1. Scope of Our Privacy Notice
This privacy notice applies to our collection, use, disclosure, and other processing of personal information related to:
• The use of our Sites or Services that display or link to this Policy
• Former, current and prospective clients, brokers, independent agents, and consumers
• Other individuals who use our Sites or Services, whose personal information we received related to the Sites and Services
All collection, use, disclosure, and processing of personal information by Long & Foster about individuals will vary depending upon use of our Sites and Services. This policy is intended to provide our general practices and procedures. In some cases, different or additional notices about our data collection and processing may be provided and apply to certain personal information.
This policy does not apply to job applicants or candidates who apply for employment with Long & Foster or to our employees and independent agents.
2. Collecting Information
When you visit our consumer applications or purchase and/or sell real estate with Long & Foster, we may collect information about you that you share with us. We typically collect two kinds of information about you through our applications and real estate services: (a) information that you provide that personally identifies you; and (b) information that does not personally identify you, which we automatically collect when you visit our applications or that you provide to us.
a. Personally Identifiable Information: This identification information may include, but is not limited to, your name, physical address, email address, telephone, mobile and fax numbers, details of your real estate, lending, title and insurance needs and references, and other details of your life (“Personal Information”).
b. Non-Personally Identifiable Information: Our definition of non-personally identifiable information is any information that does not personally identify you (“Non-PII”). Non-PII can include certain personally identifiable information that has been de-identified; that is, information that has been rendered anonymous by a de-identification process. We obtain Non-PII about you from information that you affirmatively provide to us, either separately or together with your personally identifiable information. We also automatically collect certain Non-PII from you when you access any applications. This information can include, among other things, IP addresses, the type of browser you are using, the third-party website from which your visit originated, the operating system you are using, the domain name of your Internet service provider, the search terms you use on our applications, the specific web pages you visit, the duration and frequency of your visits, and location information.
You can manage how your preferences regarding third party ad company cookies set by this Site or Service by reading the cookie discussion above.
Please also see the cookie discussion above for information about the third parties we may work with to display targeted ads on third-party sites and to measure the success of our marketing and campaigns. You may also obtain more information about targeted or “interest-based advertising” and opt-out of many ad networks at the industry websites below:
• Canada: www.youradchoices.ca
• EU: www.youronlinechoices.eu
• U.S.: www.aboutads.info
3. Categories of Personal Information We Collect
In order to provide better services, we collect different types of personal information about you and your activities. The list below sets out generally the categories of personal information about you that we may collect and disclose to others for business purposes.
• Identifiers: Personal identifiers, such as name, telephone number, physical address, email address, government-issued identifiers (e.g., national identification numbers, driver’s license numbers), and signatures.
• Personal Information: This may include your credit card number, address, telephone number, passport number, driver’s license or state identification card number, insurance policy number and so on. Please note that some personal information in this category may overlap with information in other categories.
• Protected Classification Characteristics Information: This includes characteristics of protected classifications under state or federal law, such as age (40 years or older), race, color, ancestry, national origin, citizenship, religion or creed, marital status, medical condition, physical or mental disability, sex (including gender, gender identity, gender expression, pregnancy or childbirth and related medical conditions), source of funds, sexual orientation, veteran or military status, genetic information (including familial genetic information).
• Device Information and Online Activity: Device and online identifiers, account login information, keystroke patterns indicative of human or bot website/app usage, mobile and web network activity and related information (such as Mac address, IP address, cookie IDs, browser activity, and other information associated with your browsing history), and social media information.
• Geolocation data: Physical location or movements.
• Commercial Information: Purchase and transaction history information (such as products or services you have purchased, rented, or returned), health and safety-related information, product testimonials, travel and vacation information, and competition entries.
• Professional or employment-related information: Current or past job history or performance evaluations.
