LAST UPDATED: December 27, 2024
Welcome, and thank you for visiting our Website or using our Services!
When you visit our Websites or use our Services, you provide and entrust us with certain personal information (which we refer to herein as “your information”). We understand that your information is important to you, and we take your privacy and data protection concerns seriously. This Privacy Notice (“Notice”) is meant to help you understand how we collect, use, and share your information and how you can exercise the choices and rights you have to your information.
When this Notice mentions “AppFolio,” “we,” “us,” or “our” it refers to AppFolio, Inc. or the AppFolio, Inc. wholly owned subsidiary that is responsible for your information under this Notice.

This Notice is applicable to all AppFolio websites that link to this Notice (collectively, the “Websites”), AppFolio’s platform and services, including the associated AppFolio mobile applications (collectively, the “Services”), and any other interactions (e.g. customer service inquiries, webinars, conference) you may have with AppFolio.
This Notice applies only to your personal information, which is information that is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, to an individual or household. For the purposes of this Notice, your information does not include aggregate or de-identified information maintained in any form that does not identify you or cannot be reasonably linked to an individual. Additionally, AppFolio provides certain Services on behalf of our customers who operate within the real estate industry, such as property managers, landlords, HOA associations, and investment managers (referred to as our “Business Customer(s)”). To understand how we process your information on behalf of a Business Customer, please refer to the privacy notice of the Business Customer with whom you have a relationship for information on how they engage us, and how they collect, use, and share your information.
For California, Colorado, Connecticut, Delaware, Iowa, Montana, Nebraska, New Hampshire, New Jersey, Oregon, Texas, Utah, and Virginia residents. Additional disclosures and information regarding our privacy practices under state-specific privacy laws, including information about your rights, is available here. These state specific terms are incorporated into this Notice by reference.

When you use or interact with AppFolio’s Websites or Services, we may collect information that you provide, usage information, and information about your device. We may also collect information about you (and combine it with other information we have about you) from other sources who collect your information on our behalf (e.g., service providers). See below for examples of information we collect or receive. We may provide supplemental information about our data collection or privacy practices in disclosures about specific Services or circumstances, or in some cases, at the time we collect personal information from you.

3\.1. Information You Provide Us

• To use our Services.

When you use our Websites, create an account or profile in one of our Services, or use certain Services, such as background screening, you may provide personal identifiers (e.g., your first name, last name, email address, date of birth, phone number, postal address, IP address, account name), customer records (e.g., username and password, payment information, company name, job title, business email address, department), other sensitive personal information (e.g., social security number, driver’s license number, passport number, tax identification number, government issued ID, national ID card), and other similar personal information.

• To provide payment services.

To use certain of our payment services, or to make and receive payments on our platform, you may be required to provide us with financial and other sensitive personal information, e.g., your bank account number, online bank account login, and credit card information. We may also capture additional information when you make payments, such as card type, transaction type, and payee information.

• To comply with our corporate policies and regulatory obligations.

In connection with (a) maintaining reasonable data protection safeguards, including the security of our services, (b) fulfilling “know your customer” processes, required for certain payment services, and (c) complying with other various regulatory requirements related to our Services, you may be required to provide us with personal identifiers (e.g., first name, last name, email address, date of birth, phone number, IP address, account name), other sensitive personal information (e.g., social security number, tax identification number, images of your driver's license, government issued ID, passport, national ID card), and other similar personal information.

• To participate in our communities.

When you participate in our communities (help centers, blogs, forums, etc.), you may choose to voluntarily disclose personal information, which may be used to identify you, including personal identifiers (e.g., first name, last name, email address, phone number), customer records (e.g., company name, job title, business email address), and other similar information.

• When you engage with our Services and teams.

You may provide us with personal identifiers (e.g., first name, last name, email address, phone number) and other similar information when you fill in forms, respond to surveys, participate in promotions or research opportunities, communicate with our customer service teams, or use other features of our Services.

• When applying for employment.

