State Privacy Notice

Effective Date: January 1st, 2025

CONTENTS

U.S. State Privacy Notice
  1. Collection of Personal Information
  2. Use of Personal Information
  3. Disclosure of Personal Information
  4. Retention of Personal Information
  5. State Consumer Rights
  6. Additional Notices for California Residents
Washington Consumer Health Data Privacy Policy
  1. Consumer Health Data Collection, Use, and Processing
  2. Sharing Consumer Health Data
  3. Consumer Health Data Rights
Contact Us


U.S. State Privacy Notice

This U.S. State Privacy Notice (“Notice”) describes how Equity Residential and its affiliates, subsidiaries, and related entities (collectively, “Equity Residential,” “we,” “our” or “us”) processes Personal Information of Consumers through our website at equityapartments.com and our mobile application (the “Online Services”), as well as your offline interactions with us (together with the Online Services, the “Services”).

This Notice applies to “Consumers” as defined under applicable U.S. state privacy laws, including the California Consumer Privacy Act (the “CCPA”), the Colorado Privacy Act, the Texas Data Privacy and Security Act, and all laws implementing, supplementing, or amending the foregoing, including regulations promulgated thereunder (collectively, “U.S. Privacy Laws”). Capitalized terms used but not defined in this Notice shall have the meanings given to them under U.S. Privacy Laws.

For purposes of this Notice, “Personal Information” means information that identifies, relates to, or could reasonably be linked with an individual. Personal Information does not include publicly available, deidentified, or aggregated information.

This Notice does not apply to our job applicants, current employees, former employees, or independent contractors. California job applicants can learn about our data practices as relates to them in our California Applicant Privacy Notice. California employees and independent contractors should see our California Employee Privacy Notice for additional disclosures. This Notice supplements our privacy policies, including, without limitation, our Website Privacy Policy. In the event of a conflict between any other Equity Residential policy, notice, or statement and this Notice, this Notice will prevail as to Consumers unless stated otherwise.

We may update this Privacy Policy from time to time, as indicated by the “Effective Date” date at the top of this Privacy Policy. Any changes to this Privacy Policy will be effective as of the “Effective Date” date at the top of this page, unless otherwise expressly indicated. We encourage you to review this Privacy Policy whenever you visit the Site.

Unless otherwise stated, the description of our data practices in this Notice covers our current practices and our practices in the twelve (12) months prior to the Effective Date.

1. Collection of Personal Information

We may collect your Personal Information directly from you; from security systems at our properties; automatically when you interact with our Online Services; from our service providers; from public sources of data such as government databases; and from other businesses or individuals.

We collect the following categories of Personal Information about Consumers. Note that the Personal Information we collect about you may vary depending on the nature of your interactions with us, and may not include all of the examples below.

  • Identifiers, including real name, alias, postal address, unique personal identifiers, online identifier, Internet Protocol address, email address, account name, or other similar identifiers.
  • Personal Records, including name, signature, physical characteristics or description, address, telephone number, education, employment, employment history, insurance policy number, and financial information (e.g., bank account or credit card number).
  • Characteristics of Protected Classifications Under State or Federal Law, including sex, marital status, veteran status, familial status, disability, age, gender identity, or creed, but only when that information is relevant for our Business Purposes.
  • Commercial Information, including records of services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies.
  • Internet or Other Electronic Network Activity, including device identifiers, mobile network, operating system details, language preferences, referring URLs, length of visits, traffic data, pages viewed, and information regarding interactions with the Services.
  • Geolocation Data, including approximate location of the device or equipment you are using.
  • Sensory Data, including audio recordings of customer support calls, video security footage, photographs, and other electronic, visual, or similar information.
  • Professional or Employment Information, including professional or employment-related information to determine income eligibility for leasing.
  • Inferences drawn from other Personal Information we process to create a profile about you reflecting your preferences, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities, and aptitudes.

We do not use or disclose Sensitive Personal Information for purposes to which the right to limit use and disclosure applies under the CCPA.

As permitted by applicable law, we may convert your Personal Information into deidentified data or aggregate Consumer information. We will not attempt to reidentify data that we maintain as deidentified.