• Biometric information: Genetic, physiological, behavioral, and biological characteristics, or activity patterns used to extract a template or other identifier or identifying information, such as, fingerprints, faceprints, and voiceprints, iris or retina scans, keystroke, gait, or other physical patterns, and sleep, health, or exercise data.
• Sensory Information: Audio, visual information, and other sensory information such as photographs and audio and video recordings.
• Non-public education information (per the Family Educational Rights and Privacy Act (20 U.S.C. Section 1232g, 34 C.F.R. Part 99)): Education records directly related to a student maintained by an educational institution or party acting on its behalf, such as grades, transcripts, class lists, student schedules, student identification codes, student financial information, or student disciplinary records.
• Background Information: Background and criminal information, such as background checks and criminal convictions.
• Inferences Information: Individual preferences and characteristics, such as inferences related to shopping patterns and behaviors, intelligence, and aptitudes.
We may share your identifiers, professional or employment-related information and information in some of the above-mentioned categories with third parties for business purposes.
4. Basis for Processing of Personal Information
Certain laws, such as the Virginia Consumer Data Protection ACT (“VCDPA”), and EU General Data Protection Regulation (“GDPR”), require that we inform covered individuals of the legal basis for our use and other processing of personal information.
All personal information we collect and process is done on one or more of the follow legitimate bases:
• Performance of contract: as necessary to enter into or carry out the performance of our contracts with affiliated businesses and third-party service providers.
• Compliance with laws: for compliance with legal obligations and/or defense against legal claims, including those in the area of labor and employment law, social security, and data protection, tax, and corporate compliance laws.
• Our legitimate business interests: in furtherance of our legitimate business interests including:
o Performance of contracts with franchisees and other parties
o Implementation and operation of global support (e.g., IT) services for our business operations
o Customer relationship management and improving our Services, including marketing and analytics
o Fraud prevention, including misuse of company IT systems or money laundering
o Physical, IT, and network perimeter security
o Internal investigations
o Mergers, acquisitions, and reorganization, and other business transactions
• With your consent: where we have your consent and other applicable laws give you the right to withdraw your consent, which you can do this at any time by contacting us using the details Section 11. In some jurisdictions, your use of the Services may be taken as implied consent to the collection and processing of personal information as outlined in this privacy notice.
In addition, we may process your personal information where necessary to protect the vital interests of any individual.
5. How We Use & Share Information Collected
a. Personally Identifiable Information: We primarily use the identification information you voluntarily share with us to:
a. Customize your online and/or real estate transaction experiences and to carry out your online requests;
b. Tell you about our products, services and other offerings;
c. Contact you for a variety of reasons, such as providing you promotional or marketing information for our products or those of our affiliated companies;
d. Communicate with you about your real estate transaction;
e. In certain instances, we may also share your personally identifiable information with our third-party vendors and marketing partners that, among other activities: perform functions on our behalf (or on behalf of our affiliated companies); administer our offerings; provide us marketing or promotional assistance; analyze our data; assist us with customer service; and offer other services and products that may be relevant to the purchase or sale of real estate. Our vendors agree to use this information, and we share information with them, only to carry out our requests;
f. On occasion, we use your identification information to validate your identity;
g. As for usage tracking data, we primarily use that information to operate and improve our consumer applications, and to further our marketing efforts.
b. Non-PII: We use Non-PII in a variety of ways, including to:
a. Help analyze site traffic, understand customer needs and trends;
b. Carry out targeted promotional activities;
c. Improve our services and offerings.
We may use your Non-PII by itself or aggregate it with information we have obtained from others. We may share your Non-PII with our affiliated companies and third parties to achieve these objectives and others, but remember that aggregate information is anonymous information that does not personally identify any individual, device, or household.
6. Updating Information
If you would like to review the information about you that we have collected through our consumer applications, or to change that information, you can make that request by following the procedure indicated below in Section 11. We may require that you verify your identity before we process your request.
7. Processing Location
We process your personal information in the United States. For users located outside of the United States, please see Sections 17 titled European Union / European Economic Area for more detailed information.
