Privacy Policy

This Privacy Policy governs the manner in which FinLocker, LLC, a Delaware limited liability company, together with its affiliates and subsidiaries, (“FinLocker”, “we”, “our”, or “us”), collects, uses, discloses, and protects your Personal Information collected or provided through our websites and devices or applications (“Sites”) and how we use Personal Information in connection with our services (each a “Service” and collectively the “Services”) offered through the Sites. It applies to any Sites where this Privacy Policy is referenced or linked to.

1.1 Changes to this Privacy Policy.

We reserve the right, at our discretion, to change, modify, add or remove portions of this Privacy Policy at any time by posting such changes to this page. Changes are effective immediately upon posting. Although we will notify you of changes to the extent and in the manner required by law, you understand that you must check this Privacy Policy periodically for changes. The date this Privacy Policy was last revised appears at the top of this Policy. The most recent version of this policy may be found at https://www.finlocker.com/privacy-policy/.

1.2 About Us.

We are committed to informing you how and when we collect Personal Information from you and to safeguarding the Personal Information you give us or give us permission to get. Remember, your use of the Sites is always subject to our Terms of Service, which can be found at https://www.finlocker.com/terms-of-service/.

1.3 What Is Personal Information?

“Personal information” is information that can either identify or be associated with a particular person. Personal information does not include information that is anonymous or aggregated. It also does not include information that cannot be associated with or be used to identify a particular person.

1.4 Your Information Abroad.

Information we process may be transferred to, stored, and processed in, the United States or any other country in which FinLocker or its affiliates, subsidiaries, or service providers maintain operations. By using and providing Personal Information to us through the Sites or Services, you agree and consent to the transfer, storage, and processing of your Personal Information to any such country in order to operate and provide the Sites and Services.

1.5 Your Ability to Contract with Us.

Our Sites and Services are not intended for children under the age of thirteen (13) or if you are not of legal age to form a binding contract with us. We do not knowingly collect Personal Information from these individuals. If you use the Sites or Services, you hereby represent and warrant that you are at least thirteen (13) years of age. In compliance with the Children’s Online Privacy Protection Act, any Personal Information we receive from users we believe to be under the age of thirteen (13) will be purged from our database.

1.6 How Do We Collect Information?

We collect information from you in several different ways:

directly from you when you provide it to us.
from third parties.
from public records or other publicly available sources.
automatically as you navigate through the Sites.

1.7 What Information Do We Collect?

In addition to the personal financial information that you may provide, we may collect the following categories of Personal Information about you through the Sites, including but not limited to:

Registration information. When you register for a Service, you will be asked for basic registration information, such as an email address, password, cell phone number, and answers to security questions.
Identification information. You may also be asked to provide identification information to confirm your identity, including your first and last name, address, date of birth, full or partial social security number and phone number.
Third party credentials. You may also enter in certain passwords, usernames, account numbers, and other account information for third-party sites and Internet services (“Third Party Sites”).
Information from Third Party Sites you register with us. In order to display information to you through the Services and to share with parties authorized by you, we may collect, on your behalf, your account and other Personal Information from Third Party Sites that you register under your account via the Service. For example, if you register your Bank of America^® account with us, we will access your Bank of America^® information via our Sites in order to present it to you and to share it with other parties authorized by you.
Information from Third Parties. In order to display information to you through the Services and to share with parties authorized by you, we may collect, on your behalf, financial and other Personal Information from the parties you have authorized us to share information with and from other parties (e.g., automated underwriting systems, Credit Bureaus, and other third-party information providers). Where required by law, we will obtain your authorization before seeking Personal Information from such third parties.
Information provided by you. In order to display information to you through the Services and to share with parties authorized by you, you may upload documents and files to the Sites. For example, you may upload tax return documents, property related documents, or employment-related information and input employment, property, and other information about you to allow us to provide more comprehensive services to you, and to enable us to share these documents with other parties authorized by you. Depending on your use of the Services, you also may submit information relating to your spouse, beneficiaries, or dependents.
Contests and surveys. From time to time, you may be offered an opportunity to participate in a survey or promotion. We may collect or you may submit information in connection with one of these promotions.
Technical and navigational information. We collect information about your interaction with our Sites such as computer browser type (e.g., Microsoft Edge^®, Internet Explorer^®, Chrome^®, Firefox^®, Safari^®, etc. and their respective versions), pages visited, average time spent on our Sites, IP address, the unique identifier of the device, operating system version (e.g., Chrome^®, Windows OS^®, Mac OS^®, iOS^®, Android^® etc. and their respective versions), the search terms you use on our Sites; and app version.
Location information. If you choose to use a location-enabled Service, we may collect location information from your device. You may control or disable the sharing of location information via your device setting and/or the Sites.
Other information. We may request or receive other Personal Information such as feedback, questions, comments, suggestions, or ideas to provide you with other benefits or to improve upon the Services. In such instances, you will be given the opportunity to provide or decline that information.

