Last modified: July 23, 2022
Boxlty Access Systems Inc., dba Boxlty, Boxlty.Com, or Boxlty Access Systems, Inc (“Company” or “We” or “Us” or “Our”) We respect your privacy and are committed to protecting it through our compliance with this policy. We welcome your comments and feedback.
This policy describes the types of information we may collect from you or that you may provide when you visit the website https://boxlty.com (the “Website”) or when you use our services (together with the Website, our “Services”) and our practices for collecting, using, maintaining, protecting, and disclosing that information.
This policy applies to information we collect:
- On this Website.
- In email, text, and other electronic messages between you and this Website.
- Through the use of our Services.
It does not apply to information collected by:
- Us offline or through any other means, including on any other website operated by Company or any third party (including our affiliates and subsidiaries); or
- Any third party (including our affiliates and subsidiaries), including through any application or content (including advertising) that may link to or be accessible from or on the Website.
Personal information about visitors to our site is collected or stored only when knowingly and voluntarily submitted. For example, we may need to collect such information to provide you with further services or to answer or forward any requests or inquiries. It is our intention that this policy will protect your personal information from being dealt with in any way that is inconsistent with applicable privacy laws.
We collect several types of information from and about users of our Services, including:
- Personal information, such as name, postal address, email address, telephone number, date of birth, Social Security Number, driver’s license number, employment information, salary, proof of income, and ID picture;
- Information that is about you but individually does not identify you; and
- Information about your internet connection, the equipment you use to access our Services, and usage details.
We collect this information:
- Directly from you when you provide it to us.
- Automatically as you navigate through the site. Information collected automatically may include usage details, IP addresses, and information collected through cookies.
- From third parties, for example, our business partners.
Information You Provide to Us
The information we collect on or through our Services may include:
- Information that you provide by filling in forms on our Website. This includes information provided at the time of registering to use our Services, subscribing to our Services, or requesting further Services. We may also ask you for information when you report a problem with our Services.
- Records and copies of your correspondence (including email addresses), if you contact us.
- Your search queries on the Website.
Use of Information
Information We Collect Through Automatic Data Collection Technologies
As you navigate through and interact with our Services, we may use automatic data collection technologies to collect certain information about your equipment, browsing actions, and patterns, including:
- Details of your visits to our Website, including traffic data, location data, logs, and other communication data and the resources that you access and use on the Website.
- Information about your computer and internet connection, including your IP address, operating system, and browser type.
The information we collect automatically is only statistical data and does not include personal information, but we may maintain it or associate it with personal information we collect in other ways or receive from third parties. It helps us to improve our Services and to deliver a better and more personalized service, including by enabling us to:
- Estimate our audience size and usage patterns.
- Store information about your preferences, allowing us to customize our Services according to your individual interests.
- Speed up your searches.
- Recognize you when you return to our Services.
The technologies we use for this automatic data collection may include:
- TrueDepth.Our app makes use of automatically collected information using the device camera and the TrueDepth API provided by Apple. This information is used to track the user’s head and face so that we can detect any kind of image or video spoofing thus making ID scan feature more robust.
None of the information collected by the TrueDepth API ever leaves the user’s device nor shared with any 3rd party.
We do not control these third parties’ tracking technologies or how they may be used. If you have any questions about an advertisement or other targeted content, you should contact the responsible provider directly. For information about how you can opt out of receiving targeted advertising from many providers, see Choices About How We Use and Disclose Your Information.
Boxlty uses automated tools to verify customer-submitted data. Customer data may also be processed by third parties to ensure any data submitted by a user is independently verified. We ensure that processors working with us are PCI, CCPA and GDPA compliant.
