EBRHA Data Privacy Policy

Data Privacy Policy – East Bay Rental Housing Association

Effective Date: April 4, 2025 (Revised as of April 4, 2025)

The following governs your data and privacy policy agreement, pursuant to the Terms of Use (the “Terms”) of the website (URL: www.ebrha.com) (the “Site”) and use of all forms provided by East Bay Housing Association (the “Association”, “we”, “us”, or “our”). By accessing or using the Association’s website (the “Site”), you (any user of the Site hereinafter referred to as “you”) expressly agree and consent to the following data privacy policy (the “Policy”). If you do not accept the following Policy, then do not use the Site. The Policy is a legally binding agreement between you and the Association.

This Privacy Policy outlines our practices in compliance with the California Consumer Privacy Act (CCPA), the California Privacy Rights Act (CPRA), the California Online Privacy Protection Act (CalOPPA), and other applicable privacy laws.

This legally binding privacy policy governs the valuable exchange between any User of the Site and the Association. It is hereby noted and emphasized that any visitor to the Site is a “User” as defined in § 1 of the Site’s [Terms of Use]; any person or user who accesses the Site and/or any content contained within the Site, including all themes, ideas, news updates or available forms provided (“Content”) is equally governed by this Policy as it regulates the exchange of User data given to the Association. We are the ‘controller’ of any data divulged into our website, reachable at info@EBRHA.com.

1. Data rights, retention, and marketability.

The Association reserves all rights pertaining to any and all valuable, sensitive, personally identifiable, or otherwise significant Data (the "Data") received from any User upon its transfer of any Data to the Site. We host our site in California and adhere to California’s data privacy regulations. We have multiple revenue-share paid-partnerships in place, and require your consent as a User to opt-in to those services; you are free to opt-out from those services, however, opting-out will limit or restrict your ability to utilize the Site and/or certain services that we and the Third Parties on the Site provide.

2. Categories of Personal Information Collected.

We collect the following categories of personal information:

Contact Information: Name, email address, phone number.
Account Information: Username, password, account preferences.
Payment Information: Credit card details, billing address.
Technical Data: IP address, browser type, operating system, browsing behavior, and device identifiers.
Business Information: Verification research regarding publicly available LLC & Corporation information, real estate portfolio/unit quantities, property locations, amenity information, affiliations, parent companies, management companies, employee information, business contact information, business contact/mailing information, and more without limitation for membership-related-valuation inquiries.
Usage Data: Interaction with our website, including pages visited and time spent.
Other Personal Information: Any additional information you voluntarily provide to us through the Site or connected portals.
Any other relevant information, including, without limitation:

Promotions, presenters, webinars, promoting biographies, sharing photographs/headshots, contact information goes out to members and community partners (third parties) via email and/or social media text in order to promote the events related to the Services, Membership, & Site.
Posting events on Eventbrite, NextDoor, other social media platforms.

The Association retains all possible rights to any and all valuable, sensitive, personally identifiable or otherwise important data it receives from any User to the extent that we may aggregate, anonymize or market such data for any and all relevant legal purposes.

3. Methods of Data Collection.

Description of How We Collect Personal Data:

Our organization collects personal data through various methods to ensure we provide our services effectively and maintain a positive relationship with our customers. We collect personal data through the following channels:

Websites: When you visit our websites, we may collect personal data through cookies, third party platforms/pages, and similar technologies to improve your browsing experience and offer personalized services.
Customer Forms: Personal data provided by you through customer registration forms, subscription forms, or contact forms on our websites or in physical formats.
Email Surveys: We may collect personal data through surveys conducted via email to gather feedback and improve our services.
Email Correspondences: Correspondences with our team often includes the exchange of User Data, including contact information, collaborative team identities, & case-specific information when Users email us, or vice versa.
Forms: When Users complete forms through the Site we retain the information entered into those forms.
Testimonials: When Users give us praise, or otherwise provide positive testimonials, we sometimes post those positive testimonials on the Site, protecting the User’s identity with an abbreviated name.
In Person: Personal data collected during in-person interactions such as sign-ups at events, conferences, or workshops organized by us.
Webinars: Personal data collected during virtual, online interactions such as video chats, video meetings, or informative Webinars.
Give-aways: Information collected when you participate in contests, promotions, or giveaways hosted by us.
Database Records: Personal data obtained from publicly available sources or third-party providers to enrich our customer database and enhance our services.