Non-personal information collected by or created by us (such as aggregated and anonymous information) is exclusively owned by us and may be used as we see fit in accordance with applicable law. If we are required to treat non-personal information as Personal Information under applicable law, then we may use and disclose it for the purposes for which we use and disclose Personal Information as detailed in this Privacy Policy.

1.8 How We Do Not Use the Personal Information We Collect.

We will not sell, publish or share your Personal Information without your permission.

1.9 How We Use the Information We Collect.

We use the Personal Information you enter into our Sites to produce results you ask for, like financial information gathering, reports on how you spend your money, and more. Here are some examples of how we might use your Personal Information:

to provide you with products and Services and respond to any inquiries you may have about the Services.
to contact and access Third-Party Sites you have told us we can access to get the information needed by the Services;
to share Personal Information you selected with third parties you have authorized, including for purposes of receiving additional information regarding products and Services;
to provide you with information regarding sweepstakes and similar promotions. Some of these activities have additional rules regarding how we use and disclose your Personal Information;
to share Personal Information with other third parties who are affiliated, transacting or working with, or otherwise providing services on behalf of, one of the parties you have authorized to receive your information (for example, a mortgage lender may transfer their access to your Personal Information to a third party they may sell or assign your mortgage to, or to a third party they use to originate your loan or service your loan);
to analyze Site usage and improve the Services provided through the Sites;
to alert you to software compatibility issues and to improve our web design and functionality and detect and protect against errors, fraud, or other criminal activity;
to deliver to you any administrative notices or alerts and communications relevant to your use of the Services;
to offer you other products, programs, or services that we believe may be of interest to you;
to perform market research, project planning, product development, troubleshooting problems, analysis of user behavior, marketing and promotions;
to pre-fill form fields on the Sites for your convenience;
to confirm your accounts are valid and verify your identity;
to enforce our Terms of Service and as otherwise set forth in this Privacy Policy; and
in anticipation of or in connection with a merger, sale, of substantially all of our assets, or corporate reorganization under terms of security and confidentiality customary for such a transaction.

2 Your Personal Information Provided to and Accessed by Third Parties and Their Use.

Our Services allow you to provide, and grant access to, your financial and Personal Information to third parties, such as your lender, other providers of services and products that you may be interested in, and family members that you authorize to receive such information (“Authorized Third Parties”). Authorized Third Parties can receive your Personal Information in three ways. First, with your express, informed consent, we may disclose your Personal Information to certain Authorized Third Parties, including financial institutions which have made available Services to you. We will seek your express consent to disclose this information at the time you create an account with us, or via a separate process at our discretion prior to disclosing any of your Personal Information. Second, using our Services, you can select what information you want us to provide to an Authorized Third Party. Third, you can grant Authorized Third Parties direct access to your Personal Information we possess through options you select within the Services. All the information we provide to an Authorized Third Party or that an Authorized Third Party directly accesses from us will be in their possession and generally becomes part of their “file” or “loan file” on you. While we control the provision of and access to your Personal Information we possess, we do not control how an Authorized Third Party uses your Personal Information once such information is in the Authorized Third Party’s possession. Your Personal Information in the possession of an Authorized Third Party, and their use of that information including how long such information is retained, will be governed by the privacy policies and other applicable policies of that Authorized Third Party. You acknowledge and agree that you will not request that FinLocker share your information with any type of Authorized Third Party if FinLocker indicates that type of Authorized Third Party is restricted from receiving information from FinLocker Services.

