CORT logo
 
 
 

Website Privacy Policy

 
Effective Date: 10/04/2021
 

This Privacy Policy applies to all Websites (full list below) owned and operated by CORT Business Services Corporation (collectively, “We”, “Us”, and “Our”). This Privacy Policy describes how CORT Business Services Corporation collects, uses, shares, and secures the personal information you provide when you interact with our Websites, Services and Products and any other sites or Services under our control where this Privacy Notice is displayed. It also describes your choices regarding use, access, and correction of your personal information.

1. Categories of Personal Information We Collect
2. When and Where We Collect Personal Information
3. How & Why We Use Personal Information
4. How We Share Personal Information & Categories of Companies We Share Personal Information With
5. Removal from CORT's Marketing Email Communications
6. Security
7. Modifying Information
8. Links to Other Websites
9. GDPR Individual Rights
10. Your California Privacy Rights
11. EU-U.S. Privacy Shield and Swiss-U.S. Privacy Shield
12. Updates to the Policy
13. Contact Us

1. Categories of Personal Information We Collect

We collect and maintain different types of personal information that you and/or your employer provide to us on a voluntary basis. This may include:

  • Personal information such as given name(s), preferred name(s), gender, marital status, and dates such as birthday and anniversary.
  • Family information such as names and contact details of spouses and dependents.
  • Contact information such as address, telephone/mobile number, email address.
  • Employment information such as role/title, name of current employer, occupation, work address, work telephone, work email address, fax number.
  • Product and Service-related information concerning the Products and Services that we provide to you or programs that we offer.
  • Location information for the purpose of locating a place that you may be searching for in your area.
  • Technical identifiers that may include internet protocol (IP) addresses, browser type, internet service provider (ISP), referring/exit pages, the files viewed on our site (e.g., HTML pages, graphics, etc.), operating system, date/time stamp, and/or clickstream data to analyze trends in the aggregate and administer the site.
  • For parties with whom we do business, credit, and financial information such as your payment methods and preferences, and billing and credit history, where applicable.
  • Business relationship information, including information related to your agreements, preferences, advisors, and decision-makers, feed-back and information requested by or provided to you.

If you email us a question or request, we may use your email address to process your request and respond to your question.

If you reach out to us through our call center, we may record the call for internal purposes only, and will collect your name, email address, phone number, and any information necessary to provide customer service, potentially including your employer and or payment information.

2. When and Where We Collect Personal Information

Directly from you or your employer to provide requested services.

When you complete webforms on CORT Websites to request additional information about CORT’s products and services.

When you call our Customer Service call center.

When you visit a furniture rental showroom or furniture outlet and sign up for text messages or email communications.

When you visit our Websites, including your interactions with our services, we collect things like URL clickstreams (the path you take through our site), products/services viewed, errors, how long you stay on our pages, what you do on those pages, how often, and other actions you may take.

We use cookies or similar technologies to analyze trends, administer the Website, track users’ movements around the Website, and to gather demographic information about our user base as a whole. We use cookies to identify you as a user of the Website, to permit your access to the Website Services and to monitor your use of the Website. Cookies are text files, stored in your Web browser, that contain information about you relative to your use of the Website. If you configure your Web browser to disable or block cookies, you will be unable to use certain Website Services.

You can opt-out of this interest-based advertising at any time – to do so: click here. If located in the European Union, you can opt-out of this interest-based advertising at any time – to do so: click here. Please note you may continue to receive generic ads.

We may receive your information from other sources, such as from referrals or from third parties. If you believe that one of your contacts has provided us with your personal information and you would like to request not to be contacted or to be removed from our database, please contact us at PrivacyQA@cort.com and include the CORT domain at issue.

3. How & Why We Use Personal Information

Data protection law means that we can use your data for certain reasons and where we have a legal basis to do so. Here are the reasons for which we process your data:

  • Delivering Services: Performing our contractual obligations to provide CORT Services to you. Legal basis: Contract
  • Customer Support: Responding to questions and solving issues via phone or email. Legal basis for this data usage: Contract
  • Marketing Purposes: Sending you emails and messages about new features, products and services, offers and content we think you may be interested in. Legal basis for this data usage: Legitimate Interest or Consent; with the ability to easily unsubscribe
  • Running & Improving our Website and Services: Managing your requests, login, and authentication, remembering your settings, hosting and back-end infrastructure, testing features, managing landing pages, and identifying fraud. Legal basis: Contract or Legitimate Interests
What does each legal basis mean?

Contract: Processing your data is necessary when fulfilling a product or service transaction/contract, you have requests or because we need specific information before entering a transaction/contract.

Consent: You have given clear consent for us to process your personal data for a specific purpose. You can choose to withdraw your consent anytime using specific unsubscribe/op-out tools provided to enable you to withdraw consent, like an email unsubscribe link.

Legitimate interests: Processing your data is necessary for our legitimate interests or the legitimate interests of a third party, provided those interests are not outweighed by your rights and interests. These legitimate interests are:

  • Gaining insights from your behavior on our websites and within our services sites so we can better serve you
  • Delivering, developing, and improving the CORT services
  • Enabling us to enhance, customize or modify our services and marketing communications based on your profile and interests
  • Determining whether marketing campaigns are effective
  • Enhancing data security

In each case, these legitimate interests are only valid if they are not outweighed by your rights and interests

4. How We Share Personal Information & Categories of Companies We Share Personal Information With

We may share your information with third parties who provide Services on our behalf to help with our business activities. These companies are authorized to use your personal information only as necessary to provide these Services to us and use measures to protect the confidentiality and security of your personal information.

These Services may include:

  • Providing our relocation services, fulfilling orders, and delivering packages
  • Payment processing
  • Providing customer service
  • Sending marketing communications
  • Conducting research and analysis

We may share your information with third-party business partners, for instance, for the purpose of enhancing our Products and Services. If you do not want us to share your personal information with these companies, contact us at PrivacyQA@cort.com and include the CORT domain at issue.

We may share your geo-location data with third parties for the purpose of them serving you ads for places (such as restaurants) in your area. If you do not wish to allow us to share your information in this manner, please opt-out by contacting us at nocontact@cort.com and include the CORT domain at issue.

We may disclose your information in response to a subpoena or similar investigative demand, a court order, or a request for cooperation from law enforcement or other government agency; to establish or exercise our legal rights; to defend against legal claims; in connection with a substantial corporate transaction, such as the possible sale of our business, a divestiture, merger, consolidation, or asset sale, or in the unlikely event of bankruptcy; or as otherwise required by law.

5. Removal from CORT's Marketing Email Communication

Should you wish to stop receiving emails from CORT Business Services, you may remove yourself from receiving marketing email communications by visiting our preference center here.

You may also contact us in the following ways:

  • Phone: 800.962.CORT (2678)
  • Fax: 703.968.8502
  • Mail:15000 Conference Center Drive, Suite 440, Chantilly, VA 20151
6. Security

We use industry-standard security methods such as firewalls, encryption, and system access controls. However, as no computer or network-based product exists that can provide "perfect security," we cannot guarantee that the steps we have taken to secure your information will prevent our systems from being compromised and your information from being disclosed.

If you have any questions about the security of your personal information, you can contact us at PrivacyQA@cort.com. Please note our reply or any requests for additional information will come from Privacy.QAResponse@cort.com.

7. Modifying Information

Upon request CORT Business Services Corporation will provide you with information about whether we hold any of your personal information. You may add, access, correct, or request deletion of your personal information by clicking this link PrivacyQA@cort.com. and include the CORT domain at issue. We will respond to your request within a reasonable timeframe. Please note our reply or any requests for additional information will come from Privacy.QAResponse@cort.com.

In certain circumstances we may be required by law to retain your personal information or may need to retain your personal information to continue providing a service.

8. Links to Other Websites

The Website may contain links to Websites that are not affiliated with CORT and that may or may not have similar practices in place to protect the privacy of information that you supply. We encourage you to review the privacy statements of each of the sites that are linked to or accessed from the Website so that you will be aware of how each visited site collects, uses and distributes such information.

9. GDPR Individual Rights

Please note: To protect your privacy, we may ask for additional information to verify your identity in order for us to respond to your request.

Users in the European Union only:

Under EU Regulation 2016/679 of the European Parliament and the Council; the General Data Protection Regulation (“GDPR”), you have a number of rights when it comes to your personal information:

The right to be informed. You have the right to be provided with clear, transparent and easily understandable information about how we use your information and your rights. This is why we’re providing you with the information in this Policy.