8. Anti-Fraud Disclosure
Electronic communications such as email, text messages and social media messaging, are neither secure nor confidential. While Long & Foster has adopted policies and procedures to aid in avoiding fraud, even the best security protections can still be bypassed by unauthorized parties. Long & Foster will never send you any electronic communication with instructions to transfer funds or to provide nonpublic personal information, such as credit card or debit numbers or bank account and/or routing numbers.
YOU SHOULD NEVER TRANSMIT NONPUBLIC PERSONAL INFORMATION, SUCH AS CREDIT OR DEBIT CARD NUMBERS OR BANK ACCOUNT OR ROUTING NUMBERS, BY EMAIL OR OTHER UNSECURED ELECTRONIC COMMUNICATION. EMAILS ATTEMPTING TO INDUCE FRAUDULENT WIRE TRANSFERS ARE COMMON AND MAY APPEAR TO COME FROM A TRUSTED SOURCE.
If you receive any electronic communication directing you to transfer funds or provide nonpublic personal information, EVEN IF THAT ELECTRONIC COMMUNICATION APPEARS TO BE FROM Long & Foster or its affiliates, do not respond to it and immediately contact your real estate agent or title closer. Such requests, even if they may otherwise appear to be from Long & Foster, are likely part of a scheme to defraud you by stealing funds from you or using your identity to commit a crime. To notify Long & Foster of suspected fraud related to your real estate transaction, send an email to [email protected].
10. Data Retention
We will retain your personal information for the period necessary to fulfill the purposes outlined in this privacy notice unless a longer retention period is required or permitted by law. We may retain personal information for longer where required by our legal and regulatory obligations, professional indemnity obligations, or where we believe it is necessary to establish, defend or protect our legal rights and interests or those of others. With respect to the data and files we handle as a processor, we retain this personal information in accordance with our clients’ instructions.
11. Rights and “Opt-Out”
Marketing. You may opt out from receiving marketing-related communications from us on a going-forward basis by contacting us or by using the unsubscribe mechanism contained in each email. We will try to comply with your request(s) as soon as reasonably practicable. Please note that if you opt out of receiving marketing-related emails from us, we may still send you important administrative messages, from which you cannot opt out.
Cookies and similar technologies. Please review your browser or device settings for certain cookies and see above to exercise certain choices regarding cookies.
Access, amendment and deletion. Under applicable privacy laws, you may have the right to request to review, make amendments, have deleted or otherwise exercise your rights over your personal information that we hold, subject to certain legal limitations and requirements. If you are subject to such a privacy law, you may submit a request to us related to your personal information:
We follow applicable law to take steps to keep your personal information accurate, complete and up-to-date. In your request that is covered by an applicable privacy law, please make clear what personal information you would like to have changed, whether you would like to have your personal information suppressed from our database or otherwise let us know what limitations you would like to put on our use of your personal information. We may only implement requests (a) where required by applicable law and (b) with respect to the personal information associated with the particular email address that you use to send us your request, and we may need to verify your identity before implementing your request. We will try to comply with your request as soon as reasonably practicable.
As outlined below, if you are a Virginia resident, or if you are in the European Union/European Economic Area, you may have additional rights.
Deactivation. You can deactivate your account at any time by contacting us at the email address at the bottom of this page. However, you will not be able to access many of the services to deactivate your account. Please note that even if you request deactivation of your account, it may take some time to fulfill this request.
Responding to Requests. Please note that we may need to retain certain information for recordkeeping purposes and/or to complete any transactions that you began prior to requesting a change or deletion. There may also be residual information that will remain within our databases and other records, which will not be removed. We may not always be able to fully address your request, for example if it would impact the duty of confidentiality we owe to others, or if we are legally entitled to deal with the request in a different way.
