360 Property Data
CoreLogic powers businesses with unrivaled property data, insights and technology.
Explore Our DataCoreLogic powers businesses with unrivaled property data, insights and technology.
Explore Our DataDifferentiate with insights and analysis from CoreLogic property data.
Know MoreProperty. People. Potential. CoreLogic unlocks value for the entire property ecosystem.
Learn MoreEffective Date: January 1, 2023
In accordance with the California Consumer Privacy Act (“CCPA”), this California Privacy Notice (“Notice”) supplements, for California residents, the general privacy policies of CoreLogic, Inc. (together with its relevant subsidiaries, associates, and affiliated companies, “CoreLogic,” “us,” “we,” or the “Company”) including, without limitation, our Privacy Policy, and any other privacy policies, notices or statements on a “Service” (e.g., website, mobile app, or any other digital asset) that is owned and operated by the Company. This Notice provides information regarding our data practices, including our collection, use, disclosure, and sale of information that identifies, relates to, describes, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer or household (collectively, “Personal Information”).
PLEASE NOTE:
If you are not a California resident, the rights described in this Notice do not apply to you. Even if you are a California resident, the rights described in this Notice may not apply to you as a result of certain exemptions in the CCPA, including those for publicly available data and data subject to certain other privacy laws, such as the Gramm-Leach-Bliley Act and Fair Credit Reporting Act (as described in more detail below).
The rights described in this Notice will apply to you only if you are currently a California resident and you are:
OR
Please note that although you will get a timely response using the toll-free telephone number, you will likely get a faster response using our online form.
1. CCPA EXEMPTIONS
We are a leading global property information, analytics and data-enabled software platforms and services provider. We provide B2B products and services and do not offer products or services directly to consumers. Except for HR Data Subjects and B2B Data Subjects, when we do collect and process Personal Information from or about consumers, we have determined it is in one of the following contexts that are exemptions under the CCPA:
Data That Is Processed in Our Capacity as a Service Provider. When we process consumer Personal Information as a service provider for another business, that business, not us, is the owner and controller of the Personal Information and responsible for any CCPA requests related to that data. If you want to inquire about Personal Information we process for our clients as their service provider, you should contact those entities directly. Due to confidentiality considerations, we do not disclose or confirm the identity of our clients or what data we process for them.
Data That Is Regulated and Protected by Other Laws. The CCPA recognizes that other privacy laws already exist to protect certain types of Personal Information under certain circumstances. We are subject to and comply with several of these laws, including the federal Fair Credit Reporting Act (FCRA), the federal Gramm-Leach-Bliley Act (GLBA), the Driver’s Privacy Protection Act of 1994 (DPPA), and the California Financial Information Privacy Act. The CCPA exempts Personal Information that is already regulated and protected by those laws, and we apply our obligations under those laws to that data.
Data That Is Publicly Available. The CCPA exempts Personal Information that is “publicly available,” which means information that is lawfully made available from federal, state, or local government records, or information that a business has a reasonable basis to believe is lawfully made available to the general public by the consumer or from widely distributed media, or by the consumer; or information made available by a person to whom the consumer has disclosed the information if the consumer has not restricted the information to a specific audience.
Data That Is Deidentified or Aggregated. The CCPA does not consider deidentified or aggregated data to be Personal Information. “Aggregated” data is information that relates to a group or category of consumers, from which individual consumer identities have been removed, that is not linked or reasonably linkable to any consumer or household, including via a device. “Deidentified” data is information that cannot reasonably be used to infer information about, or otherwise be linked to, a particular consumer. We commit to maintain and use the information in deidentified form and not to attempt to reidentify the information, except that we may attempt to reidentify the information solely for the purpose of determining whether our deidentification processes are effective.
2. NOTICE OF DATA PRACTICES
The description of our data practices in this Notice covers only the twelve (12) months prior to the Effective Date and will be updated at least annually. Our data practices may differ between updates; however, if materially different from this Notice, we will provide pre-collection notice of the current practices, which may include references to other privacy policies, notices or statements posted or referenced on the Service that reflect current practices.
(a) Personal Information Collection and Retention
In the last 12 months, we collected and retained Personal Information about Consumers as follows:
Category of Personal Information | Examples of Personal Information Collected and Retained | Maximum Retention Period |
1. Identifiers | Real name, alias, postal address, unique personal identifiers, online identifier, Internet Protocol address, email address, and account name. | Period of engagement / relationship with CoreLogic (if applicable) plus 7 years. |
2. Personal Records | Name, signature, description, address, telephone number, and financial information (e.g., payment card information). Some Personal Information included in this category may overlap with other categories. | Period of engagement / relationship with CoreLogic (if applicable) plus 7 years. |
3. Personal Characteristics or Traits | In some circumstances, we may collect Personal Information that is considered protected under U.S. law, such as age, gender, nationality, race or information related to medical conditions. | Period of engagement / relationship with CoreLogic (if applicable) plus 7 years. |
4. Customer Account Details/Commercial Information | Records of products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies. | Period of engagement / relationship with CoreLogic (if applicable) plus 7 years. |
5. Biometric Information | Physiological and biological characteristics, which can be used to establish individual identity, including but not limited to fingerprints. Only for HR benefits purposes. | Period of engagement / relationship with CoreLogic (if applicable) plus 7 years. |
6. Internet Usage Information | When you browse our Services or otherwise interact with us online, we may collect browsing history, search history, and other information regarding your interaction with our Services or other sites, applications, or advertisements. | Period of engagement / relationship with CoreLogic (if applicable) plus 7 years. |
7. Geolocation Data | If you interact with us online we may gain access to the approximate location of the device or equipment you are using. | Period of engagement / relationship with CoreLogic (if applicable) plus 7 years. |
8. Sensory Data | We may collect audio, electronic, or similar information when you contact us through our customer service line. | Period of engagement / relationship with CoreLogic (if applicable) plus 7 years. |
9. Professional or Employment Information | Professional, educational, or employment-related information. | Period of engagement / relationship with CoreLogic (if applicable) plus 7 years. |
10. Non-public Education Records | Education records directly related to a student maintained by an educational institution or party acting on its behalf, such as grades, transcripts, class lists, student schedules, student identification codes, student financial information, or student disciplinary records. | Period of engagement / relationship with CoreLogic (if applicable) plus 7 years. |
11. Inferences from Personal Information Collected | We may draw inferences from other information we collect about you. | Period of engagement / relationship with CoreLogic (if applicable) plus 7 years. |
12. Sensitive Personal Information | This may include Personal Information that reveals:
|
Period of engagement / relationship with CoreLogic (if applicable) plus 7 years. |
(b) Sources of Personal Information
We collect Personal Information from visitors of our website as set forth in Section 2 of our Privacy Policy. Additionally, we may purchase customer lists containing business contact information, which is considered Personal Information under the CCPA.
We collect Personal Information from HR Data Subjects in connection with their application for employment/engagement and actual employment/engagement with CoreLogic.
We collect Personal Information from B2B Data Subjects in connection with their business and/or website interaction with CoreLogic.
(c) Use of Personal Information
Information regarding how we use Personal Information obtained from our website can be found in Section 2 of our Privacy Policy. Personal Information obtained from customer lists is used for marketing purposes.
Personal Information from HR Data Subjects is used solely in connection with HR purposes.
Personal Information obtained from B2B Data Subjects is used for the purposes of the business transaction(s) with CoreLogic and may be further used for marketing purposes.
(d) Personal Information Disclosure Practices
During the past 12 months, we did not “sell” or “share”, as those terms are defined by the CCPA, any of the categories of Personal Information described above. To our knowledge, we have not collected, sold or shared Personal Information from children under the age of 16.
During the last 12 months, for the purposes explained in our Privacy Policy, we disclosed such Personal Information to our vendors, other members of our corporate group, government entities (when we are under a duty to disclose or as required to protect our rights or the rights of others), and other parties as more fully set forth below:
Category of Personal Information | Categories of Recipients |
1. Identifiers |
|
2. Personal Records |
|
3. Personal Characteristics or Traits |
|
4. Customer Account Details / Commercial Information |
|
5. Biometric Information |
|
6. Internet Usage Information |
|
7. Geolocation Data |
|
8. Sensory Data |
|
9. Professional or Employment Information |
|
10. Non-public Education Records |
|
11. Inferences from Personal Information Collected |
|
12. Sensitive Personal Information |
|
3. YOUR CONSUMER PRIVACY RIGHTS AND HOW TO EXERCISE THEM
As discussed above, the data included in our products and services are not subject to the CCPA as a result of certain exemptions found in the CCPA. Therefore, consumers (other than HR Data Subjects and B2B Data Subjects) will not be able to exercise rights granted under the CCPA.
As described more below, subject to our being able to verify your identity (discussed below), you may exercise the privacy rights described in this section.
(a) Right to Know/Access
You are entitled to access the Personal Information that we maintain about you up to twice in a 12-month period.
(1) Categories
You have a right to submit a request for any of the following for the 12-month period preceding the request date:
(2) Specific Personal Information
You may request to confirm if we are processing your Personal Information and, if we are, to obtain a transportable copy, subject to applicable request limits, of your Personal Information that we have collected and are maintaining. Before providing you with the specific Personal Information that we maintain about you, we will apply the heightened verification standards described in the How to Exercise Your Consumer Privacy Rights section below.
(b) Right to Delete
Subject to certain exceptions, you may request that we delete your Personal Information.
(c) Correct Your Personal Information
You may request that we correct any inaccuracies you find in the Personal Information that we maintain about you.
(d) Right to Limit Use and Disclosure of Sensitive Personal Information
With regard to Personal Information that qualifies as “Sensitive Personal Information” under the CCPA, as of January 1, 2023, if you elect to provide us with Sensitive Personal Information you may limit the purposes for which we may process it to the following:
(e) How to Exercise Your Consumer Privacy Rights
To submit a request to exercise your privacy rights as an HR Data Subject or B2B Data Subject, or to submit a request as an authorized agent, please follow the instructions at our HR Data Subject Request or B2B Data Subject Request, or call us at 1-800-634-4149 and respond to any follow-up inquiries we make. Please be aware that we do not accept or process requests through other means (for example, via fax, chats, social media, etc.).
(1) We Must Verify Your Identity
When you submit a request, we may ask you to provide verifying information, such as your name, email, phone number and/or mailing address. We will review the information provided and may request additional information via email or other means to ensure we are interacting with the correct individual. We will not fulfill your request unless you have provided sufficient information for us to reasonably verify you are the Consumer about whom we collected Personal Information. We do not verify requests to limit the processing of sensitive Personal Information unless we suspect fraud.
We will use Personal Information provided in your request only to verify your identity or authority to make the request and to track and document request responses, unless you also gave it to us for another purpose.
We verify each request as follows:
If you fail to provide the data points specified above, we will be unable to verify you sufficiently to honor your request.
(2) Agent Requests
You may use an authorized agent to exercise your rights on your behalf. Authorized agents may demonstrate that the agent has authority to exercise rights on the behalf of the requesting HR Data Subject or B2B Data Subject by any of the methods specified in Section 3(e) of this Notice. Thereafter, we will require evidence of the agent’s identity (via submission of a driver’s license or other government-issued identification), and at least one of the following evidencing proof of your legal authority to act on the behalf of the individual who is the subject of this request:
Whenever you interact with us on behalf of another individual or entity, such as by providing or accessing Personal Information about another individual, you represent that your interactions and exchanges comply with applicable data privacy laws. You shall have sole responsibility for any violation of applicable laws as a result of a failure to obtain any necessary consent from such individual.
(f) Our Responses
Some Personal Information that we maintain is insufficiently specific for us to be able to associate it with a Consumer (e.g., clickstream data tied only to a pseudonymous browser ID). We do not include such Personal Information in response to requests. If we cannot comply with a request, we will explain the reasons in our response.
We will not charge a fee to respond to your requests; provided, however, that we may charge a reasonable fee, or refuse to act upon a request, if your request is excessive, repetitive, unfounded, or overly burdensome. If we determine that the request warrants a fee, or that we may refuse it, we will give you notice explaining why we made that decision.
Consistent with our interest in the security of your Personal Information, we will not deliver to you your Social Security number, driver’s license number, or other government-issued ID number, financial account number, any health or medical identification number, an account password, security questions or answers, or unique biometric information generated from measurements or technical analysis of human characteristics in response to a privacy rights request.
4. NON-DISCRIMINATION
We will not discriminate against you in a manner prohibited by the CCPA for your exercise of your privacy rights.
5. OUR RIGHTS AND THE RIGHTS OF OTHERS
Notwithstanding anything to the contrary, we may collect, use and disclose your Personal Information as required or permitted by applicable law and this may override your rights under U.S. Privacy Laws. In addition, we are not required to honor your requests to the extent that doing so would infringe upon our or another person’s or party’s rights or conflict with applicable law.
6. CONTACT US
If you have any questions, comments, concerns, or complaints about our privacy practices, please contact us by email at [email protected].