Privacy & governance

Code-backed privacy boundaries

Huursterk deliberately uses confidential from the employer rather than anonymous. The app is designed to keep identity, Housing Security Check content, expert access and employer reporting separate.

Pseudonymous and data-minimised where possible

A name and email address are not substantively needed to complete the Housing Security Check, calculate personal feedback or prepare group reporting. Identity, contact data and Housing Security Check content are therefore processed separately.

Participant code

Housing Security Check answers, scores and status are linked to a participant ID, not to a normal participant list with names.

Separated contact layer

Contact data is used only for access, automated messages and appointment confirmations. Operational screens do not show it by default.

Logged and purpose-bound access

An expert only receives the necessary Housing Security Check summary after explicit consent for a check-in. Support access to contact data is exceptional and purpose-bound.

Employer sees
  • Aggregated domain scores, only from 20 unique participants.
  • Top themes and trends per cohort or measurement round, only above threshold.
  • With low response: reach diagnosis with process data and hypotheses, no substantive housing-stress data.
Employer never sees
  • Individual answers, scores or risk categories.
  • Names, email addresses, phone numbers or participation data.
  • Conversation content, uploaded documents, free text or check-in request status.
  • Below the reporting threshold, no exact counts or segment information either.

Roles are separated

Privacy is not just a written promise. Operational roles have different access paths.

Admin

Manages companies, pilots, settings and report snapshots. No route to individual Housing Security Check results.

Expert

Sees assigned check-ins only and only sees the necessary Housing Security Check summary after explicit ExpertConsent.

Company admin

Sees only group-level reporting for their own company, above threshold.

Participant

Sees their own Housing Security Check result, contact preferences and consent status.

No GDPR-proof claim

We do not claim that a product is GDPR-proof. GDPR compliance is an organisational process state. We describe concretely what is implemented technically and procedurally, which GDPR principles are applied and which responsibilities remain with the employer.

Detailed documents on request

The DPIA light and draft data processing agreement are governance documents for DPO, privacy officer, works council or procurement. They are shared on request or after a first conversation, not as public downloads.

For privacy & compliance

Request the governance pack