2. Use of Personal Information

We or our vendors may use the Personal Information described above for the following purposes:

  • Provide Services or Process Transactions, including by maintaining or servicing your account; operating and maintaining our Services; providing information about our Services; processing your payments and other transactions; communicating with you about our Services; and responding to your requests and questions.
  • Communicate With You, including providing account notifications or service order updates; responding to your questions or feedback; confirming your preferences; providing you information about our Services; and contacting you regarding Services, billing, and transactions.
  • Operate Our Business, including performing system administration and technology management; carrying out internal administration, such as recordkeeping and auditing; identifying prospective tenants, partners, service providers, and vendors; managing our relationships with our tenants, partners, service providers, and vendors; and fulfilling purposes that we describe to you at the time we collect your Personal Information.
  • Conduct Business Analytics, including evaluating how our Services perform; tracking and responding to quality and security issues; forecasting and planning; developing statistics on engagement with our Services; and measuring how well marketing and promotional activities perform.
  • Maintain Security and Integrity, including protecting our Services from cyber risks; authenticating users; preventing, identifying, investigating, and responding to fraud, illegal or malicious activities, and other liabilities; enforcing our policies and terms; protecting our rights; fulfilling our legal obligations; and generally providing you with a secure experience when using our Services.
  • Perform Quality, Safety, and Internal Research, including evaluating how our Services perform; repairing or improving the quality of our Services; tracking and responding to quality and security issues; and developing new or enhanced products and service offerings.
  • For Advertising and Marketing, including measuring the use of our Services and effectiveness of our advertising and marketing; and uncovering insights to improve our Services and provide our users with enhanced features and functionalities, such as personalized experiences.
  • For Legal and Compliance Purposes, including complying with applicable law, court order, governmental regulations, or other legal obligations; assisting in an investigation, regulatory requests, litigation, or arbitration; protecting and defending our rights and property, or the rights or safety of parties; enforcing our terms, policies, or any agreements with parties; comply with health and safety obligations; and prevent crime.
  • For Corporate Restructuring Purposes, including evaluating or executing a merger, divestiture, restructuring, reorganization, dissolution or other sale or transfer of some or all of our assets, as part of regular business operations or pursuant to a bankruptcy, liquidation, or similar proceeding.

3. Disclosure of Personal Information

We may disclose Personal Information for the purposes described above to the following parties:

  • Our group of companies, including with our affiliates, subsidiaries, locations, and brands.
  • Agents, vendors, consultants, and other service providers so that they may provide their services to us, including customer service, business operation and maintenance, product and customer service improvement, promotional support, payment processing, auditing and quality control, communication, and other business operations.
  • Other parties at the Consumer’s direction or through the Consumer’s action.
  • Vendors and other parties for marketing purposes, to improve our Services, or to provide you with products and services that may interest you.
  • Advertising partners for the purposes of ad targeting, remarketing, and customized advertising content.
  • Government or private parties to comply with law or legal process, respond to requests from public and government authorities, enforce our terms and conditions, protect our operations and our rights, privacy, safety or property of you or others, and allow us to pursue available remedies or limit the damages that we may sustain.
  • Our insurers and professional advisors to manage risk, exercise or defend against legal claims, and otherwise obtain professional advice.
  • Parties as part of or during negotiations of any reorganization, acquisition, merger, sale, joint venture, assignment, transfer, or other transaction where another party assumes control over all or part of our business, assets, or stock (including in connection with any bankruptcy or similar proceeding).

4. Retention of Personal Information

We retain Personal Information for as long as necessary for the purposes described in this Notice or otherwise authorized by law. This generally means holding the information for as long as one of the following apply:

  • Personal Information is reasonably necessary to manage our operations, to manage your relationship with us, or to satisfy another purpose for which we collected the Personal Information;
  • Personal Information is reasonably necessary to carry out a disclosed purpose that is reasonably compatible with the context in which the Personal Information was collected;
  • Personal Information is reasonably required to protect or defend our rights or property (which will generally relate to applicable laws that limit actions in a particular case); or
  • Personal Information may be maintained indefinitely according to legal or regulatory requirements, including applicable legal holds, or for data backup or recovery purposes.

Where Personal Information is used for more than one purpose, we will retain it until the purpose with the latest period expires. For more information about our retention policies, please contact us using the contact details below.

