PRIVACY POLICY


Our mission is to act as a trusted advisor, and we can’t do that without your trust. This Privacy Policy explains what information we collect about you, why we collect the information, as well as how we collect and use the information so that we can deliver the best experience that we can.


This Privacy Policy is intended for individuals that reside in the United States. By using any of our websites and mobile applications in the United States (collectively, “Sites”) or otherwise providing Personal Information to us, you agree to this Privacy Policy.


PERSONAL INFORMATION


“Personal Information” generally means any information that identifies you as an individual, and any other information we associate with it. We collect a few categories of information, from a few different sources.

Information that is passively collected when you use the Sites, such as by our web servers and by third-party analytics tools we use:


Our system logs may record certain information about visitors to our Sites, including the web request, Internet Protocol (“IP”) address, device and mobile ad identifiers, browser information, interaction with the Sites, pages viewed, app usage, and other such information; we may collect similar information from emails you receive from us that can help us track which emails are opened and which links are clicked by recipients.

We use certain cookies, pixel tags, and other technologies to help us understand how you use the Sites and enable us to personalize your experience. To learn more about cookies, please visit http://www.allaboutcookies.org/. To learn more about Greg Young Mortgage Finder’s use of cookies, please see our Cookie Policy. We may ask advertisers or other third-party partners to serve ads or services to your devices, which rely on cookies or similar technologies placed on our Sites.

We may detect the physical location of your device by, for example, using GPS information collected by mobile apps or location information shared by your web browser. We collect this information for purposes of enhancing or facilitating our services, such as enabling certain functionalities of the Sites that can provide you with information about promotions or relevant product information near you. Should you wish to opt-out of the collection of this information, please adjust the settings of your device so that information about your physical location is not sent to us or third parties by (a) disabling location services within the device settings; or (b) denying certain websites or mobile applications permission to access location information by changing the relevant preferences and permissions in your mobile device or browser settings. Please note that your location may be derived from your WiFi, Bluetooth, and other device settings. Please consult your device settings for further information.

HOW WE MAY USE PERSONAL INFORMATION

We may use Personal Information as permitted by law, for the following business purposes:


to respond to your inquiries and fulfill your requests

to send administrative information to you, such as about your account or loan or respond to your inquiries and requests for information

to communicate with you about loans, services, promotions, campaigns, programs, contests, and accounts

to inform you about our loan products, promotions, events or other promotional purposes

to re-contact you if we have not heard from you in a while

to send you advertising/promotional material from any of our affiliates, and on behalf of our promotional and strategic partners

to improve your experience with our products and services, such as by personalizing your experience with us

We may also use Personal Information as we believe to be necessary or appropriate for certain essential purposes, including:


to comply with applicable law and legal process

to respond to requests from public and government authorities, including public and government authorities outside your country of residence

to detect, prevent, or investigate potential security incidents or fraud

to facilitate the functionality of our mobile applications and websites

to provide important product safety information and notice of product recalls

to enforce our terms and conditions

to protect our operations or those of our affiliates

to protect our rights, privacy, safety or property, security and/or that of our affiliates, you or others

to allow us to pursue available remedies or limit the damages that we may sustain

HOW PERSONAL INFORMATION MAY BE DISCLOSED

To the extent permitted by law, all of your Personal Information may be disclosed to the following categories of third parties:


to our affiliates for the purposes described in this Privacy Policy

in connection with the essential purposes described above (e.g., to comply with legal obligations)

Information Sharing With Joint Venture Partners.

We may participate with another company or individual for purposes of jointly promoting our products, services, promotions or contests or their products, services, promotions, or contests. We reserve to right to disclose your personal information and usage data that you generate to them for purposes of (i) compensation, transaction processing, fulfillment, and support, and (ii) for purposes of offering you other products, services, promotions, and contests. These joint venture marketing partners may also contact you regarding other products, services, promotions, or contests.


DO NOT TRACK

We do not monitor or follow “Do Not Track” (DNT) signals because there is no standard interpretation or practice for DNT signals. Therefore, we handle all user information consistent with this Privacy Policy.


