Privacy Policy
The California Department of Real Estate is committed to protect and serve the interests of the public in real estate transactions and provide related services to the real estate industry. The DRE is also committed to promoting and protecting the privacy rights of individuals, as enumerated in Article 1 of the California Constitution, the Information Practices Act of 1977, and other state and federal statutes.
It is the policy of the Department of Real Estate to safeguard the privacy of personal information collected or maintained by the DRE. The Department's information management practices are consistent with the Information Practices Act (Civil Code Section 1798 et seq.), the Public Records Act (Government Code Section 6250 et seq.), Government Code Sections 11015.5 and 11019.9, and with other applicable laws pertaining to information privacy.
You should be aware that some of the information or correspondence you provide to the DRE becomes a public record and may be subject to disclosure to anyone who asks for it under the state Public Records Act (Government Code Section 6250 et seq.); to another government agency as required by state or federal law; and/or in response to a court or administrative order, subpoena or search warrant.
The DRE follows these principles in collecting and managing personal information:
- We collect information that is relevant and necessary - We limit the collection of personal and public information to
what is required to accomplish the lawful purpose of the DRE. For example, we need to know someone's address, telephone number,
birth date, and social security number, among other things, in order to properly identify the person before
issuing a real estate license. We also gather pertinent evidence as part of an investigation of a real estate transaction, as part of
an applicant or license criminal background check, and obtain financial information as part of an audit of a real estate brokerage
operation. Personal information, as defined in the Information Practices Act, is information that identifies or describes an individual
including, name, social security number, physical description, home address, home telephone number, education, financial matters, and
medical or employment history.
- We use information only for the specified purposes, or reasons consistent with those purposes, unless we get the consent of the
individual, or unless required by law or regulation - The Public Records Act exists to ensure that government is open and that
the public has a right to have access to appropriate records and information possessed by State government. At the same time, there are
exceptions in both State and Federal law to the public's right to access public records. These exceptions serve various needs including
maintaining the privacy of individuals. In the event of a conflict between this Policy and the Public Records Act, the Information
Practices Act or other law governing the disclosure of records, the applicable law will control.
- We observe eCommerce security practices - We have in place physical, electronic, and procedural safeguards to protect
the eLicensing users' personal information. We have successfully undergone routine audit and independent reviews of our security
infrastructure. No personal information such as a social security number, birth date, user name or password is stored on the web servers.
Web servers are segregated into a distinct network so that increased security measures can be employed. Privacy is handled by encryption.
This level of encryption helps to ensure that information is secure when the data is transmitted. All eLicensing transactions are protected
using Secure Socket Layer (SSL) technology with 128-bit encryption. SSL encrypts the individual's personal information before it leaves
his/her computer, ensuring that it cannot be read by unauthorized persons. The use of 128-bit encryption is the standard for protecting
financial and personal information on the web. The DRE does not store any credit card information on file and only retains the authorization
information provided by the secured payment processing center.
- We use information security safeguards - We take reasonable precautions to protect the personal information on individuals collected or maintained by the Department against loss, unauthorized access, and illegal use or disclosure. Personal information is stored in secure locations. Our staff is trained on procedures for the release of information, and access to personal information is limited to those staff whose work requires it. Confidential information is destroyed according to the Department's records retention schedule. The DRE conducts periodic audits to ensure that proper information management policies and procedures are being followed.
California is the first state to have an agency dedicated to promoting and protecting the privacy rights of consumers.