Privacy Policy

Your Privacy Matters to Onder

This Privacy Policy governs your relationship with Onder, Inc. (also “Onder,” “we,” “our,” or “us”). Protecting our users and business customers (also “you,” “your,” or “their”) and their privacy is a priority of ours. We have provided this Privacy Policy to help you understand:

  • how we collect your non-public personal information (“Personal Information”),
  • how we use your Personal Information, and
  • how we protect your privacy.

This Privacy Policy governs your access to and use of our website located at www.onder.io and all other websites, newsletters, digital mediums, or apps owned and maintained by Onder and also applies to any Personal Information collected, stored, or used by us, such as Information you provide us through the above mediums, by email, mail, or telephonic communications (collectively, the “Website”). In addition, the Privacy Policy describes how we handle Personal Information we collect through the provision of our real estate technology products and services to you, such as by our Website, telephone calls, e-mails, and other communications with us, with related professionals, or with other third parties involved in providing services to you (collectively, the “Services”).

By accessing and using the Website and Services, you acknowledge that you have read this Privacy Policy and consent to its terms.

I.        Privacy

Our Privacy Assurance 

  • We collect only Personal Information necessary or relevant to our business.
  • We make a reasonable effort to ensure that Personal Information we act upon is accurate, relevant, timely, and complete.
  • We use only legitimate means to collect Personal Information.
  • We make Personal Information available externally only to respond to legitimate business needs, to regulatory or other government authorities, or as otherwise permitted by law.
  • We limit employees' access to those who need to handle Personal Information and who are trained in the proper handling of such Personal Information.
  • We take industry standard precautions to protect your Personal Information.
  • We do not sell Personal Information to any person or company.
  • We do not share Personal Information with non-affiliate companies that would use such Personal Information to market their own products and services, unless permitted pursuant to a joint marketing agreement.

Personal Information We Collect from You 

We get most of our Personal Information directly from you through the Website or via any application you complete, email, mail, mobile apps, or telephonic communications, and various transactions with us. Sometimes our agents may contact you by phone or mail to obtain additional Personal Information. Depending on the nature of your transaction, we may need additional Personal Information, such as credit reports, court records, or other public records. We also might obtain Personal Information about you from transactions with us or third-party service providers.

Some examples of the Personal Information we may collect from you include, among other types of Personal Information:

  • Your name
  • Your phone number
  • Your home and email address
  • Invoices, financial, mortgage, and insurance information and documents related to your home
  • Videos and photos of your home and other descriptive information about your home
  • Credit card and related validation information
  • Information related to your geographic location

You can choose not to provide certain information, but it may delay or prevent us from providing products and/or our Services to you.

Personal Information from Internet Use 

We may also automatically receive and store certain types of Personal Information whenever you visit the Website, such as the name of the domain and host from which you access the Internet, the IP address of the computer you are using, the web browser and operating system you are using, the date and time you access the Website, and the Internet address of the website from which you linked to the Website. We may log and use your IP address to administer the Website, to help diagnose problems with our server, to analyze trends, to track users' webpage movements, to help identify you and your geographic region, and to gather broad demographic information for aggregate use.

We may use standard tools, such as “cookies” (which may be html files, flash files, or other technology), web beacons, or similar technologies (collectively, “Tracking Tools”). Cookies are small text files stored locally on your computer that help store user preferences. “Web beacons” or “clear gifs” are small pieces of code placed on websites used to collect advertising metrics, such as counting page views, promotion views, or advertising responses. We may use Tracking Tools to monitor the Website and Internet usage and to improve or customize the content on the Website.

In addition, on occasion we may also set a “session cookie” on the Website to help us administer the Website. The session cookie expires when you close your web browser and does not retain any Information about you after it expires. If you do not want the benefits of these cookies, you may opt-out by visiting http://www.networkadvertising.org/optout_nonppii.asp. However, if you do so, you may not receive the full benefit from the use of the Website.

