DepositsBack

Signup

Privacy Policy

Last Updated: February 27, 2025

INTRODUCTION.

Welcome to Coort, Inc. (“Coort,” “we,” “us,” or “our”). This Privacy Policy governs the collection, use, and protection of personal information obtained from individuals (“users” or “you”) who access, interact with, and use the features, functionalities, services, content, and offerings provided through our mobile application, website, sub-domains, and affiliated platforms (collectively, the “Platform”). This Privacy Policy explains the types of data we collect, how we use, store, and protect that information, and your rights regarding your personal data. By accessing or using our Platform, you acknowledge that you have read, understood, and agreed to the terms of this Privacy Policy.

At Coort, your privacy is our priority. We are committed to respecting your privacy rights and safeguarding the confidentiality and security of your personal information. We comply with all applicable privacy laws and regulations to ensure that your data is handled responsibly and transparently. If you do not agree with the practices outlined in this Privacy Policy, we kindly ask that you refrain from using our Platform.

By continuing to use the Platform, you signify your acceptance of this Privacy Policy and consent to the collection, use, storage, and disclosure of your personal data as described herein and in accordance with applicable laws and regulations. If you have any questions, concerns, or feedback about this Privacy Policy, please contact us using the information provided in the Contact Us section.

We may update this Privacy Policy periodically to reflect changes in our practices, technologies, or legal requirements. Any updates will be effective upon posting the revised Privacy Policy on our Platform. We encourage you to review this Privacy Policy regularly to stay informed about how we collect, use, and protect your information.

Thank you for choosing Coort. Your trust and privacy are essential to us, and we are dedicated to providing a secure and enjoyable experience on our Platform.

TYPES OF DATA WE COLLECT.

At Coort Inc., we collect and process various types of information to provide and improve our services, ensure security, and comply with legal obligations. The data we collect falls into several categories, including personal information, financial data, technical and usage data, and cookies/tracking information. Each category serves a specific purpose in enabling users to access, interact with, and benefit from the Platform’s features and functionalities.

  • Personal Identifiable Information (PII): When users register for an account or engage with the Platform, we collect certain personally identifiable information to authenticate users and facilitate interactions between landlords and tenants. This includes a user’s full name, email address, and residential address. This data is essential for account creation, verification, and maintaining a secure and transparent rental process.
  • Financial and Transactional Data: To support secure payments and financial transactions within the Platform, we collect limited financial data. This includes the last four digits of the user’s Social Security Number for identity verification and banking information for payment processing. We do not store full credit card numbers or sensitive banking details; all payment transactions are handled through our third-party payment processor, Stripe, which adheres to strict industry security standards.
  • Technical and Usage Data: In addition to personal and financial information, we collect technical and usage data to improve Platform functionality, enhance security, and provide a seamless user experience. This data may include IP addresses, device type, operating system, browser type, and interaction logs that track how users engage with different features of the Platform. This information helps us diagnose technical issues, optimize performance, and ensure compliance with security protocols.
  • Cookies and Tracking Information: We use cookies and other tracking technologies to monitor user interactions and improve the overall experience on our Platform. Cookies help us understand user preferences, track login sessions, and collect analytical data for performance enhancements. Users are given the option to accept or decline cookies through a consent pop-up when accessing the Platform.

The data we collect is handled with the utmost care, following industry best practices for privacy, security, and transparency. Users can access, modify, or request the deletion of their data through their account settings or by contacting our support team.

HOW WE COLLECT DATA.

At Coort Inc., we collect data through multiple channels to ensure the proper functionality of our Platform, provide essential services, and enhance user experience. The information we collect is obtained directly from users, through automated technologies, and from trusted third-party service providers. Each collection method is carefully designed to maintain data accuracy, security, and compliance with applicable privacy laws.

Users provide personal and financial information when they create an account, update their profile, or engage in transactions on the Platform. This includes entering their name, email address, residential address, and banking details during the registration process. Additionally, when users interact with features such as security deposit tracking, payment processing, or communication tools, they may submit further data necessary for these services to function effectively.

When users access the Platform via web, mobile, or tablet, we automatically collect technical and usage data to monitor system performance, enhance security, and optimize user experience. This includes IP addresses, device identifiers, operating system details, browser type, and interaction logs that track engagement with the Platform.

