Privacy Policy
MTB Here is a private application made available to residents of Millennium Tower Boston. The information we collect exists to serve you — it is held discreetly, never sold, and never used for advertising.
1. Who we are
This policy is issued by Millennium Partners Management LLC ("Millennium," "we," or "us") as the operator of the MTB Here mobile application (the "App") serving residents of Millennium Tower Boston at One Franklin Street, Boston, MA 02110. References to "you" mean the registered resident or authorized occupant using the App.
2. Information we collect
We only collect information needed to verify your residency, deliver in-building services, and keep the App secure. The table below summarizes each category, why we collect it, and where it is held.
| Category | What it contains and why |
|---|---|
| Account & identity | Name, unit number, resident status, email address, phone number, profile photo, and the Firebase Authentication user ID created for your account. Used to verify you are an authorized occupant and route services to the correct residence. You may sign in with email and password, Sign in with Apple, or Google Sign-In. |
| Vehicle & valet tags | Valet tag numbers, nicknames you assign to them, default-vehicle selection, and whether a tag is active. Stored in Firestore so the App can pre-fill requests to ValetPlease. |
| La Vie activity | Event RSVPs, guest counts, and any dietary or access notes you submit. Used only to plan the event and notify you of changes. |
| Amenity & service bookings | Amenity reservations (FLX classes, Tower Bar, private-dining and event rooms), perk redemptions, and notification preferences. Stored to confirm the booking and maintain a service history for your unit. |
| Podcast listening | Playback position for each podcast episode you listen to, so the App can resume where you left off. Not shared with anyone outside Millennium. |
| Push-notification identifiers | The OneSignal Player ID and the underlying device push token (issued by Apple APNs or Google FCM). Used only to send you alerts tied to your account — valet updates, event invitations, newsletters, and building announcements. |
| Diagnostic & crash data | Device model, OS version, App version, and anonymized crash reports collected by Firebase Crashlytics when the App stops unexpectedly. Used to diagnose and fix bugs. No browsing history, location, or advertising identifiers are included. |
3. Device permissions
On first use, iOS and Android may ask you to approve certain permissions. Each is optional and used only as described. You may change your answer at any time in your device settings.
| Permission | Why the App asks |
|---|---|
| Face ID / Touch ID | To let you sign in quickly and securely with biometrics. Biometric data never leaves your device; the App only receives a yes / no result from iOS or Android. |
| Camera | To take a profile photo. Only used when you tap the camera icon on your profile. |
| Photo library | To select an existing photo as your profile picture. The App reads only the image you choose. |
| Calendar | Used only when you tap "Add to calendar" on a La Vie event or service appointment. The App writes a single event to your device calendar; it does not read any other calendar data. |
| Notifications | To deliver valet updates, event invitations, and building announcements through OneSignal. |
| Background audio | So podcast playback can continue when the App is in the background or the screen is locked. |
4. How we use your information
Information collected through the App is used solely to:
- Verify your residency and authenticate access to the App.
- Deliver the specific service you request — an amenity reservation, a La Vie RSVP, a valet request passed to ValetPlease, a phone or email connection to the concierge, or a download of a newsletter or podcast episode.
- Notify you via push about the status of a request you have submitted, or about events and announcements relevant to residents.
- Maintain a record of service history for your unit, as required by our management agreement with the condominium association.
- Diagnose crashes, improve performance, and protect the App from abuse.
- Comply with legal obligations and enforce our Terms of Service.
We do not use your information for advertising, profiling, or sale to third parties. We do not sell or rent personal information under any circumstance.
5. When we share information
Access to resident information is limited to the following:
- On-site Millennium Tower Boston staff — concierge, front desk, engineering, amenity, and valet team members, only to the extent needed to fulfill a request you have initiated. Administrative access within the App is governed by role-based custom claims on Firebase Authentication.
- Service vendors under written agreement — Google LLC (Firebase platform), OneSignal, and the vendors listed in Section 6. Each is bound by confidentiality and data-processing terms.
- Legal authorities — where we are legally required to produce records in response to a subpoena, court order, or lawful request, or where necessary to protect life, property, or the integrity of the building.
We do not share resident information with marketing partners, data brokers, or analytics vendors beyond what is described in this policy.
6. Third-party services integrated into the App
The App relies on a short list of processors to function. Each is listed below with the data it handles and a link to its own privacy terms.
- Google Firebase (Authentication, Firestore, Cloud Storage, Cloud Functions, Cloud Messaging) — hosts your account, residential data, and uploaded profile photos. Data is stored in Google's U.S. data centers under enterprise agreements. See firebase.google.com/support/privacy.
- Firebase Crashlytics — collects anonymized crash reports with device model, OS, and stack traces. See firebase.google.com/support/privacy.
- OneSignal — receives a device push token and a random OneSignal Player ID so push notifications can be delivered. See onesignal.com/privacy_policy.
- Apple — if you use Sign in with Apple, Apple handles authentication and may provide the App with your name and a relay email on your first sign-in. Apple Push Notification service (APNs) also delivers notifications on iOS. See apple.com/legal/privacy.
- Google — if you use Google Sign-In, Google handles authentication. Firebase Cloud Messaging (FCM) also delivers notifications on Android. See policies.google.com/privacy.
We do not embed any advertising, analytics-broker, attribution, or social-media tracking SDKs.
7. External services loaded inside the App
Some features open a secure in-App browser window that connects you to a trusted building vendor. These vendors operate under their own privacy policies, summarized below:
- ValetPlease — when you tap Valet Parking, the
App opens
millenniumtowerboston.valetplease.comwith your email address and (when available) the valet tag number pre-filled. ValetPlease then processes your vehicle-retrieval request on behalf of the Tower's garage team. See valetplease.com/privacy. - BuildingLink — when you tap Delivery or
Engineering under Residential Services, the App opens the
resident portal at
millenniumtowerbostonresidents.buildinglink.comso you can view packages or submit maintenance tickets. BuildingLink is the property-management platform of record for the Tower and holds your residency information independently. See buildinglink.com/privacy.
We do not receive a copy of the data you enter on these vendor sites, except to the extent the vendor shares it back with building management under our service agreements.
8. Retention and security
Account and service-history records are retained for the duration of your residency and for up to seven years following move-out, consistent with Millennium's record-keeping policy and applicable Massachusetts statutes. Firebase Crashlytics retains crash logs for up to 90 days by default.
Data in transit is protected with TLS 1.2 or higher. Data at rest in Firebase is encrypted using Google-managed keys. Access within the App is controlled by Firestore security rules and Firebase Authentication custom claims, with rate limiting applied to write operations. Session credentials are stored in iOS Keychain or Android Keystore using the device's hardware-backed encryption, and biometric unlock is available. We maintain a written information-security program consistent with 201 CMR 17.00 (Massachusetts data-protection standards).
9. Your rights
As a Massachusetts resident, you may at any time:
- Request a copy of the personal information we hold about you.
- Ask that we correct information that is inaccurate or incomplete.
- Ask that we delete information that is no longer required — subject to legal or contractual retention obligations.
- Withdraw consent to push notifications through your device settings or inside the App under Notification Settings.
- Revoke any device permission (Face ID, Camera, Photos, Calendar) from your device settings at any time.
- Close your App account by contacting the management office; closure does not terminate your residency.
Requests are handled within 30 days. Contact us at the address below.
10. Children
The App is intended for adults aged 18 and older who are registered occupants of Millennium Tower Boston. We do not knowingly collect information from children under 13. If you believe a minor has created an account, contact us and we will remove it.
11. Changes to this policy
We may update this policy from time to time. Material changes will be communicated to residents through an in-App notice and by email at least 30 days before they take effect. The "Last updated" date at the top of this page always reflects the current version.
12. Contact
Questions, requests, or concerns about this policy may be directed to:
Millennium Partners Management LLC
Attn: Privacy Officer · MTB Here
One Franklin Street
Boston, MA 02110
privacy@millenniumtowerboston.com · (617) 451-8888