NAI Platform and its affiliated companies (“Company,” “we,” “us,” or “our”) are committed to protecting the privacy and security of your personal information. This Privacy Policy describes how we collect, use, disclose, and safeguard your information when you visit our website at naiplatform.com, use our mobile applications, or engage with our commercial real estate brokerage and property management services (collectively, the “Services”).

By accessing or using our Services, you acknowledge that you have read and understand this Privacy Policy. If you do not agree with the practices described herein, please do not use our Services.

1. Information We Collect

1.1 Information You Provide Directly

We collect personal information that you voluntarily provide when you interact with our Services. This may include:

• Contact information: Name, email address, phone number, mailing address, and company affiliation.
• Account credentials: Username and password when you register for an account.
• Business information: Property interests, transaction history, brokerage preferences, and commercial real estate requirements.
• Communications: Messages, inquiries, and feedback you send through our website contact forms, email, or other channels.
• User-generated content: Reviews, comments, property listings, photos, and other contributions you post to the website.
• Payment information: Billing address and payment method details when you purchase services. Payment processing is handled by third-party processors; we do not store full credit card numbers.

1.2 Information Collected Automatically

When you access our Services, we and our third-party service providers may automatically collect certain information, including:

• Device and browser information: IP address, browser type and version, operating system, device identifiers, and screen resolution.
• Usage data: Pages visited, time spent on pages, click patterns, referring URLs, and search queries used on our site.
• Location data: General geographic location derived from your IP address. We do not collect precise geolocation data without your consent.
• Cookies and similar technologies: See Section 5 for details.

1.3 Information from Third Parties

We may receive information about you from third-party sources, including:

• MLS (Multiple Listing Service) data and commercial real estate databases relevant to your property interests.
• Social media platforms, if you choose to link your social media accounts to our Services.
• Business partners, referral sources, and co-brokerage participants.
• Publicly available sources such as property records, business registrations, and professional directories.

2. How We Use Your Information

We use the information we collect for the following purposes:

• Providing Services: To operate our commercial real estate brokerage, property management, and related services, including facilitating property searches, transactions, and client communications.
• Account management: To create, maintain, and secure your account, and to verify your identity.
• Communications: To respond to your inquiries, send transaction-related notifications, and provide customer support.
• Marketing: To send promotional materials about our services, market updates, property alerts, and event invitations. You may opt out at any time (see Section 7).
• Analytics and improvement: To analyze usage patterns, improve our website and services, and develop new features.
• Legal compliance: To comply with applicable laws, regulations, and legal processes, and to enforce our Terms of Use.
• Security: To detect, prevent, and address fraud, unauthorized access, and other security issues.

3. How We Share Your Information

We do not sell your personal information. We may share your information in the following circumstances:

• Service providers: We share information with third-party vendors who perform services on our behalf, such as website hosting, email delivery, analytics, payment processing, and IT support. These providers are contractually required to protect your information and use it only for the purposes we specify.
• Business partners: With your knowledge or at your direction, we may share information with co-brokers, property owners, lenders, title companies, and other parties involved in real estate transactions.
• NAI Global network: As a member of the NAI Global network, we may share certain business contact information with other NAI member firms for referral and collaboration purposes.
• Legal requirements: We may disclose information if required by law, regulation, legal process, or governmental request, or if we believe disclosure is necessary to protect our rights, your safety, or the safety of others.
• Business transfers: In connection with a merger, acquisition, reorganization, or sale of assets, your information may be transferred as part of that transaction. We will notify you of any such change.
• With your consent: We may share information for other purposes with your express consent.

4. Data Retention

We retain your personal information for as long as necessary to fulfill the purposes described in this Privacy Policy, unless a longer retention period is required or permitted by law. Specific retention guidelines include:

• Active accounts: Information is retained for the duration of your account plus six (6) years after account closure, or as required by the applicable statute of limitations.
• Transaction records: Retained for a minimum of seven (7) years to comply with tax, legal, and regulatory requirements.
• Marketing data: Retained until you opt out or request deletion, whichever occurs first.
• Website analytics: Aggregated or anonymized data may be retained indefinitely; identifiable usage data is retained for twenty-four (24) months.

When personal information is no longer needed, we securely delete or anonymize it in accordance with our data retention schedule.

5. Cookies & Tracking Technologies

Our website uses cookies and similar tracking technologies to enhance your experience and analyze usage.

Type	Purpose	Examples
Essential	Required for basic website functionality such as login, navigation, and security.	Session cookies, CSRF tokens, load balancing
Analytics	Help us understand how visitors use our website so we can improve content and performance.	Google Analytics, page view tracking
Functional	Remember your preferences and settings for a better experience.	Language preferences, saved search filters
Marketing	Used to deliver relevant advertisements and track campaign effectiveness.	Meta Pixel, LinkedIn Insight Tag, Google Ads remarketing

Managing cookies: You can control cookies through your browser settings. Most browsers allow you to block or delete cookies. Please note that disabling essential cookies may impair website functionality.

Do Not Track / Global Privacy Control: We respect browser-based opt-out signals, including the Global Privacy Control (GPC). When we detect a GPC signal, we will treat it as a valid opt-out request for the sale or sharing of personal information, as required by applicable law.

6. Data Security

We implement reasonable administrative, technical, and physical safeguards designed to protect your personal information against unauthorized access, alteration, disclosure, or destruction, consistent with the requirements of the New York SHIELD Act (GBL § 899-bb). These measures include:

• Administrative safeguards: Designated employees responsible for data security, employee training on data handling practices, and policies governing the selection and management of service providers.
• Technical safeguards: Encryption of data in transit (TLS/SSL), access controls and authentication requirements, network monitoring, and regular security assessments.
• Physical safeguards: Restricted access to facilities and systems containing personal information, secure disposal of records, and protection against environmental threats.

While we strive to protect your information, no method of electronic transmission or storage is completely secure. We cannot guarantee absolute security but are committed to promptly addressing any security incidents.

7. Your Rights & Choices

Depending on your location and applicable law, you may have certain rights regarding your personal information:

• Access: You may request a copy of the personal information we hold about you.
• Correction: You may request that we correct inaccurate or incomplete personal information.
• Deletion: You may request that we delete your personal information, subject to certain legal exceptions.
• Opt-out of marketing: You may unsubscribe from marketing emails by clicking the “unsubscribe” link in any marketing email or by contacting us directly. We will process your request within ten (10) business days.
• Opt-out of sale/sharing: We do not sell your personal information. If our practices change, we will provide a clear opt-out mechanism.
• Data portability: Where required by applicable law, you may request your personal information in a commonly used, machine-readable format.

To exercise any of these rights, please contact us at ctyksinski@naiplatform.com or call (518) 465-1400. We will respond to verified requests within thirty (30) days or the timeframe required by applicable law. We will not discriminate against you for exercising your privacy rights.

8. Children’s Privacy

Our Services are designed for business professionals and are not directed at children under the age of 18. We do not knowingly collect personal information from minors. If we become aware that we have inadvertently collected personal information from a child under 18, we will take steps to delete that information promptly. If you believe a minor has provided us with personal information, please contact us immediately.

9. Third-Party Websites & Services

Our website may contain links to third-party websites, services, and applications that are not operated by us. This Privacy Policy does not apply to those third-party services. We encourage you to review the privacy policies of any third-party sites you visit. We are not responsible for the privacy practices of third parties.

10. Data Breach Notification

In the event of a data breach involving your private information, we will comply with notification requirements under the New York SHIELD Act (GBL § 899-aa) and any other applicable laws. Notification may be provided by email, postal mail, telephone, or through a conspicuous posting on our website, depending on the circumstances and applicable legal requirements.

11. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, applicable laws, or other operational reasons. When we make material changes, we will notify you by posting the updated policy on our website with a revised “Last Updated” date. We encourage you to review this policy periodically.

---

12. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us: