Apartments in South Bend Indiana

Privacy Policy

This privacy policy is established in conformance with the Indiana Consumer Data Protection Act (INCDPA). We take the privacy and security of data and information collected through our site very seriously, and in addition we are strive to maintain the strictest standards of the INCDPA, which takes effect in 2026. We are considered a data controller (“controller”) with respect to the INCDPA, as we have control over and determine the purposes and means of processing personal data collected from users and other person who visit and use our website (“site”), but we may also at times be a data processor (“processor”), processing the personal data collected by other controllers.

What Information Is Covered?

The INCDPA applies to “personal data,” which it defines as information that is linked or reasonably linkable to an identified or identifiable individual, and “sensitive data,” which includes genetic or biometric data, data of known children, precise geolocation data and personal information revealing racial or ethnic origin, religious beliefs, and health status.

What Information is Not Covered?

Data-Level Exemptions

The INCDPA excludes data that is de-identified, aggregated or publicly available. The INCDPA expressly excludes from the definition of “consumer,” individuals acting in a commercial or employment context, which means that data collected from individuals acting in these capacities is not protected under the law, though we will still exercise great care in protecting such data, within the bounds of our data usage policies. Other data exempt from the INCDPA include data subject to the Graham-Leach-Bliley Act (GLBA), and the Family Education Rights and Privacy Act (FERPA), as well as personal data processed in compliance with the Fair Credit Reporting Act (FCRA) and the Driver’s Privacy Protection Act (DPPA). However, this exempt data is protected by those federal laws, and we act to protect such data in accordance with those laws and our best practices if and when such protected data is collected by us through use of our site(s).

What Do We Do As Controllers?

As controllers, we limit collection of personal data to what is adequate, relevant, and reasonably necessary in relation to the disclosed purposes for which the data is processed, which in this case is the data collected from visitors on our site(s) to best serve our visitors and our Clients. We have established and maintain reasonable administrative, technical, and physical data security practices to safeguard personal data. We do not process personal data in violation of state or federal laws against unlawful discrimination against consumers. When the data we collect as controllers is processed by a third party processor, our agreement with such a processor details the nature and purpose of the processing, instructions for the processing, and the rights and obligations of both parties. Any processor we use, in addition to maintaining the high privacy standards legally required and expected of them is also bound by legal and contractual obligations, such as deleting or returning all personal data to us upon our request at the time we cease to use the processor's services. Whenever we collect sensitive data through our site, we will first require the visitor or other consumer to opt-in consent before processing any such sensitive data. Sensitive data of a known child is always processed in accordance with the Children’s Online Privacy Protection Act (COPPA). Whenever we collect and process personal information and sensitive data we will tell you

  1. the categories of data processed by us;
  2. the purpose for processing;
  3. how consumers may exercise their rights under the law including how to appeal a decision regarding a consumer request;
  4. the categories of personal data shared with third parties; and
  5. categories of third parties with whom personal data is shared.

This information may be found at the bottom of this Privacy Policy

If we ever sell personal data to third parties or using it for targeted advertising, we will clearly and conspicuously disclose the activity and the manner in which a consumer may opt out.

What Do We Do As Processors?

Pursuant to the federal and state law, our data privacy policies include conducting data protection impact assessments whenever, acting as processors, we process personal data:

  1. for targeted advertising;
  2. for sale within the bounds of our site services or agreements with our Clients; 
  3. for the purposes of profiling if the profiling presents certain reasonably foreseeable risks;
  4. that contains sensitive data; and 
  5. for any of our activities involving personal data that present a heightened risk of harm to consumers. As processors we adhere to controller instructions and assist the controller with their obligations, including 
  6. responding to consumer requests,
  7. implementing appropriate technical and organizational data security measures,
  8. notification in the event of a breach, and 
  9. providing information for data protection impact assessments.

What Are Your Consumer Rights?

Consumers have the rights to:

  1. know if we are processing the consumer’s personal data and if so, to access that data;
  2. request correction of inaccuracies, but only for data they provided to us (as opposed to data about them collected from other sources); 
  3. obtain a copy or representative summary of their data;
  4. request deletion of that data; and
  5. specifically opt out of the processing of personal data for targeted advertising, the sale of personal data, and profiling in furtherance of decisions that produce legal or similarly significant effects concerning the consumer. 

The sale of personal data means personal data exchanged for monetary consideration by us to a third party. A sale of personal data does not include disclosure of personal data:

  1. to a processor;
  2. to a third party providing services requested by a consumer or a child’s parent;
  3. to one of our affiliates;
  4. that a consumer intentionally made available to the public and did not restrict the audience for;
  5. pseudonymous data where any information necessary to identify the consumer is kept separately and is subject to effective technical and organizational controls that prevent us from accessing such information in addition to our exercise of reasonable oversight when such data is disclosed; or
  6. to a third party as an asset that is part of a merger, acquisition, or other transaction involving our assets.

We will respond and acknowledge consumer requests within 45 days. If we cannot respond to a request within the first 45 days, we will extend our response timeline by an additional 45 days when reasonably necessary, and provide you, the consumer, with notice and explanation of the reason behind the extension. You may appeal any refusal on our part to take action on requests to exercise their rights by writing us at our address below and specifically describing the data in question, the action you desire, and the legal basis for your request. Please put APPEAL at the top of any such document.

The INCDPA does not provide a private right of action and grants exclusive enforcement authority to the Indiana Attorney General (AG). The AG may issue civil investigative demands when the AG has reasonable cause to believe the law has been violated. The AG may seek injunctive relief and civil penalties, but only after first providing us with 30 days’ notice to cure the violation. Within those 30 days, we will provide the AG a written statement that the violations have been cured and no such violations will occur in the future. The INCDPA takes effect on January 1, 2026. Exclusive of your rights and remedies under the INCDPA, you may have other rights and remedies under federal and state law. We do no business with, nor is our site intended for use by, foreign consumers and visitors.