The right of access. You have the right to obtain access to your information, and certain other information (similar to that provided in this Privacy Policy). This is so you’re aware and can check that we’re using your information in accordance with data protection law.

The right to rectification. You have the right to have your information corrected if it is inaccurate or incomplete.

The right to erasure. This is also known as ‘the right to be forgotten’ and, in simple terms, enables you to request the deletion or removal of your information where there is no compelling reason for us to keep using it. This is not a general right to erasure; there are exceptions.

The right to restrict processing. You have the right to ‘block’ or suppress further use of your information. When processing is restricted, we can still store your information, but may not use it further. We keep lists of people who have asked for further use of their information to be ‘blocked’ to make sure the restriction is respected in the future.

The right to data portability. You have the right to obtain and reuse your personal data for your own purposes across different services. For example, if you decide to switch to a new provider, this enables you to move, copy or transfer your information easily between our IT systems and theirs safely and securely, without affecting its usability. This is not a general right however and there are exceptions.

The right to object to processing. You have the right to object to certain types of processing, including processing for direct marketing (i.e., receiving emails from us notifying you about other services we provide which we think may be of interest to you or being contacted with varying potential opportunities). You may change your preferences regarding email marketing communications as described in #5 above.

The right to lodge a complaint. You have the right to lodge a complaint about the way we handle or process your personal data with your national data protection regulator: http://ec.europa.eu/justice/data-protection/bodies/authorities/index_en.html.

The right to withdraw consent. If you have given your consent to anything we do with your personal data, you have the right to withdraw your consent at any time (although if you do so, it does not mean that anything we have done with your personal data with your consent up to that point is unlawful). You can withdraw your consent to the processing of your personal information at any time.

10. Your California Privacy Rights

The California Consumer Privacy Act (“CCPA”) affords the Californian consumer specific rights regarding personal information. These rights have been described in this policy overall and are further highlighted in this section. You may make a verifiable request to exercise the following rights, free of charge to you, twice in a 12-month period, and we are obligated to respond within a period of 45 days, taking a 45-day extension only after notifying you.

If you have a specific question or concern about your rights, or questions about our policy in support of your rights as a Californian consumer, please contact us using a method available in the "Contact Us" section below.

Access: You have the right to request disclosure of the personal information we hold, and to receive additional details regarding the personal information the business collects and its use purposes, including any third parties with which it shares information. Much of this information is presented in the above sections of the Privacy Notice, as well.

Delete: You have the right to request that we erase your personal information and for us to direct the same of any third-party service providers processing your data on our behalf.

Portability: You have the right to request that any information electronically held be returned in a format permitting its transfer to another organization or service.

Non-Discrimination: We will not discriminate against you for exercising any of your CCPA rights. Agent. You may designate an agent to submit privacy requests on your behalf, but for your protection, we may need to verify your identity directly with you before fulfilling certain requests. We need your agent’s contact information, and your agent needs to have your information ready when submitting the request.

Financial Incentive Programs. We make various offers and financial incentives to our customers. The terms of any such offer or financial incentive will be presented to you at the time you receive our offer. The nature and value of any such offer or financial incentive may differ depending on what information we collect and use about you. We do not assign a monetary value to the data that we collect and strive to only use that information to further our business in accordance with our Privacy Policy; to the extent that we are required to assign a monetary value to your personal information, it is equal to the value of the discount or financial incentive that we have provided to you. You may withdraw from receiving any of our offers or financial incentives by contacting us by through the preference center here, or by calling us at 800.962.CORT (2678), or by unsubscribing to our email marketing by clicking "Unsubscribe" link in any e-mail from us. See “5. Removal from CORT's "Opt-in" Email List” in our Privacy Policy for more information.

WE DO NOT SELL, DISCLOSE, SHARE OR TRANSFER DATA FOR THE COMMERCIAL BENEFIT OF ANY PARTY. PERSONAL DATA OR THE BENEFIT OF ITS USE IS NEVER PROVIDED IN COMPENSATION FOR SERVICES.