Additional information for certain jurisdictions. We are committed to respecting the privacy rights of individuals under all privacy laws applicable to us. Some privacy laws require that we provide specific information about individual rights to applicable consumers, which we have set forth at the end of this privacy notice:
Virginia: if you are a Virginia resident, you have certain rights, under Virginia privacy laws, regarding your personal information as set forth in Section 16.
EU/EEA: if you are in the European Union / European Economic Area, we provide further details about your rights under the GDPR in Section 17.
The Services are not intended or directed to children under the age of 18, and we do not knowingly collect any personal information, or knowingly track the use of our Services, from children. If we have actual knowledge that personal information about a child under 18 years old has been collected, then we will take appropriate steps to delete any such personal information.
13. Third-Party Websites
14. Effective Date and Changes to this Policy
15. Contact Information
For questions and concerns about this Policy, our company can be reached at:
16. Virginia Privacy Rights
In this section, we provide information for Virginia residents, as required under Virginia privacy laws, including the Virginia Consumer Data Protection Act (“VCDPA”), which requires that we provide Virginia residents certain specific information about how we handle their personal information, whether collected online or offline. This section does not address or apply to our handling of publicly available information made lawfully available by state or federal governments or other personal information that is subject to an exemption under the VCDPA.
Personal data is defined by VCDPA as “any information that is linked or reasonably linkable to an identified or identifiable natural person”. See Va. Code § 59.1-575.
According to the VCDPA, "sensitive data" means a category of personal data that includes:
• Personal data revealing racial or ethnic origin, religious beliefs, mental or physical health diagnosis, sexual orientation, or citizenship or immigration status;
• The processing of genetic or biometric data for the purpose of uniquely identifying a natural person;
• The personal data collected from a known child; or
• Precise geolocation data.
It is important to note that under VCDPA, personal data does not include:
• Publicly available information, which means information that is lawfully made available through federal, state, or local government records, or information that a business has a reasonable basis to believe is lawfully made available to the general public through widely distributed media, by the consumer, or by a person to whom the consumer has disclosed the information, unless the consumer has restricted the information to a specific audience.
• De-identified, which means data that cannot reasonably be linked to an identified or identifiable natural person, or a device linked to such person.
Further, the VCDPA does not apply to the following data and/or information:
• Protected health information under HIPAA;
• Health records for purposes of Title 32.1;
• Patient identifying information for purposes of 42 U.S.C. § 290dd-2;
• Identifiable private information for purposes of the federal policy for the protection of human subjects under 45 C.F.R. Part 46; identifiable private information that is otherwise information collected as part of human subjects research pursuant to the good clinical practice guidelines issued by The International Council for Harmonisation of Technical Requirements for Pharmaceuticals for Human Use; the protection of human subjects under 21 C.F.R. Parts 6, 50, and 56, or personal data used or shared in research conducted in accordance with the requirements set forth in this chapter, or other research conducted in accordance with applicable law;
• Information and documents created for purposes of the federal Health Care Quality Improvement Act of 1986 (42 U.S.C. § 11101 et seq.);
• Patient safety work product for purposes of the federal Patient Safety and Quality Improvement Act (42 U.S.C. § 299b-21 et seq.);
• Information derived from any of the health care-related information listed in this subsection that is de-identified in accordance with the requirements for de-identification pursuant to HIPAA;
• Information originating from, and intermingled to be indistinguishable with, or information treated in the same manner as information exempt under this subsection that is maintained by a covered entity or business associate as defined by HIPAA or a program or a qualified service organization as defined by 42 U.S.C. § 290dd-2;
• Information used only for public health activities and purposes as authorized by HIPAA;
• The collection, maintenance, disclosure, sale, communication, or use of any personal information bearing on a consumer's credit worthiness, credit standing, credit capacity, character, general reputation, personal characteristics, or mode of living by a consumer reporting agency or furnisher that provides information for use in a consumer report, and by a user of a consumer report, but only to the extent that such activity is regulated by and authorized under the federal Fair Credit Reporting Act (15 U.S.C. § 1681 et seq.); • Personal data collected, processed, sold, or disclosed in compliance with the federal Driver's Privacy Protection Act of 1994 (18 U.S.C. § 2721 et seq.);
• Personal data regulated by the federal Family Educational Rights and Privacy Act (20 U.S.C. § 1232g et seq.);
• Personal data collected, processed, sold, or disclosed in compliance with the federal Farm Credit Act (12 U.S.C. § 2001 et seq.); and
• Data processed or maintained (i) in the course of an individual applying to, employed by, or acting as an agent or independent contractor of a controller, processor, or third party, to the extent that the data is collected and used within the context of that role; (ii) as the emergency contact information of an individual under this chapter used for emergency contact purposes; or (iii) that is necessary to retain to administer benefits for another individual relating to the individual under clause (i) and used for the purposes of administering those benefits.