We may use Tracking Tools only to gather information as indicated in this Privacy Policy. In many web browsers, you can choose to delete, disable, turn off, or reject most Tracking Tools through the “Internet Options” sub-option of the “Tools” menu of your web browser or otherwise as directed by your web browser’s support feature. Please consult the “Help” section of your web browser for more information. By agreeing to this Privacy Policy, you are consenting to the use of Tracking Tools as set forth in this Privacy Policy.

Finally, our web servers may collect “log data.” Log data provides aggregate information about the number of visits to different pages on the Website. This Privacy Policy does not apply to other types of information you may disclose or that we may collect, including aggregate user statistics, demographic information, and other data that does not include Personal Information or from which you cannot be identified.

We use such aggregate log data to improve access to the Website based on visitors’ web browsers and operating system types to make the Website available to as many relevant users as possible. We do not link the “log data” collected to Personal Information. Third party providers may also collect aggregate log data independently from us.

How We Use Your Personal Information 

Under data protection law, we can only use your Personal Information if we have a proper reason for doing so, e.g.:

  • To comply with our legal and regulatory obligations;
  • For the performance of Services or to take steps at your request before engaging in Services with you;
  • For our legitimate interests or those of a third party; or
  • Where you have given consent.

A legitimate interest is when we have a business or commercial reason to use your information, so long as this is not overridden by your own rights and interests.

The table below explains what we use (process) your Personal Information for and our reasons for doing so:

Uses of Your Personal Information

Our Reasons for Such Use

To provide products and/or Services to you

For the performance of our contract with you or to take steps at your request before entering into a contract

To make decisions about the types of products and prices we can offer to you

For our legitimate interests or those of a third party, i.e. to factor various risks into the products and prices we offer

To assess your eligibility for payment plans and to process your payments

For our legitimate interests or those of a third party, i.e. to factor various risks into payment plans we offer

To communicate with you and others as part of our business and to respond to your requests

For our legitimate interests or those of a third party, i.e. to send updates to you regarding our products and Services

For the performance of our contract with you or to take steps at your request before entering into a contract

To prevent and detect fraud or abuse

For our legitimate interests or those of a third party, i.e. to minimize fraud that could be damaging for us, a third party or for you

Conducting checks to identify our customers and verify their identity

Other processing necessary to comply with professional, legal, and regulatory obligations that apply to our business

To comply with our legal and regulatory obligations

Gathering and providing information required by or relating to audits, enquiries or investigations by regulatory bodies

To comply with our legal and regulatory obligations

Ensuring business policies are adhered to, e.g. policies covering security and internet use

For our legitimate interests or those of a third party, i.e. to make sure we are following our own internal procedures so we can improve our products and Services

Operational reasons, such as improving efficiency, training, and quality control

For our legitimate interests or those of a third party, i.e. to be as efficient as we can so we can improve our products and Services

Ensuring the confidentiality of commercially sensitive information

For our legitimate interests or those of a third party, i.e. to protect trade secrets and other commercially valuable information

To comply with our legal and regulatory obligations

Statistical analysis to help us manage our business, e.g. in relation to our financial performance, customer base, product range or other efficiency measures

For our legitimate interests or those of a third party, i.e. to be as efficient as we can so we can improve our products and Services

Preventing unauthorized access and modifications to systems

For our legitimate interests or those of a third party, i.e. to prevent and detect criminal activity that could be damaging for us and for you

To comply with our legal and regulatory obligations

Generally establish and defend legal rights and protect our operations or those of any of our group companies or business partners

For our legitimate interests or those of a third party; i.e. to pursue available remedies to limit our damages.

Updating and enhancing customer records

For the performance of our contract with you or to take steps at your request before entering into a contract

To comply with our legal and regulatory obligations

For our legitimate interests or those of a third party, e.g. making sure that we can keep in touch with our customers about existing orders and new products

Statutory returns or responses

To comply with our legal and regulatory obligations

Ensuring safe working practices, staff administration, and assessments

To comply with our legal and regulatory obligations

For our legitimate interests or those of a third party, e.g. to make sure we are following our own internal procedures and working efficiently so we can deliver the best service to you

Marketing our Services and those of selected third parties to:

  • existing and former customers;
  • third parties who have previously expressed an interest in our Services;
  • third parties with whom we have had no previous dealings.

