Privacy Policy for nyresidentialreit.com

We maintain an unwavering dedication to protecting and preserving all personal data provided by our website visitors and service users, implementing robust and comprehensive security measures throughout our services and operations.

This policy applies where we are acting as a data controller with respect to the personal data of our website visitors and service users; in other words, where we determine the purposes and means of the processing of that personal data. In this role, we are responsible for ensuring the proper handling, processing, and protection of all personal data submitted through our website.

We may process usage data (“usage data”), which comprehensively includes browser type, operating system, page views, navigation paths, timing and duration of visits, click patterns, and interaction methods. This information is collected through automated logging systems, cookies, and analytics tools and may include referral sources, device information, and geographic location data. The source of this data is our analytics tracking system and server logs. We process this information for several important purposes, including improving website performance, analyzing user behavior, enhancing security monitoring, and optimizing content delivery, which enables us to provide better user experience, strengthen security measures, and deliver more relevant content. The legal basis for this processing is our legitimate interests in monitoring and improving our website and services.

We may process account data (“account data”), which comprehensively includes email address, username, password hash, account preferences, notification settings, and account creation date. This information is collected through registration forms, account updates, and user preferences settings and may include communication preferences, security settings, and account status information. The source of this data is direct user input during account creation and management. We process this information for account administration, security verification, service provision, and communication purposes, which enables us to maintain secure user accounts, provide personalized services, and manage user communications effectively. The legal basis for this processing is the performance of a contract between you and us and/or taking steps, at your request, to enter into such a contract.

We may process profile data (“profile data”), which comprehensively includes name, contact information, profile pictures, biographical information, and professional details. This information is collected through profile creation forms, profile updates, and optional information submissions and may include social media handles, professional certifications, and areas of interest. The source of this data is direct user input and authorized third-party connections. We process this information for personalizing user experience, enabling user interactions, facilitating networking opportunities, and providing relevant content recommendations, which enables us to deliver targeted services, enhance user engagement, and improve community features. The legal basis for this processing is our legitimate interests in operating and improving our platform services.

Your Rights:

Right to Access: You have the right to obtain confirmation about whether we process your personal data and request copies of this data. This includes the ability to review what information we hold about you, verify the lawfulness of processing, and understand how your data is being used. To exercise this right, you can submit a formal request through our dedicated data access portal or contact our privacy team directly. We will respond within 30 days and may require government-issued identification, proof of address, and account verification to confirm your identity.

Right to Rectification: You have the right to have inaccurate personal data corrected or completed if it is incomplete. This includes the ability to update personal information, correct errors in your data, and supplement incomplete information. To exercise this right, you can access your account settings or submit a correction request through our support system. We will process your request within 15 days and may require account verification, supporting documentation, and specific details about the information to be corrected.

Right to Erasure: You have the right to request the deletion of your personal data in specific circumstances where there is no compelling reason for its continued processing. This includes the ability to remove account information, delete historical data, and withdraw processing consent. To exercise this right, you can submit an erasure request through our privacy center or contact our data protection officer. We will respond within 30 days and may require written confirmation, identity verification, and specific data identification.

Right to Restrict Processing: You have the right to limit the ways in which we use your personal data when you have particular concerns about its accuracy or use. This includes the ability to pause data processing, temporarily block specific uses, and limit data sharing with third parties. To exercise this right, you can submit a processing restriction request through our privacy settings or contact our support team. We will respond within 14 days and may require account authentication, specific processing details, and reason verification.

Right to Data Portability: You have the right to obtain and reuse your personal data for your own purposes across different services in a safe and secure way. This includes the ability to receive your data in a structured format, transfer information between platforms, and download personal data records. To exercise this right, you can use our data export tool or submit a portability request through our user dashboard. We will respond within 30 days and may require two-factor authentication, format specifications, and transfer destination details.Data Processing and Security

We process Service Data which includes account credentials, user profiles, service preferences, and usage patterns. This processing involves automated collection, analysis, and storage, enabling us to provide and optimize our residential property services. For example, in the context of property management, this includes tenant applications, lease agreements, and maintenance requests. The legal basis for this processing is contractual necessity and legitimate interests, specifically to fulfill our obligations as a property management entity and improve our services.

We process Technical Data which includes device information, IP addresses, browser types, and system configurations. This processing involves automated logging, analysis, and storage, enabling us to ensure proper website functionality and security. For example, this includes monitoring system performance, detecting unusual patterns, and optimizing website display. The legal basis for this processing is legitimate interests, specifically to maintain service reliability and security.

We process Communication Data which includes correspondence records, support tickets, and inquiry histories. This processing involves recording, categorizing, and storing communications, enabling us to provide effective customer service and maintain accurate records. For example, this includes property inquiries, maintenance requests, and tenant communications. The legal basis for this processing is contractual necessity and legitimate interests.

