CANDOR TECHNOLOGY PRIVACY POLICY

 

Last Updated: August 1, 2024


This Privacy Policy describes how Candor Technology, Inc. (and companies under common control)(“Company” or “we” or “us” or “our”) collects, uses, shares, and otherwise processes personal data about individuals engage in business with us, apply for a job with our company or as an employee, or otherwise interact with us online and offline (altogether referred to as our “Business”). For purposes of this Privacy Policy, “Personal Data” means any information that is related to or is reasonably capable of being associated with an individual.


I. Collection of Personal Data

We receive Personal Data from some financial institutions (“Financial Institution”) as a service provider related to mortgages as defined by Gramm-Leach-Bliley Act (16 CFR § 313.14). When you apply for a loan and consent to a financial institution’s privacy policy, that policy includes the financial institution sharing your nonpublic personal information (a) as necessary to effect, administer or enforce a transaction that you have requested for the servicing or processing a financial product or service, to (b) carry out the transaction or the product or service business of which the transaction is a part, and record, service, or maintain the consumer's account in the ordinary course of providing the financial service or financial product. 

We receive the information you have shared with a Financial Institution for the purpose of applying for or obtaining a mortgage.

Such information we receive typically includes:

  • Contact Information
  • Social Security number and income;
  • Account balances and transaction history;
  • Employment information and credit history;
  • Tax returns.

After receipt of the information, we may continue to share your information for further performing service during the life of the mortgage (for example, after you obtain a mortgage, it may be sold to another party to provide services around that loan, and we may cooperate with the Financial Institution which hired us in that process or is receiving such information as part of such transaction).


II. Job Applicants and Employees; When individuals apply to a job with us or become employees, we collect the following Personal Data directly from our job applicants and from our third-party business partners, such as our recruiters or our third-party human resources business partners that we may retain to facilitate that process:

·        Identifiers and contact information, such as your name, postal address, IP address, email address, or other similar identifiers and contact information

  • Certain protected characteristics about you, such as your ethnic or racial background, your veteran status, your disability status, or sexual orientation information if required by law
  • Professional or employment-related information, such as your work history and professional experience
  • Immigration status to determine work eligibility status if required by law
  • Any other Personal Data you choose to provide to us in connection with your application

 

III.  Use of Personal Data

We use the Personal Data referenced above, as appropriate and reasonably necessary, for the following purposes: 

  • To conduct engage in the ordinary course of business: We use all categories of Personal Data, as appropriate and reasonably necessary.
  • To respond to inquiries: We use all categories of Personal Data, as appropriate and reasonably necessary.
  • To protect the security and functionality of our information technology systems: We use all categories of Personal Data, as appropriate and reasonably necessary, but primarily internet and other electronic network activity information.
  • To address our compliance and legal obligations: We use all categories of Personal Data, as appropriate and reasonably necessary.
  • To consider individuals for employment or contractor opportunities, and to manage on-boarding procedures: We use all Personal Data referenced above in connection with job applicants.

We do not use Personal Data for marketing or share data for such purpose.


IV.   Disclosure of Personal Data

We disclose Personal Data with the following categories of recipients: 

  • With our service providers and suppliers: We disclose Personal Data with suppliers and service providers to enable such parties to perform functions on our behalf and under our instructions in order to carry out the purposes identified above, such as web hosting. We require such parties by contract to provide reasonable security for Personal Data and to use and process such Personal Data only on our behalf and only at our instruction.
  • With our corporate family: We disclose Personal Data to other entities in our Candor family as necessary for the purposes identified above.
  • In connection with a reorganization event: We may disclose, transfer or assign your Personal Data in connection with a sale, merger, consolidation, change in control, transfer of assets, reorganization or liquidation of the Company.
  • To other third parties: For example, we may be required to provide Personal Data to law enforcement or other governmental authorities when we believe, in good faith, that (i) you or others are acting unlawfully; (ii) it is necessary or appropriate to meet our legal obligations; (iii) it is necessary to protect or defend our rights or the rights or well-being of our customers or other users of our services; or (iv) it is necessary to protect the health and safety of our personnel, customers, guests, and the general public. 


V.     Legal Bases for Processing Personal Data

We have several different legal grounds on which we collect and process Personal Data, including: 

  • as necessary to perform a transaction as set forth above;
  • as necessary to comply with a legal obligation (such as when we use Personal Data for record-keeping to substantiate tax liability);
  • consent (where you have provided consent as appropriate under applicable law, such as certain cookies); and
  • necessary for legitimate interests (such as when we act to maintain our business generally, including maintaining the safety and security of the Site).

With respect to legitimate interests, we typically collect and process limited Personal Data about business contacts and other individuals acting in their business capacities. Further, as a processor/service provider to Financial Institutions, we process Personal Data in accordance with our clients’ instructions with respect to individuals with whom we do not have a direct relationship.

In certain circumstances where we rely on your consent to process your Personal Data, you will have the right to revoke your consent to processing.   Please note that revoking or withdrawing your consent may result in our not being able to perform the service we are providing to the Financial Institution which requested it.