For our legitimate interests or those of a third party, i.e. to promote our business to existing and former customers

External audits and quality checks, e.g. security accreditation and the audit of our accounts

For our legitimate interests or those of a third party, i.e. to maintain our accreditations so we can demonstrate we operate at the highest standards

To comply with our legal and regulatory obligations

Facilitate social sharing functionality

For our legitimate interests or those of a third party, i.e. to enable efficient functionality between our Services and digital mediums

Send you important information regarding changes to our policies, other terms and conditions, our Services and other administrative information

For our legitimate interests or a those of a third party, i.e. to obtain your consent to updated policies

To comply with our legal and regulatory obligations

With whom do we share your Personal Information

We may disclose the Personal Information we collect to companies or individuals that perform Services on our behalf with whom we have joint marketing agreements. In order to conduct our business and to better serve you, we may disclose all of the Personal Information we collect, as described above, to:

  • Our service providers. We may also share your Personal Information with external third-party service providers, such as accountants, actuaries, auditors, experts, lawyers and other outside professional advisors; call center service providers; IT systems, support and hosting service providers; printing, advertising, marketing and market research and analysis service providers; banks and financial institutions that service our accounts; document and records management providers; translators; and similar third-party vendors and outsourced service providers that assist us in carrying out business activities.
  • Providers of Internet-connected devices and associated software. Onder may make the Personal Information you provide to us via our apps available to providers of Internet-connected devices and/or associated operating systems and/or software as set forth in the terms of use and/or privacy policies you agree to with those providers.
  • Governmental authorities and third parties involved in court action. Onder may also share Personal Information with governmental or other public authorities (including, but not limited to, workers’ compensation boards, courts, law enforcement, tax authorities and criminal investigations agencies); and third-party civil legal process participants and their accountants, auditors, lawyers and other advisors and representatives as we believe to be necessary or appropriate: (a) to comply with applicable law, including laws outside your country of residence; (b) to comply with legal process; (c) to respond to requests from public and government authorities including public and government authorities outside your country of residence; (d) to enforce our terms and conditions; (e) to protect our operations or those of any of our group companies; (f) to protect our rights, privacy, safety or property, and/or that of our group companies, you or others; and (g) to allow us to pursue available remedies or limit our damages.
  • Other Third Parties. We may share Personal Information with purchasers and prospective purchasers or other parties in any actual or proposed reorganization, merger, sale, joint venture, assignment, transfer or other transaction relating to all or any portion of our business, assets or stock.  

These companies and individuals may only use the Personal information for the transactions we request. We may disclose your Personal Information to third parties for the following reasons:

  • Providing you the Services
  • Payment processing
  • Tracking how visitors use the Website
  • Fulfilling a transaction you requested
  • Preventing fraud
  • Marketing our products
  • Complying with requests from law enforcement
  • With your consent (e.g., if you authorize us to share your Personal Information)
  • Protecting our rights, property, or safety, or that of users of Onder or the general public

In the event of a bankruptcy or a sale, merger, or acquisition, we may also transfer your Personal Information to a separate entity. That entity will be responsible for ensuring that your Personal Information is used only for authorized purposes and persons in a manner consistent with this Privacy Policy and applicable law.

Additionally, we may share Personal Information when it is required by a court or government agency or to respond to a Claim by you or a third party. In doing so, we may respond to any subpoena received from a court or government agency without prior notice to you. Unless prohibited by law or by a court order, we will use reasonable efforts to notify you of any subpoena received from any other party that requires us to disclose your identity and will wait ten (10) days thereafter, or a lesser amount of time as required by the deadline in the subpoena, before providing the requested Personal Information.

