User privacy is very important to us, in fact, it’s a top priority.
NRIPartner Privacy Policy
NRIPartner (“Provider”) is an online application that allows participants to enter and store information pertaining to their Real Estate Property. This privacy statement applies to the data collected on the Provider site or on corporate portal sites run by Provider; it does not apply to data collected through other online or offline sites, products or services.
By using the website and/or the services and providing us with personal information, you agree to the practices described in this Privacy Policy and to the updates to this policy posted here from time to time. To make sure you stay informed of all changes, you should check these policies periodically. Updates will be referenced by the “Last Updated” date shown at the end of this Policy.
Personally Identifiable Information Submitted by Children Under 13
No part of the Provider services is intended for use by persons under 13 years of age without the written consent of a parent or guardian. IF YOU ARE UNDER 13 YEARS OF AGE, PLEASE DO NOT USE OR ACCESS THE PROVIDER SERVICES AT ANY TIME OR IN ANY MANNER WITHOUT PARENTAL CONSENT (as described below). If we determine that personally identifiable information of persons under 13 has been collected without verifiable parental consent, we will remove the information from our systems. If you are a parent or guardian and learn that your child under 13 has created a Provider account, you may contact us and request that the information be removed from our systems.
Data Collection and Transfer
We collect the e-mail addresses of those who communicate with us via e-mail, aggregate information on what pages users access or visit, and information volunteered by the user (such as survey information and/or site registrations). The information we collect is used to improve the content of our web pages and the quality of our service, and is not shared with or sold to other organizations for commercial purposes, except to provide products or services you’ve requested, when we have your permission, or under the following circumstances: If it is necessary to share information in order to investigate, prevent, or take action regarding illegal activities, suspected fraud, situations involving potential threats to the physical safety of any person, violations of Terms of Service, or as otherwise required by law. We transfer information about you if Provider is acquired by or merged with another company. In this event, Provider will notify you before information about you is transferred and becomes subject to a different privacy policy.
Cookies
A cookie is a small amount of data, which often includes an anonymous unique identifier, that is sent to your browser from a web site’s computers and stored on your computer’s hard drive. We use cookies to record current session information, but do not use permanent cookies. You are required to log-in to your Provider Project Site after a certain period of time has elapsed to protect you against others accidentally accessing your account contents. Please note: cookies are required to use the Provider service.
Data Storage
Provider uses hosting services (such as Amazon Web Services) to provide the necessary hardware, software, networking, storage, and related technology required to run Provider. Although Provider owns the code, databases, and all rights to the Provider application, you retain all rights to your data.
Disclosure
Provider may disclose personally identifiable information under special circumstances, such as to comply with law or legal process, or in response to lawful requests from public authorities, including to meet national security or law enforcement requirements. We may also disclose your personal information to a third party for a business purpose. For example, we may disclose personally identifiable information to a contractor or service provider to perform work on our behalf. When we disclose personal information for a business purpose, we enter a contract that describes the purpose and requires the recipient to both keep that personal information confidential and not use it for any purpose except performing the contract. Finally, in the event that Provider sells or transfers all or a portion of its business or assets, personal information about our users would be among the assets transferred to the buyer.
Access and Deletion Rights
You have the right to request that we disclose certain information to
you about our collection and use of your personal information over the
past 12 months. Once we receive and confirm your verifiable consumer
request, we will disclose to you:
The categories of personal information we collected about you.
The
categories of sources for the personal information we collected about
you.
Our business or commercial purpose for collecting or selling that
personal information.
The categories of third parties with whom we share that personal
information.
The specific pieces of personal information we
collected about you.
B. You have the right to request that we
delete any of your personal information that we collected from you and
retained, subject to certain exceptions. Once we receive and confirm
your verifiable consumer request, we will delete (and direct our service
providers to delete) your personal information from our records, unless
an exception applies. We may deny your deletion request if retaining the
information is necessary for us or our service providers to: Complete
the transaction for which we collected the personal information, provide
a good or service that you requested, take actions reasonably
anticipated within the context of our ongoing business relationship with
you, or otherwise perform our contract with you. Detect security
incidents, protect against malicious, deceptive, fraudulent, or illegal
activity, or prosecute those responsible for such activities. Debug
products to identify and repair errors that impair existing intended
functionality. Comply with a legal obligation. Make other internal and
lawful uses of that information that are compatible with the context in
which you provided it.