When you apply for employment at AppFolio, you may provide personal identifiers (e.g., your first name, last name, email address, date of birth, phone number, postal address), professional or employment related information (e.g., employment history, job title), education information (e.g., education level, degree, certification, school name, graduation date), and characteristics of protected classes (e.g., race, ethnicity, veteran status, age, gender), and other similar information. In connection with an employment background screening check, you may provide other sensitive personal information (e.g., social security number, driver’s license number, passport number, tax identification number, images of your driver's license, government issued ID, passport, national ID card) and other authentication information that can be used to verify your identity and perform the background screening check.

3\.2. Information Collected When Using Our Websites and Services

• Device information.

When you access our Websites or use our Services, we may collect device information that can be used to identify you or your device. This internet or electronic network information may include IP address, hardware and software operating system type and version, browser type and version, crash data, and the pages you have viewed or engaged with before or after accessing our Websites or Services.

• Commercial and activity information.

We may collect commercial information about how you use our Websites or Services, such as content accessed, services you have used or interacted with, date and time of account creation, account status, log in activity, transaction history, time viewed, and links clicked.

• Geolocation data.

When you use some of our Services, we may collect geolocation data about your precise or approximate location based on your IP address, GPS, or nearby devices (e.g., Wi-Fi access points, cell towers).

• Cookies and similar technologies.

We leverage common industry standard capabilities to facilitate feature rich service delivery using website cookies and tracking beacons. The “Cookie Policy” Section of this Notice provides more information on how we use cookies and similar technology and your opt-out options.

3\.3. Information Collected From Other Sources

• Public information.

We may collect information about you from publicly accessible sources, such as information posted about you on the internet, news stories, and information available from governmental entities.

• Service providers and other parties.

Service providers and other parties provide us with essential services and information we need to offer and operate our Services. These service providers and other parties include background check providers, financial service providers, marketing providers, recruiting and employment related providers, security providers, and other businesses. Personal information we obtain about you from these parties may include: criminal and credit history; information about your participation in third-party programs that provide things like insurance coverage and financial instruments; information to support marketing and advertising activities; information to review job applications and conduct employment interviews; and information about you provided by specific services, such as demographic and market segment information.

• Data from other accounts.

We may receive information from third parties if you use a third party service that connects to AppFolio, or if you connect a third party account to your AppFolio account at any time. In these situations, you authorize that third party service to share your information with us. The specific personal information shared with us will depend on the third party’s privacy practices, agreements we have with the third party, and any choices that you may make in sharing your information, and may include your name, email address, and any other information you agree to let the third party service share with us.

4\.1. Providing Our Services

We work hard to provide our users with the features, functionality, and support they need to have an efficient, intuitive, and worthwhile experience while using our Services. To do this, we use your information to:

• Verify your identity, authenticate your account, and maintain your account, settings, and preferences;
• Provide customer support and resolve questions and issues you have about our Services;
• Communicate with you about your use of our Services and notify you about upcoming changes or improvements to our Services;
• Process payments, verify bank account balances, and conduct background checks;
• Collect feedback regarding your experience;
• Understand and personalize your experience within our Services;
• Facilitate additional services and programs with third parties; and
• Operate surveys, sweepstakes, and other promotions.

4\.2. Safeguarding Your Information and Our Services

Providing you with a secure and safe experience on our Websites and Services is very important to us. To do this, we use your information to:

• Conduct proactive monitoring of suspicious activity across our systems and platforms;
• Monitor and prevent unauthorized access to your information, and account for unlawful or other fraudulent activities;
• Conduct diligence on third parties to ensure they meet our strict security and data protection standards; and
• Continuously review and improve our security and data protection practices to protect information with which we are entrusted to conduct business.

4\.3. Improving Our Services

We are constantly improving our Services to better serve you. To do this, we use your information to:

• Monitor engagement and interactions and gather data analytics to improve functionalities, operations, and processes, including our security practices, algorithms, and other modeling;
• Assess the capabilities of third party partners;
• Develop new products, features, partnerships, and services;
• Perform research, testing, and analysis; and
• Prevent, find, and resolve software bugs and issues.

