Introduction

Crown Mortgage of the West (“Company” or “We”) acknowledges the paramount
importance of privacy for our clients and is committed to protecting personal
and financial information with the highest degree of integrity and
confidentiality. Our comprehensive privacy policy is designed to ensure
compliance with the Gramm-Leach-Bliley Act (GLBA) and all applicable privacy
regulations. This policy meticulously details our procedures for collecting,
using, protecting, and disclosing information obtained through our website,
borrower’s portal, and other service platforms.

Detailed Information Collection
Practices

Types of Information Collected

Personal Information

We collect identifiable details such as names, postal addresses, email
addresses, telephone numbers, social security numbers, financial profiles, and
other unique identifiers. This personal information is crucial for personalized
service delivery, accurate client identification, and thorough financial assessments.
Sources of personal information include:

  • Service
    Applications:     Data provided by clients during the application process for our
    services.
  • Customer
    Inquiries:     Information collected when clients contact us with questions or
    service-related concerns.
  • Online Portals: Data gathered
    through client interactions with our digital platforms, including login
    details and usage metrics.

Non-Personal Information

We collect data regarding internet connections, device specifications,
and interaction metrics with our services. This includes IP addresses, browser
types, operating system details, and usage patterns. Non-personal information
is instrumental in optimizing service functionality and enhancing the overall
user experience.

Methods of Information Collection

Direct Interactions

We obtain information directly from clients through service applications,
customer inquiries, and engagements with our online portals. This method
ensures the accuracy and relevance of the data collected, facilitating a
seamless client experience.

Automated Technologies

We employ a variety of automated technologies such as cookies, web
beacons, and other tracking mechanisms to gather data during client
interactions with our digital platforms. These technologies are pivotal in
service improvement and in creating personalized user journeys.

Third-Party Sources

We collaborate with business partners and external entities to augment
our understanding of client needs, thereby ensuring a tailored service
approach. Information from third-party sources is integrated into our systems
under strict confidentiality agreements, enhancing our service delivery.

Purpose of Information Collection

The information we collect is integral to our service delivery and is
used to:

  • Provide Bespoke
    Services:     Tailor content and services to individual client needs, ensuring a
    personalized experience.
  • Respond
    Efficiently:     Address service requests and inquiries promptly, ensuring client
    satisfaction.
  • Execute
    Financial Transactions:     Uphold contractual commitments
    and facilitate seamless financial operations.
  • Communicate
    Updates:     Inform clients about vital updates, changes, and promotional
    offers, keeping them well-informed.
  • Enhance Service
    Offerings:     Develop informed business strategies and improve services based on
    client consent and feedback, ensuring continuous service enhancement.

Information Sharing and Disclosure

Our information sharing practices are governed by strict ethical and
legal standards. Information is disclosed under the following conditions:

Within the Company Group

Information may be shared with subsidiaries and affiliates to streamline
service provision and operational efficiency. This intra-group sharing is
conducted under stringent confidentiality protocols, ensuring data security.

Third-Party Service Providers

We engage with various external agencies to support our business
operations, including marketing, data analysis, and customer service. These
engagements are conducted under strict confidentiality agreements to ensure
data security and integrity.

Legal Successors

In events such as mergers or acquisitions, client information may be
transferred as part of the asset portfolio. This ensures continuity of service
while maintaining privacy standards.

Regulatory and Legal Compliance

We may disclose information to comply with legal obligations, respond to
judicial processes, or protect the rights, property, or safety of the Company.
This disclosure is done in strict accordance with legal requirements and with
the least possible intrusion on client privacy.

User Rights and Choices

Clients are empowered with rights over their personal information,
including:

Access and Review

Clients can request access to and review their personal data held by us.
We facilitate such requests promptly and transparently, ensuring clients are
fully informed.

Correction and Update

Requests to correct or update erroneous or incomplete information are
promptly addressed, ensuring the accuracy of our records and maintaining client
trust.

Deletion and Restriction

Clients can ask for the deletion of their data or restrict its processing
under certain conditions. We evaluate and respond to such requests in compliance
with legal and regulatory standards, ensuring client preferences are respected.

Data Portability

We provide mechanisms for transferring personal information to third
parties at the client’s request. This ensures clients can manage their data as
per their preferences, maintaining control over their personal information.

Data Security

We employ advanced security measures to protect against unauthorized
access, alteration, disclosure, or destruction of personal information. Our
data security measures include:

Encryption Technologies

Sensitive data is encrypted during transmission and storage, providing
robust protection against data breaches and ensuring data integrity.

Access Controls

Strict access policies ensure that only authorized personnel handle
client information. These controls are regularly reviewed and updated to
maintain high-security standards and prevent unauthorized access.

Regular Audits

We conduct regular security assessments and audits to maintain high data
protection standards. These audits help identify and mitigate potential
security risks, ensuring continuous improvement in our data security practices.

Compliance and Legal Considerations

This policy is crafted in strict adherence to sector-specific legal
requirements and best practices. We ensure robust compliance with state,
federal, and international privacy laws, safeguarding client information
through comprehensive legal and regulatory frameworks. Any ambiguities in this
policy shall be interpreted in accordance with the laws of the jurisdiction of
San Luis Obispo, California.

Changes to the Privacy Policy

We reserve the right to amend this policy periodically. Significant
changes will be communicated through our website and via direct notifications
to our clients. Clients are encouraged to review the policy regularly to stay
informed about how we protect their information and to ensure they are aware of
any updates.

Contact Information

For queries or feedback regarding our privacy practices, please contact:

Brian Lardner
Founding Member
Crown Mortgage of the West
Email: brian@crownmortgageofthewest.com
Phone: (805) 434-5226

This policy is effective as of June 24, 2024.