Our Privacy Policy tells you what personally identifiable information DealWorthIt may collect from you, how DealWorthIt may process your personally identifiable information, how you can limit DealWorthIt's use of your personally identifiable information, and your rights to obtain, modify, and/or delete any personally identifiable information we have collected from you.
2. INFORMATION WE COLLECT
2.1 Information You Provide DealWorthIt DealWorthIt collects personal information when you request information about our services or otherwise voluntarily provide such information through our site.
2.2 Information Collected Automatically When you use our site, we automatically collect certain information by the interaction of your mobile device or web browser with our platform.
2.3 Cookies & Tracking Technologies DealWorthIt may use cookies, web beacons, behavioral advertising, or similar technologies to track your use of its website. Cookies are small data files placed on your device that help us provide a high-quality site experience. You can manage your cookie preferences through your browser settings.
3. HOW INFORMATION IS USED
3.1 Information DealWorthIt Processes with Your Consent Through certain actions when otherwise there is no contractual relationship between us, such as when you browse our site or request information, you provide your consent for us to process information that may be personally identifiable.
3.2 Legally Required Releases of Information DealWorthIt may be legally required to disclose your personally identifiable information if such disclosure is (a) required by law or other legal process; (b) necessary to assist law enforcement officials or government agencies; (c) necessary to investigate violations of or otherwise enforce our Legal Terms; or (d) necessary to protect us from legal action or claims.
4. DATA SECURITY & PROTECTION MEASURES
4.1 Encryption & Secure Storage We use industry-standard encryption and secure storage mechanisms to protect user data. Your information is stored in encrypted databases and secure cloud environments.
4.2 Access Controls Only authorized personnel have access to user data, and role-based restrictions prevent unauthorized access.
4.3 Data Breach Notification In the event of a data breach, we will notify affected users as required by law and take necessary actions to mitigate risks.
5. WHO WE SHARE YOUR INFORMATION WITH
5.1 Third-Party Integrations & Service Providers To provide our services, we may share your information with trusted third-party service providers, such as payment processors, analytics providers, and hosting services. These providers are contractually bound to handle your data securely.
5.2 Cross-Border Data Transfers If data is transferred outside of your jurisdiction, we comply with applicable data protection laws, including Standard Contractual Clauses (SCCs) for international data transfers.
5.3 Law Enforcement & Legal Compliance DealWorthIt will cooperate with law enforcement requests from within or outside your country of residence where required by law.
5.4 No Sale of Personal Data DealWorthIt shall not sell, share, rent, or otherwise deal in your personal information with third parties unless you provide explicit consent.
6. USER RIGHTS & DATA MANAGEMENT
6.1 Access to Your Personal Information You may request a copy of the personal information we maintain about you by contacting us.
6.2 Remove or Modify Your Information If you wish to remove or modify your personally identifiable information, you may contact us or use available tools on our site.
6.3 Data Retention & Deletion We retain your information only as long as necessary to fulfill the purposes outlined in this policy. After this period, we delete or anonymize your data unless legally required to retain it.
7. COOKIES & TRACKING PREFERENCES
You can manage cookies through your browser settings or opt out of tracking by adjusting preferences in our Cookie Policy.
8. CHILDREN'S PRIVACY
DealWorthIt does not knowingly collect or process data from individuals under the age of 18. If we become aware that a minor has provided us with personal information, we will take steps to delete such data.
9. LEGAL JURISDICTION & DISPUTE RESOLUTION
This Privacy Policy is governed by the laws of Delaware. Any disputes arising from this policy will be resolved through arbitration or the courts in the relevant jurisdiction.
10. CHANGES TO OUR PRIVACY POLICY
DealWorthIt reserves the right to change this privacy policy at any time. Changes will be posted on our site to keep users informed.
11. CONTACT INFORMATION
For any privacy-related inquiries, please contact our Data Protection Officer at privacy@dealworthit.com
12. PROPERTY OWNER INFORMATION COLLECTION
12.1 Property Owner Information Collection When you use our skip trace and property owner lookup features, we collect and process information related to property owners from various public and proprietary sources, including property records, tax assessments, utility records, and other publicly available information. This processing is conducted under legitimate interest grounds to provide our core property investment services.
12.2 Processing Categories & Legal Basis For each category of data we collect, we maintain records of:
- Categories of personal data collected
- Purpose of processing
- Legal basis for processing (consent, contractual necessity, legitimate interest, or legal obligation)
- Data retention periods
- Categories of third-party recipients
13. DETAILED DATA CATEGORIES
13.1 Account Information - Name, email address, phone number, company name, job title
- Login credentials (passwords are stored in encrypted format)
- Payment information (card details are processed by our payment processor and not stored directly by us)
- Subscription and billing history
13.2 Usage Data - Service interaction data (features used, frequency, duration)
- Search history and saved properties
- Transaction history
- Communications with our team
13.3 Property and Owner Data - Property addresses, parcel numbers, and legal descriptions
- Property characteristics (size, age, features)
- Transaction history (previous sales, listing history)
- Ownership information (names, contact details, ownership duration)
- Assessment and tax information
- Liens, encumbrances, and financial status
14. SOPHISTICATED DATA PROTECTION MEASURES
14.1 Technical Controls - End-to-end encryption for sensitive data transmission
- Multi-factor authentication for account access
- Regular security audits and penetration testing
- Intrusion detection and prevention systems
- IP-based access restrictions for administrator accounts
- Data loss prevention measures
- Automated security scanning and vulnerability management
14.2 Administrative Controls - Regular employee security training and awareness programs
- Written information security policies and procedures
- Vendor risk assessment and management program
- Incident response protocols with defined team responsibilities
- Designated Data Protection Officer oversight
14.3 Compliance Framework We maintain compliance with multiple privacy frameworks:
- GDPR (General Data Protection Regulation)
- CCPA/CPRA (California Consumer Privacy Act/California Privacy Rights Act)
- VCDPA (Virginia Consumer Data Protection Act)
- CPA (Colorado Privacy Act)
- CTDPA (Connecticut Data Privacy Act)
- UCPA (Utah Consumer Privacy Act)
- Other state and international privacy regulations as applicable
15. AUTOMATED DECISION-MAKING & PROFILING
15.1 Property Valuation Algorithms We employ automated algorithms to analyze property data and generate estimated values. These valuations use machine learning models trained on historical transaction data, property characteristics, market trends, and other relevant factors.
