Open house sign-in privacy laws sit in one of those uncomfortable grey zones where the practice is decades old and the legal landscape keeps shifting underneath it. Collecting a visitor's name, phone, and email at an open house is completely ordinary. What has changed is the environment those three fields go into: state privacy acts with enforcement teeth, federal frameworks for consumer data, and an industry conversation — sharpened by post-settlement scrutiny — about exactly who has access to visitor information and why. This guide covers the general privacy principles that apply to open house visitor data, the questions agents should be asking about any sign-in tool they use, and why an on-device, no-resale approach limits exposure compared with platforms that route data to third parties. It is educational and does not constitute legal advice. Your specific obligations depend on your state, your brokerage, and the tools you use — confirm the details with your broker and your state or local REALTOR association before your next open.
Why open house sign-in privacy laws are catching up with practice
For most of real estate's history, the open house clipboard was low-stakes from a privacy standpoint. The list stayed in an agent's folder, got re-typed into a contact manager, and that was that. Two things changed it.
First, data became an asset that other parties wanted. When a free app can collect visitor contact details at scale, connect them to lender inquiries, and monetize that relationship, the sign-in form stops being a simple lead-capture tool and becomes an intake form for a data business. Curb Hero's own help documentation explains this directly: a default lender may be assigned to listings and visitor information is shared with that lender when visitors opt into the mortgage questions. That is not hidden, and for some agents it is an acceptable trade for a free product. But it means the sign-in form the agent hands to visitors is also, in part, a form for someone else's business.
Second, state legislatures started giving consumers rights over their personal data. California's CCPA was the loudest example, but similar statutes followed in Virginia, Colorado, Connecticut, Texas, and a growing list of others. What they share — regardless of the exact threshold for who must comply — is a framework of principles: tell people what you are collecting and why, do not use it for undisclosed purposes, let them ask you to delete it, and do not sell it without authorization. Even agents who fall below the formal thresholds those laws set operate in an environment where visitors increasingly expect those standards. Visitors who balk at signing in, who write a fake email, or who ask "what do you do with this?" are not being paranoid. They are applying the same caution they have learned everywhere else online.
The general principles: what good data handling looks like
State privacy laws use different words, but most of the practical guidance for open house visitor data collapses into four principles that any agent can apply without a law degree.
Notice
Tell visitors what you are collecting and what you will do with it, in plain language, before they hand it over. This does not need to be a disclosure form. A single line on the sign-in screen — "We'll use this to follow up about the property and any similar homes that fit your search" — satisfies the spirit of notice for a contact-detail collection. What it should not say is nothing. "Sign in" with no context leaves visitors to guess, and some of them will guess that their phone number is going somewhere they would not have agreed to.
Purpose limitation
Collect information for a stated purpose, then use it for that purpose and not a different one. The purpose at an open house sign-in is obvious: follow up with people who came to see a house you are representing. That purpose does not automatically include forwarding data to a lender partner's CRM, adding visitors to third-party marketing lists, or reselling contact details to lead brokers. If you want to do any of those things, the principle says you need to tell people that and get their agreement. If you are not sure what a sign-in app does with data after it leaves your iPad, that is a question worth asking before you use the app.
Data minimization
Collect what you need and stop there. Name, phone, email, and buying timeline are the functional minimum for real estate follow-up. Date of birth, home address, annual income, and similar fields are not necessary for that purpose, and collecting them without a clear need creates exposure without adding value. The more you collect, the more you are responsible for securing, the more a breach costs, and the more uncomfortable the sign-in feels to the person standing at the door. Many privacy frameworks codify minimization as a formal obligation; agents who practice it are also, separately, likely to get higher sign-in completion rates.
Security
Store what you collect in a way that limits access. This is where the tool choice matters most. A paper clipboard is as secure as the person carrying it and the file cabinet it ends up in. A cloud-based sign-in app routes data to a server you do not control, under a terms-of-service agreement you may not have read, accessible to the vendor and potentially to third parties. A sign-in app that stores data on the device and never uploads it limits access to whoever holds the device. None of those are perfect, but they have meaningfully different risk profiles.
Open house sign-in privacy laws: CCPA-style rights and what they mean in practice
The California Consumer Privacy Act applies to certain businesses — generally those with over $25 million in annual revenue, or that handle personal information from 100,000 or more consumers, or that derive more than half their revenue from selling personal data. Most individual agents and small brokerages do not hit those thresholds. But a few things are worth noting.
One: the threshold question is not just about you. If you use a sign-in platform that operates at scale, that vendor may be subject to CCPA or its CPRA successor regardless of your own size. In that case, the consumer rights they must honor — the right to know what is collected, to delete it, to opt out of sale — run through the vendor, but visitors may not always understand that distinction. They asked the agent; they may come back to the agent.