For more information on the California Consumer Privacy Act please visit https://www.oag.ca.gov/privacy/ccpa

11. EU-U.S. Privacy Shield and Swiss-U.S. Privacy Shield

In light of the July 17, 2020, "Schrems II" decisions, the European Court of Justice has decided that the EU-US Privacy Shield is no longer a valid international transfer option. We plan to maintain our Privacy Shield certification as good practice, although no longer relying upon it as a basis for transfer and discussing with any partner still relying on it for EU-US transfers their proposed alternative solutions.

We are engaging with our partners to review our data transfers, to enter into EU approved Standard Contract Clauses (SCCs), and to introduce additional contractual, organizational and technical safeguards* to further protect your information. By default, we keep all data at rest encrypted in datacenters and devices, and by default our standard is to ensure data is encrypted in transit for customers.

*Safeguards could include but are not limited to: data minimization of transfer; anonymization to reduce identifiability; data localization in the EU/UK; data encryption to render data transferred unintelligible; and risk assessments against all data transfers, regardless of the adequacy mechanism.

Privacy Shield Principles

CORT Business Services Corporation participates in and has certified its compliance with the EU-U.S. Privacy Shield Framework and the Swiss-U.S. Privacy Shield Framework. We are committed to subjecting all personal data received from European Union (EU) member countries and Switzerland, respectively, in reliance on each Privacy Shield Framework, to the Framework’s applicable Principles. To learn more about the Privacy Shield Frameworks, and to view our certification, visit the U.S. Department of Commerce’s Privacy Shield List. https://www.privacyshield.gov

CORT Business Services Corporation is responsible for the processing of personal data it receives, under each Privacy Shield Framework, and subsequently transfers to a third party acting as an agent on its behalf. CORT Business Services Corporation complies with the Privacy Shield Principles for all onward transfers of personal data from the EU and Switzerland, including the onward transfer liability provisions.

With respect to personal data received or transferred pursuant to the Privacy Shield Frameworks, CORT Business Services Corporation is subject to the regulatory enforcement powers of the U.S. Federal Trade Commission. In certain situations, we may be required to disclose personal data in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.

In compliance with the Privacy Shield Principles, CORT Business Services Corporation commits to resolve complaints about our collection or use of your personal information. EU and Swiss individuals with inquiries or complaints regarding our Privacy Shield policy should first contact the CORT Privacy Team at: PrivacyQA@CORT.com

CORT Business Services Corporation has further committed to refer unresolved Privacy Shield complaints to JAMS, an alternative dispute resolution provider located in the United States. If you do not receive timely acknowledgment of your complaint from us, or if we have not addressed your complaint to your satisfaction, please visit https://www.jamsadr.com/eu-us-privacy-shield for more information or to file a complaint. The services of JAMS are provided at no cost to you.

Under certain conditions, individuals may have the possibility of invoking binding arbitration for complaints regarding Privacy Shield compliance that were unable to be resolved by any of the other Privacy Shield mechanisms; and additional information can be found here: https://www.privacyshield.gov/article?id=ANNEX-I-introduction

12. Updates to the Policy

We may update the Privacy Policy at any time and amendments will be effective when posted. If we make any material changes, we will notify you by email (sent to the e-mail address specified in your account) or by means of a notice on this Website prior to the change becoming effective. You should therefore periodically visit this page to review the current Privacy Policy, so that you are aware of any such revisions.

13. Contact Us

If you have questions or concerns about this Privacy Policy, please contact us through the information below:

CORT Business Services Corporation
ATTN: Privacy Team
15000 Conference Center Drive
Suite 440
Chantilly, VA 20151
Phone: 833.389.0122
Email: PrivacyQA@cort.com.

Roomservice by CORT
ATTN: Privacy Team
28 Barwell Business Park
Leatherhead Road
Chessington, Surrey KT9 2NY
United Kingdom
Phone: 0208 397 9344.
Email: privacy@roomservicebycort.com

Websites owned and operated by CORT Business Services Corporation:

4sitebycort.com
apartmentsearch.com
belivingready.com
cort.com
cortfurnitureoutlet.com
cortconnect.com
cortdestinationservices.com
cortevents.com
cortglobal.com
cortglobalservices.com
cortpartyrental.com
roomservicebycort.com
cortsupportivefurniture.com
se.cort.com
cortcensus2020.com
cortvicinity.com