THIRD PARTY SITES

The Sites may link to other websites and online services. We have no control over such third parties and therefore cannot be responsible for the content, availability, or security of such linked third-party websites, so please read their privacy policies carefully. Third parties may use your information for their own purposes, including behavioral or advertising purposes. This Privacy Policy does not address the privacy and data security practices of any third parties. The inclusion of a link on the Sites does not imply endorsement of the linked third-party website or their products and services, and is provided for your convenience only. If you decide to access any of the third-party websites linked to our Sites, you do so subject to the terms and conditions of use for such third-party websites.


We are also not responsible for the privacy and data security practices of other organizations, such as Facebook, Instagram, Apple, Google, Microsoft, Twitter or any other app developer, app provider, social media platform provider, operating system provider, wireless service provider or device manufacturer. Please read their privacy policies and consider customized settings on your browser or through your mobile phone to limit disclosure of certain information, such as location data.


Any Personal Information that you provide through these third-party websites, mobile applications, or social platforms will be subject to the privacy policy of its operator, and not this Privacy Policy.


SECURITY

With recent events and regulatory changes, our customers and business partners are increasingly asking how Greg Young Mortgage Finder protects the sensitive information entrusted to us. We recognize that this is a significant trust and one that we don’t take lightly. Information Security is a very complex subject, and the technical details are beyond the scope of this document. However, this document will provide a general overview of the Information Security Controls in place and operating at Greg Young Mortgage Finder.


The Greg Young Mortgage Finder Information Security Program relies on the National Institute of Standards and Technology (NIST) 800 series of standards as the primary framework for our control design, implementation and operation. Those controls include Physical, Technical, Administrative and Procedural controls. We continually invest in and enhance these controls to meet new threats and vulnerabilities. We work with several leading Information Security firms which assist us in the implementation, operation and review of our security controls. This includes periodic assessments and testing.


A significant part of our strategy is our implementation of application virtualization technology throughout Greg Young Mortgage Finder. This technology significantly reduces the potential attack points by centralizing the location of borrower data within our datacenters. We replicate data between servers in our primary and secondary data centers – data is never put on tape or other physical media for transport.


Additionally, all of our associates are provided training on the protection of borrower information and are engaged in an active, continual Information Security Awareness program that keeps Information Security in focus all throughout the year.


Greg Young Mortgage Finder’s primary tool for loan processing is the Encompass Loan Origination system by Ellie Mae. Additional services (Credit Reporting, Anti-fraud, etc…) are provided by third party organizations via the Ellie Mae Network. Data movement between Ellie Mae software clients to the central server is encrypted throughout transmission. Borrower information stored on the central server is also encrypted while “at rest”. Similarly, information passed through the Ellie Mae Network is encrypted throughout transit.


Secure exchange of information between borrowers and Greg Young Mortgage Finder Loan Officers and associates is facilitated by the Encompass eFolder functionality. Additionally, our email system is configured to automatically establish Transport Layer Security with any correspondent email systems that support this encryption mechanism. Finally, we have an Encrypted Email system for communications with those that don’t have access to a secure email system.


We use standard physical, technical and administrative measures designed to reduce the risk of loss, misuse, unauthorized access, disclosure or modification of your Personal Information. Unfortunately, no system or network can be guaranteed to be 100% secure. If you have reason to believe that your interaction with us is no longer secure (for example, if you feel that the security of any account you might have with us has been compromised), please immediately notify us in accordance with the “Contacting Us” section below (note that physical mail notification will delay the time it takes for us to respond to the problem).


YOUR CHOICES AND ACCESS RIGHTS

RETENTION PERIOD

We will retain your Personal Information for the period necessary to fulfill the purposes outlined in this Privacy Policy unless a longer retention period is required or permitted by for legal, auditing, or compliance purposes.


CHILDREN'S PRIVACY

We do not intend for our websites or other online services to knowingly collect or solicit any information from anyone under the age of 13 or knowingly allow minors under the age of 13 to disclose their Personal Information to us through the Sites. The Sites are directed to individuals who are permitted to share their Personal Information without parental consent. If you believe that we might have any information from a child under the age of 13, please contact us as directed below in the “Contacting Us” section. You may mark your inquiry “COPPA Information Request.” Parents can learn more about how to protect children’s privacy online here.