Personal Information may also be shared by you, on message boards, chat, profile pages and blogs, and other Services to which you are able to post information and materials (including, without limitation, our social media pages and apps). Please note that any information you post or disclose through these Services will become public information, and may be available to third parties who access the Onder Services and to the general public. We urge you to be very careful when deciding to disclose your Personal Information, or any other information, on the Services.

We do not sell any of your Personal Information to any third parties.

Retention, Confidentiality, and Security of Personal Information

We store Personal Information for as long as reasonably necessary to fulfill the purposes described above, as we determine is necessary for business records, and as required under applicable law.

We restrict access to Personal Information about you to those who need to know in order to provide products or Services to you and to conduct our internal operations. We maintain physical, electronic, and procedural safeguards that comply with federal regulations to guard your Information.

Additionally, the Website is a certificate trusted website and uses security software to encrypt information before and during transmission to the internet. If we become aware of a security systems breach, we may attempt to notify you electronically so that you can take appropriate protective steps. We may post a notice through the Website if a security breach occurs. We may also send an email to you at the email address you have provided to use in these circumstances. Depending on where you live, you may have a legal right to receive notice of a security breach in writing.

However, some of our security measures depend on the compatibility of your web browser. While we strive to protect your Information, the internet is not absolutely secure and, thus, we cannot promise guaranteed security. In the unlikely event that we believe that the security of your Information in our possession or control may have been compromised, we may seek to notify you of that development. If a notification is appropriate and to the extent we have your email address, we may notify you by email.

You should also take steps on your own to protect your Personal Information. There are steps you can take to help maintain the security of your Personal Information, such as:

  • Using the latest version of your web browser.
  • Keeping your username and password confidential.
  • Accessing the Website only on personal or trusted computers.

Please refer to the Federal Trade Commission’s website at http://www.business.ftc.gov/privacy-and-security/consumer-privacy for information about how to protect yourself against identity theft.

II.        Personal Information and Third Parties

Links 

The Website may include links to other websites. This Privacy Policy only applies to our Website and Services. We do not make any representations about any websites other than our own. Any Personal Information you provide to any linked websites will be subject to the privacy policies of that website. If provided, you should review the privacy policies of any linked websites carefully.

Social Media

The Website may include social media features, such as YouTube, Facebook, Twitter, and LinkedIn pages or widgets. These features may collect your IP address, which page you are visiting on the Website, and may set a cookie to enable the feature to function properly. Social media features and widgets are either hosted by a third party or hosted directly on the Website. Your interactions with these features are governed by the privacy policy of the company providing it.

Commercial Electronic Messages

By providing your email address to us, you affirmatively and expressly consent to receiving commercial emails from us and from our third-party service providers. These parties may send you commercial emails in order to deliver information about the Website, information about developments relating to products, special offers, and other information, including but not limited to updates to the Website.

Children 

The Website is intended to be used in connection with financial products and Services. Consistent with the United States Federal Children’s Online Privacy Protection Act of 1998 (COPPA), the Website is not directed at children and we do not knowingly collect Personal Information from anyone under the age of eighteen (18) years. If you are a parent or guardian and believe that your child has provided Personal Information to the Website without your consent, for example – by misrepresenting their age, please notify us. If we become aware that information is or has been submitted by or collected from a minor under the age of eighteen, we will work to promptly delete this information.

III.        Additional Relevant Provisions and Laws

We comply with the privacy laws of the U.S. and make no representation that this Privacy Policy or the Terms of Use comply with the laws of any other jurisdiction. If you choose to visit the Website, you do so at your own initiative and at your own risk and you are responsible for complying with all applicable local laws and you waive any causes of action, suits, penalties, fines, losses, damages, costs, or expenses, including attorneys’ fees (“Claims”) that may arise under such local laws.

Enforcement and Disputes

We are committed to resolve complaints about your privacy and our collection or use of your Personal Information. If you do not receive timely acknowledgement of your request or have an unresolved privacy or data use concern that we have not addressed satisfactorily, please contact our U.S.-based third party dispute resolution provider (free of charge) at https://feedback-form.truste.com/watchdog/request.

California Residents 

The following provisions apply only to residents of the state of California:

a.         Do Not Track. Section 22575 of the California Business & Professions Code requires website and online service operators to disclose whether they honor web browser “Do Not Track” settings. At this time, as no standard has been adopted by the World Wide Web Consortium (W3C) regarding such practices, and given current industry considerations, we generally do not respond to “do not track” signals, which you may initiate through your personal browser or device. We will update our practices and Policy as these standards evolve. For more information about Do Not Track, please visit www.allaboutdnt.org.

b.        CCPA. You have the right under the California Consumer Privacy Act of 2018 (CCPA), to the extent it applies to Onder, and certain other privacy and data protection laws, as applicable, to exercise free of charge:

Disclosure of Personal Information We Collect About You

You have the right to know:

  • The categories of Personal Information we have collected about you;
  • The categories of sources from which the Personal Information is collected;
  • Our business or commercial purpose for collecting or selling Personal Information;
  • The categories of third parties with whom we share Personal Information, if any; and
  • The specific pieces of Personal Information we have collected about you.

Please note that we are not required to:

  • Retain any Personal Information about you that was collected for a single one-time transaction if, in the ordinary course of business, that information about you is not retained;
  • Re-identify or otherwise link any data that, in the ordinary course of business, is not maintained in a manner that would be considered Personal Information; or
  • Provide the Personal Information to you more than twice in a 12-month period.

Personal Information Shared or Disclosed  for a Business Purpose

In connection with any Personal Information we may share or disclose to a third party for a business purpose, you have the right to know:

The categories of Personal Information about you that we share or disclose and the categories of third parties to whom the Personal Information was shared or disclosed; and

The categories of Personal Information that we shared or disclosed about you for a business purpose.

You have the right under the California Consumer Privacy Act of 2018 (CCPA) and certain other privacy and data protection laws, as applicable, to opt-out of the sharing or disclosing of your Personal Information.

Right to Deletion

Subject to certain exceptions set out below, on receipt of a verifiable request from you, we will:

  • Delete your Personal Information from our records; and
  • Direct any service providers to delete your Personal Information from their records.

Please note that we may not delete your Personal Information if it is necessary to:

  • Complete the transaction for which the Personal Information was collected, fulfill the terms of a written warranty or product recall conducted in accordance with federal law, provide a good or service requested by you, or reasonably anticipated within the context of our ongoing business relationship with you, or otherwise perform a contract between you and us;
  • Detect security incidents, protect against malicious, deceptive, fraudulent, or illegal activity; or prosecute those responsible for that activity;
  • Debug to identify and repair errors that impair existing intended functionality;
  • Exercise free speech, ensure the right of another consumer to exercise their right of free speech, or exercise another right provided for by law;
  • Comply with the California Electronic Communications Privacy Act;
  • Engage in public or peer-reviewed scientific, historical, or statistical research in the public interest that adheres to all other applicable ethics and privacy laws, when our deletion of the information is likely to render impossible or seriously impair the achievement of such research, provided we have obtained your informed consent;
  • Enable solely internal uses that are reasonably aligned with your expectations based on your relationship with us;
  • Comply with an existing legal obligation; or
  • Otherwise use your Personal Information, internally, in a lawful manner that is compatible with the context in which you provided the information.

Protection Against Discrimination

You have the right to not be discriminated against by us because you exercised any of your rights under the CCPA. This means we cannot, among other things:

  • Deny goods or services to you;
  • Charge different prices or rates for goods or services, including through the use of discounts or other benefits or imposing penalties;
  • Provide a different level or quality of goods or services to you; or
  • Suggest that you will receive a different price or rate for goods or services or a different level or quality of goods or services.

