Effective date: May 19, 2026 · Last updated: May 19, 2026
Apartment Mailer ("we", "our", or "us") operates apartmentmailer.com. This policy explains what information we collect, how we use it, and your rights regarding that information. By using our site or purchasing a mailing list, you agree to the practices described here.
Account & order data. When you create an account or place an order we collect your name, email address, and billing details (processed directly by Stripe — we never see your full card number).
Usage data. We use Google Analytics 4 (GA4) to collect anonymised information about how visitors interact with the site — pages viewed, time on site, referring URL, and approximate location derived from IP address. GA4 data is subject to Google's privacy policy.
Support communications. If you contact us, we retain a copy of your messages to help resolve your issue and improve our service.
Cookies. We use essential session cookies required for login and checkout, and GA4's first-party cookies for analytics. We do not use advertising or cross-site tracking cookies.
The lists you purchase contain postal mailing addresses for apartment buildings — specifically the physical property address verified against USPS delivery records. These are business-to-property addresses, not personal residences or individual consumer data. The lists do not include tenant names, phone numbers, email addresses, or any personally identifiable information about individuals.
Customers are responsible for using these lists in compliance with applicable laws, including CAN-SPAM, state direct-mail regulations, and any applicable real estate advertising rules.
We do not sell or rent your personal information to third parties, and we do not use your data for targeted advertising.
We share data with these processors only to the extent necessary to operate our service:
We retain account and order records for as long as your account is active and for up to 7 years thereafter for tax and legal compliance. GA4 data is retained for 14 months by default. You may request deletion of your account data at any time (see Section 7).
All data is transmitted over TLS (HTTPS). Passwords are hashed using bcrypt. Database backups are encrypted at rest and retained for 30 days. While we use commercially reasonable safeguards, no method of transmission or storage is 100% secure.
Depending on your jurisdiction you may have the right to:
To exercise any of these rights, please contact us. We will respond within 30 days.
Under the California Consumer Privacy Act you have the right to know what personal information we collect, to request deletion, and to opt out of the sale of your personal information. We do not sell personal information. To exercise your CCPA rights, contact us.
Our service is intended for business professionals and is not directed at children under 13. We do not knowingly collect personal information from children.
We may update this policy from time to time. We will post the revised policy on this page with an updated effective date. Continued use of our service after changes constitutes acceptance of the revised policy.
Questions or requests regarding this privacy policy should be directed to us via our contact form.