UPDATES TO THIS PRIVACY POLICY

We may periodically update this Privacy Policy. Any changes to this Privacy Policy will become effective when we post the revised Privacy Policy on our Sites. Your use of the Sites following these changes means that you accept the revised Privacy Policy.


CONTACTING US

We welcome your questions, comments, and concerns about privacy. If you have any questions about this Privacy Policy or our data practices, please contact us as follows:


You may email us at: [email protected].

You may call us at (314) 789-8080.

Please note that email communications are not always secure, so please do not include credit card information or other sensitive information in any emails to us.


COOKIE POLICY

When you use our websites, mobile applications, and online services (the “Site”), we may store cookies on your web browser. Other third parties you choose to visit may do the same. This Cookie Policy explains what a cookie is, how you can manage your cookies, and what kind of cookies may be on our sites.


WHAT IS A COOKIE AND WHY DO WE USE THEM?

Cookies are small pieces of text. They are provided by most websites and stored by your web browser on the computer, phone, or other device that you are using. Cookies serve many purposes. They can help a website remember your preferences, learn which areas of the website are useful and which areas need improvement, and provide you with targeted advertisements or personalized content. Sometimes, cookies are enabled when pixels are placed on a website. Pixels are also referred to as web beacons, clear gifs, and tags. They enable websites to read and place cookies.


FIRST-PARTY COOKIES AND THIRD-PARTY COOKIES

Cookies can be first-party or third-party. A first-party cookie is one that you receive directly from Greg Young Mortgage Finder when visiting our Site. A third-party cookie is one that you have received from another party, such as Google or Facebook. We do not control what third parties do on other sites. However, we may work with certain third-party providers such as Google or Facebook to permit their cookies to function through our Site so we can learn more about your web experience on our Site and better personalize our services for you.


PERSISTENT AND SESSION COOKIES

A persistent cookie is a cookie that is stored by the web browser on your device until it expires or you delete it. The expiration of a persistent cookie is determined by the creator of the cookie and can be upon a certain date or after a length of session time has passed. This means that, for the cookie's entire lifespan, its information will be transmitted to the creator’s server every time the user visits the website that it belongs to or another website configured to check for that cookie (such as an advertisement placed on that website). For this reason, persistent cookies are also called “tracking cookies.”


A session cookie is created temporarily on your device for use by a website during your visit. This type of cookie may store information you enter and track your activity within the website. A session cookie is deleted after you leave the website or when the web browser is closed. A good example of a session cookie is the shopping cart on an e-commerce site. The session cookie stores the items that you add to your cart so they are not forgotten while you view products on other pages of the website. Using a session cookie, the items will all be in the cart when you go to the checkout page.


HOW DO I MANAGE COOKIES?

Most web browsers let you choose whether to accept cookies. Most also let you delete cookies already set. The choices available, and the mechanism used, will vary from browser to browser. Such browser settings are typically found in the “options”, “tools” or “preferences” menu. You may also consult the browser’s “help” menu. For example:


Cookie settings in Internet Explorer

Cookie settings in Firefox

Cookie settings in Chrome

Cookie settings in Safari

There are online tools available for clearing all cookies left behind by the websites you have visited, such as www.allaboutcookies.org. Usually, deletion of cookies will anonymize the information associated with the pixel and a website will not receive any further associated information.


WHAT KIND OF COOKIES DO WE USE?

The Site may use Strictly Necessary Cookies, Performance Cookies, Functional Cookies, Targeting Cookies and Social Media Cookies. Any of these may be first-party cookies or third-party cookies, persistent or session.


Strictly Necessary Cookies: These are cookies without which you would not be able to use this Site. For example, Strictly Necessary Cookies adjust the Site data transmitted to match your Internet connection, get you to the secure versions of the Site, and help provide services you specifically request. If you set your browser to block these cookies, some parts of the Site will not work. Strictly Necessary Cookies do not store any Personal Information.


Performance Cookies: We may use these cookies to count visits and traffic sources, to measure and improve Site performance. They help us to know which pages are the most and least popular and see how visitors move around the site. Performance Cookies do not store any Personal Information.


Functional cookies: These cookies allow the Site to remember choices you make and provide enhanced functionality and more personalized features. Depending on context, Functional Cookies may store certain types of Personal Information as needed to provide functionality.


Targeting Cookies: Targeting cookies help us manage and display our advertisements, based on your activity on the Site and other sites; this is known as interest-based advertising. Targeting cookies mainly rely on uniquely identifying your browser and internet device. Opting out of interest-based advertising does not mean you will no longer see advertising online, but it does mean that the companies from which you opt out will no longer show ads that have been tailored to your interests.


Social Media Cookies: Social Media Cookies make social sharing easier for you, provide you with tools to connect with the Site, and help us better understand both the audience for the Site and the effectiveness of our social media outreach. These are third-party cookies. Your choices with respect to such cookies are determined by the social media platforms on which you have accounts.


UPDATES TO THIS COOKIE POLICY


We may change this Cookie Policy at any time. Any changes in this Cookie Policy will become effective when the revised Cookie Policy is available on or through the Site.


CONTACTING US

If you have any further questions, please contact us by calling (314) 789-8080.


If you are a California resident, please review our California Consumer Privacy Act Policy below.


CALIFORNIA CONSUMER PRIVACY ACT


This Privacy Notice for California Residents supplements the information contained in the Privacy Policy of Greg Young Mortgage Finder and its subsidiaries (collectively, “we,” “us,” or “our”) and applies solely to visitors, users, and others who reside in the State of California (“consumers” or “you”). We adopt this notice to comply with the California Consumer Privacy Act of 2018 (“CCPA”) and other California privacy laws. Any terms defined in the CCPA have the same meaning when used in this notice.


The California Consumer Privacy Act provides some California residents with additional rights.


To exercise these rights click here or you may dial (314) 789-8080.


RIGHT TO KNOW

You have the right to know and see what data we have collected about you over the past 12 months, including:


The categories of Personal Information we have collected about you;

The categories of sources from which the Personal Information is collected;

The business or commercial purpose for collecting your Personal Information;

The categories of third parties with whom we have shared your Personal Information; and

The specific pieces of Personal Information we have collected about you.


RIGHT TO DELETE

You have the right to request that we delete the Personal Information we have collected from you by clicking here. There are a number of exceptions, however, that include, but are not limited to, when the information is necessary for us or a third party to do any of the following:


Complete your transaction;

Provide you a good or service;

Perform a contract between us and you;

Protect your security and prosecute those responsible for breaching it;

Fix our system in the case of a bug;

Protect the free speech rights of you or other users;

Comply with the California Electronic Communications Privacy Act (Cal. Penal Code § 1546 et seq.);

Engage in public or peer-reviewed scientific, historical, or statistical research in the public interests that adheres to all other applicable ethics and privacy laws;

Comply with a legal obligation; or

Make other internal and lawful uses of the information that are compatible with the context in which you provided it.


OTHER RIGHTS

You also have the right not to be discriminated against for exercising any of your rights.



INFORMATION WE COLLECT

We collect information that identifies, relates to, describes, references, is capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer or device (“personal information”). In particular, we have collected the following categories of personal information from consumers within the last twelve (12) months:


CATEGORY


EXAMPLES


COLLECTED


BUSINESS PURPOSE


Identifiers


A real name, alias, postal address, unique personal identifier, online identifier, Internet Protocol address, email address, account name, Social Security number, driver's license number, passport number, or other similar identifiers.


Yes


Performing services; providing financing and customer service and protecting against fraud.


Personal information

categories listed in the

California Customer

Records statute (Cal. Civ.

Code § 1798.80(e)).


A name, signature, Social Security number, physical characteristics or description, address, telephone number, passport number, driver's license or state identification card number, insurance policy number, education, employment, employment history, bank account number, credit card number, debit card number, or any other financial information, medical information, or health insurance information. Some personal information included in this category may overlap with other categories.


Yes


Provide financing and protect against fraud.


Protected classification

characteristics under California or federal law.


Age (40 years or older), race, color, ancestry, national origin, citizenship, religion or creed, marital status, medical condition, physical or mental disability, sex (including gender, gender identity, gender expression, pregnancy or childbirth and related medical conditions), sexual orientation, veteran or military status, genetic information (including familial genetic information)


Yes


Providing financing.