Please note that we may charge a different price or rate or provide a different level or quality of goods and/or services to you, if that difference is reasonably related to the value provided to our business by your Personal Information.

c.        Shine the Light. We need to disclose to you that we do not share information for third party direct marketing purposes. Effective January 1, 2005, under California Civil Code Section 1798.83, if an individual who is a California resident has provided Personal Information to a business in connection with a business relationship that is primarily for personal, family, or household purposes, and if that business has within the immediately preceding calendar year disclosed such an individual's Personal Information to a third-party and knows or should have known that such third-party used the information for its own direct marketing purposes, then that business is obligated to disclose in writing to such individual upon request, what Personal Information was shared and with whom it was shared. Any request for a disclosure required under this California law should be sent to us by regular mail as indicated by the contact section below.

Please note that under this law, we are not required to respond to a customer's request more than once in a calendar year, nor are we required to respond to any request that is not sent to the email or mailing address designated above.

International Visitors

We are based in the United States and the Website we own or operate is located and hosted in the United States by Amazon Web Services and is intended for visitors located within the United States. In most cases, the Personal Information we collect is stored and used in the United States. While we do not direct our Services to residents of the European Economic Area, it is possible that such residents may access and use the Website. If you choose to use the Website from the European Union or other regions of the world with laws governing data collection and use that may differ from U.S. law, then please note that you are transferring your Personal Information outside of those regions to the United States for storage and processing.

We may also transfer your data, including Personal Information, from the U.S. to other countries or regions in connection with storage and processing of data, fulfilling your requests, and operating the Website. By providing any information, including Personal Information, to us, you consent to such transfer, storage, and processing.

V.        Updates, Access, Correction

Updates to this Privacy Policy; Incorporation; Scope

We may, from time to time, unilaterally modify the Privacy Policy without notice to you, so it is important that you review this Privacy Policy every time you use or access the Website. Such modifications by us are effective upon posting to the Website and your access to or use of the Website at any time constitutes acceptance of the Privacy Policy in effect at that time. Our use of Personal Information collected or obtained at any time is subject to the Privacy Policy in effect at the time of such use.

This Privacy Policy supplements, but does not replace other applicable policies, practices, and privacy notices that may relate to specific business relationships you have with us or to certain products or Services, as described in the applicable privacy notice. At the start of our business relationship with you as a client, we will give you a copy of our privacy notice that applies to that relationship, if applicable. In the event of a conflict between this Privacy Policy and a privacy notice for a specific product or service, the specific product or service privacy notice shall govern.

Whether you use the Website or not, the provisions of the Terms of Use apply to this Privacy Policy, including without limitation, the following: Disclaimer of Warranties, Limitation of Liability, Indemnification, Choice of Law, and Dispute Resolution. We encourage you to review the Terms of Use before using the Website.

Access and Correction of Personal Information

Certain US states give you the right to access and correct the Personal Information that we have collected from or about you.

If you would like to exercise any of your rights as described in this Privacy Policy, please contact us as indicated below in the contact section.

Please note that you may only make a CCPA-related data access or data portability disclosure request twice within a 12-month period and Onder will be required to comply only to the extent CCPA applies to Onder.

If you choose to contact us directly, you will need to provide us with:

  • Enough information to identify you (e.g., your full name, address, and any customer or matter reference number);
  • Proof of your identity and address (e.g., a copy of your driving license or passport and a recent utility or credit card bill); and
  • A description of what right you want to exercise and the information to which your request relates.

We are not obligated to make a data access or data portability disclosure if we cannot verify that the person making the request is the person about whom we collected information, or is someone authorized to act on such person’s behalf. Any Personal Information we collect from you to verify your identity in connection with you request will be used solely for the purposes of verification.

Please be aware that there are also some types of Personal Information to which we are not required to give you access.

VI.        Contact

Contacting Onder 

For clarification or if you have any concerns about the Privacy Policy or Terms of Use, please write to us at: info@onder.io.

We will promptly investigate and attempt to respond in a manner that complies with the principles described in this Privacy Policy.

Last Updated: October 2021

FG:54390783.1

Licensed, Bonded, and Insured  •  © 2022 Onder
hello@getonder.com  •  Privacy  •  Terms  •  FAQ