Privacy


BURBRIDGE REALTY COMPANY POLICY

The Gramm-Leach-Billey Act of 1999, also know as the Financial Services Modernization Act, instituted significant changes to the laws governing financial institutions.  Title V of this act sets for provisions addressing the rights of a consumer with respect to privacy of non-public information.  The regulation obligates the financial institution to inform the consumer of its information-sharing practices with both affiliated and non-affiliated third parties;  the rights of the consumer and the security provided for consumer information by the institution.  To comply with this act and NCUA Rules and Regulations Burbridge Realty Company (BRC) has adopted the following policy:

PRIVACY STATEMENT

BRC acknowledges its responsibility to protect the personal and financial information entrusted to us by our clients.  Clients shall hereafter include owners of properties managed, all tenants, prospective tenants and vendors providing good/services to properties managed by BRC.  It is our belief that all the personal and financial information provided us should be considered as such, therefore we will never allow it to be compromised for any purpose.  We are committed to maintaining the clients’ trust and have developed the following privacy procedure.

PROCEDURE

Collection of Client Information

Information we receive on applications, management agreements, leases, purchase and sales agreements, contracts to purchase goods/services on behalf of clients and other form;
Information from transactions with us or others including those companies that work closely with us to provide diverse financial products and services;
Information we receive from a credit reporting agency;
Information obtained when verifying the information provided on applications, management agreements, leases, purchase and sales agreements, contracts to purchase goods/services on behalf of clients and other form(s) this may be obtained from current or past employers, or from other institutions) and;
Information we may obtain from consumer purchasing and census data providers to develop competitive marketing programs for our clients.
BRC will use this information as appropriate in the normal course of our business to provide the products and services that our clients request.  We will also use this information to provide positive identification of the clients.

Disclosure of Client Information

We will not disclose information to third parties concerning a client’s business with us, except:

When such disclosure is necessary to complete the transactions, and then only as permitted by law;
To verify the existence and conditions of an account for a third party such as a credit bureau, and then only as permitted by law;
To comply with any court order or applicable laws or regulations; or
When the client gives us written permission.
Disclosure of Information about Former Client

If a client decides to terminate their agreement/contract with BRC, we will not share information that we have collected and about the client, except as my be permitted or required by law.

Protection of Client Information

BRC knows the value of the client’s privacy rights.  We use care to ensure all information is kept confidential and secure.  We have technology in place to monitor the networks and all processes.  We use the latest safeguards to keep our clients’ funds and information that has been entrusted to us safe.  We do not sell information to third parties.

We restrict access to nonpublic information about the client to those employees who need to know that information to provide products and/or services.  We maintain physical, electronic, and procedural, safeguards that comply with federal regulations to guard the clients’ nonpublic personal information.

Unauthorized Access to Client Accounts

In the event a client’s sensitive information has been compromised or BRC determines actual misuse has taken place, the following procedures are to be followed:

Conduct and investigation to assess the nature and scope of the incident and identify what client information systems and types of clients’ information have been accessed or abused.
Notify client as soon as possible.  This notice may be delayed if an appropriate law enforcement agency determines that notification will interfere with a criminal investigation and provides BRC with a written request for the delay.  However, client should be notified as soon as notification would no longer interfere with law enforcement’s investigation. 
Required Notice Information

If BRC can positively identify exactly which client was impacted, then notice is only required to them.  If, however, it is impossible to tell whose information may have been compromised, then all clients that could potentially be affected must be notified.

Notification is a requirement and may be by mail, phone, or e-mail.  Generally describe the incident and the type of information that was accessed or used and include the following:

Tell the client what BRC has done to protect his/her information and prevent further incident;
Include a telephone number the client can call for further information and assistance;
Remind Client to be vigilant over the next 12 to 24 months and to report any suspected indentity theft to BRC.
If the investigating employee deems it appropriate, the client should also be advised as follows:

Recommend the client review account statements and report any suspicious activity to the BRC;
Describe fraud alerts and explain how the client may have one placed in his/her credit file.
Recommend the client periodically obtain credit reports from each of the three national credit bureaus and have information relation to fraud deleted.
Explain to the client how to obtain a free credit report:

Request a report by phone by calling 1-877-322-8338.  The client will go through a simple verification process over the phone and the credit report will be mailed to them.
Request a report by mail by writing to Annual Credit Report Services, P.O. Box 105281, Atlanta, GA  30348-5281.  The client will need to include their name, including middle initial, date of birth, social security number and complete physical address, including ZIP code.  If they have been at their address for less than two years, provide the information for the previous address.
If there is any possibility that the client’s identity has been stolen, inform the client of the Federal Trade Commission’s online theft guidance and explain the urgency to contact them immediately at http://www.ftc.gove/idtheft, or in the case they do not have access, they can telephone toll free for reports of identity theft at 1-877-438-4338 (877 IDTHEFT).  There they will receive instructions to guide them through a procedure to follow.

There is no specific timing requirement for the notice, but it should be delivered “as soon as possible”, unless its delivery would hinder a law enforcement effort.  If this is the case, be sure to obtain written evidence of the request for delay.