Collection of Data from Individuals and Third Parties:

We collect personal data directly from individuals and also from third parties to enhance our services and provide a personalized experience. Here’s how we collect data:

Directly from Individuals:

User Submissions: Personal data provided voluntarily by users through forms, registrations, subscriptions, or inquiries on our websites.
Communications: Personal data collected through communications such as emails, chats, Q&A sessions, and feedback forms.
Polls and Webinars: Personal data obtained when individuals participate in polls, webinars, or other interactive sessions hosted by us.

From Third Parties:

API Integrations: Personal data retrieved from third-party services integrated into our website when users engage with these services. This includes data on engagement, usage patterns, and preferences relevant to the integrated service.
Third-Party Polls and Webinars: Personal data collected from third-party polls or webinars integrated into our website, subject to the privacy policies and terms of use of these third parties.

We collect personal data based on user consent, as necessary for the performance of a contract, to comply with legal obligations, or for our legitimate interests in providing and improving our services. We ensure that any third-party data collection adheres to applicable data protection laws and regulations in California.

4. Purposes of Data Collection.

We collect personal data to serve various essential functions and provide a comprehensive experience for our users. Specifically, we collect data for the following purposes:

Service Provision: To deliver and manage the services you have requested, including processing transactions, managing accounts, and providing customer support.
Marketing: To offer you information about our products, services, and promotions that may be of interest to you. This includes personalized marketing communications and targeted advertising based on your preferences.
Continuing Education Certifications: To facilitate the issuance and management of continuing education certifications; this involves collecting and verifying information necessary for certification purposes.

a. Our national association provides property management courses whereby a User may complete their courses online through our Site, Association, or Membership, whereby we receive data from Users completing certification from multiple various associations, such as regional & national associations including, but not limited to, the National Apartment Association.

External Submissions: To submit relevant user information to external organizations for the purpose of obtaining certifications or other services as requested by you.

Use of Data for Targeted Advertising and Automated Decision-Making:

We use personal data for the following purposes:

Profiling and Targeted Advertising: Your data may be used to create a profile based on your interests, behaviors, and preferences. This profiling helps us deliver targeted advertising that is more relevant to you. This means you may see ads and promotional content that align with your specific interests and previous interactions with our services.
Automated Decision-Making: We utilize automated systems to make decisions that affect the content and services you receive. This includes controlling and tailoring the marketing and advertising you see based on your individual user circumstances, as determined by our data collection practices.
Algorithm-Generated Marketing Materials: We employ algorithms to generate personalized marketing materials, sales offers, and advertisements. These algorithms analyze your data to create content that is more likely to be relevant and engaging to you.

Additional Data Collection for Paid Membership Levels:

For users subscribing to the website's paid membership levels, we require additional information to enhance the services provided and ensure the effective management of membership benefits. As part of the paid membership registration process, each member shall be required to provide the following data:

Logos: Business and branding logos.
Marketing Materials: Promotional and marketing content.
Property Lists: Details of properties managed or listed.
Property Manager Information: Names, contact information, titles, and credentials of property managers including any consultants and on-site staff.
Location and Address: Business location, billing address, and mailing/shipping address.
Business Partners: Information about business partners and associates.
Doing Business As (DBA): Any DBA names associated with the business.
Member Details: Names of individual members, owners, and partners.

Third-Party Data Collection and User Review:

We may receive data collected by third parties, which is shared with us independently of your direct engagement with our Site. This third-party data is used to enhance services we provide and to ensure accuracy and relevance in our interactions with you. Users are encouraged to review any data we receive from third parties that pertains to them. If you find any inaccuracies or discrepancies, you have the opportunity to correct or update such information to ensure its accuracy. Our goal is maintaining transparency, and ensuring the data we use is accurate/useful, generating the best possible service for you.

This additional data collection is intended to support the features and benefits associated with paid memberships and to facilitate effective communication and collaboration within our platform. We ensure that our use of data for these purposes complies with applicable data protection laws and is conducted with transparency, confidentiality, the utmost care, and respect for your privacy. If you have any questions about the data we collect or how it will be used, or if you wish to opt-out of data collection, please refer to the relevant sections of this Policy or contact us directly at Info@EBRHA.com. For any concerns regarding third-party data or to request corrections, please contact us directly. We are committed to upholding the highest standards of data accuracy and transparency in our services. Your information is only used in ways that are necessary for fulfilling these purposes and will not be shared with third parties except as explicitly stated in relevant Terms & Policies on our Site and of those third parties.

