Why Real Estate Agent Websites Need A Privacy Policy

The following is a post written by Hans Skillrud, Cofounder Termageddon LLC. We have recently partneted with Termageddon to help Real Estate Tomato clients maintain compliance with ever-changing Privacy Laws.

If you work in real estate, you have probably experienced the satisfaction of helping clients navigate the various challenges of finding a new home or putting one up for sale. To be successful, it is critical to not only build relationships of trust and understanding with clients, but also assure your clients that you have the expertise to fulfill their needs. It is likely the case that you did not expect privacy compliance to be a major concern for your business. Nevertheless, this is a reality for not just those working in the real estate industry, but for businesses of all kinds.

If you have a website for your real estate agent business, U.S. privacy laws may require your website to contain an up-to-date Privacy Policy. Noncompliance with these laws may cause a negative impact on your business, such as incurring fines and even lawsuits under certain circumstances. Because of the broad reach of privacy laws, it is critical that your business is prepared. This article seeks to provide you with some critical information so that you may comply with the law while continuing to achieve success for your real estate agent business and your clients.

This article will discuss the following four topics:

• How real estate agent websites collect personally identifiable information;
• What laws require real estate agent websites to contain a Privacy Policy;
• Fines that may result from non-compliance with privacy laws; and
• Where your real estate agent business can get an affordable Privacy Policy solution.

How real estate agent websites collect personally identifiable information

When websites collect personally identifiable information (“PII”), privacy laws govern how that PII is used and disclosed to others. PII can be defined as any piece of information that directly identifies, or may reasonably identity, a specific person. PII may include the following:

• The first and last name of an individual
• Addresses, including zip codes
• Telephone numbers
• Email addresses
• Username/Password for property portal/IDX

In some cases (though rare) real estate agent websites might ask to collect credit report info, bank account information, and social security numbers in order to get pre-qualified to purchase a home.

Real estate agent websites may collect PII via the following:

• Contact forms and appointment forms containing an individual’s PII, such as telephone numbers and home addresses
• Inquiries from across state lines from potential clients desiring to move to a different state
• Portals containing images of users’ houses, along with information such as zip codes and addresses that may be viewed by others

If your website collects PII via any of the above methods, then your website may be required by law to contain a Privacy Policy. 

What laws require real estate agent websites to contain a Privacy Policy?

Privacy laws are broad in scope. If your business’s website is accessed by users protected under an applicable privacy law, such as California, there is a good chance your website must comply with it. Depending on where current and potential clients may access your website, this means that your business must be aware of major privacy laws governing the collection and use of PII. More likely than not, these laws require your website to contain an up-to-date Privacy Policy. These laws include the following:

• California Consumer Privacy Act (CCPA);
• California Online Privacy Protection Act (CalOPPA);
• Nevada Revised Statutes Chapter 603A;
• Delaware Online Privacy and Protection Act (DOPPA);
• Europe’s General Data Protection Regulation (GDPR).

The above laws require websites to contain Privacy Policies. These policies must make a variety of disclosures pertaining to what information is collected from the individual, how that information is used, and who has access to that information. Check out our article on laws requiring Privacy Policies for more guidance on what privacy laws may apply to your real estate agent website.

A new development that is creating significant compliance challenges for businesses is the expansion of consumer control over how PII is collected and transferred. For example, the California Consumer Privacy Act allows consumers to “opt-out” of certain disclosures and transfers of PII to third parties. Moreover, this particular law requires businesses to make specific disclosures pertaining to their information collection and sharing practices within their online Privacy Policies.

With privacy laws in the United States and abroad continuing to evolve, it is critical to determine what privacy laws apply to your website so you can effectively respond. As these laws continue to change, the risk of incurring heavy fines and lawsuits only increases.

Fines that may result from non-compliance with privacy laws

Noncompliance with applicable privacy laws can potentially result in significant fines and penalties. These fines may range from $2,500 per violation to €20,000,000 or more in total under European law. This “per violation” calculation is significant. It means that, even if your website only receives a handful of visitors on a weekly basis, the total fines incurred from violating the law can still be significant depending how often you collect PII from individuals.

Where can a real estate agent get an affordable Privacy Policy solution?

When faced with the compliance challenges posed by the numerous privacy laws on the books, businesses must often incur substantial costs just to hire attorneys to write a compliant Privacy Policy. We’ve partnered with Termageddon, a Privacy Policy generator that will create a customized Privacy Policy for your website and keep it updated whenever privacy laws change. For more information check out our Dynamic Privacy Policy info page.