We obtain the categories of personal information listed above from the following categories of sources:
• Information from you that you actively provide: We collect this information from sources including from online forms, e-mail, and via telephone.
• Information from you that you provide passively from your use of your sites and services: We collect this information from sources including from a web browser, e-mail, app, or smartphone.
• Third Parties (information we collect about you from third party sources): We collect this from sources including marketing partners, lead generators, and website and app vendors.
Use of Personal Information. We may use or disclose the personal information we collect for one or more of the following business purposes:
• To fulfill or meet the services for which the information is provided.
• To provide you with information, products or services that you request from us.
• To provide you with email alerts, event registrations and other notices concerning our products or services, or events or news, that may be of interest to you.
• To affiliated businesses and third parties to market and advertise products or services that may be of interest to you.
• To carry out our obligations and enforce our rights arising from any contracts entered into between you and us, including for billing and collections.
• To improve our website and better present its contents to you.
• For testing, research, analysis and product development.
• As necessary or appropriate to protect the rights, property or safety of us, our clients or others.
• To respond to law enforcement requests and as required by applicable law, court order, or governmental regulations.
• As described to you when collecting your personal data or as otherwise set forth in the VCDPA.
• To evaluate or conduct a merger, divestiture, restructuring, reorganization, dissolution, or other sale or transfer of some or all of our assets, whether as a going concern or as part of bankruptcy, liquidation, or similar proceeding, in which personal information held by us is among the assets transferred.
We will not collect additional categories of personal information or use the personal information we collected for materially different, unrelated, or incompatible purposes without providing you notice.
Sharing Personal Information. We may disclose your personal data and/or information to a third party for a business purpose. When we disclose personal information for a business purpose, we enter a contract that describes the purpose and requires the recipient to both keep that personal information confidential and not use it for any purpose except performing the contract.
In the preceding twelve (12) months, we have disclosed the following categories of personal information for a business purpose:
• Personal Information
• Protected classification characteristics
• Commercial information
• Professional or employment-related information.
We disclose your personal information for a business purpose to the following categories of third parties:
• Our affiliates.
• Service providers.
• Third parties to whom you or your agents authorize us to disclose your personal information in connection with products or services we provide to you.
Categories of Personal Information Sold. The VCDPA defines “sale of personal data” as “the exchange of personal data for monetary consideration by the controller to a third party.” While we do NOT disclose personal information to third parties in exchange for monetary consideration from such third parties, we do disclose or make available the categories of personal information that we collect to our affiliate and subsidiary companies. We also may make certain categories of personal information available to third parties, in order to receive certain services or benefits from them (such as when we allow third party tags to collect browsing history and other information on our Services to improve and measure our ad campaigns), including:
• Identifiers. Name, contact information and other identifiers
• Personal information. Customer Records, Profiles and inferences
• Commercial Information. Usage data, records of personal property, products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies.
Rights of Virginia residents. Virginia law grants Virginia residents certain rights and imposes restrictions on particular business practices as set forth below.
