Last updated: March 2026
Nestmate (“we”, “our”, “us”) is a UK house-hunting app for couples and co-buyers. This policy explains what data we collect, how we use it, and the choices you have — across both the Nestmate iOS app and our website at getnestmate.app.
When you set up Nestmate, you provide a display name, email address, avatar, and household name. If you’re searching with a partner, we generate a unique invite code so you can collaborate. We also store your search preferences (buying, renting, or both) and working patterns for commute calculations.
Properties you save include address, postcode, price or rent, listing details, and any photos you add from your photo library. Photos are stored on your device via the app’s local database. When partner collaboration is active, photos are also uploaded to Firebase Storage so both partners can view them. We also store your reactions (like, love, dislike, unsure), viewing assessments, status tracking, and any rental-specific details such as deposit, tenancy duration, and pet policy.
To power affordability calculations, you may enter annual income for both partners, savings, mortgage details, stamp duty status, and student loan plan information. You can also create multiple “what-if” scenarios. When partner collaboration is active, affordability scenarios are included in synced data so both partners can view shared calculations.
For each area you research, we store the area name, postcode, nearest station, centre coordinates, and up to 18 quality-of-life scores covering safety, schools, transport, green space, walkability, broadband coverage, convenience, and more. These scores are generated using publicly available APIs and bundled datasets (detailed below) and can be manually overridden.
We store commute destinations including workplace name, address, coordinates, and nearest station, along with calculated drive, train, and walk times, daily fares, and parking costs.
You can create shared requirements (financial, commute, house, area) with priority levels and per-partner agreement status, plus action items with owners, due dates, and notes.
App data is stored locally on your device using SwiftData (SQLite). API responses are cached on-device with a 24-hour expiration. If you enable partner collaboration, a copy of your shared household data is also stored on Google Firebase servers (Firestore and Firebase Storage) to enable real-time sync. If you use Nestmate without a partner, your data can optionally sync between your own devices via Apple iCloud.
We do not operate our own servers. Cloud data is handled by Google Firebase (for partner collaboration) or Apple iCloud (for single-user sync), both of which encrypt data in transit and at rest. You can use Nestmate entirely offline with no cloud component.
If you use Nestmate in local-only mode, deleting the app removes all your data. If you have enabled partner collaboration, deleting the app removes your local data but your shared household data remains on Firebase until you delete your account from within the app (Settings → Delete Account). We recommend deleting your account before uninstalling if you want to remove all server-side data.
Nestmate includes real-time partner collaboration powered by Google Firebase. This is entirely optional — you can use Nestmate without it.
households/{householdID}/photos/ and are accessible only to household members.For area scoring and commute calculations, Nestmate sends only postcodes and coordinates to external APIs — no personal identifiers. For partner collaboration (if you choose to enable it), household data including display names, email addresses, and shared financial scenarios are transmitted to Google Firebase for real-time sync. Firebase Analytics receives anonymous, non-personally-identifiable usage events only.
| Service | Data Sent | Purpose |
|---|---|---|
| Firebase Authentication (Google) | Apple ID token, email, display name | User identity for partner collaboration |
| Cloud Firestore (Google) | Household data, properties, areas, commute data, requirements, action items, affordability scenarios, activity logs | Real-time sync between partners |
| Firebase Storage (Google) | Property photos (JPEG) | Photo sync between partners |
| Firebase Analytics (Google) | Anonymous usage events (no PII) | Understand how features are used, onboarding completion rates, crash-free sessions |
| Google Maps Platform | Postcodes, coordinates, search text | Geocoding, directions, distance matrix for commute calculation |
| Apple MapKit | Coordinates | Live amenity search (restaurants, shops, gyms, healthcare, nightlife, convenience) |
| TfL Journey Planner API | Station codes, coordinates | Train, Tube, and bus commute times and zone-based fares |
| Police UK API (data.police.uk) | Coordinates | Crime statistics for area safety scoring |
| Overpass API (OpenStreetMap) | Coordinates | Parks, infrastructure, and spatial data for area scoring |
| Postcodes.io | Postcodes | Postcode geocoding and administrative area lookup |
| Property listing websites | URLs you share into the app | Extract publicly available listing data (Rightmove, Zoopla, OnTheMarket, SpareRoom, OpenRent) |
Our Google Maps API key is restricted to the Nestmate app bundle ID and cannot be used by third parties.
Each of these services has its own privacy policy governing the data they receive:
Nestmate requests the following permissions, each of which you can revoke at any time in your device Settings:
| Permission | Why We Need It |
|---|---|
| Photo Library | So you can add property photos from your camera roll |
| Calendar (Full Access) | So you can sync property viewing appointments to your calendar |
| Location (When In Use) | So we can calculate commute times and find nearby amenities. We never track your location in the background. |
Sign in with Apple — Required if you enable partner collaboration. Nestmate uses your Apple ID to create a Firebase account. We receive only the name and email you choose to share (Apple allows you to hide your real email).
Revoking a permission simply disables the related feature — the app continues to work without it.
Our website is a simple landing page. The only personal data we collect is your email address if you choose to join our waitlist.
App data is retained on your device indefinitely until you delete it within the app or delete the app itself.
Firebase data (when partner collaboration is enabled): Your household data, shared properties, and photos are retained on Firebase servers until you delete your account. Nestmate provides a full account deletion feature in Settings. If you are the household owner, deleting your account removes all shared Firestore data, all Firebase Storage photos, and your Firebase Authentication account. If you are the invited partner, deleting your account removes your membership from the household, your personal data, and your Firebase Authentication account. After account deletion, you are returned to the onboarding screen and can start fresh.
iCloud data (single-user sync): Data synced to iCloud is retained according to Apple’s standard CloudKit policies and can be managed through your device’s iCloud settings.
Website email addresses are retained on Mailchimp until you unsubscribe or request removal.
Under UK data protection law (UK GDPR), you have the right to:
For app data, you exercise most of these rights directly — since your data lives on your device, you can view, edit, and delete it at any time within the app. The app includes a full account deletion feature (Settings → Delete Account) that removes all local data and, if applicable, all Firebase server-side data. You can also export your property and area data as a CSV file from Settings for data portability.
For website data (your email address on Mailchimp), contact us using the details below and we’ll action your request promptly.
You also have the right to lodge a complaint with the Information Commissioner’s Office (ICO) at ico.org.uk if you believe your data has been mishandled.
Nestmate is not directed at children under 13. We do not knowingly collect personal data from children. If you believe a child has provided us with personal data, please contact us and we will delete it.
All data in the app benefits from Apple’s built-in device encryption (Data Protection). API calls to third-party services use HTTPS encryption in transit. Data synced via iCloud (CloudKit) is encrypted in transit and at rest by Apple’s infrastructure.
Partner collaboration data on Firebase is protected by Firestore security rules that restrict access to verified household members only. Firebase Storage enforces authentication, file size limits (10 MB), and image-only content types. All Firebase communication uses HTTPS encryption in transit, and data is encrypted at rest on Google’s servers.
We do not store any data on our own servers, which eliminates the most common vector for data breaches.
We may update this privacy policy from time to time as features evolve. We’ll update the “Last updated” date at the top and, where significant changes are made, notify users through the app or website.
If you have any questions about this privacy policy or want to exercise your data rights, you can reach us at:
Email: [email protected]
Nestmate is designed with privacy at its core. Your home search is yours — we just help you organise it.