We also utilize cookies and tracking technologies to collect data on user activity, session management, and site preferences. Cookies help us recognize returning users, maintain login sessions, and analyze usage patterns for service improvements. Users have the option to accept or decline cookies through a consent prompt when accessing the Platform.

We partner with trusted third-party service providers to facilitate secure payments, identity verification, and account security. For example:

  • Stripe collects and processes banking details for secure payment transactions.
  • Twilio provides multi-factor authentication (MFA) and security verification to protect user accounts.

These third-party providers adhere to strict privacy and security protocols, ensuring that collected data is processed responsibly and used only for the intended purpose. We do not sell or share user data with third parties beyond what is necessary to provide essential Platform services.

HOW WE USE DATA.

We collect and process user data solely for the purpose of providing, maintaining, and improving our Platform. We do not sell user data or use it for any unauthorized purposes. Every piece of information collected is used to enhance user experience, ensure platform security, facilitate transactions, and comply with legal and regulatory obligations. User data is essential for the core functionalities of the Platform. We use personal information, financial details, and technical data to:

  • Create and manage user accounts, ensuring that landlords and tenants can securely access their profiles.
  • Facilitate transactions, including the secure processing of security deposits and rent payments.
  • Store and manage rental-related documents, such as lease agreements, inspection records, and communication history.
  • Enable communication between landlords and tenants through our integrated messaging system.

We use collected data to maintain the security and integrity of our Platform, including:

  • Identity verification through secure authentication processes.
  • Fraud detection and prevention, ensuring that only legitimate users can access and engage in financial transactions.
  • Monitoring of suspicious activity, including unauthorized login attempts or unusual payment behavior.

To support these security measures, we partner with trusted third-party providers such as Twilio for two-factor authentication and Stripe for secure payment processing. We process user data as required by applicable laws and regulations. This includes:

  • Fulfilling legal obligations related to financial transactions and tax reporting.
  • Responding to valid legal requests from government agencies or law enforcement.
  • Ensuring compliance with rental and financial regulations applicable to landlords and tenants.

We continuously improve our Platform by analyzing technical and usage data to:

  • Optimize Platform performance and ensure seamless navigation.
  • Identify and fix system errors, improving the stability and reliability of our services.
  • Personalize user experience, such as sending relevant notifications or reminders for lease renewals and payments.
  • Enhance customer support, ensuring quick and effective responses to inquiries.

We strictly limit the use of personal and financial data to operational and security-related purposes only. Users maintain control over their data, with options to access, update, or delete their information as outlined in our User Rights section.

NO SALE OF DATA.

We uphold the highest standards of data privacy and are committed to protecting the personal information of our users. In line with this commitment, we firmly assert that we do not engage in the sale of any user’s personal data. This stance is a core element of our privacy practices and reflects our dedication to maintaining the trust and confidence of our users.

For clarity, the term “sale” of data, as used in this Privacy Policy, refers to the exchanging, transferring, or otherwise making available of a user’s personal data to third parties for monetary or other valuable consideration. We understand the importance of this distinction and assure our users that their personal data will not be treated as a commodity in any business transactions.

It is important to note that this Privacy Policy does not preclude us from sharing data in ways that do not constitute a “sale” as defined above. This includes sharing information with service providers who assist us in operating our Platform, conducting our business, or serving our users, so long as these parties agree to keep this information confidential and use it solely for the purposes we have directed. Moreover, we may disclose personal data when legally required to do so, to comply with a subpoena, bankruptcy proceedings, or similar legal process, or when we believe in good faith that disclosure is necessary to protect our rights, protect your safety or the safety of others, investigate fraud, or respond to a government request.

We prioritize transparency in all our data practices and aim to provide our users with control over their personal data. In line with this, we ensure that users are informed about the types of data we collect, the purposes for which we collect it, and the circumstances under which it might be shared, as detailed in other sections of this Privacy Policy.

This No Sale of Data policy is subject to regular review and may be updated to reflect changes in our practices or legal obligations. Any updates will be communicated through revisions to our Privacy Policy, and we encourage users to review this policy periodically to stay informed about how we protect their personal information.

LAWFUL BASIS FOR COLLECTION.