C. You have the right to rectify any
personal information that we have about you, or to complete partial
information. In the majority of cases, the ability to fix inaccurate or
incomplete personal data is built into our app and will not require our
assistance. If you are unable to directly update or correct the
information within your account, you can contact us at
support@nripartner.com to request that we update or correct the
information for you. We will respond to your request within a reasonable
timeframe.
Changes
Provider may periodically update this policy. We will notify you about significant changes in the way we treat personal information by sending a notice to the primary email address specified in your Provider account or by placing a prominent notice on our site.
Anonymity
Provider’s client can decide to configure their portal so that individual users are not required to use their real name when registering – instead, participants can choose a username and anonymous email address, allowing for an additional level of individual privacy and anonymity. Visibility of real names on the site is the sole discretion of the client program administrator.
Third Party Providers
Provider never sells your data. However, if a third party provider
administers your program (such as your employer, property service
provider), it may have access to the following Personal Information:
Name (if required in registration)
Username
Email
address
Registration date
Last login date
Your Choices for Limiting Use and Disclosure of Your Personal Information
You have the choice at any time to opt out of personal communications. Additional options for reducing the use of your information depend on the terms of Provider’s engagement with the client, likely your company or organization. For more information about limiting use of your personal information by the organization that contracted for Provider’s services on your behalf, please contact that organization directly. If you do not know how to contact that organization, please contact support@NRIPartner.com and we will do our best to assist you.
Sub-Processors
Provider uses sub-processors in order to deliver our services, and Provider ascertains that sub-processors conform to all applicable privacy and security laws. A list of our current Sub-Processors is available upon request by sending an email to support@NRIPartner.com .
EU Data Transfer
NRIPartner complies with the obligations of a data processor as outlined in Article 28 of the General Data Protection Regulation 2016/679. NRIPartner commits to resolve complaints about our collection or use of your personal data. EU individuals with inquiries or complaints regarding our policy should first contact NRIPartner at : support@NRIPartner.com .
Dispute Resolution
If Provider maintains your personally identifiable information, you may
direct any inquiries or complaints concerning our compliance
to support@nripartner.com, or in the U.S., European Union, the United
Kingdom, or Switzerland by regular mail as indicated below. Provider
shall respond within 45 days. If your complaint cannot be resolved
through Provider’s internal processes, Provider will cooperate with JAMS
pursuant to the JAMS International Mediation Rules, available on the
JAMS website at www.jamsadr.com/international-mediation-rules. JAMS
mediation may be commenced as provided for in the relevant JAMS rules.
The mediator may propose any appropriate remedy.
Questions Any questions about this Privacy Policy should be addressed to
Last Updated: 1/5/2023
SECURITY @ NRIPartner
NRIPartner takes security and privacy very seriously, and has instituted many safeguards in order to make sure your data is safe and secure.
What data do we work with:
NRIPartner store PII (personally identifiable information, such as an
email address or name). At a minimum, we store email addresses,
username, password, and a member’s browser type and last IP address
(these last two for troubleshooting purposes only). Optionally,
depending upon our client’s preferences, we also store/process:
•A member’s first and last name
•Property Data
•Property
Documents
•Employee ID
•Some logging information to determine
the site is functioning correctly
NRIPartner will never sell your information or share it with a 3rd party.
All data can be downloaded in an electronically portable format. All members may permanently self-delete themselves at any time. We regularly purge accounts to ensure privacy.
Security
NRIPartner is entirely hosted in AWS Cloud where we take advantage of &
benefit from the vast and comprehensive ISO 27001 certified security
architecture there. This includes employing an OWASP 10 Web application
firewall, AWS Guard Duty, AWS Inspector, Aurora DBs with automated
nightly backups, IAM user management, Amazon Key Management Service, and
DDOS protection. Our staff is trained in best-practice security and
privacy protocols, and all employees are background-checked. We do not
store customer data in our office.
Additionally:
•All data is encrypted in transit.
•All data is encrypted at rest.
•Passwords are stored as salted, encrypted hashes.
•Our
database and architecture are protected behind a secure bastion host,
and we employ intrusion detection and monitoring, and do regular
penetration and vulnerability testing, to ensure our infrastructure is
secure.