* NOTICE * OPT-OUT: Although all Users have the right and opportunity to Opt-Out of any data submissions, we are unable to provide Membership Services to Members of the Site and the Association without certain important data in order to do so competently. *

5. Legal Basis for Data Processing.

Legal Basis for Data Processing according to California Law:

In compliance with the California Consumer Privacy Act (CCPA), the California Privacy Rights Act (CPRA), the California Online Privacy Protection Act (CalOPPA), and other applicable privacy laws, we process personal data based on the following legal bases:

Consent: We may process your personal data when we have obtained your explicit consent to do so. Consent is collected through clear, affirmative actions such as “opting-in” to receive communications related to the Site and/or Membership, and/or agreeing to our Privacy Policy during your account registration and eventual entry of data. You can withdraw your consent at any time by contacting us, or by adjusting your preferences in your account settings. Be aware that certain consents are fundamentally necessary to use our Services.
Contract Performance: We process personal data as necessary to fulfill our contractual obligations to you. This includes data required to provide our services, process transactions, and manage your account. For instance, we use your data to deliver the services you have requested and to perform our contractual commitments. We may retrieve such data from public sources whenever available.
Legitimate Interests: We may process personal data based on our legitimate interests, provided that these interests are balanced against your rights and freedoms. This includes using data for purposes such as improving our services, ensuring network security, and conducting business analytics. We ensure that such processing does not override your rights and interests.

Data Management and User Rights:

Consent Management: You can review and manage your consent preferences through your account settings or by contacting us directly. We provide clear options to opt in or opt out of specific data uses and communications; although some data is fundamentally necessary to use our services, especially for Members.

Opting-out of some data entries is essentially opting-out of using our Services, Site, Membership, and/or resources, just by nature of how our offerings work in requiring certain User Data for us to accurately function.

Data Access and Correction: You have the right to access your personal data, request corrections, and obtain a copy of the data we hold about you. You can exercise these rights by submitting a request through our designated contact channels, calling us at: (510)893-9873 or e-mailing info@EBRHA.com.
Data Security and Storage: We implement appropriate technical and organizational measures to safeguard your personal data against unauthorized access, disclosure, alteration, and destruction. Data is stored in a secure manner and retained only as long as necessary to fulfill the purposes for which it was collected or as required by law.

6. Data Use and Sharing.

In accordance with the California Consumer Privacy Act (CCPA), the California Privacy Rights Act (CPRA), the California Online Privacy Protection Act (CalOPPA), and other applicable privacy laws, we outline the following practices regarding the use and sharing of personal data:

Use of Personal Data Within the Organization:

Operational Purposes: Personal data is used to provide, maintain, and improve our services. This includes, but is not limited to: managing your account, processing transactions, providing membership benefits, providing resources, and responding to inquiries.
Internal Analysis: Data may be used for internal purposes such as, without limitation: any business analysis, customer support, and/or enhancing of User experiences. We analyze your data to understand trends, preferences, and in order to improve our own offerings.
Communication: We use personal data to communicate with you about any updates, promotions, and/or other relevant information regarding our services and your account, based on your preferences and consent.

Sale of Personal Information:

* NOTICE * Third-Party Links, Revenue Sharing, and Data Disclosure

Our website may feature links to third-party services or platforms. If you choose to click on these links and engage with the third-party service—such as signing up for their offerings—certain information about your interaction with their service may be shared between us and the third-party provider. This information may include:

The fact that you accessed their service through our website (e.g., referral or tracking information)
Relevant transactional details, such as the completion of your sign-up with the third-party service
As part of this process, we may receive a payment from the third-party provider (commonly referred to as a "revenue share"). Under California law, this type of arrangement may be classified as a "sale" of personal information because we receive financial benefit in connection with the sharing of certain data.

* NOTICE * Opt-Out of Revenue Sharing and Data Disclosure

If you do not wish for your data to be shared with the third-party service provider for revenue-sharing purposes, you can opt out by choosing not to click on third-party links or engage with their services through our website. You are also welcome to use the "Do Not Sell My Personal Information" link on our website to manage your data preferences.

We encourage you to review the privacy policies of any third-party service provider to understand how they collect, use, and protect your personal information.

Sharing Personal Data with Third Parties:

Service Providers: We may share personal data with third-party service providers who perform services on our behalf, such as payment processors, data storage providers, and customer support vendors. These parties are bound by confidentiality agreements and are required to handle your data in accordance with applicable laws; you hereby agree to their terms of use and privacy policy according to the reciprocal nature of the linked services, and by virtue of your use of any of their services upon clicking their links or using their services.
Business Partners: Personal data may be shared with business partners, including real estate associations, for purposes such as joint marketing initiatives, educational certification to our members, or other similar services, partnerships, or collaborations. Such sharing is conducted under agreements that ensure data protection and compliance with privacy laws.
Legal and Regulatory Requirements: We may disclose personal data as required by law or to comply with legal obligations, including responding to lawful requests from public authorities or law enforcement.

Cross-Border Data Transfers:

International Transfers: In some cases, personal data may be transferred to and processed in countries outside of California or the United States. We ensure that such transfers comply with applicable data protection laws and that adequate safeguards are in place to protect your data.
Data Protection Measures: We implement appropriate technical and organizational measures to ensure that personal data transferred across borders is protected in accordance with the standards set by the California Consumer Privacy Act (CCPA) and other relevant data protection regulations.

7. Data Retention.

Data Retention and Deletion Practices:

In compliance with the California Consumer Privacy Act (CCPA), the California Privacy Rights Act (CPRA), the California Online Privacy Protection Act (CalOPPA), and other applicable privacy laws, we follow the below practices regarding the retention, storage, and secure deletion or anonymization of personal data:

Retention Period: We retain personal data only for as long as necessary to fulfill the purposes for which it was collected or as required by applicable California laws. This may include:

Operational Purposes: Data necessary to provide and improve our services, process transactions, and manage your account is retained as long as you maintain an active account or for the duration required to fulfill contractual obligations.
Marketing Purposes: Data we receive in order to contact Users for future services, including marketing of future services from our platforms, shall be retained for the purpose of communication with past Users for a reasonable amount of time until Users ‘opt-out’ or ‘unsubscribe’ from such Data uses.
Legal Compliance: Data may be retained to comply with legal obligations, such as financial record-keeping or regulatory requirements, for the duration stipulated by relevant California laws.

[We do not retain personal data indefinitely unless legally required to do so. Retention periods are reviewed periodically to ensure compliance with applicable laws and best practices.]

Retention Criteria: The criteria used to determine retention periods include:

Purpose of Data Collection: Data is retained as long as it is necessary to achieve the purpose for which it was collected.
Legal Requirements: Retention periods are guided by statutory and regulatory requirements applicable to our industry and business operations.
Business Needs: Consideration of operational needs & the value of data for historical, commercial, communicative, analytical, or statistical purposes.

Secure Deletion and Anonymization: When personal data is no longer needed for its intended respective use, or upon expiration of the retention period, we take the following steps to ensure secure deletion or anonymization:

Deletion: Data is permanently deleted using secure methods that prevent recovery, such as shredding electronic files or degaussing storage media.
Anonymization: Where appropriate, data is anonymized or aggregated to ensure it can no longer be linked to an individual before being deleted. Anonymized data may be retained for analytical purposes without identifying individuals.

We follow industry best practices for secure data disposal and anonymization to protect your privacy and ensure that data is handled responsibly throughout its lifecycle.

For any questions about our data retention practices or to request information about your data, please contact us through the channels provided in this Policy.

8. Data Security.

Data Security Compliance:

In compliance with California privacy laws, including the California Consumer Privacy Act (CCPA), we are committed to safeguarding your personal data through robust security measures and practices. Our approach to data security includes the following:

Security Measures:

Encryption: We use advanced encryption technologies to protect personal data both in transit and at rest. This ensures that sensitive information is securely transmitted and stored, minimizing the risk of unauthorized access.
Access Controls: Access to personal data is restricted to authorized personnel only. We implement strict access controls, including role-based permissions and multi-factor authentication, to ensure that data is only accessible to those who need it for their job functions.
Firewalls: We deploy firewalls and intrusion detection systems to protect our network infrastructure from unauthorized access and cyber threats. These defenses help to prevent potential breaches and ensure the security of our systems.
Regular Audits: We conduct regular security audits and vulnerability assessments to identify and address potential weaknesses in our security posture. These audits help us maintain a high level of security and ensure that our measures remain effective against evolving threats.