At Coort, we collect and process your personal data in accordance with applicable privacy laws and regulations. The lawful basis for our data collection and processing activities depends on the nature of the information and the specific context in which it is collected. We rely on the following lawful bases:

  • Consent: Your consent is the foundation for many of our data collection practices. For instance, when you voluntarily provide your information during account registration or enable location tracking, you explicitly agree to the collection and use of this data for the purposes outlined in this Privacy Policy. You can withdraw your consent at any time by adjusting your settings or contacting us, although this may limit your access to certain features of the Platform.
  • Contractual Necessity: The processing of your personal data is essential for the performance of the contract between you and Coort. For example, we require your data to create your account, provide access to the app, and enable its core features. Without this information, we would be unable to fulfill our contractual obligations to you.
  • Legitimate Interests: We process certain data to pursue our legitimate business interests in providing a secure, high-quality, and personalized user experience. These interests include app optimization, fraud prevention, and system security. When processing your data based on legitimate interests, we ensure that your privacy rights are not overridden by our operational needs.
  • Legal Obligations: In some cases, we are required to collect, retain, or disclose personal data to comply with applicable laws, regulations, or legal processes. For example, we may process your data to respond to a court order or government request.
  • User Protection: We may process your data when necessary to protect your vital interests or the interests of others, such as ensuring the safety and security of the Platform or addressing unauthorized access.

By relying on these lawful bases, we ensure that our data collection and processing activities are conducted responsibly, transparently, and in compliance with all applicable legal requirements. If you have questions about the lawful basis for a specific data processing activity, please contact us using the details provided in the Contact Us section of this Privacy Policy.

HOW WE SHARE DATA.

We do not sell user data under any circumstances. However, in order to provide our services, process transactions, and maintain platform security, we share certain user information with trusted third-party service providers and, when legally required, with regulatory authorities. All third-party providers are contractually obligated to protect user data, maintain confidentiality, and use the information only for specified purposes.

To facilitate platform functionality and ensure secure transactions, we engage third-party service providers for specific operational tasks. Stripe handles financial transactions, including rent payments and security deposits, ensuring compliance with financial security standards. Twilio provides two-factor authentication to enhance account security and prevent unauthorized access. User data is stored on Amazon Web Services (AWS), which offers encrypted storage and infrastructure security. These third parties process only the necessary information required for their functions, and we require them to adhere to strict data protection policies.

There may be circumstances where we are legally required to disclose user information to government authorities, law enforcement agencies, or regulatory bodies. This may occur in response to court orders, subpoenas, financial reporting obligations, or investigations related to fraud or security threats. Whenever legally permissible, we will notify users before sharing their information.

In the event of a merger, acquisition, asset sale, or corporate restructuring, user data may be transferred as part of the business transition. If such a transfer occurs, the acquiring entity must uphold the commitments outlined in this Privacy Policy. Users will be informed of any material changes affecting their data.

We may use aggregated, non-identifiable data for internal research, analytics, and business improvement. This data does not contain personally identifiable information and is used solely to enhance platform performance, optimize security, and improve user experience.

Users maintain control over their personal data and can update, modify, or delete their information through account settings. If a user wishes to limit how their data is shared, they may request data deletion or adjust their security and privacy settings.

DATA SECURITY.

We prioritize the security of user data and implement industry-standard measures to protect personal and financial information from unauthorized access, misuse, alteration, and loss. Our security framework is designed to safeguard user data both in transit and at rest, ensuring that sensitive information remains confidential and protected against cyber threats.

All user data is stored on Amazon Web Services (AWS), a leading cloud infrastructure provider known for its robust security protocols. Data is encrypted both during transmission and while at rest, using advanced encryption standards to prevent unauthorized access. Financial transactions processed through Stripe also benefit from PCI DSS compliance, ensuring payment information is handled securely.

We enforce strict authentication measures to prevent unauthorized account access. Twilio-powered two-factor authentication (2FA) is required for enhanced security, reducing the risk of unauthorized logins. Additionally, we implement role-based access controls (RBAC), ensuring that only authorized personnel within our organization can access sensitive data based on operational necessity.

