This page summarizes the Data Processing Agreement (the "DPA") under which Novola SAS processes personal data on behalf of its customers when they use PropertyOne. The DPA is a contract that forms part of your subscription agreement. This summary is for information only and does not replace the signed DPA text.

Getting the DPA in place

A pre-signed DPA is available to every customer. To execute it, or to request our standard DPA text and subprocessor annex, contact legal@ppty.one. Where a customer has a signed order form or master subscription agreement, the DPA is incorporated into that agreement by reference.

The DPA prevails over any conflicting terms in our Terms of Service with respect to the processing of personal data.

01Roles of the Parties

For personal data that a customer imports into or generates within its workspace (for example, tenant identities, lease documentation, IBANs, and banking ledger data), the customer is the Data Controller and Novola SAS is the Data Processor. Novola processes that personal data only on the customer's documented instructions and to provide the Service.

For data Novola collects in its own right (account registration, billing, and system configuration), Novola is the Data Controller. That processing is described in our Privacy Policy.

02Scope & Nature of Processing

  • Subject matter: provision of the PropertyOne multi-entity financial operations platform.
  • Purpose: hosting, automated reconciliation, rent invoicing, reporting, and support, as instructed by the customer.
  • Data subjects: the customer's tenants, employees, counterparties, and other individuals whose data the customer submits.
  • Categories of data: contact and identity details, lease and financial records, IBANs, and ledger entries.
  • Duration: the term of the subscription, plus any legally required retention (see Section 6).

03Novola's Obligations as Processor

  • process personal data only on the customer's documented instructions;
  • ensure personnel authorised to process the data are bound by confidentiality;
  • implement appropriate technical and organisational security measures (see our Trust Center);
  • assist the customer, taking into account the nature of processing, with data subject requests and with its own security and breach obligations;
  • make available information necessary to demonstrate compliance and allow for audits under the terms of the DPA.

04Subprocessors

The customer authorises Novola to engage subprocessors to deliver the Service, including Amazon Web Services (hosting, AWS Region eu-west-3, Paris) and Postmark (transactional email). Novola imposes data protection obligations on each subprocessor no less protective than those in the DPA and remains responsible for their performance.

The current subprocessor list is maintained and updated in our Privacy Policy. We notify workspace administrators at least 14 days before onboarding a new subprocessor with access to customer data and provide a mechanism to object.

05Data Residency & International Transfers

Core customer databases and ledger data are hosted within AWS Region eu-west-3 (Paris, France). Where limited data must be transferred outside the EU/EEA to a subprocessor (for example, transactional email delivery via Postmark in the United States), the transfer is governed by the European Commission's Standard Contractual Clauses (SCCs), supplemented by technical and organisational measures. Full details are in our Privacy Policy.

06Return & Deletion of Data

On termination, and for a period of 90 days thereafter, the customer may export its data. After that period, Novola deletes or anonymizes the personal data it processes on the customer's behalf, except where retention is required by law (for example, accounting records retained under French commercial law). These mechanics align with the Terms of Service and the Privacy Policy.

07How to Execute the DPA

To sign the DPA or request the full text and subprocessor annex, contact legal@ppty.one. For questions about how personal data is processed, our Data Protection Officer can be reached at dpo@ppty.one.

PropertyOne

The operating system for a property portfolio's money and paperwork.

Product
Overview Features Pricing ChangelogSoon
Company
About Careers Contact BlogSoon
Resources
Help centerSoon GuidesSoon APISoon StatusSoon
Legal
Privacy Terms Trust Center DPA
© 2026 PropertyOne. All rights reserved. Global · multi-entity · IBAN & local bank formats
PropertyOne

See your portfolio on PropertyOne.

A 30-minute walkthrough with our team, mapped to how your firm actually operates. No generic slides.

  • Your structure, live. We stand up a sample of your holding companies, assets and leases.
  • Invoicing and reconciliation in action. Watch recurring rent invoices and bank matching run end to end.
  • A clear next step. Pricing sized to your firm, and what onboarding would look like.

We'll only use your details to arrange your demo. No spam, no sharing.

PropertyOne

Talk to us.

Questions about PropertyOne, pricing, or whether it fits how your firm operates? Send us a note and we'll get back to you within one business day.

Prefer email? Reach us directly at hello@ppty.one.

We'll only use your details to reply. No spam, no sharing.