 VI.     Cookies and Similar Data Collection Technologies

We use cookies and other similar data collection technologies (collectively referred to as “Cookies”) on our website. However as we do not market to consumers or use consumer data for marketing purposes, our use of Cookies is usually limited. Cookies are small amounts of data that are stored on your browser, device, or the page you are viewing. This information might be about you, your preferences or your device and is mostly used to make the website work as you expect it to. The information can potentially identify you, and typically is used to provide you a more personalized web experience. Some cookies are deleted once you close your browser, while other cookies are retained even after you close your browser so that you can be recognized when you return to a website. More information about cookies and how they work is available at www.allaboutcookies.org/. We use cookies enable the functionality of our website and provide you with a more personalized experience.

Controlling Cookie Preferences.  Certain Cookies, such as the strictly necessary cookies cannot be disabled because they are essential for the operation of the Sites. If you would like to review or update your preferences regarding which Cookies you would like to accept, please visit our Cookie management tool here. 

Do Not Track Signals. Some web browsers incorporate a “Do Not Track” or “DNT” feature that signals to websites that a user does not want to have their online activity or behavior tracked. Not all browsers offer a DNT option and DNT signals are not yet uniform. As such, many website operators, including our website, does not recognize or respond to DNT signals.


 VII.    Your Rights and Choices

           Notice to Individual in States with Data Privacy Acts or Outside of the US

If you reside in many states, including Indiana, California, Texas and others, you may have certain rights regarding data under the laws of these states.

In some cases, as we are a small company, we do not meet the thresholds to be regulated by such laws and, as we are covered by the federal regulation as listed above, they may not apply. 


We do not market or sell Personal Data.


Your Privacy Rights. In certain jurisdictions, individuals may have certain rights involving their Personal Data and how Personal Data is processed. Generally, these rights include the right to access, delete, modify, correct, and limit certain processing relating to their Personal Data. Not all jurisdictions provide for these privacy rights and not all jurisdictions provide for the same rights. To exercise any of the rights identified below, please use the information under “Contact Us” below and let us know which right you would like to exercise (unless other instructions are specified below in their relevant jurisdictions). We may request additional information from you to verify your identity and process your request. If permitted by law, we may also charge a small fee to process some of your privacy requests. Depending on which state you reside in, you may have one or more of the following rights: 



  • Right to access your Personal Data;
  • Right to rectify or correct inaccuracies regarding your Personal Data;
  • Right to request deletion of your Personal Data under certain circumstances;
  • Right to obtain a copy of your Personal Data that we have;
  • Right to limit the use and disclosure of your sensitive Personal Data (if you do so, this may affect the Financial Institution’s ability to complete a transaction with you;
  • Right to opt out of the processing of Personal Data for purposes of targeted advertising, the sale of personal data, or profiling in furtherance of a decision made by the company concerning the individual that results in the provision or denial by the company of the following.
  • Right not to be retaliated against for any of the above.

To exercise your rights, please contact us using the information provided below “Contact Us.” You may be able to designate an authorized agent to exercise your rights on your behalf.  We will take steps to verify your or your authorized agent’s identity when we process your request.

 

At this time, we do not perform services with Financial Institutions for the purpose of originating loans for individuals outside of the United States.


VIII.  Data Retention

We typically retain Personal Data for no longer than for the period necessary to fulfill the purposes outlined in this Privacy Policy and as otherwise needed to address our legal obligations.


IX.   Data Security

We have implemented reasonable and appropriate safeguards designed to protect your Personal Data from loss, misuse, alteration, or destruction. We also take reasonable and appropriate steps designed to ensure that third-parties who work with us agree to protect Personal Data we disclose to them or that they process on our behalf.


That said, please understand that no security measure can guarantee absolute security. As such, we cannot guarantee that your Personal Data will be 100% secure. We encourage you to take precautions when providing your Personal Data to Financial Institutions or others. There are tools available on the Internet that can help you keep your data more secure and we encourage you to take advantage of them. Additionally, the FTC.gov has many helpful resources if you wish to learn more. If you believe your Personal Data has been compromised in connection with us, please immediately contact us as detailed in “Contact Us” below.


X.   Information Relating to Minors

Our services are not intended for minors under the age of 18 and we do not knowingly collect any Personal Data from minors under the age of 18 without prior consent as required by applicable law. If you believe a minor under the age of 18 has provided us with Personal Data, please contact us using the information provided in “Contact Us” below. We will take reasonable measures to delete information as soon as possible and not use such information for any purpose, except where necessary to protect the safety of the minor or others as required or allowed by law.


XI.   Links to Third Party Websites

Our website, Business, and materials may contain references or links to third-party websites and services. Except as described above regarding service providers and suppliers, we do not control what information third parties track or collect. Use or access to those third-party websites is not governed by this Privacy Policy. We encourage you to review the privacy policies of any such third-party website or service you may access or use.


XII.   Changes to this Privacy Policy

We may update this Privacy Policy to reflect changes in our practices. When we post modifications to this Privacy Policy, we will update the “Last Updated” date on the top of this web page. We encourage you to periodically review this page for the latest information on our privacy practices.


XIII.   Contact Us

If you have any questions or comments regarding this Privacy Policy or our privacy practices, please contact us at 855-520-1400 or by mail to the Chief Legal Officer at 12850 Hwy 9 N Ste 600-330, Alpharetta, GA, 30004.

Share by: