Privacy Policy (GDPR + CCPA)

In compliance with applicable personal data protection regulations, users are informed that the processing of personal data collected through the website:

www.kelycoriatrealtor.com

(hereinafter, the “Website”)

is the responsibility of:

Kely Coriat, Realtor®
Licensed real estate professional in the United States
(hereinafter, the “Controller”).

The Website may collect the following personal data, depending on the user's use:

• First and last name
• Email address
• Phone number
• Information voluntarily provided in forms or messages
• Contact data sent via WhatsApp, email or other communication channels
• IP address, browser type, device and browsing data (cookies)

The user guarantees that the data provided are truthful, current and correct.

The personal data collected are used for the following purposes:

• Responding to real estate information requests
• Contacting users interested in real estate services
• Sending information related to properties, services or real estate processes
• Managing commercial communications and follow-ups
• Improving the user experience on the Website
• Complying with legal and regulatory obligations

Data will not be used for purposes incompatible with those described above.

In accordance with the General Data Protection Regulation (GDPR), data processing is based on:

• The user's explicit consent, given when completing forms or contacting voluntarily
• The Controller's legitimate interest to respond to inquiries and offer real estate services
• Compliance with applicable legal obligations

The user may withdraw consent at any time.

Personal data will be retained:

• For the time necessary to fulfill the purpose for which they were collected
• While there exists a commercial or professional relationship of interest
• For the periods required by applicable law

Thereafter, data will be deleted or anonymized securely.

Personal data will not be sold, rented or transferred to third parties for commercial purposes. However, they may be shared with:

• Technology service providers (hosting, email, CRM, marketing tools)
• Messaging or communication platforms
• Competent authorities, where there is a legal obligation

All third parties operate under confidentiality and data protection agreements.

If technology providers located outside the user's country of residence are used, data may be subject to international transfers, ensuring adequate levels of protection at all times, in accordance with standard contractual clauses or other recognized legal mechanisms.

The user has the right to:

• Access their personal data
• Rectify inaccurate or incomplete data
• Request the deletion of their data ("right to be forgotten")
• Restrict or object to processing
• Request data portability
• Withdraw consent at any time

To exercise these rights, the user may contact through the means indicated on the Website.

Residents of the State of California have the right to:

• Know what personal data are collected
• Request deletion of their personal data
• Request correction of inaccurate information
• Opt-out of the sale or sharing of data (the Website does NOT sell personal data)
• Not be discriminated against for exercising their privacy rights

Requests may be made using the contact means available on the Website.

The Website may use cookies and similar technologies to:

• Analyze browsing habits
• Improve Website functionality
• Optimize the user experience

The user may configure their browser to reject or delete cookies. Continued use of the Website implies acceptance of the cookies policy.

The Controller adopts reasonable technical and organizational measures to protect personal data against:

• Unauthorized access
• Loss, alteration or improper disclosure

Nonetheless, the user acknowledges that no system is completely secure.

The Website may contain links to third-party websites. The Controller is not responsible for the privacy policies or the content of such external sites.

The Website is not directed to minors under 18 years of age. Personal data of minors are not knowingly collected. If such information is detected, it will be deleted immediately.

The Controller reserves the right to modify this Privacy Policy at any time. Changes will take effect from their publication on the Website.

This Privacy Policy is governed by:

• The General Data Protection Regulation (GDPR)
• The California Consumer Privacy Act (CCPA) and the California Privacy Rights Act (CPRA)
• The applicable laws of the State of New Jersey, United States