In addition, an Authorized Third Party is typically permitted to share your Personal Information (such as your loan file) with other third parties, such as third parties who are affiliated, transacting or working with, or otherwise providing services on behalf of a Third Party Partner (“Other Third Parties”). Authorized Third Parties may also be permitted to share or delegate their access to your Personal Information in our possession to the Other Third Party. While we control the provision of and access to your Personal Information we possess, we do not control how Other Third Parties use your Personal Information once such information is in their possession. Your Personal Information in the possession of Other Third Parties, and their use of that information including how long such information is retained, will be governed by the privacy policies and other applicable policies of that party. You acknowledge and agree that terminating access to your Personal Information we possess before our Services or the services being provided by the Authorized Third Party or Other Third Party are complete may mean our Services or the other services may be interrupted or may not be completely provided to you.

Notwithstanding anything in this Privacy Policy to the contrary, all information in possession of an Authorized Third Party or Other Third Party, and their use of such information, will not be subject to this Privacy Policy and we will not be responsible for such possession or use.

3 How We Disclose Information We Collect.

We may disclose the Personal Information described in Section 1.7 of this Privacy Policy to Authorized Third Parties with your consent, or for the following purposes:

For the Services. In addition to disclosures of your information that may occur as part of your use described above, we may disclose your Personal Information to our parent, subsidiary, third parties and other related companies, including, but not limited to, our partners, vendors, consultants and professional advisors, trusted affiliates, independent contractors and business partners who will use the information only as necessary for them to perform or provide the Services and for the specific purposes for which the information was collected. For example, if we have a co-brand partner and you access the Service as brought to you by one of those partners, through a co-branded URL, your email address used for registration on the Service may be provided to that co-brand partner.

Also, we may share your Personal Information with third party service providers (other than Authorized Third Parties and Other Third Parties) to enable them to assist in fulfilling the requests you make or the transactions you conduct via the Sites, including the operation of certain Sites’ functions and Services. We use commercially reasonable efforts to only engage or interact with third-party service providers that post a privacy policy governing their processing of Personal Information.

As legally required. We reserve the right, in our sole discretion, to share or disclose your Personal Information with law enforcement, government officials, and other third parties:

- to respond to subpoenas, court orders, legal process or regulatory inquires;
- in order to investigate, prevent, defend against, or take other action regarding violations of our Terms of Service, illegal activities, suspected fraud, or situations involving potential threats to the legal rights or physical safety of any person or the security of our network, Sites or Services;
- to respond to claims that any posting or other content violates the rights of third parties;
- in an emergency, to protect the health and safety of our Sites’ users or the general public; or
- as otherwise required or allowed by any applicable law.

If we are bought or sold. If our company or our assets are acquired by another company, or in the event of a merger, consolidation, change in control, transfer of substantial assets, reorganization, or liquidation, we may transfer, sell, or assign to third parties, information concerning your relationship with us, including, without limitation, Personal Information that you provide and other information concerning your relationship with us. Such third parties will assume responsibility for the Personal Information collected by us in connection with our business operations or through our Sites and such third parties will assume the rights and obligations regarding such information as described in this Privacy Policy.

Additionally, we may share or make available anonymous, de-identified or aggregate information that cannot be used to identify you individually with:

- third parties for their research, product offerings, marketing, and promotional purposes and those third parties may publicly report the findings of their research or analysis;
- organizations that conduct research on consumer spending and other financial habits;
- users of the Service for purposes of comparison of their personal financial situation relative to the broader community; and
- in connection with de-identified Vantage Consumer credit scores, we may share such information with third parties for purposes of providing you with offers and information regarding products and services that may be of interest to you.

4 How We Protect Information We Collect.

We take the security of your information seriously. We use technical and administrative security measures such as, but not limited to, firewalls, encryption techniques, and authentication procedures, among others, designed to maintain the security of your online session, the information we store, and the information we share with others.

