Safe Harbor Policy
Kigo, Inc. has certified that it adheres to the Safe Harbor Privacy Principles of notice, choice, onward transfer, security, data integrity, access, and enforcement. To learn more about the Safe Harbor program, and to view the certification page, please visit http://www.export.gov/safeharbor/.
The United States Department of Commerce and the European Commission have agreed on the Safe Harbor Principles and associated frequently asked questions to enable United States companies to satisfy the EU legal requirement that adequate protection be given to personal information transferred from the EEA to the United States.
The United States Department of Commerce and the Federal Data Protection and Information Commissioner of Switzerland (“FDPIC”) have agreed a similar set of Safe Harbor Principles and associated frequently asked questions to enable United States companies to satisfy the Swiss legal requirement that adequate protection be given to personal information transferred from Switzerland to the United States. Consistent with its commitment to protect personal privacy, RealPage adheres to the principles in both the US-EU and the US-Swiss Safe Harbor principles and frequently asked questions, collectively the “Safe Harbor Principles”.
This Policy applies to all personal information received by RealPage in the United States from its clients in the EEA and Switzerland.
RealPage provides comprehensive property management software solutions to property owners and managers (our “clients”) in the multifamily, commercial, single-family, and vacation rental housing industries. Our on-demand product line covers the full spectrum of accounting, leasing, renters insurance, marketing services, utility management, purchasing, and other operational areas. In providing this suite of services, RealPage acts as a data processor under contract to our clients, the data controllers. As a data processor, RealPage does not own or control any of the personal data we process on behalf of our clients. All such personal data is owned and controlled by our clients. We are required to provide our products and services to our clients in accordance with their contractual provisions and instructions regarding data privacy, handling, and security.
Our policies and practices with respect to personal data our EU clients transfer to us are described below:
RealPage works with our clients to help them provide notice of data processing to individuals, including information concerning (1) the purposes for which personal information is collected and used; (2) a contact person to whom enquiries or complaints may be directed; (3) the types of third parties to whom personal information is disclosed; and (4) the choices and means that individuals are offered for limiting use and disclosure of personal information.
As a data processor handling personal data at the direction of our clients, RealPage has no direct relationship with the individuals whose personal data we process. If and when disclosure of personal data to a third party is necessary, RealPage works with our clients to help them inform individuals about the possibility of such disclosures and provide individuals with the choice and means of opting-out of or, in the case of sensitive personal data, opting-in to (a) such disclosures to third parties or (b) their personal information being used for purposes other than those for which it was originally collected or subsequently authorized by the individual. RealPage only processes personal information for purposes that are compatible with those for which it was originally collected or as lawfully directed by our clients.
RealPage complies with the notice and choice principles as described above for all personal data disclosed or transferred to a third party.
Where RealPage uses third party agents to process personal data to help it perform its services, we only share personal data to the extent reasonably necessary for the third party to perform the services on our behalf. We do not permit these third parties to use or disclose the personal data we process on behalf of our clients, except for the purpose of providing the services we request of them. RealPage will not transfer personal data to any third party agent unless (a) that third party subscribes to the Safe Harbor Principles, (b) that third party is subject to the EU Data Protection Directive, or (c) RealPage has concluded an agreement with such a third party requiring that they provide at least the same level of privacy protection as do the Safe Harbor Principles.
If RealPage enters into any business transition, restructuring, merger, sale, or other transferring of assets, we reserve the right to transfer all product and service information, including all personal data, as part of or in connection with the transaction. You will be notified via email and/or a prominent notice on our Web site of any change in ownership or uses of your personal information, as well as any choices you may have regarding your personal information.
NOTE: As set forth in the US Safe Harbor Principles, adherence to the Principles may be limited to the extent necessary to meet national security, public interest, or law enforcement requirements. Please be aware that in certain circumstances, it is possible that personal information may be subject to disclosure pursuant to judicial or other government subpoenas, warrants, or orders.
RealPage implements and maintains appropriate physical, administrative, technical and organizational measures to protect the personal information you provide us against unauthorized or unlawful access, use or disclosure, and against accidental loss, damage, alteration or destruction. Under our security policies and practices, access to sensitive personal information is authorized only for those who have a business need for such access, and sensitive records are retained only as long as reasonably necessary for business or legal purposes. RealPage strives to protect the user information that we collect and store, however, no security program is 100% secure and we cannot guarantee that our safeguards will prevent every unauthorized attempt to access, use, or disclose personal information. RealPage maintains security incident response policies and procedures to handle incidents involving unauthorized access to private information we collect or store.
RealPage uses personal data only for the purposes compatible with its original collection or as subsequently authorized for use by the individual. RealPage will assist its clients as needed to ensure that personal data it processes is pertinent to its intended use, accurate, complete, and current.
As a data processor handling personal data at the direction of our clients, RealPage has no direct relationship with the individuals whose personal data we process. An individual who seeks access, or who seeks to correct, amend, or delete inaccurate data should therefore direct his request to the RealPage client that transferred such data to RealPage for processing. The client will then provide access to the individual as determined under the applicable local data protection law. RealPage will assist its clients as needed to fulfill any such request.
Enforcement & Dispute Resolution
RealPage has in place mechanisms to verify ongoing compliance with the Safe Harbor Principles, and recourse for individuals to whom the data relate affected by non-compliance with the Safe Harbor Principles. Individuals who wish to file a complaint or who take issue with RealPage’s EU Safe Harbor Policy should contact RealPage’s Privacy team at the addresses listed below. RealPage will investigate and attempt to resolve any complaints and disputes regarding the use and disclosure of personal information by reference to the principles in this Policy.
For complaints that cannot be resolved between RealPage and the individual concerned, RealPage has agreed to participate in the Better Business Bureau EU Safe Harbor independent dispute resolution program. Individuals who submit a complaint or concern to RealPage but who do not receive acknowledgement from us or who think the complaint or concern has not been satisfactorily addressed should then contact the Better Business Bureau to participate in its dispute resolution procedure.Council of Better Business Bureaus, Inc.
BBB EU Safe Harbor 3033 Wilson Boulevard, Suite 600
Arlington, VA 22201 U.S.A.
Individuals can request access or submit Safe Harbor policy inquiries by email at firstname.lastname@example.org or by writing:RealPage, Inc.
Attn: Privacy (Legal)
2201 Lakeside Blvd.
Richardson, TX 75082