Commercial information.


Records of personal property, products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies.


Yes.


Providing customer service; marketing and advertising


Biometric information.


Genetic, physiological, behavioral, and biological

characteristics, or activity patterns used to extract a template or other identifier or identifying information, such as, fingerprints, faceprints, and voiceprints, iris or retina scans, keystroke, gait, or other physical patterns, and sleep, health, or exercise data.


No


N/A


Internet or other similar network activity.


Browsing history, search history, information on a consumer's interaction with a website, application, or advertisement.


Yes


Providing services, performing marketing and services


Geolocation data.


Physical location or movements.


No


N/A


Sensory data.


Audio, electronic, visual, thermal, olfactory, or similar information.


No


N/A


Professional or

employment-related

information.


Current or past job history or performance evaluations.


Yes


Providing financing and servicing mortgage accounts.


Non-public education

information (per the Family Educational Rights and

Privacy Act (20 U.S.C. Section 1232g, 34 C.F.R.

Part 99)).


Education records directly related to a student maintained by an educational institution or party acting on its behalf, such as grades, transcripts, class lists, student schedules, student identification codes, student financial information, or student disciplinary records.


No


N/A


Inferences drawn from

other personal information.


Profile reflecting a person's preferences, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities, and aptitudes.


No


N/A


Personal information does not include:


Publicly available information from government records.

De-identified or aggregated consumer information.

Information excluded from the CCPA's scope, like:

Health or medical information covered by the Health Insurance Portability and Accountability Act of 1996 (HIPAA) and the California Confidentiality of Medical Information Act (CMIA) or clinical trial data;

Personal information covered by certain sector-specific privacy laws, including the Fair Credit Reporting Act (FRCA), the Gramm-Leach-Bliley Act (GLBA) or California Financial Information Privacy Act (FIPA), and the Driver's Privacy Protection Act of 1994.

The categories of sources from whom we collected this Personal Information are:


Directly from a California resident or the individual’s representatives

Service Providers, Consumer Data Resellers and other third parties

Public Record Sources (Federal, State or Local Government Sources)

Information from our Affiliates

Website/Mobile App Activity/Social Media

Information from Client Directed Third Parties

The categories of third parties to whom we disclosed Personal Information for our business purposes described in this privacy policy are:


Affiliates of Greg Young Mortgage Finder

Vendors and Service Providers who provide services such as website hosting, data analysis, payment processing, order fulfillment, information technology and related infrastructure, customer service, email delivery, auditing, marketing and marketing research activities

Partners and Third Parties who provide services

Other Third Parties who enable customers to conduct transactions online and via mobile devices and support mortgage and fulfillment services

Government Agencies as required by laws and regulations

HOW TO EXERCISE YOUR CALIFORNIA PRIVACY RIGHTS

To request access to or deletion of your Personal Information, or to exercise any other data rights under California law, please contact us using one of the following methods:


WEBSITE - You may visit our online request form to authenticate and exercise your rights.


PHONE - You may dial our Customer Service at (314) 789-8080.


OTHER DESIGNATED METHODS - We only have two designated methods for submitting your verifiable consumer request, and currently we do not accept requests via US mail. This is to protect you – and us – from fraudulent activity.


RESPONSE TIMING AND FORMAT - We aim to respond to a consumer request for access or deletion within 45 days of receiving that request. If we require more time, we will inform you of the reason and extension period in writing.


JAN 21 CCPA SECURITY INFO


Greg Young Mortgage Finder has implemented critical physical, organizational and technical measures to guard against unauthorized or unlawful access to the personal information we manage and store. We have also taken steps to avoid accidental loss or destruction of, or damage to, your personal information. While no system is completely secure, the measures implemented by Greg Young Mortgage Finder significantly reduce the likelihood of a data security breach.


We welcome your questions, comments, and concerns about privacy. If you have any questions about this Privacy Policy or our data practices, please contact us as follows:


Secure office premises; [email protected].

Locked filing cabinets and a secure shredding practice for paper records;

The use of encryption, such as secure portals for document transfers and tokenization for payment card information;

Robust authentication processes, including complex passwords for access to electronic records;

Limited access to personal information by employees who need the information to perform their work-related duties; and

The use of data centers with effective physical and logical data security controls.

Exchange of information between borrowers and Greg Young Mortgage Finder Loan Officers and associates is paramount in the loan origination process. Therefore, personal data is subject to additional safeguards to ensure this data is processed securely. For example, we work hard to ensure data is encrypted when in transit and storage, and access to this data will be strictly limited to a minimum number of individuals and subject to confidentiality commitments. We will take all steps reasonably necessary to ensure that your data is treated securely and in accordance with this Policy. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorized access. When possible, encryption is used, both in transit and storage. Access controls within the organization limits who may access that personal information.

In addition, we recommend that you do your part in protecting yourself from unauthorized access to your personal information. For example, ensure your account login credentials are not shared with anyone. Greg Young Mortgage Finder is not liable for any unauthorized access to your personal information that is beyond our reasonable control.

We use standard physical, technical and administrative measures designed to reduce the risk of loss, misuse, unauthorized access, disclosure or modification of your Personal Information. Unfortunately, no system or network can be guaranteed to be 100% secure. If you have reason to believe that your interaction with us is no longer secure (for example, if you feel that the security of any account you might have with us has been compromised), please immediately notify us in accordance with the “Contacting Us” section below (note that physical mail notification will delay the time it takes for us to respond to the problem).


A FEW FAQS REGARDING CCPA

WHAT IS “PERSONAL INFORMATION” AS DEFINED IN THE CALIFORNIA REGULATION?

Personal Information is practically anything that identifies, relates to, describes or could be associated with you. Beyond your name, phone number, or email address, it includes the kind of device you're using to read this or which web browser. Personal Information also includes biometric data, your geolocation and even your perceived preferences. It does not include publicly available information.


DO YOU SELL MY PERSONAL INFORMATION?

No, we do not. In order to sell your information, we would need to first disclose to you our sale practices AND provide you with an easy “DO NOT SELL MY INFO” button on our website for you to opt-out of future sales of your Personal Information. But rest assured, we do not sell your Personal Information.


HOW AND WHERE DO YOU COLLECT PERSONAL INFORMATION?

That depends. We collected most of this information directly from you — either during a mortgage application or as we service your mortgage loan. Such Personal Information includes social security number, employment history and bank account numbers. We collect and secure all of this information in accordance with federal regulations. We also may receive information from other sources, such as an internet advertiser, a mortgage lead generator, your prior mortgage servicer, or government entities from which public records are maintained.


And we gather information using cookies and other online tools and technology. In other words, we collect some information about our anonymous website visitors, but we do not attempt to identify our visitors by name or profile. We only identify you by name when you submit a web form with your Personal Information or log into/register on our Greg Young Mortgage Finder customer portal.


WILL YOU DELETE MY INFORMATION IF I REQUEST YOU DO SO?

The short answer is maybe. The CCPA requires businesses that collect Personal Information directly from consumers to delete such information upon request. Unless the deletion request is subject to an exception. Or an exemption. Let us explain in more detail. Information we collect, store, or share in connection with providing you a financial product or service is exempt. That’s because your financial information is already regulated by federal law. Pursuant to federal law, we leverage administrative, physical and technical methods to safeguard your information. And even if you’re not a customer of ours, we might need to keep some of your information to: complete a transaction, prevent or detect fraud, or comply with a legal obligation. While we may not delete your information, we will always use it for a lawful purpose that aligns with what you would expect given your relationship with Greg Young Mortgage Finder.


To submit a request, feel free to call us at (314) 789-8080 or navigate to our online request form.


CAN I REQUEST A COPY OF WHAT YOU COLLECTED OR SHARED?

Well, in some cases, yes and in some cases, no. The CCPA refers to this as your “Right to Know”. But like we mentioned above, the CCPA does not apply to most of the information that we collect or share in our role as a financial institution. We won’t include any of that information in your “Right to Know” response. But we might have other information that is not exempt.


To submit a request, feel free to call us at (314) 789-8080 or navigate to our online request form.