We process Transaction Data which includes payment records, billing information, and financial transactions. This processing involves secure recording, verification, and storage of financial interactions, enabling us to manage payments and maintain accurate financial records. For example, this includes rent payments, security deposits, and service fees. The legal basis for this processing is contractual necessity and legal obligations.

We process Preference Data which includes marketing preferences, notification settings, and customization choices. This processing involves recording, updating, and applying user preferences, enabling us to provide personalized services and respect communication choices. For example, this includes property alerts, newsletter subscriptions, and communication preferences. The legal basis for this processing is consent and legitimate interests.

Security Measures

Our comprehensive encryption protocols ensure end-to-end protection of your data, incorporating industry-standard algorithms and regular security updates to maintain data integrity. This includes regular security assessments and penetration testing by qualified professionals.

We implement multi-layered security infrastructure, including advanced firewalls and intrusion detection systems that continuously monitor for and prevent unauthorized access attempts. This infrastructure undergoes regular updates and enhancements.

Access to personal data is strictly controlled through role-based permissions, multi-factor authentication, and detailed access logs. We maintain comprehensive audit trails of all data access and modifications.

Our continuous monitoring systems provide real-time threat detection and automated response protocols, ensuring immediate action against potential security threats.

We maintain comprehensive backup procedures with encrypted offsite storage and regular recovery testing, ensuring data availability and integrity.

All staff undergo regular security awareness training and must comply with detailed data protection protocols, including specific training for handling sensitive data.

International Transfers

We may transfer your personal data to countries outside your jurisdiction. These transfers are protected by appropriate safeguards, including Standard Contractual Clauses, Binding Corporate Rules, and approved certification mechanisms. Each international transfer is conducted under strict protocols that ensure:
– Adequate data protection standards
– Compliant processing procedures
– Enforceable data subject rights
– Effective legal remedies

International transfers are protected by ISO 27001, GDPR compliance standards, and SOC 2 certification, ensuring compliance with international data protection regulations. We implement additional measures including:
– Regular compliance audits
– Data protection impact assessments
– Documented transfer mechanisms
– Continuous monitoring procedures

Regarding international transfers, you maintain specific rights including:
– Right to information about transfers
– Right to object to transfers
– Right to withdraw consent
– Right to data protection guarantees

Data Retention

We maintain specific retention periods for different data categories:

Account Information: 7 years after account closure to comply with legal requirements and handle potential disputes
Usage Data: 2 years to analyze service improvements and usage patterns
Transaction Records: 7 years to comply with tax and financial regulations
Communication History: 3 years to maintain service continuity and handle ongoing inquiries
Technical Logs: 1 year for security monitoring and system optimization

These retention periods are determined by:
– Legal requirements
– Business purposes
– Technical necessities
– User preferences

Special circumstances affecting retention:
– Legal obligations
– Dispute resolution
– Security investigationsCookies and Website Data Collection

At nyresidentialreit.com, we utilize various types of cookies and similar technologies to enhance your experience and optimize our services.

Essential cookies serve fundamental functions that allow our website to operate properly. These cookies enable secure user authentication, maintain your session security while browsing property listings, and ensure stable technical performance when accessing real estate data. For example, they keep you logged in while reviewing multiple property investments and protect sensitive transaction information.

Functional cookies enhance your browsing experience by remembering your preferences and customizations. They store your preferred property search criteria, regional market preferences, and interface customizations. These cookies ensure you receive location-relevant real estate listings and maintain your personalized dashboard settings.

Analytics cookies help us understand how visitors interact with our real estate platform. They track which property listings receive the most attention, how users navigate through different market analyses, and which investment tools are most valuable. This information helps us optimize our content and features to better serve our users’ needs.

Performance cookies monitor and improve our website’s technical operation. They assess loading times for property images and virtual tours, identify any technical issues with investment calculators, and ensure smooth delivery of market reports and property documentation.

Cookie Management

You maintain full control over your cookie preferences through your browser settings and our consent management tool. You can modify these settings at any time through our privacy preferences center.

Compliance Measures

For EU residents, we maintain strict GDPR compliance with explicit consent mechanisms before collecting any non-essential cookies. We limit data collection to necessary information and maintain transparent processing practices for all real estate-related activities.

California residents are entitled to comprehensive rights under CCPA, including access to collected information, deletion of personal data, and opting out of data sales. We ensure non-discriminatory service regardless of privacy choices.

For users under 13, we implement strict COPPA compliance measures, including age verification and parental consent requirements before collecting any personal information. Parents maintain access rights to review and manage their child’s data.

Policy Updates

We regularly review and update our privacy practices to maintain compliance with evolving regulations. Users will be notified of significant changes and may be required to provide renewed consent when necessary.

Contact Information

For privacy-related inquiries:
Primary Contact: [email protected]
We respond to all privacy concerns within 48 hours and require verification for data-related requests.

This policy was created specifically for nyresidentialreit.com and covers all associated services within the real estate investment industry.