When using the location service, we will request your permission to obtain your location using your mobile phone. Your location information will be obtained only when you are at a rental location and requesting access to the property via our self-tour technology and electronic lockbox or smartlock. Your location information will only be used to confirm that you are in the vicinity of the property you are requesting to view and may be retained and used by us to enhance our Service processes
(1) your relationship with the application provider is separate from your relationship with your Cellular Provider;
(2) your Cellular Provider is not responsible for this application; and
(3) you will hold harmless your Cellular Provider and its subsidiaries, affiliates, officers, employees, agents, successors and assigns from any judgments, claims, actions, losses, liabilities or expenses arising from or attributable to this application or the acts or omissions of the application provider.
Protecting your Privacy
Your privacy is very important to us and so our Services use only secure HTTPS communication with SSL Encryption to obtain your location data. When using the Services, your location will be used to verify you are in the vicinity of the property you are requesting to view via our self-tour technology. Your location will only be verified during the check in process of your self-viewing. After this, your location data will be deleted from the system.
Boxlty collects user-submitted data on behalf of third-party managers and/or property owners that utilize the Boxlty platform. Prospective renter information that is shared with third-party managers and/or property owners includes prospect name, email, contact phone number, and time of the self-guided tour. Information collected is used solely for the purposes of securing the self-guided tour and prospective renter follow-up by a third-party manager and/or property owner. Sensitive personal data including Social Security number, Birth date is deleted from the system after verification is completed, sensitive prospective renter data is not shared with third-party managers or property owners unless you complete a rental application form that includes such data for the purposes of the rental or sale of the property. Data is not resold or remarketed by Boxlty to any third-party services.
Your location data (latitude, longitude and accuracy estimate) will not be shared with anyone or used for any purpose other than its intended use.
- To our subsidiaries and affiliates.
- To contractors, service providers, and other third parties we use to support our business.
- To a buyer or other successor in the event of a merger, divestiture, restructuring, reorganization, dissolution, or other sale or transfer of some or all of Boxlty Access Systems, Inc.’s assets, whether as a going concern or as part of bankruptcy, liquidation, or similar proceeding, in which personal information held by Boxlty Access Systems, Inc. about our Service users is among the assets transferred.
- To fulfill the purpose for which you provide it.
- For any other purpose disclosed by us when you provide the information.
- With your consent.
We may also disclose your personal information:
- To comply with any court order, law, or legal process, including to respond to any government or regulatory request.
- To enforce or apply our agreements, including for billing and collection purposes.
- If we believe disclosure is necessary or appropriate to protect the rights, property, or safety of Boxlty Access Systems, Inc., our customers, or others.
Choices About How We Use and Disclose Your Information
We strive to provide you with choices regarding the personal information you provide to us. We have created mechanisms to provide you with the following control over your information:
- Disclosure of Your Information for Third-Party Advertising.If you do not want us to share your personal information with unaffiliated or non-agent third parties for promotional purposes, you can opt-out by sending us an email with your request to [email protected]
We do not control third parties’ collection or use of your information to serve interest-based advertising. However these third parties may provide you with ways to choose not to have your information collected or used in this way.
You can review and change your personal information by sending us an email at [email protected] to request access to, correct or delete any personal information that you have provided to us. We cannot delete your personal information except by also deleting your user account. We may not accommodate a request to change information if we believe the change would violate any law or legal requirement or cause the information to be incorrect.
All location data is securely stored using technology and security features that safeguard the privacy of your location information, including:
- Maintaining and protecting the security of computer storage and network equipment;
- Security procedures that require user names and passwords to access sensitive data;
- Applying encryption or other appropriate security controls to protect location information when stored or transmitted by us;
- Limiting access to location information to only those with jobs requiring such access.
Background Location Data
We may collect precise or approximate location data from a user’s mobile device if enabled by the user to do so. We collect this data to enable specific features, however, the aforementioned features are not required for the app to function. We only use location services when it is directly relevant to the features and services provided by the app. Location data is not provided, resold, or remarketed to third parties.
