Privacy settings can be found in your IDX Control Panel, under the Settings tab > PRIVACY.
Mobile Carrier Opt-in Consent
In response to evolving requirements from mobile carriers regarding text message communications, it has become essential for businesses to incorporate clear opt-in language when collecting phone numbers through their websites. Failure to comply with these guidelines may result in violations against the Telephone Consumer Protection Act.
Showcase IDX does not offer SMS functionality. You may be able to send SMS through a 3rd-party application, such as a CRM. To facilitate compliance and ensure uninterrupted communication with your leads, the required opt-in consent language is applied to all forms where phone numbers are collected, as phone numbers are not optional.
This language will display on forms with a checkbox on the following forms:
- Sign-in form (both pop-up modal and widget)
- Ask A Question form
- Schedule a Tour form
- Contact form
- Market value form
Here is an example of what this looks like on one of the forms.
Business Legal Name
You need to add your business legal name, found on your official documents, which will populate in the {{business_name}} field in the disclaimer language automatically.
If nothing is entered here, the name of an admin user on the account will display.
Where to See Opt-In Information
When a lead registers, they will either check the box to opt-in or leave it blank. The lead will be created even if they choose not to check the box to opt-in. Once the lead has registered, you will be able to see the opt-in information on their Lead Profile Page.
You would not be able to send an SMS to leads who do not explicitly check the box to opt-in. As mentioned above, failure to comply could be a violation of the Telephone Consumer Protection Act.
Expressed Consent on Sign Up Form
To be GDPR compliant, consent is needed from your visitors when they sign up, so it is clear how their private data will be used after they create an account.
Here you have the ability to put in the URLs (full https:// URLs) into the settings page to your website's Privacy Policy, Cookie Policy, and Terms of Use, if you have Admin level permissions on your account.
To do this, we've added an (optional) setting on the Privacy Settings page. This checkbox, when turned on, is a required field that has links to your Privacy Policy, Cookie Policy and Terms of Use. When clicked by a lead, it gives you the protection of expressed consent to use their data as outlined in the policies.
Create Your Privacy Policy
Most real estate websites don't even have a customized privacy policy- and if they do have a privacy policy, it's a generic boilerplate thing that they probably copy-pasted from another website. The time that this was workable is over with the GDPR. Take a look at our Privacy Policy to get an idea of what should be in it. There's a lot! We cannot write this for you, but we can help you with what's applicable to Showcase IDX.
The main section you'll need to use in the section regarding transferring data out of the EU. You'll want to add this section for Showcase IDX. We highly recommend if you have a high number of visitors and leads from EU countries to contact a GDPR consultant and/or your legal counsel to make sure that you are in compliance. Forget the threat of big fines for a second, if you have a lot of European visitors and leads (I'm looking at you Florida), they will expect this kind of privacy protection and it might not be good for business.
In your privacy policy, you can add these sections where necessary:
Section: Transfers of your information outside the European Economic Area
Server log information
Information collected when you visit and register an account on our website is transferred outside of the EEA and stored on the servers of our IDX search plugin provider, Showcase IDX. You can access their privacy policy here:http://showcaseidx.com/privacy-policy
Country of storage: The United States.
Safeguards used: Our third party hosting provider has self-certified its compliance with the GDPR.
Section: Disclosure of your information to service providers
We use a number of third parties to provide us with services which are necessary to run our business or to assist us with running our business and who process your information for us on our behalf. These include the following:
- IDX Search provider, which is Showcase IDX. Their privacy policy is available here: http://showcaseidx.com/privacy-policy
Create Your Cookie Policy
Most real estate websites don't have a cookie policy. Under the GDPR, you need one. It's going to be a bit of a pain the butt to create because you need to list all the cookies that your website and a lot of plugins drop cookies. Here's a handy guide to get started and you can find our website's cookie policy here. Unfortunately, as much as we'd love to do all this for you, we can't. We're just a plugin on your site. But here are some snippets that should help you fill out the parts pertaining to Showcase IDX.
Essential Cookies
Firstly, Showcase IDX's cookies should be considered Essential Cookies on your website. This is an important distinction. Here's a very easy to understand guide about how the EU is now treating cookies, from Wired.
Persistent Cookies
The Showcase IDX cookies are persistent.
First Party Cookies
This can be a little confusing, but it's by which domain drops the cookie, not that it's from a 3rd party... so the Showcase IDX cookies are cookies placed on your device by our website domain.
List of Cookies
The main cookie set by Showcase IDX does not contain any personally identifiable information and just a token that we use to tell who is who based on the session. This lets us do a bunch of fancy stuff. It's remarkably private. We do store some information about the user before they sign up, but that is in the browser cache of their own device and it's accessed without going through or onto our servers. We also track analytics on our search pages through using Google Analytics. This lets us see how the IDX is being used, and we use this information to make educated fact-based decisions that improve the product. It is anonymized and we cannot see what individual sites or customers are doing. Only the aggregate of all instances of our product.
Name of Cookie | Essential or Non-essential? | Type of cookie | First or Third party? | Session or Persistent? | Expiry Time | Purpose |
sidx_token | Essential | Session Controller | First Party | Persistent | 20 years | IDX |
_ga & _gid | Non-Essential | Tracking | Third Party | Persistent | 24 hours | Google Analytics |
In the section of your Cookie Policy about functional cookies, you can add this:
Functional cookies
These are cookies that are designed for purposes such as enhancing a website’s functionality. These are either not strictly essential for the website or functionality which you have requested to work, or are cookies which serve non-essential purposes in addition to their essential purpose. We use the following functional cookies on our website:
- First party, persistent cookies to recognize you when you use our IDX search and personalize it to you. These cookies are: sidx_token. These cookies expire after 2 years.