Two: CCPA-style statutes are multiplying. What California enacted, Virginia, Colorado, Connecticut, Utah, Texas, Florida, and others have followed with their own versions. The specifics differ — different thresholds, different definitions of "sale," different opt-out mechanisms — but the direction of travel is clear. Data-minimization habits, clear notice, and limited sharing are becoming the expected baseline, not a California-specific quirk. Agents who build those habits now are less exposed to future obligation changes. Verify specifics for your state with your broker or state REALTOR association; only they know the current status of your state's law and how it applies to your practice.
Three: even where no statute formally applies, a visitor who feels their data was misused can create reputational problems that no legal threshold prevents. Privacy complaints move fast on agent-review platforms.
Who you can share visitor data with — and who you should not
The sharing question is where agents most often create problems without realizing it.
Clients: The seller is your client, and sharing visitor details with them as part of your service is the whole point. A seller report that shows who came through, what timeline they indicated, and what feedback they left is a core deliverable of hosting the open. That data goes to the seller; no one would dispute it.
Your team: If you have a showing assistant, a partner, or an admin who handles follow-up, sharing the sign-in list with them is a normal internal business activity.
Lenders: This is where it gets complicated. If a visitor specifically asked to be connected with a lender, or if your sign-in form included a mortgage-question opt-in that disclosed where the answer goes, sharing that visitor's data with a specific lender partner is defensible. If you are routing all sign-in data to a lender as part of an undisclosed co-marketing arrangement, and visitors did not know that was happening, that is the practice most likely to draw scrutiny under both privacy frameworks and RESPA's rules on referral-fee arrangements. RESPA oversight is a separate conversation from state privacy law; your broker and an attorney familiar with real estate practice are the right people to consult on the specifics.
CRM and marketing tools: Uploading open house contacts to your own CRM for personal follow-up is standard practice. Uploading them to a third-party bulk marketing platform that will run its own cross-reference on the data is a step that warrants disclosure in your sign-in notice and, depending on the platform, a user consent opt-in.
Anyone else: The burden of justification goes up sharply. If someone other than you, your team, and your client is receiving visitor data, there should be a specific, disclosed reason — not just a vendor's default setting.
Consent at the open house: practical, not lawyerly
The word "consent" triggers legal-document instincts, but what is actually useful at an open house sign-in is much simpler. You want visitors to understand, before they type their information in, what is going to happen to it. A single line at the top of the form or on a placard next to the iPad handles it:
"By signing in, you agree to be contacted by [Your Name] about this property and similar listings. Your information stays with me and is not shared with other companies."
That kind of language does something functional: it tells visitors where their data goes, it sets the expectation for follow-up, and it gives the agent a clear, consistent practice to stand behind. It also increases sign-in rates, because the agent who says "sign in and I'll sell your number to a lender" gets fewer sign-ins than the agent who says "sign in and I'll send you comparables this week."
What that line should not promise is something the agent cannot deliver. If you use a tool that does share data with third parties, the consent notice needs to reflect that, not obscure it. Which fields you put on the sign-in form also shapes what consent you need — shorter forms that collect only contact details and timeline require less disclosure than forms that ask about financing or neighborhood preferences. The TCPA's specific rules around texting and calling leads add another layer — particularly the requirement to have documented consent before sending marketing texts — and are covered in a separate guide, since they carry separate penalties.
What on-device storage means for privacy risk
The tool architecture question matters more than agents usually realize. Most sign-in apps work by capturing data on the device and immediately syncing it to a cloud server. That is a reasonable design for multi-device access and data backup, but it means visitor data lives somewhere other than your device from the moment the visitor hits "submit." The vendor can see it. Their subcontractors can potentially see it. If the vendor's server is breached, visitor data is exposed. And if the vendor's privacy policy changes, or the company is acquired, the data is already there.
An on-device-first architecture starts from the opposite premise: visitor data lives on the device and stays there until the agent makes a deliberate export decision. Nobody else sees it while it is sitting between open houses. No vendor monetizes it because no vendor has it. If you decide to share with a lender or upload to a CRM, that is a choice you make per contact, not a default that happens to every visitor automatically.
This is the design OpenHouse uses: leads stay on your device and never leave without your action. No lender ads, no data resale, no background sync to a server you do not control. The tradeoff is that you handle your own backups and exports — CSV, PDF, Contacts, vCard, or direct CRM handoff. For agents who care about the privacy of offline lead capture, that tradeoff makes sense.
Compared with free apps that monetize through lender co-marketing — and whose own help docs explain the data-sharing model — the difference is not subtle. A closer look at which parties end up with your open house sign-in data illustrates how different tools handle this differently. The Close's open house app guide and similar roundups tend to cover features and price; they cover the privacy architecture less often. That is worth filling in before you hand a visitor an iPad and ask for their phone number.
Questions to ask before you choose a sign-in tool
Whether you are evaluating OpenHouse, Curb Hero, Open Home Pro, or any other option, these questions get at the privacy risk profile faster than reading the full terms of service:
- Where is visitor data stored? On the device, on the vendor's servers, or both? Who has access?
- Is visitor data ever shared with third parties? If yes, who, and under what conditions? Does the visitor get notice?
- Does the app have a lender co-marketing or referral arrangement? If so, is that disclosed to visitors on the form, or does it happen in the background?
- Can you delete a visitor's record if they ask? How quickly and completely?
- What happens to your data if you cancel your subscription? Can you export everything, or does it stay on the vendor's server?
- Has the app had a data breach? This is public record if disclosed to a state AG; it is worth a quick search.
No app gives a perfect answer to all of these, and the right balance depends on your practice. But asking the questions moves you from passive to intentional, which is exactly where privacy law and good business practice are pushing the industry.
Recording visitors: a connected question
Sign-in data is not the only privacy consideration at an open house. Recording open house visitors — whether by security camera, doorbell camera, or any other device — raises its own set of consent and notification requirements, which vary sharply by state. Some states require all parties in a private setting to consent to recording; others require only one-party consent; and the distinction between a public listing and a private home gets legally interesting when the sellers are not present. That topic is handled separately because the legal landscape for recording is meaningfully different from the data-privacy landscape for sign-in forms.
What the two topics share is the same underlying principle: visitors at an open house are not forfeiting all privacy expectations by walking through a door. The seller's right to know who came through is real and legitimate. The agent's right to follow up with leads is real and legitimate. Neither of those rights is unlimited, and the agent who designs their sign-in and recording practices with that in mind — who collects what they need, discloses what they do with it, and keeps it under their own control — is in a better position than the agent who lets a vendor's defaults make those decisions for them.
The practical checklist
Before wrapping up, here is a short checklist for applying these principles without turning a door-duty day into a compliance seminar:
- Use a short form. Name, phone, email, timeline. If you do not have a specific follow-up action tied to a field, cut it.
- Add a one-line notice. Tell visitors how you will use their contact details and who will see them. Plain language, not legalese.
- Know what your tool does with data. If you are using a free app, read the help docs and the privacy policy. Understand whether and how visitor data goes to third parties.
- Ask about sharing before you share. If a lender or other third party wants visitor contact details, confirm that your sign-in process disclosed that possibility. When in doubt, ask the visitor.
- Secure the device. A sign-in iPad in kiosk mode, locked to the form app with Apple's Guided Access, limits what a visitor or passer-by can access while the form is up.
- Export deliberately. Whether you use a CSV export, a PDF, or a direct CRM handoff, make the export decision consciously rather than letting data flow automatically to somewhere you did not choose.
- Confirm your state obligations. State privacy laws, RESPA rules, and brokerage policies vary. Your broker and your state or local REALTOR association are the right sources for what specifically applies to your practice. NAR's research hub covers industry-level data and policy updates.
Open house sign-in privacy laws are not about stopping visitors from signing in or building walls between agents and the leads they earned. It is about being intentional: knowing what you are collecting, telling visitors how you will use it, keeping it under your control, and sharing it only with the people who have a legitimate reason to receive it. The agents who do that are also, usually, the agents whose sign-in completion rates are highest — because visitors who trust that their number goes only to the agent in front of them are the visitors who type their real number.
Frequently asked questions
Do open house sign-in sheets violate privacy laws?
Collecting visitor contact details at an open house is a normal real estate practice, but how you collect, store, and share that data can create obligations under state privacy laws. The risk depends on what you ask, what you do with it afterward, and what tools you use. When in doubt, confirm with your broker and your state association.
Does CCPA apply to open house sign-in data?
The California Consumer Privacy Act applies to certain businesses, not typically to individual agents or small brokerages below the thresholds. However, CCPA-style rights — the right to know, delete, and opt out of sale — are spreading to other states, and data-minimization habits protect you regardless of which law technically applies.
Can you share open house visitor data with lenders?
You can share data that visitors knowingly consented to share, but sharing visitor PII with third parties without clear notice is the practice that draws the most scrutiny. Some free open house apps route visitor data to lender partners by default. Confirm what any app does with visitor data before you use it.
What is data minimization and why does it matter at an open house?
Data minimization means collecting only what you genuinely need for a stated purpose. At an open house that is usually name, phone, email, and timeline — not date of birth, income, or anything else you would not act on in follow-up. Collecting less limits your exposure if data is ever mishandled.
Is on-device storage safer for open house visitor data?
Keeping visitor data on your device rather than a third-party server limits who can access it. Data on a server can be breached, subpoenaed, or monetized by a vendor. Data that never leaves your iPad stays under your control until you export it intentionally. That is not a guarantee, but it narrows the attack surface considerably.
Should agents add a consent notice to the open house sign-in form?
A short consent line — telling visitors what you will use their contact details for — is low-friction, reassuring, and consistent with what most state and federal privacy frameworks call for. It does not need to be legal boilerplate; plain language works better and completes more sign-ins.