Detection, Assessment, and Management of Data Breaches:

Detection: We have implemented monitoring systems to detect any suspicious activities or potential breaches of personal data. These systems are designed to quickly identify unusual patterns or unauthorized access attempts.
Assessment: In the event of a suspected data breach, we promptly assess the situation to determine the nature and scope of the incident. This involves evaluating the potential impact on personal data and the effectiveness of our security measures.
Management: If a data breach is confirmed, we follow a defined incident response plan to manage and mitigate the breach. This includes:

Containment: Taking immediate steps to contain the breach and prevent further unauthorized access.
Notification: Informing affected individuals and relevant authorities as required by law, including providing details about the breach and guidance on protective measures.
Remediation: Addressing the root cause of the breach and implementing measures to prevent recurrence. We also review and update our security policies and practices based on lessons learned from the incident.

We take data security seriously and are dedicated to protecting your personal information through comprehensive security practices and proactive breach management. For any questions or concerns regarding our data security measures, please contact us through the channels provided in this Policy.

9. Individual Rights.

Individual Rights Regarding Personal Data:

In compliance with the California Consumer Privacy Act (CCPA) and other applicable California privacy laws, individuals have specific rights concerning their personal data. We respect and facilitate these rights as follows:

Individual Rights:

Right to Access: You have the right to request access to the personal data we hold about you. This includes information about the categories of personal data collected, the purposes for processing data, and the third parties with whom it has been shared.
Right to Rectification: If you believe that your personal data is inaccurate or incomplete, you have the right to request that we correct or update the information.
Right to Erasure: You may request the deletion of your personal data under certain circumstances, such as when the data is no longer necessary for the purposes for which it was collected or if you withdraw your consent and no other legal basis for processing applies.

Exercising Your Rights:

Submission of Requests: To exercise your rights, you can submit a request by contacting us through the designated contact methods provided in this policy. Please specify the right you wish to exercise and provide sufficient details to help us verify your identity and process your request.
Verification Process: We may need to verify your identity before fulfilling your request. This helps ensure that personal data is not disclosed or altered without proper authorization. Verification may involve providing additional information or answering security questions.
Handling of Requests: Once your request is verified, we will:

Access Requests: Provide you with a copy of your personal data in a structured, commonly used, and machine-readable format.
Rectification Requests: Correct or update your personal data as requested and inform you of the changes made.
Erasure Requests: Delete your personal data from our records, subject to any legal or contractual obligations that require us to retain certain information. We will confirm the deletion and provide you with information about any data that cannot be deleted.

Response Time: We aim to respond to your requests within the timeframes required by California law, typically within 45 days of receipt. If we require more time, we will notify you of the extension and the reasons for it.

We are committed to upholding your data rights and handling your requests in a transparent and efficient manner. If you have any questions about your rights or how to exercise them, please contact us through the contact information provided in this policy.

Consumer Rights

Under the CCPA/CPRA, you have the following rights:

Right to Access: You may request access to the personal information we hold about you.
Right to Deletion: You may request the deletion of your personal information.
Right to Opt-Out: You may opt-out of the sale or sharing of your personal information by choosing to “opt-out” of our revenue shares with third parties, by choosing to “opt-out” of third party services, and/or by choosing to NOT use third party services on our site that use or include a revenue share when you access those third party services.

* NOTICE * Third-Party Links, Revenue Sharing, and Data Disclosure

The fact that you accessed their service through our website (e.g., referral or tracking information)
Relevant transactional details, such as the completion of your sign-up with the third-party service
As part of this process, we may receive a payment from the third-party provider (commonly referred to as a "revenue share"). Under California law, this type of arrangement may be classified as a "sale" of personal information because we receive financial benefit in connection with the sharing of certain data.

* NOTICE * Opt-Out of Revenue Sharing and Data Disclosure

We encourage you to review the privacy policies of any third-party service provider to understand how they collect, use, and protect your personal information.

Disclaimer Regarding Third-Party Services: Our website may include links to third-party services or platforms. These third-party services operate independently and have their own privacy policies and practices. We do not control or assume responsibility for the content, privacy practices, or data collection activities of third-party services. We encourage you to review their privacy policies before engaging with their services.

No Guaruntee: We make every effort to comply with applicable privacy laws, including the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA). However, we cannot guarantee that all third-party providers comply with these laws. Users should exercise caution and independently verify third-party privacy practices before proceeding.

Right to Correction: You may request correction of inaccurate personal information.
Right to Limit Use of Sensitive Information: You may request limitations on the use of sensitive personal information.
Non-Discrimination

We will not discriminate against you for exercising any of your privacy rights. This means you will not be denied goods or services or treated unfairly if you choose to exercise your rights. To exercise any of these rights, please contact us using the information provided herein.

PLEASE NOTE: Users have access to most of their data through their “Member Compass” even if they are non-members. Any records or data that Users have no access to can be deleted on request, unless as provided in the above sections. We always honor anyone reaching out when asking to delete or request to view their own personal Data, subject to our own obligations and requirements for record-keeping and legal compliance.

However: There could be consequences for such actions, for example, if a User deletes their email on file, they could lose their membership, or experience additional adverse consequences, including their membership rates being adjusted or changed (due to Our inability to verify the User Data we have or had on file), in addition to other potential adverse determinations to their membership profile.

Also, please note: Membership is transferable. A new member who is transferred a membership from a prior member will have access to all data inputted into the membership profile prior to the transfer of the membership.

This effectively is an informed consent, because any User or Member who is transferring their membership, profile, and/or related tools or online assets must realize that transferring their own membership profile inherently includes disclosing the Data contained therewith. You hereby agree and understand that any time any User or Member transfers their website access, membership, online profile, or related account information, the User/Member inherently consents to their own acts of disclosure, including without limitation, all data already inputted into the transferred account, profile, membership, or related forms, documents and/or resources of the User profile.

10. Policy Updates & Notification.

Data Policy Updates & Notification:

1. Right to Update the Privacy Policy

We reserve the right to update and modify our privacy policy at any time to reflect changes in our practices, legal requirements, or operational needs. Any updates or changes will be effective immediately upon posting on our website or through other notification methods as described below. We encourage you to review this Policy periodically to stay informed about how we protect your personal data.

2. Notification of Significant Changes

When significant changes are made to this privacy policy, we will notify you through one or more of the following methods to ensure that you are informed:

Email: We may send you an email notification regarding major updates to the privacy policy if you have provided us with your email address.
Website Notifications: Significant changes will be prominently posted on our website, including on the privacy policy page.
Pop-Ups: For substantial updates, you may receive a pop-up notification on our website the next time you visit.
Mail: If required by law or if the change impacts you substantially, we may send a physical mail notification to the address we have on file, if we have such Data.
Phone: In specific circumstances, especially where we have an ongoing relationship with you, we may notify you of significant changes via phone.
Text: For users who have opted to receive text messages, we may send a notification of major updates through SMS.

See below for our Text Messaging (SMS) Terms & Conditions.

We strive to provide clear and timely notice of changes to ensure that you are always aware of how your personal data is managed and protected. If you have any questions or need further information about updates to our privacy policy, please contact us using the contact details provided in this Policy.

11. SMS (Text Messaging) Terms & Conditions.

1. SMS Consent Communication:

The information (Phone Numbers) obtained as part of the SMS consent process will not be shared with third parties for marketing purposes.

2. Types of SMS Communications:

If you have consented to receiving text messages from East Bay Rental Housing Association (EBRHA), you may receive messages related to the following:

Appointment reminders
Follow-up messages
Billing inquiries
Event Details

Example: "Hello, this is a friendly reminder of your upcoming appointment with an EBRHA Membership Specialist on Wednesday, January 25^th at 2pm. You can reply STOP to opt out of SMS messaging from EBRHA at any time."

3. Message Frequency:

Message frequency may vary depending on the type of communication. For example, you may receive up to 10 SMS messages per week related to your appointments/billing, or general inquiries.

4. Potential Fees for SMS Messaging:

Please note that standard message and data rates may apply, depending on your carrier’s pricing plan. These fees may vary if the message is sent domestically or internationally.

5. Opt-In Method:

You may opt-in to receive SMS messages from EBRHA in the following ways:

Verbally, during a conversation
By selecting a checkbox during the join application
By selecting a checkbox during a contact submission on our website
Texting an EBRHA staff member in a way that requires a response

6. Opt-Out Method:

You can opt out of receiving SMS messages at any time. To do so, simply reply "STOP" to any SMS message you receive. Alternatively, you can contact us directly to request removal from our messaging list.

7. Help:

If you are experiencing any issues, you can reply with the keyword HELP. Or, you can get help directly from us at info@ebrha.com.

Additional Options:

If you do not wish to receive SMS messages, you can choose not to check the SMS consent box on our forms.

8. Standard Messaging Disclosures:

Message and data rates may apply.
You can opt out at any time by texting "STOP."
For assistance, text "HELP" or visit our Website Terms of Use and Membership Terms pages.
Message frequency may vary

12. Compliance & Accountability.

Commitment to Compliance and Contact Information:

1. Commitment to Data Protection Laws

We are committed to complying with all applicable data protection laws and regulations, including the California Consumer Privacy Act (CCPA), the California Privacy Rights Act (CPRA), the California Online Privacy Protection Act (CalOPPA), and other applicable privacy laws. We strive to ensure that our data collection, processing, and storage practices are conducted in accordance with legal requirements and best practices for protecting your personal data.

2. Compliance with Applicable Laws

Our privacy practices are designed to meet the requirements of all relevant data protection laws and regulations. We ensure that:

Personal Data: Is collected, used, and shared in a manner consistent with legal obligations and your rights, as we have explained throughout this Policy.
Rights of Individuals: Are respected, including the rights to access, rectify, and erase personal data, as we have detailed extensively herein.
Security Measures: Are implemented to safeguard personal data against unauthorized access and breaches, as extensively explained in § 8.1 herein.

3. Contact Information for Inquiries or Complaints

If you have any questions, concerns, or complaints regarding our privacy practices or how we handle your personal data, please contact our Data Protection Officer (DPO) or Privacy Team:

Data Protection Officer / Privacy Team Contact:

Email: info@EBRHA.com

Phone: (510) 893-9873
Mailing Address: 3664 Grand Ave. Ste. B, Oakland, CA 94610
Website Contact Form: https://www.EBRHA.com

Privacy Policy Disclosure (CalOPPA Compliance): This Privacy Policy is prominently displayed on our website (referred to herein as the “Site”) and can be accessed through a link in the website’s footer or main navigation. We are dedicated to addressing any inquiries or complaints promptly and in accordance with applicable data protection laws. Your feedback is important to us, and we are committed to resolving any issues to ensure your privacy rights are upheld.

13. Additional Information.

Third-Party Data Collection

We may use third-party services to collect and analyze data on our behalf. These third parties are bound by contractual obligations to protect your information and are not permitted to use or disclose it for any purpose other than performing services for us, which is explicitly agreed upon in the relevant contracts. We are not responsible for the privacy practices or content of such external sites. We encourage you to review the privacy policies of any third-party sites you visit.

Additional California Privacy Rights

Shine the Light Law: California's Shine the Light law allows residents to request information about how their data is shared with third parties for direct marketing purposes. For more information, or to make a request under this law, please contact us using the contact information provided.

Children’s Privacy

Our services are not directed to children under the age of 16. We do not knowingly collect personal information from children under the age of 16. If we become aware that we have collected such information, we will take steps to delete it promptly.

Cookies and Tracking Technologies

We use cookies and other tracking technologies to enhance your experience on our website. Cookies are small data files placed on your device to collect information about your interactions with our Site. You can manage or opt-out of cookies through your browser settings. For more information, please see our Cookie Policy.

California “Do Not Track” (DNT) Disclosure

Our website does not respond to Do Not Track (DNT) signals from your browser. If you wish to limit tracking, please use privacy settings provided by your browser or third-party tools.

Severability: If any provision of this privacy policy is found to be invalid, inadequate, or unenforceable, the remaining provisions shall continue in full force and effect. Any such invalid or unenforceable provision shall thereafter be interpreted to reflect the parties' original intent as closely as possible, endeavoring to replace any such clause or provision with the absolute closest possible legally enforceable result without deletion of the same.

DPO Contact: For any concerns regarding data protection or privacy matters, you can reach our Data Protection Officer at info@EBRHA.com.

East Bay Rental Housing Association
info@EBRHA.com
(510) 893-9873

https://www.EBRHA.com

This completes our Privacy Policy. We take your privacy seriously and are committed to handling your personal information in a secure and transparent manner. Thank you for trusting us with your data.