Who we are
Choate House Row - LLC (“we”, “us”) operates a small rental business offering houses on Choate Street near the University of Delaware. This policy covers this website and the online tenancy-application process.
Questions about privacy can be sent through the contact details on our Contact page.
Information we collect
We practice data minimization — we collect only what we need to respond to you and review applications:
- The email address you apply with, which you use to receive a one-time sign-in link and which we use to contact you about your application.
- Application details you submit on the online form: property/unit selection, full name, cell phone, current address, current landlord and lease-end details, optional student details (major, student status, and expected graduation date if you are a student), desired move-in timing, optional note, smoker answer, felony-conviction answer, and any felony explanation you choose to provide.
- Records of required acknowledgements, including permission to verify listed information, no-pets/smoke-free acknowledgement, accuracy certification, and acceptance of this Privacy Policy and our Terms of Service.
- Limited technical data — your IP address, browser user-agent, and request timestamps — used for security, abuse prevention, rate limiting, and audit logging.
Cookies and local storage
We use no analytics, advertising, or third-party cookies, and no cross-site tracking. The site sets two strictly necessary first-party cookies, and only when you use the sign-in and application flow:
- sessionid — keeps you signed in while you complete your application. It is Secure (HTTPS only), HttpOnly (not readable by scripts), and SameSite=Lax. It ends when you close your browser and never lasts more than 8 hours.
- csrftoken — protects form submissions against cross-site request forgery. It is Secure and SameSite=Lax and lasts up to one year.
- Browser local storage: when you start an application, the property you chose is saved on your own device (under the key “apply.property”) so your selection survives the email sign-in round-trip. It is removed when you submit and is never used for tracking.
- Blocking these will prevent the online application from working; browsing listings requires none of them.
Information we do NOT collect
The online application does not ask for, and we do not collect through it, any income or financial statements, Social Security numbers, payment-card or bank-account details, or uploaded documents.
The legacy paper/PDF application is not submitted through this site.
How we use your information
- To review and respond to tenancy applications and inquiries.
- To communicate with you about applications, showings, and leasing next steps.
- To operate, secure, and maintain this site, including preventing abuse.
- To comply with our legal obligations.
Verification and sharing
Applications are reviewed only by authorized staff. We do not sell your personal information.
With your permission (such as the permission you grant on our application form), we may verify the information you provide with references you list — for example, current or prior landlords, the University of Delaware, and the City of Newark — and only the items listed on the application are discussed.
Felony-conviction answers are reviewed manually. They are not used for an automatic or blanket denial.
We use a small number of service providers that process data on our behalf under contract and only on our instructions: Render (website hosting and infrastructure) and Resend (delivery of transactional email such as sign-in links and application notifications). We may disclose information where required by law.
How long we keep it
- Application records are retained for a limited period after a decision and then deleted automatically: decided applications are purged after 365 days, and still-submitted applications are purged after 730 days.
- Passwordless applicant accounts left with no remaining applications are deleted during the application purge, removing the account email from the user table.
- One-time sign-in links expire 30 minutes after they are issued and can be used once; spent or expired links are purged after 7 days.
- Security audit records are kept minimal — they never store passwords, tokens, or full application contents. We retain them for security, fraud-prevention, and legal purposes and review that retention periodically.
Your choices and rights
You can ask us to access or delete the personal information associated with your application. To make a request, contact us using the details on our Contact page. We aim to respond within 30 days.
Because applications are reviewed by people, deleting your data may end an in-progress application.
How we protect your information
We use encryption in transit (HTTPS), restrict access to authorized staff, store application data on access-controlled systems, and keep audit logs of security-relevant actions. No method of transmission or storage is completely secure, but we take reasonable measures appropriate to the data we hold.
Eligibility and children
This site and the application process are intended for prospective adult tenants (18 or older). It is not directed to children, and we do not knowingly collect information from children.
Changes to this policy
We may update this policy from time to time. Material changes will be reflected by a new effective date above.
Contact us
Questions about this policy or your data? Reach us using the details on our Contact page.
This summary is provided for transparency and is not legal advice. Questions? Contact us.