• Request to Know: A Virginia resident has the right to confirm whether or not we are processing the resident's personal data and to access such personal data; The resident’s right to know also include the right to obtain a copy of his or her personal data that the resident previously provided to us in a portable and, to the extent technically feasible, readily usable format that allows the resident to transmit the data to another controller without hindrance, where the processing is carried out by automated means; Virginia residents may request information obtained by us up to twice annually free of charge.
• Request to Correct: A Virginia resident has the right to request us to correct inaccuracies in his or her personal data, taking into account the nature of the personal data and the purposes of the processing of his or her personal data.
• Request to Delete: A Virginia resident has the right to delete personal data provided by or obtained about the resident.
• Do-Not-Sell, or Right to Opt-Out: A Virginia resident has the right to opt out of the processing of the personal data for purposes of (i) targeted advertising, (ii) the sale of personal data, or (iii) profiling in furtherance of decisions that produce legal or similarly significant effects concerning the resident. Opt-out rights can be exercised by clicking on the “Do Not Sell My Information” at the bottom of this page or the homepage of our website.
Non-discrimination: The VCDPA prohibits discrimination against Virginia residents for exercising their rights under the VCDPA. Discrimination may exist where a business denies or provides a different level or quality of goods or services, or charges (or suggests that it will charge) different prices, rates, or penalties on residents who exercise their VCDPA rights, unless doing so is reasonably related to the value provided to the business by the residents’ data.
Financial incentives: A business may offer financial incentives for the collection, sale or deletion of Virginia residents’ personal information, where the incentive is not unjust, unreasonable, coercive or usurious, and is made available in compliance with applicable transparency, informed consent, and opt-out requirements. Virginia residents have the right to be notified of any financial incentives offers and their material terms, the right to opt-out of such incentives at any time, and may not be included in such incentives without their prior informed opt-in consent. We do not offer any such incentives at this time.
Submitting Requests. Do-Not-Sell (Opt-out) Requests, Requests to Know, and Requests to Delete may be submitted:
• Do-Not-Sell: By clicking on the “Do Not Sell My Information” at the bottom of this page or the homepage of our website.
• Requests to Know, Access, Delete, or Correct: Submitting a request to us at Consumer Data Privacy Request Webform.
• All requests: By contacting us at 1-888-536-0216 (toll free).
We will respond to verifiable requests received from Virginia residents as required by law. For more information about our privacy practices, contact us as set forth in the “Contact Us” section above. Please note that we cannot respond to your request or provide you with personal information if we cannot verify your identity or authority to make the request and confirm that the personal information relates to you. We will only use personal information provided in a verifiable consumer request to verify the requestor’s identity or authority to make the request. Once we receive your verifiable consumer request, we will send you an acknowledgement letter within 10 days which will describe our verification process. We will respond to your request within 45 days, if we are able to verify your identity. Requests for deletion will require a separate confirmation that you want your information deleted.
We do not charge a fee to process or respond to your verifiable consumer request unless it is excessive, repetitive, or manifestly unfounded. If we determine that the request warrants a fee, we will tell you why we made that decision and provide you with a cost estimate before completing your request.
Please note we are unable to disclose or provide you with your Social Security Number, Driver’s License Number, or other government issued identification number, financial account number, any health insurance or medical identification number, an account password, or security questions and answers.
Changes to Our Privacy Notice. Long & Foster reserves the right to amend this privacy notice at our discretion and at any time. When we make changes to this privacy notice, we will post the updated notice on the Website and update the notice’s effective date. Your continued use of our Website or Services following the posting of changes constitutes your acceptance of such changes.
17. European Union / European Economic Area
Individuals in the European Union (EU) and the European Economic Area (EEA) have the following rights, under the GDPR, regarding their personal information:
• Right of Access: You have the right to obtain from us confirmation as to whether or not personal information concerning you is being processed, and where that is the case, to request access to the personal information. The accessed information includes – among others – the purposes of the processing, the categories of personal information concerned, and the recipients or categories of recipient to whom the personal information have been or will be disclosed. You have the right to obtain a copy of the personal information undergoing processing. For further copies requested by you, we may charge a reasonable fee based on administrative costs.