You should be aware that your information is transmitted across the Internet and that no method of transmission over the Internet is 100% secure. You also need to take appropriate steps to protect your information. Your information may be accessed and viewed by other Internet users, without your knowledge and permission, while in transit to or from us. Please be advised that we cannot and do not ensure, represent, guarantee or warrant the security of any information you disclose or transmit to us online and are not responsible for the theft, destruction, or inadvertent disclosure of your Personal Information.

5 Third Party Offers & Advertisements.

We may offer a number of separate products and services offered by third parties advertised to you on our Sites and through the Services. These third party offers may be complementary to your use of the Sites and may be personalized based on information you provide to us, we have collected about you, queries made through the Sites, or other information.

If you choose to use these separate products and services, provide information to the third party, or allow the third party to otherwise collect information about you, then their use of your information is subject to the applicable third party’s privacy policy and terms of service. You should review the practices of the third party before deciding to use their service or provide them with any information.

6 Data Collection.

We may use third-party service providers to help us analyze certain online activities. For example, these service providers may help us measure the performance of our online promotions or analyze Sites activity. We may permit these service providers to use cookies and similar technologies to perform these services. For example, we may use service providers such as Google Analytics^® on parts of the Sites to determine age, gender, interest, and other data to better serve our customers. If you prefer to not have your data used by this service provider, you may visit the Google Analytics opt-out page.

7 Blogs & Other Forums.

We may offer bulletin boards, blogs, chat rooms, message boards, or similar public forums (collectively referred to as “Forums”) where you can communicate with us or other users. Any information that you submit or post to these Forums or other forums could be viewed by other viewers or may otherwise be publicly available. We strongly discourage posting of Personal Information to these Forums or other forums. If you choose to post Personal Information, other viewers may use this information to send you unsolicited messages. We are not responsible for the Personal Information you choose to submit in these Forums and other forums.

8 How We Use Technology.

Information Collected Automatically. Certain information on our Sites is collected automatically by means of various software tools. We have a legitimate interest in using such information to assist in log-in, systems administration purposes, information security, and abuse prevention, to track user trends, and to analyze the effectiveness of our Sites. Alone or in combination with other information, such automatically collected information may constitute Personal Information. Some of our service providers may use cookies or other methods to gather information regarding your use of our Sites. Such third parties may use these cookies or other tracking methods for their own purposes by relating information about your use of our Sites with any Personal Information about you that they may have. The use of such information by a third party depends on the privacy policy of that third party.

Log Files On Our Site. The information inside the log files includes internet protocol (“IP”) addresses, type of browser, Internet Service Provider (ISP), date/time stamp, referring/exit pages, clicked pages and any other information your browser may send to us.
Cookies. We use cookies to make interactions with our Sites easy and meaningful. When you visit our Sites, our servers may send a cookie to your computer. Standing alone, cookies do not personally identify you; they merely recognize your web browser. Unless you choose to identify yourself to us, either by responding to a promotional offer, opening an account, or filling out a web form, you remain anonymous to us.

We may use cookies that are session-based and persistent. Session cookies exist only during one session. They disappear from your computer when you close your browser software or turn off your computer. Persistent cookies remain on your computer after you close your browser or turn off your computer. Please note that if you disable your web browser’s ability to accept cookies, you may not be able to successfully use all of the features of our Sites.

The following sets out how we may use different categories of cookies and your options for managing cookie settings:

Type of Cookies	Description	Managing Settings
Required cookies	Required cookies enable you to navigate our Sites and use their features, such as accessing secure areas of our Sites and using our services. If you have chosen to identify yourself to us, we use cookies containing encrypted information to allow us to uniquely identify you. Each time you log into our Sites, a cookie containing an encrypted, unique identifier that is tied to your account is placed on your browser. These cookies allow us to uniquely identify you when you are logged into our Sites and to process your online transactions and requests.	Because required cookies are essential to operating our Sites, there is no option to opt out of these cookies.
Performance cookies	These cookies collect information about how you use our Sites, including which pages you go to most often and if they receive error messages from certain pages. These cookies do not collect information that individually identifies you. All information these cookies collect is aggregated and anonymous. It is only used to improve how our Sites function and perform. From time-to-time, we may engage third parties to track and analyze usage and volume statistical information from individuals who visit our Sites.	To learn how to opt out of performance cookies using your browser settings click here.
Functionality cookies	Functionality cookies allow our Sites to remember information you have entered or choices you make (such as your username, language, or your region) and provide enhanced, more personal features. These cookies also enable you to optimize your use of our Sites after logging in. These cookies can also be used to remember changes you have made to text size, fonts and other parts of web pages that you can customize.	To learn how to opt out of functionality cookies using your browser settings click here.

Other Tracking Technologies. When you visit our Sites, we may collect your IP address for certain purposes such as, for example, to monitor the regions from which you navigate our Sites. We may also use web beacons alone or in conjunction with cookies to compile information about your usage of our Sites and interaction with emails from us. Web beacons are clear electronic images that can recognize certain types of information on your computer, such as cookies, when you viewed a particular site tied to the web beacon. For example, we may place web beacons in marketing emails that notify us when you click on a link in the email that directs you to our Sites. We may use web beacons to operate and improve our Sites and email communications.
Do Not Track notices. Without an industry or legal standard of interpreting Do Not Track Signals (“DNT”) sent to us by your browser, we do not respond to DNT signals at this time. To learn more about how DNT works, please visit http://allaboutdnt.com/.

9 Links to Third Party Sites.

Our Sites may contain links to third-party websites and services that are not owned or controlled by us. We are not responsible for the privacy practices or the content of third party websites, services, and advertisements, and you visit them at your own risk.

10 Personal Information you Disclose Relating to Others.

If you disclose any Personal Information relating to other people to us or to our service providers in connection with our Sites, you represent that you have the authority to do so and to permit us to use the information in accordance with this Privacy Policy.

11 Consent and Opt-Out.

For information about your rights as a California resident, please see Section 13 (Your California Privacy Rights).

We will only disclose your Personal Information with your consent or as otherwise described in Sections 2 and 3 of this Privacy Policy. You may revoke your consent to our sharing of Personal Information with Authorized Third Parties and opt-out of future disclosures at any time by contacting us at privacy@finlocker.com.

If you have an account on our Site, to the extent we are legally required, we provide access to – and ability to edit or delete your Personal Information at any time via the Sites or Services.

If you would like to access, amend or erase Personal Information collected via our Sites, you may also submit a request to:

privacy@finlocker.com

We will promptly review all such requests in accordance with applicable laws. In the event you remove your Personal Information from the Sites, you may not be able to receive all Services provided thereunder or receive benefits from third parties that you previously provided access to this information.

If we disclosed Personal Information to a third party with your consent, you should contact such third party directly if you want to exercise your rights for the disclosed Personal Information.

12 Opting Out of Communications.

We may send periodic Site related alerts, weekly summaries, notifications, newsletters, promotions, or other information via email, SMS, or mobile device notifications. You may choose to stop receiving alerts, notifications, summaries, newsletters, and promotions by indicating your preference in your account profile or settings. You may also follow the unsubscribe instructions in the email you receive. Please note that certain Services-related messages that we send are necessary for the proper functioning and use of the Services and you may not have the ability to opt-out of those messages.

13 Your California Privacy Rights.

California Civil Code Section 1798.83 permits users that are residents of California to request certain information regarding our disclosures of Personal Information to third parties for such third parties’ direct marketing purposes. If you are a California resident and would like to make such a request, please email us at privacy@finlocker.com or write FinLocker, LLC at 168 N. Meramec Ave, Suite 250, St. Louis, Missouri 63105.

In addition, the state of California provides California residents with certain other rights concerning their Personal Information. This section describes (1) the categories of Personal Information collected and disclosed by us subject to California privacy law, (2) your privacy rights under California privacy law, and (3) how to exercise your rights.