4\.4. Building Our Community and Marketing Our Services

To build our community and engage with our users, we use your information to:

• Communicate with you about events, educational offers, and provide you with our newsletter;
• Personalize and provide content, experiences, communications, and targeted advertising to promote our Services; and
• Provide content for public forums, such as bulletin boards, blogs, or chat rooms on our Websites or within our Services.

4\.5. For Any Other Lawful, Legitimate Business Purpose

We may use your information for any other lawful, legitimate business purpose including, evaluating job applications and conducting employment interviews; complying with legal obligations and other governmental demands; investigating and resolving disputes; and enforcing our Terms of Service and any other contracts.

We do not sell your personal information to third parties for money, and we do not act as a data broker. However, we may need to share your information with service providers, third parties, and other users in order to provide our Services and perform tasks on our behalf. This section explains when and why we share your information.

5\.1. Service Providers

We use a variety of third-party service providers to help us provide our Services and to perform tasks on our behalf, and these third parties may require your information for such purposes. For example, service providers may help us: (a) verify your identity or authenticate your identification documents, (b) check information against public databases, (c) conduct background checks, fraud prevention, and risk assessment, (d) perform product development, maintenance, and debugging, (e) provide customer service, payments, or insurance services, (f) automate administrative tasks; and (g) provide analytics. We have written agreements with all such third parties and they are not permitted to use your information for any purpose other than to deliver the relevant services in a professional manner, and consistent with their legal, regulatory and other obligations. Some of these disclosures may constitute “sharing” of personal information for cross-context behavioral advertising or targeted advertising purposes under certain U.S. state privacy laws, which we describe in more detail here.

5\.2. Legal and Regulatory Disclosures

We may disclose your information to courts, law enforcement, governmental authorities, tax authorities, or other third parties, if and to the extent we are required or permitted to do so by law or if such disclosure is reasonably necessary: (a) to comply with our legal obligations, (b) to comply with a valid legal request or to respond to claims asserted against us, (c) to respond to a valid legal request relating to a criminal investigation or alleged or suspected illegal activity or any other activity that may expose us, you, or any other of our users to legal liability, or (d) to enforce and administer our Terms of Service or other agreements with users. Such disclosures may be necessary to comply with our legal obligations, for the protection of your or another person's interests or for the purposes of keeping our Services secure, preventing harm or crime, enforcing or defending legal rights, or facilitating the collection of taxes.

5\.3. Sharing With Your Consent or Upon Your Direction

With your consent or upon your direction, we may disclose your information to interact with a third party and for other purposes, such as with co-sponsors of our events or webinars.

5\.4. Sharing Between Our Business Customers’ Users

To help facilitate the use of our Services by our Business Customers and among their users, we may need to share certain information within that business account with other users that are authorized to access and use that business account. For example, account login information and other certain personal information may be visible by all members of the business account for purposes of confirming account permissions and users.

5\.5. Public Information

Some of our Services let you publish information that is visible or available to the public. For example, if you use our website services, you may elect to include certain of your information on websites available to the public at large. Similarly, if you use our Premium Listing product to post your listings to numerous free and paid listings sites, such listings may include your information.

5\.6. Corporate Affiliates

To enable or support us in providing you the Services, we may share your information within our corporate family of companies, which includes AppFolio and its wholly owned subsidiaries.

5\.7. Business Transfers

If we are involved in any merger, acquisition, reorganization, sale of assets, bankruptcy, or insolvency event, then we may sell, transfer, or share some or all of our assets, including your information in connection with such transaction or in contemplation of such transaction.

AppFolio is not directed at children and individuals under the age of 18 are not permitted to use our Services. We do not knowingly collect information from individuals under 18 years of age. If we find out that an individual under the age of 18 has given us personal information, we will take steps to delete that information. If you believe that an individual under the age of 18 has given us personal information, please contact us at privacy@appfolio.com.

As mentioned above, your information does not include information that is aggregated or de-identified. When we use or receive de-identified information, we maintain such information in a de-identified form and do not attempt to re-identify the information.