The Platform is continuously monitored for potential security threats, suspicious activity, and unauthorized access attempts. Our security team uses intrusion detection systems (IDS) and automated security audits to identify and mitigate risks proactively.

We deploy firewalls, secure API gateways, and malware detection systems to prevent cyber threats. In the event of a suspected data breach, our incident response plan ensures swift containment, investigation, and mitigation of the issue. If a breach affects user data, impacted users will be notified in compliance with applicable privacy laws, and necessary corrective actions will be taken.

While we implement strong security measures, users play an essential role in protecting their accounts. We recommend:

  • Using strong, unique passwords and changing them periodically.
  • Enabling two-factor authentication (2FA) for added security.
  • Avoiding sharing login credentials with others.
  • Reporting suspicious activity immediately to our support team.

Cybersecurity is an evolving field, and we continuously update our security framework to address emerging threats and regulatory requirements. Our commitment to regular security audits, penetration testing, and compliance assessments ensures that we maintain the highest level of data protection.

DATA RETENTION.

We retain user data only for as long as necessary to fulfill the purposes for which it was collected, comply with legal and regulatory obligations, resolve disputes, and enforce our agreements. Our retention practices are designed to balance user privacy, security, and compliance requirements, ensuring that data is not stored longer than needed. Our retention periods for different types of data are as follows:

  • Personal Identifiable Information (PII): User profile data, including name, email, and address, is retained for as long as the user maintains an active account. If an account is deleted, this data is securely removed within 30 days, unless required for legal or compliance purposes.
  • Financial Data: Banking information and transaction records processed through Stripe are retained as required by financial regulations and tax laws. Payment-related data is stored for up to seven (7) years, in accordance with financial compliance requirements.
  • Technical and Usage Data: Log files, IP addresses, and device identifiers are retained for security monitoring and fraud prevention. These records are typically stored for 12 months before being anonymized or deleted.
  • Cookies and Tracking Data: Cookies and tracking information are stored based on user preferences. Users can manage or delete cookies at any time through their browser settings.

Users have the right to request deletion of their personal data at any time through account settings. Upon request, we will remove or anonymize data unless retention is required by law, regulatory compliance, or for fraud prevention. Users should note that:

  • Account deletion requests may result in permanent loss of data associated with their profile.
  • Some transactional and legal records cannot be deleted immediately due to regulatory obligations.
  • Aggregated, non-personally identifiable data may be retained for analytics and service improvements but will not be linked to individual users.

When data is no longer needed, we use secure deletion methods to ensure that it cannot be recovered. This includes data encryption, anonymization, and secure overwriting protocols. For physical storage media, we follow industry best practices for data destruction and disposal.

COOKIE POLICY.

We use cookies and similar tracking technologies to enhance user experience, improve Platform performance, and analyze usage trends. This Cookie Policy explains how we use cookies, what types of cookies are in place, and how users can manage their preferences. Cookies are small text files stored on a user’s device when they visit or interact with the Platform. These files help websites and applications remember user preferences, enable seamless navigation, and provide insights into user behavior. Cookies can be session-based (deleted after the browsing session ends) or persistent (stored for a specified period). We use the following categories of cookies:

  • Essential Cookies: These are necessary for the Platform to function properly. They enable user authentication, security features, and session management. Users cannot disable essential cookies, as they are required for core functionality.
  • Functional Cookies: These enhance the user experience by remembering preferences, settings, and previously entered information. For example, they may store preferred language settings or login credentials for easier access.
  • Analytics and Performance Cookies: These cookies track user interactions with the Platform, providing insights into website traffic, feature usage, and performance optimization. We use these cookies to improve Platform stability and user experience.
  • Advertising and Tracking Cookies: We do not use cookies for advertising or tracking users for targeted ads.

Some cookies on our Platform are set by third-party service providers. These include:

  • Google Analytics: To track user engagement and Platform performance.
  • Stripe: For secure payment processing and fraud prevention.
  • Twilio: For multi-factor authentication and security verification.

These third-party services may also collect and process user data under their own privacy policies. Users should review the privacy policies of these providers to understand how they manage cookies. Users have the ability to control, disable, or delete cookies through their browser settings. Most web browsers allow users to:

  • Block cookies from specific websites.
  • Clear stored cookies at any time.
  • Enable settings to notify them before a cookie is stored.