13.1 Collection and Disclosure of Categories of Personal Information under California Privacy Law.

In accordance with California law, we collected the following categories of Personal Information within the preceding 12 months from the effective date of this Privacy Policy (both online and offline):

Identifiers (for example, name, email address, Social Security number, IP address, and online identifiers);
Mailing address, telephone number, bank account number, and other information as defined by subsection (e) of California Civil Code Section 1798.80;
Commercial information, including records of products or services purchased or other purchasing histories;
Geolocation data (if enabled by your browser/device);
Internet or other electronic network activity information, including information on your usage of our Sites;
Employment-related information; and
Information used to create a profile about a consumer reflecting the consumer’s preferences or behavior.

In the preceding 12 months from the effective date of this Privacy Policy, we may have disclosed each of these categories of Personal Information to our service providers for our business purposes (to enable the service providers to provide their services) and as otherwise described in Section 3 (How We Disclose Personal Information). Except with your consent, we have not sold Personal Information in the preceding 12 months.

13.2 Your Privacy Rights Under California Law.

Subject to certain exceptions, California consumers have the following rights with respect to their Personal Information:

Privacy Right

Description

Access

You have the right to request information on the categories of Personal Information that we collected in the previous twelve (12) months, the categories of sources from which the Personal Information was collected, the specific pieces of Personal Information we have collected about you, and the business purposes for which such Personal Information is collected and shared. You also have the right to request information on the categories of Personal Information which were disclosed for business purposes, and the categories of third parties in the twelve (12) months preceding your request for your Personal Information.

Deletion

You have the right to request to have your Personal Information deleted from our servers and we will direct our service providers to do the same. However, please be aware that we may not fulfill your request for deletion if we (or our service provider(s)) are required to retain your Personal Information for one or more of the following categories of purposes: (1) to complete a transaction for which the Personal Information was collected, provide a good or service requested by you, or complete a contract between us and you; (2) to ensure our website integrity, security, and functionality; (3) to comply with applicable law or a legal obligation, or exercise rights under the law; or (4) to otherwise use your Personal Information, internally, in a lawful manner that is compatible with the context in which you provided the information.

13.3 How to Exercise Your California Privacy Rights.

If you believe that we have collected Personal Information about you, and would like to exercise your rights listed above, please send (or have your authorized agent send) an email to privacy@finlocker.com. You have a right not to receive discriminatory treatment by any business when you exercise your California privacy rights.

While we take measures to ensure that those responsible for receiving and responding to your request are informed of your rights and how to help you exercise those rights, when contacting us to exercise your rights, we ask you to please adhere to the following guidelines:

Tell Us Which Right You Are Exercising: Specify which right you want to exercise and the Personal Information to which your request relates (if not to you). If you are acting on behalf of another consumer, please clearly indicate this fact and your authority to act on such consumer’s behalf.
Help Us Verify Your Identity: Provide us with information to verify your identity. Please note that if we cannot initially verify your identity, we may request additional information to complete the verification process. Any Personal Information you disclose to us for purposes of verifying your identity will solely be used for the purpose of verification.
Direct Our Response Delivery: Please provide us with an e-mail or mailing address through which we can provide our response. If you make the request by email, unless otherwise requested, we will assume that we can respond to the email address from which you made the request.

14 Retention of Personal Information.

Upon your termination of your account registered for use of the Services, we will terminate your account. Upon your request, we will delete all Personal Information in our possession associated with your use of the Services. Otherwise, we reserve the right to retain any Personal Information as long as the Personal Information is needed to:

perform data analytics internally, provided that any Personal Information is not disclosed to third parties;
comply with applicable law;
fulfill the purposes as set forth in Section 2;
trouble shoot and repair errors; and
detect security incidents and protect against fraud.

To the extent you have authorized the disclosure of your Personal Information to Authorized Third Parties pursuant to Section 2 of this Privacy Policy, any Personal Information in the possession of those Authorized Third Parties at the time you terminate your FinLocker account will be subject to the privacy policies of the applicable Authorized Third Parties.

15 Have Questions?

If you have questions or concerns regarding this Privacy Policy, our security practices, or our information handling practices please contact us at:

FinLocker, LLC
168 N. Meramec Ave, Suite 250
St. Louis, Missouri 63105
privacy@finlocker.com

A copy of the FinLocker Privacy Policy can be downloaded by clicking here.

Cookie	Duration	Description
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.