• Right to Rectify and Complete Personal Information: you can request the rectification of inaccurate data and the completion of incomplete data. We will inform relevant third parties to whom we have transferred your data about the rectification and completion if we are legally obliged to do so.
• Right to Erasure (Right to be Forgotten): You have the right to obtain from us the erasure of personal information concerning you in limited circumstances where:
o it is no longer needed for the purposes for which it was collected; or
o you have withdrawn your consent (where the data processing was based on consent); or
o following a successful right to object; or
o it has been processed unlawfully; or
o the data has to be erased in order to comply with a legal obligation to which we are subject.
We are not required to comply with your request to erase personal information if the processing of your personal information is necessary for:
• compliance with a legal obligation; or
• the establishment, exercise or defense of legal claims.
• Right to Restriction of Processing: You have the right to obtain from us restriction of processing your personal information. In this case, the respective data will be marked and only be processed by us for certain purposes. This right can only be exercised where:
o the accuracy of your personal information is contested, to allow us to verify its accuracy; or
o the processing is unlawful, but you do not want the personal information erased; or
o it is no longer needed for the purposes for which it was collected, but you still need it to establish, exercise or defend legal claims; or
o you have exercised the right to object, and verification of overriding grounds is pending.
We can continue to use your personal information following a request for restriction, where:
• we have your consent; or
• to establish, exercise or defend legal claims; or
• Right to Data Portability: You have the right to receive the personal information concerning you, which you have provided to us, in a structured, commonly used and machine-readable format and you have the right to transmit those data to another entity without hindrance from us, but in each case only where the processing is (a) based on your consent or on the performance of a contract with you, and (b) also carried out by automated means.
• Right to Object: You have the right to object at any time to any processing of your personal information which has our legitimate interests as its legal basis. You may exercise this right without incurring any costs. If you raise an objection, we have an opportunity to demonstrate that we have compelling legitimate interests which override your rights and freedoms. The right to object does not exist, in particular, if the processing of your personal information is necessary to take steps prior to entering into a contract or to perform a contract already concluded.
• Right to Object to Our Use of Your Personal Information for Direct Marketing Purposes: You can request that we change the manner in which we contact you for marketing purposes. You can request that we not transfer your personal information to unaffiliated third parties for the purposes of direct marketing or any other purposes.
• Right to Withdraw Consent: if you have given us your consent for the processing of your personal information, you have the right to withdraw your consent at any time, without affecting the lawfulness of processing based on consent before its withdrawal.
• Right to Obtain a Copy of Safeguards: you can ask to obtain a copy of, or reference to, the safeguards under which your personal information is transferred outside the EU/EEA. We may redact data transfer agreements to protect commercial terms.
• Right to Lodge a Complaint with Your Local Supervisory Authority: You have a right to lodge a complaint with your local supervisory authority if you have concerns about how we are processing your personal information. We ask that you please attempt to resolve any issue with us first, although you have a right to contact your supervisory authority at any time.
18. Other State Consumer Privacy Rights
Consumers residing in other U.S States may have similar or additional rights to those identified in Section 16 or 17 above. These rights may include:
• Right to Correct. You can file a request to change any inaccuracy in your personal information stored with our company, which we will review and attempt to change, if permitted.
• Right to Delete. You can request deletion of personal information from our records.
• Right to Access. You can request access to a record of all personal information we have on record. We will make reasonable efforts to provide you with a portable, and to the extent we are able, readily usable format of the non-sensitive or harmful personal information held by our company.
o Opt-out of the “sale” of your personal information.
o Opt-out of targeted advertising by our companies.
o Opt-out of the processing of any of your personal information for decision making of legal or similarly significant effect.