We retain your information for no longer than necessary for the purposes for which it was collected, including for the purposes of satisfying any legal or reporting requirements, and in accordance with our legal obligations and legitimate business interests. To determine the appropriate retention period for your information, we consider the purposes for which we process the information; the nature and sensitivity of the information; the potential risk of harm from unauthorized use or disclosure of the information; and any applicable legal and reporting requirements.

We are continuously implementing and updating organizational and technical security controls to help protect your information against unauthorized access, loss, destruction, or alteration. Such controls may include industry standard intrusion detection systems, encryption of data both while in transit over public networks (e.g., Internet) and while at rest (e.g., in a database or platform), and identifying and patching exploitable software and system vulnerabilities. Additionally, AppFolio personnel are trained in safe data handling practices.

Our Websites and Services may contain links to third party websites. These third party websites maintain their own policies regarding the collection and use of your information. We assume no responsibility or liability for the actions of such third parties with respect to their collection or use of your information. We encourage you to read the privacy policies of every website that you visit, including those you may reach through a link on our Websites or in our Services. We encourage you to be aware when you leave our Websites or Services and to read the privacy statements of each and every website you visit that collects your information.

For California, Colorado, Connecticut, Delaware, Iowa, Montana, Nebraska, New Hampshire, New Jersey, Oregon, Texas, Utah, and Virginia Residents

Additional disclosures and information regarding our privacy practices under state-specific privacy laws, including information about your rights, is available here. These state specific terms are incorporated into this Notice by reference.

What Are Cookies?

Cookies are text files that are downloaded to your device when you visit a website. Cookies perform many different functions and we use them for a variety of reasons, including, to learn what content is popular, improve site experience, provide efficient webpage navigation, save user preferences, understand how you may interact with our Websites, and to serve you better ads on other sites.

Cookie Syncing

We may send and receive cookies, Pixels, or other online identifiers, on our Websites to associate cookies with certain third party partners, such as DemandBase and other ad tech providers. This practice involves allowing our third party partners to use cookies and assign online identifiers to increase performance of ad campaigns.

Managing Cookie Preferences

You may manage your cookie preferences and opt out of certain cookies on our Websites by visiting here. Please note that this opt out will not affect account based personalization.

Browser Cookie Management

Certain web browsers may allow you to manage your cookie preferences through their settings. Please see documentation related to your particular browser for more information.

“Do Not Track” Signals

Do Not Track (“DNT”) signals are a way to keep your online behavior from being followed across the Internet by behavioral advertisers, analytics companies, and social media sites. As the industry lacks a comprehensive standard to implement such signals, we are unable to support DNT signals.

Limits On Use of Your Google User Data

Certain of our Services can be used to access Google data. Notwithstanding anything else in this Notice, if you provide our Services access to the following types of your Google data, our use of such data will be subject to the following restrictions:

• Our Services will only use such access to read, write, modify, or control Gmail message bodies (including attachments), metadata, headers, and settings to provide a web email client that allows users to compose, send, read, and process emails and will not transfer this Gmail data to others unless doing so is necessary to provide and improve these features, comply with applicable law, or as part of a merger, acquisition, or sale of assets.
• Our Services will not use Gmail data for serving advertisements.
• Our Services will not allow humans to read your Google data unless we have your affirmative agreement for specific messages, doing so is necessary for security purposes such as investigating abuse, to comply with applicable law, or for our Services’ internal operations and even then only when the data has been aggregated and anonymized.

We may update this Notice from time to time as our Services change and privacy laws evolve. Changes to this Notice will be done online and we will indicate the “LAST UPDATED” date at the top of the Notice. If we determine, in our discretion, changes are material, we will notify you by some other method of communication, like email. When you use or interact with AppFolio, you are agreeing to the most recent terms of this Notice.

We hope this Notice answers all of your questions about our treatment and protection of your information, but to the extent you have further questions regarding this Notice, we invite you to (a) email us anytime at privacy@appfolio.com; (b) mail us at AppFolio, Inc., 70 Castilian Drive, Goleta, CA 93117, Attn: Data Privacy; or (c) otherwise contact us via the methods or forms described in this Notice.