Disabling certain cookies, particularly essential or functional cookies, may limit access to critical features of the Platform, such as login functionality and secure transactions.

We may update this Cookie Policy from time to time to reflect changes in our use of cookies, legal requirements, or user preferences. Updates will be communicated through Platform notifications and a revised Cookie Policy. Users are encouraged to review this policy periodically.

CHILDREN’S PRIVACY.

Our Platform is committed to protecting the privacy of children. Consistent with the Children’s Online Privacy Protection Act (COPPA) and other applicable laws and regulations, we do not knowingly collect, use, or disclose personal information from children under the age of 18.

  • Age Restriction: Our services are not directed to children under the specified age. We do not knowingly engage in transactions or communications with children under this age. Our Terms and Conditions prohibit users under this age from accessing our Platform and services.
  • Parental Consent and Involvement: If we learn that we have collected personal information from a child under the specified age without parental consent, we will take steps to delete the information as soon as possible. We strongly encourage parents and guardians to take an active role in their children’s online activities and to inform us if they believe their child has provided personal information to us without their consent.
  • Information Collection Practices Regarding Children: In the rare event that we collect personal information from children under the specified age with parental consent, such information will be used solely for the purpose for which it was collected, and in accordance with this Privacy Policy.
  • Access and Deletion Requests by Parents or Guardians: Parents or guardians who believe that their child under the specified age has submitted personal information to our Platform can contact us to request access to, correction of, or deletion of their child’s personal data.
  • Commitment to Data Security: We understand the importance of safeguarding children’s privacy and security online. We implement stringent security measures to protect children’s personal information and comply with relevant legal requirements pertaining to data protection and privacy.
  • Updates to our Children’s Privacy Policy: This policy may be updated periodically to reflect changes in our practices or legal requirements. We encourage parents and guardians to review this policy regularly.
  • Reporting Concerns: We take concerns about children’s privacy seriously. If you have any questions or concerns about our Children’s Privacy Policy or our practices concerning children’s personal data, please contact us using the information provided in the “Contact Us” section.

USER RIGHTS.

We respect and uphold users’ rights regarding their personal data. Users have full control over their information and may access, modify, restrict, or delete their data as permitted by applicable privacy laws. This section outlines the rights available to users and how they can exercise them.

  • Right to Access Personal Data Users have the right to request a copy of the personal data we hold about them. This includes information such as their account details, transaction history, and preferences stored on the Platform. Requests for access can be made through account settings or by contacting our support team.
  • Right to Correct or Update Data If any personal information is inaccurate, outdated, or incomplete, users have the right to correct or update their data. Profile information, including name, email, and address, can be updated directly through the Platform. If further corrections are needed, users may submit a request to customer support.
  • Right to Data Portability Users may request that their personal data be provided in a structured, commonly used, and machine-readable format so that they can transfer it to another service provider. This applies to data that users have actively provided to the Platform.
  • Right to Delete or Request Data Removal Users have the right to request the deletion of their personal data when:
    1. They no longer wish to use the Platform.
    2. The data is no longer necessary for the purposes for which it was collected.
    3. They withdraw consent for processing (where applicable).
  • Right to Restrict or Object to Data Processing Users can request that we limit or restrict the processing of their data under certain circumstances, such as when they dispute the accuracy of the information or object to specific uses of their data. If processing restrictions are applied, users may experience limited access to certain features of the Platform.
  • Right to Withdraw Consent Where data processing is based on user consent (e.g., marketing communications or certain cookies), users may withdraw consent at any time by adjusting their privacy settings or contacting support. Withdrawal of consent does not affect the legality of data processing conducted before consent was withdrawn.

THIRD-PARTY LINKS.

Our Platform may contain links to third-party websites or services that are not operated or controlled by us. These third-party links are provided for your convenience and reference only. Please note that we have no control over the content, policies, or practices of these third-party websites or services.

By clicking on these third-party links, you acknowledge and agree that we are not responsible for the privacy practices or the content of such websites or services. This Privacy Policy applies solely to the information collected by our Platform. We encourage you to read the privacy policies of any third-party websites you visit to understand their data collection, use, and disclosure practices.

While we strive to include only reputable and trusted third-party links on our Platform, we cannot guarantee the accuracy, completeness, or quality of the information, products, or services provided on these external sites. The inclusion of any third-party link on our Platform does not imply our endorsement, sponsorship, or recommendation of the linked website or its content.

Please be aware that when you leave our Platform and access a third-party website, your interactions and any information you provide are subject to the terms and policies of that website. We encourage you to exercise caution and review the privacy policies of any website you visit.

THIRD PARTY SERVICES.

We integrate with third-party service providers to facilitate payments, authentication, data storage, and analytics. These third parties help ensure the functionality, security, and efficiency of our Platform. While we carefully vet all third-party partners, we do not control their independent privacy practices. Users are encouraged to review the privacy policies of these providers to understand how their data is handled. Our Platform relies on the following third-party providers:

  • Payment Processing: We use Stripe to handle financial transactions, including rent payments and security deposit management. Stripe securely processes banking details and payment information while maintaining compliance with financial security standards.
  • Authentication and Security: Twilio provides two-factor authentication (2FA) to protect user accounts from unauthorized access. This enhances security by requiring additional identity verification.
  • Cloud Storage and Infrastructure: All user data is stored securely on Amazon Web Services (AWS), which provides encrypted storage and industry-standard security protocols.
  • Analytics and Performance Monitoring: We use Google Analytics to track Platform usage, measure engagement, and optimize functionality. This allows us to improve performance without compromising user privacy.

When interacting with these third-party services, certain personal data may be collected, processed, or stored by the service provider. These third parties have their own privacy policies and security measures governing how they handle user data. While we require them to maintain strict confidentiality and compliance standards, we are not responsible for any data breaches, policy violations, or service failures on their part. By using our Platform, users acknowledge and agree that:

  • Their personal and financial data may be shared with third-party service providers for payment processing, authentication, and system security.
  • These service providers process data only for the purposes necessary to operate the Platform and are prohibited from using it for any unauthorized purposes.
  • The privacy policies of Stripe, Twilio, AWS, and Google Analytics apply to their respective services, and users are encouraged to review them separately.

Users who wish to restrict third-party data processing may do so by:

  • Adjusting account settings to limit the use of analytics tracking.
  • Managing cookie preferences to opt out of non-essential tracking.
  • Requesting account deletion, which removes personal data from our systems but does not affect transaction records maintained by payment processors.

While we work exclusively with trusted third-party providers, users should understand that these services are essential to the operation of the Platform. Disabling certain third-party integrations may impact access to features such as secure payments, authentication, and performance monitoring.

DATA BREACH RESPONSE.

At Coort, we are committed to protecting your personal data and have implemented robust measures to ensure its security. In the unlikely event of a data breach, we have a structured response plan in place to manage the situation promptly and effectively while complying with all legal obligations.

If a breach occurs, we will act immediately to identify and contain the issue. This includes isolating affected systems to prevent further unauthorized access or data loss. Once contained, we will conduct a thorough investigation to determine the cause, scope, and impact of the breach. Our goal is to assess the risks posed to affected individuals and ensure appropriate remediation measures are implemented.

We will notify affected users as required by applicable laws. Notifications will include relevant details about the breach, such as the nature of the incident, the type of data affected, potential risks, and steps users can take to protect themselves. Regulatory authorities will also be informed when necessary, following prescribed timelines and reporting requirements.

Following a breach, we will enhance our security measures to address any identified vulnerabilities and prevent similar incidents in the future. Our response plan undergoes regular reviews and updates to align with evolving industry standards and best practices.

If you suspect a security incident involving your personal data or need additional information about our response procedures, please contact us through the details provided in the Contact Us section of this Privacy Policy.

HOW TO EXERCISE YOUR RIGHTS.

We are committed to ensuring that users can exercise their privacy rights in a clear and accessible manner. Users may access, update, delete, or restrict the use of their personal data through their account settings or by submitting a request to our support team. All data-related requests are handled in compliance with applicable privacy laws and processed within a reasonable timeframe.

Users who wish to access their personal data can log into their account settings to view and update details such as their name, email address, and account preferences. If additional corrections are required beyond what is editable within the Platform, users may request modifications by contacting customer support.

