Refera is built for professional referral workflows. We collect the information needed to run accounts, listings, applications, private conversations, connection records, reviews, billing, moderation, and safety checks. Because referrals can involve clients, licenses, brokerages, and compensation, avoid entering sensitive client details until your brokerage approvals are in place to share them.
01Scope
This Privacy Policy applies to Refera websites, web applications, APIs, marketplace features, referral workspaces, billing pages, donation links, admin tools, support flows, and related services that link to this policy.
Third-party websites, payment pages, email providers, hosting providers, and services linked from Refera have their own privacy policies. Their practices are not controlled by this policy.
02Information We Collect
Account and profile information
- email address, password hash, display name, user ID, account role, and account status;
- brokerage, markets, and license state.
Marketplace and workspace information
- listings, referral type, title, description, market, property type, referral percentage, price band, and timestamps;
- applications, application notes, proposed referral percentage, and selection status;
- workspace (deal room) messages, connection outcomes, and deal status;
- reviews, ratings, review text, reviewer/reviewee IDs, reveal status, and reputation summaries;
- reports, report reasons, details, target user IDs, workspace IDs, evidence URLs when provided, and moderation outcomes.
Safety, compliance, and admin records
- report records, moderation signals, license ban records, and admin review notes;
- license-ban hashes by state, ban reasons, and admin user IDs;
- billing records, including subscription status, plan, and Stripe customer/subscription IDs when billing is enabled, plus manual account grants.
Device, log, and technical information
- IP address, browser and device information, request URLs, timestamps, errors, diagnostics, and security logs;
- push notification tokens and the associated device identifier, when you enable notifications in the mobile app, used solely to deliver Refera notifications to your device;
- cookies or local storage needed for authentication, session continuity, security, and user preferences;
- email delivery logs when operational emails are sent through a provider.
03How We Use Information
Refera uses information to:
- create and secure accounts;
- display listings, accept applications, select applicants, and operate referral workspaces;
- track donations, subscriptions, and billing status;
- send operational emails, notifications, and service messages;
- display reputation signals and double-blind review results;
- investigate reports, prevent fraud, moderate conduct, and enforce the Terms of Service;
- debug, maintain, secure, measure, and improve the service;
- comply with law, legal process, tax, accounting, security, and regulatory obligations.
06Retention
We keep information for as long as reasonably needed to operate Refera, maintain referral records, resolve disputes, prevent fraud or abuse, enforce terms, support audits, comply with legal obligations, and preserve safety and moderation records.
- Account, profile, listing, workspace, connection, and review records may be retained while an account is active and for a reasonable period afterward.
- Reports, license-ban hashes, block events, and moderation records may be retained longer to protect the marketplace and prevent repeat abuse.
- Backups, logs, and cached records may persist for a limited period after deletion from active systems.
07Security
We use administrative, technical, and organizational measures designed to protect information, including hashed passwords, access controls, operational logging, and limited admin access. No method of transmission or storage is perfectly secure, and Refera cannot guarantee absolute security.
Users should avoid entering unnecessary sensitive information, client identifiers, financial account details, government identifiers, or exact addresses before the right brokerage approvals are in place to share them.
08Your Privacy Choices and Account Deletion
Depending on your location, you may have rights to access, correct, delete, export, restrict, or object to certain processing of your personal information. To make a request, start at the Legal Center.
To delete your Refera account in the app: sign in, open Profile, scroll to Delete account, enter your account email, and confirm deletion. This deletes your account, profile, licenses, listings, applications, messages, workspaces, notification settings, and device tokens from active systems. If you cannot sign in, email privacy@refera.app from the address on your account and ask us to delete it.
Legal, safety, dispute, accounting, anti-fraud, and moderation records may be retained when required or reasonably necessary. Backups, logs, and cached copies may remain for a limited period before routine deletion, as described in the Retention section above.
- You can update profile fields from the Profile page.
- You can request correction or deletion of account information, subject to records we need to retain for legal, safety, dispute, accounting, or anti-fraud reasons.
- You can report abusive content, suspicious conduct, privacy concerns, or mistaken moderation through the support and legal paths.
- You can opt out of marketing emails, if any are added later. Operational messages may still be sent.
We may need to verify your identity before fulfilling a privacy request. We will not discriminate against you for exercising legally protected privacy rights.
09California Notice
This section is intended to help California residents understand the categories of personal information that Refera may collect. Refera may not meet the legal thresholds for the California Consumer Privacy Act, but the product is designed to provide reasonable access, deletion, and correction paths.
| Category | Examples | Purpose |
|---|---|---|
| Identifiers | Email, user ID, display name, IP address, Stripe IDs if billing is enabled | Accounts, security, billing, support, moderation |
| Professional | Brokerage, markets, license state | Marketplace trust, applicant review, safety |
| Commercial | Donations, subscription status, workspace and deal activity | Billing, access control, records, support |
| Network activity | Logs, request metadata, device/browser information, security events | Security, diagnostics, abuse prevention, operations |
| User content | Listings, applications, messages, reports, reviews, connection records | Marketplace operation, dispute records, moderation |
| Inferences | Reputation summaries, moderation signals, trust indicators | Safety, marketplace quality, user decision support |
Refera does not sell personal information and does not currently share personal information for cross-context behavioral advertising. Sensitive personal information, if collected, is used only for service, security, legal, and moderation purposes.
10Children
Refera is intended for adults and real estate professionals. It is not intended for children under 13, and we do not knowingly collect personal information from children under 13.
11International Users
Refera is currently operated for United States-based public beta use. If you access the service from outside the United States, your information may be processed and stored in the United States or other locations where service providers operate.
12Changes and Contact
We may update this Privacy Policy as the product, law, providers, or business model change. The effective date will be updated when changes are posted. For privacy requests, reports, or questions, start at the Legal Center or email privacy@refera.app.
Platform operator: Refera. Support: support@refera.app. Legal notices: legal@refera.app. Mailing address and entity-specific notice details are available by request at legal@refera.app while formal corporate records and public directory listings are finalized.