5. State Consumer Rights

(a) Exercising Your Rights

To submit a request to exercise your Consumer privacy rights, or to submit a request as an authorized agent:

  • If you are a California, Colorado, or Texas Consumer, use our Privacy Rights Request Form, or call us at (866) 869-5413 and respond to any follow-up inquiries we make.
  • If you are a business-to-business data subject, use our HR and B2B Privacy Rights Request Form or call us at (866) 869-5413 and respond to any follow-up inquiries we make.

If you submit certain requests, we may request additional information to verify your identity, which may require you to log into your account or to provide 2-3 pieces of Personal Information that we will match against our records.

Depending on your state of residence, you may be able to designate an authorized agent to make certain privacy rights requests on your behalf. Such privacy rights requests may have to undergo our verification process, which includes verifying the identity of the agent and their authorization to make the request. An authorized agent may submit a request on your behalf using the email address or toll-free number listed above.

If you need special accommodation, please let us know by contacting us over the phone toll-free at (866) 869-5413, via email at consumerprivacy@eqr.com, or by mail at Two North Riverside Plaza, Suite 400, Chicago IL 60606 Attention: Privacy Compliance. Please be aware that we do not accept or process requests through other means (e.g., fax, chats, social media).

We will not discriminate or retaliate against you for your exercise of your Consumer privacy rights.

(b) Consumer Rights

Depending on your state of residence, you may have the following rights related to your Personal Information:

  • Right to Confirm and Access: You may have the right to confirm that we process your Personal Information, know details about the Personal Information we process, and access your Personal Information. California Consumers may also request:
    • The categories of sources from which the Personal Information was collected.
    • Our Business or Commercial Purposes for collecting, Selling, Sharing, or disclosing Personal Information The categories of recipients to which we disclose Personal Information.
    • The categories of Personal Information that we Sold or Shared, and for each category identified, the categories of Third Parties to which we Sold or Shared that particular category of Personal Information.
    • The categories of Personal Information that we disclosed for a Business Purpose, and for each category identified, the categories of recipients to which we disclosed that particular category of Personal Information.
  • Right to Data Portability: You may have the right to request a copy of your Personal Information in a portable format.
  • Right to Correct: You may request that we correct Personal Information that we maintain about you if you believe such Personal Information is inaccurate.
  • Right to Deletion: You may request that we delete your Personal Information.
  • Right to Opt Out of Sales, Targeted Advertising, and Cross-Context Behavioral Advertising: You may have the right to opt out of the sale of Personal Information, Targeted Advertising, or Cross-Context Behavioral Advertising. To opt out of the Sale or disclosure of your Personal Information for Targeted Advertising or Cross-Context Behavioral Advertising, please use our Cookie preference center. If you choose to use the Global Privacy Control browser signal, you will only be opted-out of online Sales or Sharing of Personal Information, and will need to turn it on for each browser you use.
  • Right to Appeal: You may have the right to appeal a decision that we have made regarding your Consumer privacy request.

We do not Profile in furtherance of decisions that produce legal or similarly significant effects so do not offer this right.

6. Additional Disclosures for California Residents

(a) Selling and Sharing Personal Information

Under California law, we Sell and Share the following categories of Personal Information: Identifiers, Personal Records, Internet or Other Electronic Network Activity, Geolocation Data, and Inferences. We have Sold and Shared Personal Information to Third Parties, including our vendors and other Third Parties for Cross-Context Behavioral Advertising and other marketing and advertising services that we utilize on our Online Services. We do not have actual knowledge that we Sell or Share the Personal Information of Consumers under 16 years of age.

(b) Shine the Light

We may disclose “Personal Information” of California residents as defined by California’s “Shine the Light” law to our affiliates, for their own direct marketing purposes. California residents may also request information about our compliance with the Shine the Light law, and obtain a disclosure of Third Parties we have disclosed information to in accordance with the law for their direct marketing purposes absent your choice (i.e., Equity Residential affiliates) and the categories of information disclosed, by contacting us at consumerprivacy@eqr.com or by sending a letter to us at Two North Riverside Plaza, Suite 400, Chicago, IL 60606, (Attention: Legal Counsel). Requests must include “California Shine the Light Request” in the first line of the description and include your name, street address, city, state, and ZIP code. Please note that we are only required to respond to one request per customer each year, and we are not required to respond to requests made by means other than through the provided email address or mail address.