For those who no longer wish to use the Platform, a data deletion request may be submitted through the user’s account or by contacting support. Upon receiving a valid request, we will permanently delete personal data within 30 days, unless legal, financial, or regulatory obligations require us to retain certain records. If specific transaction history or compliance-related data must be maintained, users will be informed of the retention period before deletion is finalized. Once an account is deleted, access to the Platform will be revoked, and all associated personal data will be securely removed.

Users may also request that we restrict the processing of their data in situations where they dispute its accuracy or object to specific uses, such as analytics tracking. While we will honor requests to limit processing whenever possible, users should be aware that restricting certain data may impact the functionality of key Platform features. Similarly, users have the right to request a copy of their personal data in a structured, machine-readable format, including account details and communication history stored within the Platform.

Where data processing is based on user consent, such as for marketing communications or analytics tracking, users have the right to withdraw their consent at any time. This can be done by adjusting privacy preferences in account settings, managing cookie preferences, or contacting support to request removal from specific data processing activities. Withdrawing consent does not affect the legality of past data processing but may limit the availability of certain Platform functionalities.

To submit a request, users can utilize the tools available in their account settings, contact customer support, or, where applicable, submit a formal request through our privacy request portal. In some cases, identity verification may be required to prevent unauthorized access or fraudulent data requests.

DO NOT TRACK SIGNALS.

Our Platform currently does not respond to “Do Not Track” (DNT) signals from web browsers. DNT is a privacy preference that you can set in your web browser to indicate your preference regarding the tracking of your online activities.

While many web browsers support the DNT feature, there is no standard interpretation or industry consensus regarding the meaning of DNT signals. As a result, our Platform does not currently recognize or respond to DNT signals.

Please note that even if you have enabled the DNT feature in your web browser, certain third-party services integrated into our Platform may still collect and track your online activities in accordance with their own privacy policies. We encourage you to review the privacy policies of these third-party services for more information on their tracking practices.

MODIFICATION.

We reserve the right to modify or update this Privacy Policy at any time. Any changes we make will be effective immediately upon posting the revised Privacy Policy on our Platform. We encourage you to review this Privacy Policy periodically to stay informed about how we collect, use, and protect your information.

By continuing to use our Platform after any changes to this Privacy Policy, you acknowledge and agree to the updated terms. It is your responsibility to review this Privacy Policy periodically and ensure that you are aware of any modifications. If you disagree with any changes, you should discontinue your use of our Platform and contact us if you would like to request the deletion of your personal information.

Please note that any provision of this Privacy Policy that imposes an obligation on you or grants us a right will survive the termination or expiration of this Privacy Policy or your use of our Platform.

WEB BEACONS.

Web beacons are small graphic images or other web programming code that can be included in our web pages and e-mail messages. Invisible to the user, these beacons are typically as small as a single pixel and function in a similar manner to cookies.

Web beacons are used to track online movements of web users or to access cookies. They help us understand how users interact with our Platform by transmitting information back to us or our partners.

Web beacons track user behavior on our Platform, such as page views and email interaction. This information helps us understand user preferences and improve the content and functionality of our Platform.

In our email communications, web beacons allow us to determine whether our emails are opened and if the links within them are clicked. This data assists us in making our communications more relevant and informative for our users.

We use web beacons to gauge the effectiveness of our advertising campaigns. By understanding user interactions and responses to our marketing efforts, we can tailor our strategies to better meet user interests and needs.

beacons contribute to our analytics by gathering aggregate data. This includes analyzing trends, administering the site, and gathering demographic information about our user base as a whole.

While web beacons are inherently anonymous, you have the option to control their use through various browser settings and third-party tools. Disabling cookies in your browser will also limit the functionality of web beacons associated with those cookies.

CONTACT US.

We value open communication with our users and welcome any questions, concerns, or feedback regarding this Privacy Policy or our data handling practices. Our dedicated team is committed to addressing your inquiries and providing timely and clear responses. Please find below the various channels through which you can reach us:

  • Email Communication: For direct and convenient communication, you can email us at [Insert Email]. We aim to respond to all email inquiries within 48 hours during business days.
  • Contact Form: We also offer a contact form on our Platform. This form is a quick way to reach out to us with any questions or feedback. The form is accessible through the ‘Contact Us’ section on our website.
  • Accessibility: We are committed to ensuring that our communication channels are accessible to all our users, including those with disabilities. If you require any special accommodations, please let us know, and we will do our best to assist you.
  • Language Support: Our customer service team is capable of handling inquiries in multiple languages. If you require assistance in a language other than English, please indicate this in your communication, and we will endeavor to accommodate your needs.