Children Under the Age of 13
Our Services are not intended for children under 13 years of age. No one under age 13 may provide any personal information to or on the Website. We do not knowingly collect personal information from children under 13. If you are under 13, do not use or provide any information on this Website, register on the Website, use the Services, or provide any information about yourself to us, including your name, address, telephone number, email address, or any screen name or user name you may use. If we learn we have collected or received personal information from a child under 13 without verification of parental consent, we will delete that information. If you believe we might have any information from or about a child under 13, please contact us at [email protected]
Effective Date: March 16, 2021
Last Updated on: March 16, 2021
Information We Collect
We collect information that identifies, relates to, describes, references, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer, household, or device (“personal information”). Personal information does not include:
- Publicly available information from government records.
- Deidentified or aggregated consumer information.
- Information excluded from the CCPA’s scope, like:
- health or medical information covered by the Health Insurance Portability and Accountability Act of 1996 (HIPAA) and the California Confidentiality of Medical Information Act (CMIA), clinical trial data, or other qualifying research data;
- personal information covered by certain sector-specific privacy laws, including the Fair Credit Reporting Act (FCRA), the Gramm-Leach-Bliley Act (GLBA) or California Financial Information Privacy Act (FIPA), and the Driver’s Privacy Protection Act of 1994.
In particular, we have collected the following categories of personal information from consumers within the last twelve (12) months:
- Personal information categories listed in the California Customer Records statute (Cal. Civ. Code § 1798.80(e));
- Commercial information;
- Internet or other similar network activity; and
- Geolocation data.
We obtain the categories of personal information listed above from the following categories of sources:
- Directly from you. For example, from forms you complete or products and services you purchase.
- Indirectly from you. For example, from observing your actions on our Website.
Use of Personal Information
We may use, or disclose the personal information we collect for one or more of the following purposes:
- To fulfill or meet the reason you provided the information. For example, if you share your name and contact information to request a price quote or ask a question about our products or services, we will use that personal information to respond to your inquiry. If you provide your personal information to purchase a product or service, we will use that information to process your payment and facilitate delivery. We may also save your information to facilitate new product orders or process returns.
- To respond to law enforcement requests and as required by applicable law, court order, or governmental regulations.
- As described to you when collecting your personal information or as otherwise set forth in the CCPA.
- To evaluate or conduct a merger, divestiture, restructuring, reorganization, dissolution, or other sale or transfer of some or all of our assets, whether as a going concern or as part of bankruptcy, liquidation, or similar proceeding, in which personal information held by us about our consumers is among the assets transferred.
We will not collect additional categories of personal information or use the personal information we collected for materially different, unrelated, or incompatible purposes without providing you notice.
Sharing Personal Information
We may share your personal information by disclosing it to a third party for a business purpose. We only make these business purpose disclosures under written contracts that describe the purposes, require the recipient to keep the personal information confidential, and prohibit using the disclosed information for any purpose except performing the contract. In the preceding twelve (12) months, we have not disclosed personal information for a business purpose to the categories of third parties indicated in the chart below.
We do not sell personal information. In the preceding twelve (12) months, we have disclosed the following categories of personal information for a business purpose to third-party service providers:
- Personal information categories listed in the California Customer Records statute (Cal. Civ. Code § 1798.80(e));
- Commercial information;
- Internet or other similar network activity; and
- Geolocation data.
Your Rights and Choices
The CCPA provides California residents with specific rights regarding their personal information. This section describes your CCPA rights and explains how to exercise those rights.
Right to Know and Data Portability
You have the right to request that we disclose certain information to you about our collection and use of your personal information over the past 12 months (the “right to know”). Once we receive your request and confirm your identity (see Exercising Your Rights to Know or Delete), we will disclose to you:
- The categories of personal information we collected about you.
- The categories of sources for the personal information we collected about you.
- Our business or commercial purpose for collecting that personal information.
- The categories of third parties with whom we share that personal information.
- If we disclosed your personal information for a business purpose, the personal information categories that each category of recipient obtained.
- The specific pieces of personal information we collected about you (also called a data portability request).
Right to Delete
You have the right to request that we delete any of your personal information that we collected from you and retained, subject to certain exceptions (the “right to delete”). Once we receive your request and confirm your identity (see Exercising Your Rights to Know or Delete), we will review your request to see if an exception allowing us to retain the information applies. We may deny your deletion request if retaining the information is necessary for us or our service provider(s) to:
- Complete the transaction for which we collected the personal information, provide a good or service that you requested, take actions reasonably anticipated within the context of our ongoing business relationship with you, fulfill the terms of a written warranty or product recall conducted in accordance with federal law, or otherwise perform our contract with you.
- Detect security incidents, protect against malicious, deceptive, fraudulent, or illegal activity, or prosecute those responsible for such activities.
- Debug products to identify and repair errors that impair existing intended functionality.
- Exercise free speech, ensure the right of another consumer to exercise their free speech rights, or exercise another right provided for by law.
- Comply with the California Electronic Communications Privacy Act (Cal. Penal Code § 1546 ).
- Engage in public or peer-reviewed scientific, historical, or statistical research in the public interest that adheres to all other applicable ethics and privacy laws, when the information’s deletion may likely render impossible or seriously impair the research’s achievement, if you previously provided informed consent.
- Enable solely internal uses that are reasonably aligned with consumer expectations based on your relationship with us.
- Comply with a legal obligation.
- Make other internal and lawful uses of that information that are compatible with the context in which you provided it.
We will delete or deidentify personal information not subject to one of these exceptions from our records and will direct our service providers to take similar action.
Exercising Your Rights to Know or Delete
To exercise your rights to know or delete described above, please submit a request by: Emailing us at [email protected]
Only you, or someone legally authorized to act on your behalf, may make a request to know or delete related to your personal information. You may also make a request to know or delete on behalf of your child.
You may only submit a request to know twice within a 12-month period. Your request to know or delete must:
- Provide sufficient information that allows us to reasonably verify you are the person about whom we collected personal information or an authorized representative.
- Describe your request with sufficient detail that allows us to properly understand, evaluate, and respond to it.
We cannot respond to your request or provide you with personal information if we cannot verify your identity or authority to make the request and confirm the personal information relates to you. We will only use personal information provided in the request to verify the requestor’s identity or authority to make it.
Response Timing and Format
We will confirm receipt of your request within ten (10) business days. If you do not receive confirmation within the 10-day timeframe, please email [email protected]
We endeavor to substantively respond to a verifiable consumer request within forty-five (45) days of its receipt. If we require more time (up to another 45 days), we will inform you of the reason and extension period in writing.
If you have an account with us, we will deliver our written response to that account. If you do not have an account with us, we will deliver our written response by mail or electronically, at your option.
Any disclosures we provide will only cover the 12-month period preceding our receipt of your request. The response we provide will also explain the reasons we cannot comply with a request, if applicable. For data portability requests, we will select a format to provide your personal information that is readily useable and should allow you to transmit the information from one entity to another entity without hindrance.
We do not charge a fee to process or respond to your verifiable consumer request unless it is excessive, repetitive, or manifestly unfounded. If we determine that the request warrants a fee, we will tell you why we made that decision and provide you with a cost estimate before completing your request.
We will not discriminate against you for exercising any of your CCPA rights. Unless permitted by the CCPA, we will not:
- Deny you goods or services.
- Charge you different prices or rates for goods or services, including through granting discounts or other benefits, or imposing penalties.
- Provide you a different level or quality of goods or services.
- Suggest that you may receive a different price or rate for goods or services or a different level or quality of goods or services.
Other California Privacy Rights
California’s “Shine the Light” law (Civil Code Section § 1798.83) permits users of our Website that are California residents to request certain information regarding our disclosure of personal information to third parties for their direct marketing purposes. To make such a request, please send an email to [email protected]
Email: [email protected]