15.3 User Rights Regarding Automated Processing You have the right to:
- Obtain human intervention in any automated decision-making process
- Express your point of view regarding automated decisions
- Contest any decision based solely on automated processing
- Request an explanation of how the automated system reached its conclusion
16. DATA SUBJECT RIGHTS BY JURISDICTION
16.1 California Residents' Rights (CCPA/CPRA) California residents have specific rights under the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA), including:
- Right to know what personal information is collected
- Right to know whether personal information is sold or disclosed
- Right to opt-out of the sale of personal information
- Right to access personal information
- Right to request deletion of personal information
- Right to non-discrimination for exercising privacy rights
- Right to correct inaccurate personal information
- Right to limit use and disclosure of sensitive personal information
16.2 European Residents' Rights (GDPR) Under the General Data Protection Regulation (GDPR), European residents have the following rights:
- Right to be informed
- Right of access
- Right to rectification
- Right to erasure
- Right to restrict processing
- Right to data portability
- Right to object
- Rights related to automated decision making and profiling
16.3 Other Jurisdictions We comply with privacy regulations in other jurisdictions where our users reside, including but not limited to Virginia, Colorado, Connecticut, Utah, Canada, and Brazil. Each jurisdiction may provide specific rights to its residents.
17. REAL ESTATE DATA ETHICS FRAMEWORK
17.1 Ethical Use Guidelines We have established a Real Estate Data Ethics Framework that guides our collection, processing, and distribution of property and owner information:
- Accuracy: Commitment to data accuracy and currency
- Transparency: Clear disclosure of data sources and processing
- Fairness: Non-discriminatory practices in data collection and use
- Proportionality: Collecting only data necessary for legitimate purposes
- Security: Protecting data from unauthorized access and misuse
17.2 Fair Housing Compliance We are committed to fair housing principles and prohibit the use of our services for discriminatory practices. Our platform does not collect or process protected class information such as race, color, religion, national origin, sex, disability, or familial status for property targeting purposes.
17.3 Data Minimization Practices We apply data minimization principles by:
- Collecting only information necessary for our services
- Regularly purging unnecessary data
- Anonymizing data when full identity information is not required
- Aggregating data for analytics to remove individual identifiers
18. CROSS-BORDER DATA TRANSFERS
18.1 International Data Transfer Mechanisms For transfers of personal data outside of the jurisdiction where it was collected:
- Standard Contractual Clauses (SCCs)
- Binding Corporate Rules
- Transfer Impact Assessments
- Privacy Shield certification (where applicable)
- Country-specific data transfer agreements
18.2 Data Localization Compliance Where required by local law, certain data may be stored and processed only within specific geographic regions or countries.
18.3 Governmental Access Transparency We maintain transparency regarding governmental access requests to user data and publish periodic transparency reports detailing:
- Number and types of government requests received
- Our response to such requests
- Number of users affected
19. VENDOR MANAGEMENT PROGRAM
19.1 Third-Party Risk Assessment All vendors with access to personal data undergo a comprehensive risk assessment process:
- Security questionnaires and documentation review
- Contractual data protection requirements
- Regular compliance monitoring
- Audit rights and verification
19.2 Sub-processor Management We maintain a current list of all sub-processors who may access personal data, including:
- Identity and contact information
- Location of processing
- Categories of data processed
- Purpose of processing
19.3 Vendor Security Requirements Vendors must meet minimum security requirements, including:
- Encryption of data in transit and at rest
- Access controls and monitoring
- Security incident procedures
- Regular security assessments
- Data deletion/return procedures
20. PRIVACY BY DESIGN IMPLEMENTATION
We follow Privacy by Design principles in all our operations:
- Proactive not reactive; preventative not remedial
- Privacy as the default setting
- Privacy embedded into design
- Full functionality with positive-sum, not zero-sum
- End-to-end security with full lifecycle protection
- Visibility and transparency
- User-centric approach
21. MARKETING OPT-OUT SYSTEM
Users can select granular preferences for marketing communications:
- Email marketing frequency preferences
- SMS/text message marketing opt-out
- Postal mail marketing opt-out
- Telemarketing opt-out
- Targeted advertising preferences
22. DETAILED COOKIE MANAGEMENT
22.1 Cookie Categories We categorize cookies used on our platform:
- Essential cookies (necessary for site functionality)
- Functional cookies (improve user experience)
- Analytics cookies (help us understand site usage)
- Marketing cookies (track users across websites for advertising)
- Third-party cookies (set by external services)
22.2 Cookie Consent Management Our site implements a sophisticated cookie consent management tool that allows:
- Granular consent options by cookie category
- Periodic consent refreshing
- Easy consent withdrawal
- Cookie usage audit logs
22.3 Do Not Track Support We honor Do Not Track (DNT) signals from browsers by automatically disabling non-essential tracking when such signals are detected.