We are dedicated to providing a prompt response to all inquiries. If your issue requires more in-depth investigation, we will keep you informed about the status of your query and provide a timeframe for resolution.

Information You Collect

  • Types of Information Collected:
    DepositBack collects user names, email addresses, phone numbers, property addresses, rental agreements, lease details, bank account information for security deposits, and payment transaction data.
  • Sensitive Information:
    Yes, DepositBack collects financial data, including bank account details and payment transaction records, to facilitate security deposit management.
  • How Information is Collected:
    • Directly from users when signing up, setting up payment accounts, or making transactions.
    • Through cookies and analytics tools on the website.
    • From third-party payment processors (e.g., Stripe) when processing deposits.

Why and How You Use Information

  • Purpose of Collection:
    • To facilitate secure rental deposit transactions.
    • To provide escrow services and allow tenants to track their deposits.
    • To verify user identity and prevent fraud.
    • For customer support and dispute resolution.
    • To comply with legal and regulatory requirements.

Storing Information and Keeping It Safe

  • Storage & Security:
    • User data is stored in encrypted databases using cloud storage solutions that comply with industry security standards.
    • Financial data is processed and stored securely by third-party payment providers (e.g., Stripe).
  • Plan for Data Breach:
    • Immediate investigation and mitigation in case of a breach.
    • Notifying affected users in accordance with data protection laws.
    • Working with cybersecurity professionals to prevent future incidents.

Sharing Information

  • Third-Party Sharing:
    • DepositBack shares data with payment processors (e.g., Stripe) for transactions.
    • Hosting providers and analytics services for maintaining app performance.
    • Fraud prevention and identity verification services.
  • Third-Party Services Accessing User Data:
    • Stripe (payment processing).
    • Google Analytics (user behavior tracking).
    • Cloud hosting providers for data storage.
  • Selling User Data:
    • No, DepositBack does not sell user data.

User Choices

  • Access & Modification of Data:
    • Users can view and update their personal information through their account settings.
  • Opting Out of Data Collection:
    • Users can request data deletion via customer support.
    • Limited data collection may still be required for regulatory compliance.
  • Policy Change Notifications:
    • Updates will be communicated via email and in-app notifications.

Children’s Information

  • Collection from Minors:
    • No, DepositBack does not knowingly collect data from individuals under 13.
  • Parental Consent:
    • Not applicable.

Cookies and Tracking

  • Use of Cookies & Tracking:
    • Yes, cookies are used for authentication, performance tracking, and fraud prevention.
  • User Consent for Tracking:
    • Users are informed through a cookie consent banner on the website.

International Regulations

  • Data Protection Compliance Officer:
    • Yes, DepositBack follows data protection laws, including GDPR and CCPA.
  • EU User Services & Data Tracking:
    • Services are primarily for U.S. users, but compliance measures are in place for EU users if applicable.
    • Users can request data deletion or access via support channels.

International Data Transfers

  • Transfer of User Data to Other Countries:
    • Yes, data may be processed in other countries where cloud providers operate, with safeguards in place.

State-Specific Regulations

  • California Residents:
    • DepositBack does business in CA but does not meet CCPA financial thresholds.
    • Users can opt out of certain data processing activities.
  • Virginia, Colorado, Connecticut, Utah Residents:
    • DepositBack does not process data for 100,000+ users in these states.
    • No revenue is derived from selling user data.

Cookies

  • Types of Cookies Used:
    • Essential Cookies: Yes
    • Functional Cookies: Yes
    • Analytics/Performance Cookies: Yes
    • Ad Analytics Cookies: No
    • Ad Tracking Cookies: No
  • Third-Party Cookie Collection:
    • Google Analytics and other tracking tools.

 

Secure deposits. Simple management.

  • Track deposits and payments with ease.
  • Document inspections with video and photos.
  • Get instant alerts for key updates.
Start now