Washington Consumer Health Data Privacy Policy

This Washington Consumer Health Data Privacy Policy (“Washington Policy”) explains how Equity Residential and its affiliates, subsidiaries, and related entities (collectively, “Equity Residential,” “we,” “our” or “us”) Processes the Consumer Health Data of Washington residents and individuals whose Consumer Health Data is Collected in Washington (“Washington Consumers”) pursuant to the Washington My Health My Data Act (the “MHMD Act”).

For purposes of this Washington Policy, “Consumer Health Data” means Personal Information that is linked or reasonably linkable to a Washington Consumer and that identifies the Washington Consumer’s past, present, or future physical or mental health status.

Capitalized terms that are not otherwise defined in this Washington Policy shall be defined as they are in the MHMD Act.

In the event of a conflict between any other policy, statement, or notice and this Washington Policy, this Washington Policy will prevail as to Consumer Health Data Collected under the MHMD Act.

1. Consumer Health Data Collection, Use, and Purpose

Per the MHMD Act, we collect self-reported health-related information from you or your healthcare provider, such as disability status or accommodation requirements. We use this Consumer Health Data for accommodation purposes, including fulfilling requests.

We may also use Consumer Health Data to prevent, detect, protect against, and respond to security incidents, identity theft, fraud, harassment, malicious or deceptive activities, or any activity that is illegal under Washington state or federal law; preserve the integrity and security of our systems; and investigate, report, or prosecute those responsible for any illegal action under Washington state or federal law.

2. Sharing Consumer Health Data

We Share Consumer Health Data among our Affiliates to carry out our operations and provide services to Washington Consumers, specifically Equity Residential; Equity Residential Management, LLC; and ERP Operating Limited Partnership.

We do not Sell Consumer Health Data.

3. Consumer Health Data Rights

(a) Exercising Your Rights

To submit a request to exercise your privacy rights, use our Washington Consumer Rights Request Form and respond to any follow-up inquiries we make.

If you submit certain requests, we may request additional information to verify your identity, which may require you to log into your account or to provide additional data that we will match against our records.

If you need special accommodation, please let us know by contacting us over the phone toll-free at (866) 869-5413, via email at consumerprivacy@eqr.com, or by mail at Two North Riverside Plaza, Suite 400, Chicago IL 60606 Attention: Privacy Compliance. Please be aware that we do not accept or process requests through other means (e.g., fax, chats, social media).

If you choose to exercise any of your privacy rights, we will not discriminate against you.

(b) Washington Consumer Rights

Washington Consumers have the right to submit certain requests relating to your Consumer Health Data as described below.

  • Right to Confirm: Washington Consumers have the right to confirm whether we are Collecting, Sharing, or Selling your Consumer Health Data. At this time, we do not Sell Consumer Health Data.
  • Right to Access: Washington Consumers have the right to access your Consumer Health Data.
  • Right to Deletion: Washington Consumers have the right to request that your Consumer Health Data be deleted.
  • Right to Withdraw Consent: Washington Consumers have the right to withdraw Consent from our Collection and Sharing of your Consumer Health Data.
  • Right to Obtain Sharing Information: Washington Consumers have the right to obtain a list of all Third Parties and Affiliates with whom we have Shared your Consumer Health Data and an active email address or other online mechanism to contact Third Parties. We do not Share Consumer Health Data with Third Parties, as those terms are defined in the MHMD Act. We only Share Consumer Health Data with our Affiliates.

You may be able to appeal a decision made regarding your privacy request using our Washington Consumer Rights Request Form. In the event we deny your appeal, we will provide a written explanation of the decision, and instructions on how to contact your local Attorney General for further review.

Contact Us

For more information on your privacy rights, or for disability access assistance, contact us at (866) 869-5413, email us at consumerprivacy@eqr.com, or write to us at Two North Riverside Plaza, Suite 400, Chicago, IL 60606 Attention: Privacy Compliance.
© Equity Residential. All Rights Reserved.