Privacy Policy

Last updated: January 21, 2026

1. Introduction

Apartment Rater ("we," "our," or "us") respects your privacy and is committed to protecting your personal data. This privacy policy explains how we collect, use, and safeguard your information when you use our website and services.

Data Controller: Apartment Rater
Location: Jacksonville, FL, United States
Email: privacy@apartmentrater.com

2. Information We Collect

Account Information

When you create an account, we collect:

  • Email address
  • Name (optional)
  • Password (encrypted)
  • Profile image URL (optional)

Review Information

When you write a review, we collect:

  • Review content and ratings
  • Unit number (optional)
  • Lease dates (optional)
  • Whether you chose to post anonymously

Automatically Collected Information

We may automatically collect:

  • IP address
  • Browser type and version
  • Pages visited and time spent
  • Referring website
  • Device information

3. Legal Basis for Processing (GDPR)

If you are in the European Economic Area (EEA), we process your personal data based on the following legal grounds:

  • Contract Performance: Processing necessary to provide our services (e.g., account creation, review posting)
  • Legitimate Interests: Processing for our legitimate business interests (e.g., improving services, preventing fraud), where these are not overridden by your rights
  • Consent: Where you have given explicit consent (e.g., marketing communications)
  • Legal Obligation: Processing necessary to comply with legal requirements

4. How We Use Your Information

We use your information to:

  • Provide and maintain our services
  • Process and display your reviews
  • Send verification and account-related emails
  • Respond to your inquiries and support requests
  • Improve our website and user experience
  • Detect and prevent fraud or abuse
  • Comply with legal obligations

5. Information Sharing

We do not sell your personal information. We may share your information only in these circumstances:

  • Public Reviews: Your reviews are publicly visible (unless posted anonymously)
  • Legal Requirements: When required by law or to protect our rights
  • Service Providers: With trusted third parties who assist in operating our service (hosting, email delivery, analytics)
  • Business Transfers: In connection with a merger, acquisition, or sale of assets

Third-Party Service Providers

We use the following categories of service providers:

  • Hosting: Vercel Inc. (San Francisco, CA)
  • Database: Supabase Inc.
  • Email: Resend Inc.

6. Data Retention

We retain your personal data for as long as necessary to:

  • Provide our services while you have an account
  • Comply with legal obligations
  • Resolve disputes and enforce agreements

Retention Periods:

  • Account data: Retained until account deletion
  • Reviews: Retained until you delete them or your account
  • Server logs: Retained for up to 90 days
  • Analytics data: Retained in anonymized form

7. Data Security

We implement appropriate security measures to protect your personal information, including:

  • Encryption of passwords using industry-standard hashing (bcrypt)
  • Secure HTTPS connections for all data transmission
  • Regular security assessments
  • Access controls limiting employee access to personal data

However, no method of transmission over the Internet is 100% secure. We cannot guarantee absolute security of your data.

8. International Data Transfers

Your information may be transferred to and processed in countries other than your country of residence. These countries may have different data protection laws.

When we transfer data outside the EEA, we ensure appropriate safeguards are in place, including:

  • Standard Contractual Clauses approved by the European Commission
  • Transfers to countries with adequate data protection (adequacy decisions)

9. Your Rights

General Rights (All Users)

You have the right to:

  • Access your personal data
  • Correct inaccurate data
  • Delete your account and associated data
  • Export your data
  • Opt out of marketing communications

GDPR Rights (EEA Residents)

If you are in the European Economic Area, you additionally have the right to:

  • Right to be informed: Know how your data is processed
  • Right of access: Obtain a copy of your personal data
  • Right to rectification: Correct inaccurate personal data
  • Right to erasure: Request deletion of your personal data
  • Right to restrict processing: Limit how we use your data
  • Right to data portability: Receive your data in a structured format
  • Right to object: Object to processing based on legitimate interests
  • Rights related to automated decision-making: We do not use automated decision-making

To exercise these rights, please visit our Data Request page or contact us at privacy@apartmentrater.com.

You also have the right to lodge a complaint with your local data protection authority.

CCPA Rights (California Residents)

If you are a California resident, under the California Consumer Privacy Act (CCPA), you have the right to:

  • Right to Know: Request disclosure of personal information we collect, use, and share
  • Right to Delete: Request deletion of your personal information
  • Right to Opt-Out: Opt out of the sale of personal information (we do not sell personal information)
  • Right to Non-Discrimination: Not be discriminated against for exercising your rights

Categories of Personal Information Collected: Identifiers, account information, internet activity, and user-generated content (reviews).

Do Not Sell My Personal Information: We do not sell your personal information to third parties.

To exercise your CCPA rights, visit our Data Request page or email privacy@apartmentrater.com.

10. Cookies and Tracking

We use cookies and similar technologies to provide and improve our services. For detailed information about the cookies we use, please see our Cookie Policy.

Essential cookies: Required for the website to function (authentication, security).

Analytics cookies: Help us understand how visitors use our site.

11. Children's Privacy

Our service is not intended for children under 13 years of age (or 16 in some jurisdictions). We do not knowingly collect personal information from children. If you believe we have collected information from a child, please contact us immediately.

12. Data Breach Notification

In the event of a data breach that affects your personal information, we will:

  • Notify affected users within 72 hours of becoming aware (where required by law)
  • Notify relevant supervisory authorities as required
  • Provide information about the nature of the breach and steps being taken
  • Offer guidance on protective measures you can take

13. Changes to This Policy

We may update this privacy policy from time to time. We will notify you of material changes by posting the new policy on this page, updating the "Last updated" date, and where appropriate, notifying you by email.

We encourage you to review this policy periodically for any changes.

14. Contact Us

If you have questions about this privacy policy, your personal data, or wish to exercise your rights, please contact us:

Email: privacy@apartmentrater.com

Data Requests: Submit a data request

Location: Jacksonville, FL, United States

Related Policies