To exercise these rights or any other rights you may have under your state’s consumer data privacy legislation please review your state’s privacy laws.
19. Long & Foster Do Not Call Policy
The federal Telephone Consumer Protection Act (TCPA) and relevant FCC rules and regulations shield consumers from undesired telemarketing.
If you do not want to receive sales calls or text messages from Long & Foster and any of its affiliate or subsidiaries, please contact us to place your telephone number on our "Do Not Call" list, you may direct your request to the following person:
In compliance with federal and state laws, Long & Foster will document your request within (seven) 7 business days. It should not take longer than thirty (30) days to remove your telephone number from any sales programs that are currently underway. Please make sure that your notification satisfies the following requirements:
• Your request can be in writing or by phone, to the address or number listed above, and must include your telephone number.
• If you wish to place multiple phone numbers on our “Do Not Call’ list, please provide all numbers in your communication.
• Customer relationship management and improving our Services, including marketing and analytics.
• You'll remain on our "Do Not Call" list for five years (or any longer period required by applicable law.), unless you ask to be removed prior to the five-year timeline.
• If your telephone number ever changes, you must update us accordingly in order to remain on our “Do Not Call” list.
When we solicit prospective customers, Long & Foster also honors "do not call" requests on behalf of consumers listed on the National Do Not Call Registry maintained by the Federal Trade Commission and various state-agency lists. Please note that many states’ "Do Not Call" regulations allow companies to contact their own customers even though they are on these "Do Not Call" lists in some circumstances. Therefore, if you are a customer or client of Long & Foster, you may be contacted by us even though you are on a state or the national "Do Not Call" list. If you do not want to be contacted by Long & Foster even though you are a customer, simply follow the steps above to be placed on our "Do Not Call" list and we will honor your request.
If the consumer notifies us that they have received a telephone call from us after that consumer has already requested to be placed on our "Do Not Call" list, we will apologize for the intrusion and have a manager or supervisor investigate. The manager or supervisor will also personally confirm that the telephone number is on the "Do Not Call" list. Upon request, we will mail the consumer a confirmation that the telephone number is on the list.
The Federal Trade Commission offers a free service to consumers that allow them to place their telephone numbers on a National Do Not Call Registry. This service will reduce the number of telemarketing calls received. Consumers may add their telephone numbers to the list either by calling 888-382-1222 or through the Internet at www.donotcall.gov. It may take several weeks before you notice a reduction in calls.
Being on our "Do Not Call" list means that you won't receive sales calls and text messages by anybody representing Long & Foster. We may still contact you, however, for non-solicitation purposes.
Agents and brokers conducting telemarketing in reference to a product or marketing initiative of Long & Foster or any Long & Foster affiliate or subsidiary shall fully adhere to the TCPA, any related federal laws, regulations and rules, and all applicable state laws.
20. Long & Foster CAN-SPAM Policy
The Controlling the Assault of Non-Solicited Pornography and Marketing Act of 2003 (CAN-SPAM Act) establishes requirements for those who send unsolicited commercial email. In compliance with the CAN-SPAM Act, Long & Foster agrees to the following:
• Not to use any false or misleading header information (including ‘From’, ‘To’, ‘Reply To’ fields) for our emails.
• Not use deceptive subject lines for our commercial emails.
• Identify the commercial email message as an advertisement in some reasonable way (unless the recipient previously consented to receive the message).
• Include the physical address of our business or site headquarters.
• Monitor third-party email marketing services for compliance, if one is used.
• Honor opt-out/unsubscribe requests quickly.
• Allow commercial email recipients to unsubscribe by using the link at the bottom of each email.
If you would like to unsubscribe from receiving future commercial emails from Long & Foster, its affiliates or subsidiaries at any time, you can follow the instruction at the bottom of the email. Please allow us ten (10) days to process your unsubscribe request.
For any inquiry concerning Long & Foster’s CAN-SPAM policy, please contact the following: