PRIVACY POLICY
Paramount Residential Mortgage Group, Inc.
Online Privacy Policy
Last Updated: December 30th 2022
Overview
Paramount Residential Mortgage Group Inc. (the “Company” or “we”) understands your expectation of privacy and is committed to maintaining the confidentiality of your personal information. This Online Privacy Notice (this “Notice”) describes how we collect and use the personal information of users and visitors of our website and other PRMG affiliated websites, portals, applications, and online information collection points that link to this Notice. This Notice also covers how we protect your personal information, and how you can contact us with questions related to this Notice and our privacy practices.
Other privacy policies could apply depending on how you interact with us, the products or services you may obtain from us, or the relevant jurisdiction in which we do business with you. If you are a California consumer, and would like further information about our privacy practices and your rights in relation to the California Consumer Privacy Act, please see our California Consumer Privacy Disclosure.
By using our Website, any of our services, or providing us with personal information, you acknowledge the privacy practices we describe in this Notice and any updates we make. You also acknowledge that you have read this Notice and other policies described.
Information We Collect About You
The type of information we collect from you and about you online depends on how you interact with us. When using the website and completing an application/form, you may be asked to provide us personal information such as your name, mailing address, e-mail address, telephone number, credit history, payment history, credit scores, social security number, employment information, assets, salary information, or other information to complete your transactions with us. We may also collect personal information about you from third parties, which we may combine with the information that you provided.
Information We Collect When You Browse Our Website
We automatically collect certain information related to you and your activities on the website when you visit the website including information on how you use and interact with the website. This information includes information such as your IP address, your internet browser, and operating system. This information is aggregated or de-identified and cannot reasonably be used to identify you.
How We Use Your Personal Information
We use the information we collect from you and about you for many purposes, such as to:
-
- Deliver the products and services you requested
- Detect and Prevent Fraud
- To comply with our legal obligations
- To improve the user experience on our website
- To debug, identify, and repair errors that impair existing intended functionality of our website.
- To protect against malicious or illegal activity and prosecute those responsible.
- Perform analytics concerning your use of our online services.
- Review your job application.
- To carry out any other purpose at your request.
How We Share Your Personal Information
We may share personal information with:
-
- Third party providers under contract in order to deliver the services and products requested.
- As required by laws and regulations
- For any purpose for which you provide consent
Use of Cookies and Other Tracking Technologies
Cookies are small files that a website may transfer to a user’s computer that reside there for either the duration of the browsing session (session cookies) or on a permanent, until deleted, basis (persistent cookies) that may be used to identify a user, a user’s machine, or a user’s behavior. We make use of cookies under the following circumstances and for the following reasons:
-
- Provide you with services available through the website and to enable you to use some of its features
- Compile data about website traffic and how users use the website to offer a better website experience
- Understand and save visitor preferences for future visits, such as remembering your login details, to provide you with a more personal experience and to avoid you having to re-enter your preferences every time you use the website.
You may delete cookies from your web browser at any time or block cookies on your equipment, but this may affect the functioning of or even block the website. You can prevent saving of cookies (disable and delete them) by changing your browser settings accordingly at any time. It is possible that some functions will not be available on our website when use of cookies is deactivated. Check the settings of your browser. Below you can find some guidance:
How We Protect the Information that We Collect
The protection of the information that we collect about visitors to this website is of the utmost importance to us and we take every reasonable measure to ensure that protection, including:
- We keep automatically collected data and voluntarily collected data separate at all times.
- We use internal encryption on all data stores that house voluntarily captured data.
- We use commercially reasonable tools and techniques to protect against unauthorized access to our systems.
- We restrict access to private information to those who need such access in the course of their duties for us.
External Links
Our website contains links to other sites. We are not responsible for the privacy practices or the content of such websites. To help ensure the protection of your privacy, we recommend that you review the Privacy Policy of any site you visit via a link from our website. We accept no responsibility or liability for these other websites.
Plaid Technologies
PRMG enables you to use Plaid Technologies, Inc. to gather data from financial institutions. By using the Services, you acknowledge and agree that your information will be processed in accordance with the Plaid Privacy Policy and you grant PRMG and Plaid the same rights, power and authority as specified therein.
Passwords
The personal data record created through your registration with our website can only be accessed with the unique password associated with that record. To protect the integrity of the information contained in this record, you should not disclose or otherwise reveal your password to third parties.
Children Under the Age of 16
We do not knowingly sell or share the personal information of consumers under 16 years of age.
International Visitors
We do not target, market to, or offer our products or services to consumers outside the United States. You agree not to submit your personally identifiable information through the website if you reside outside the United States.
California Consumer Privacy Act Notice
Last Updated: December 30th 2022
This section of the Privacy Policy applies only to California residents who are natural persons; it does not apply to any entities (whether business, non-profit or governmental). This California Consumer Privacy Act Notice explains how we collect, use, and disclose personal information relating to California residents covered by the California Consumer Privacy Act of 2018, as amended by the California Privacy Rights Act of 2020 (collectively, the “CCPA”).
Collection of Personal Information
In the last 12 months, we have collected the following categories of personal information about you based on your specific transactions and interactions with us or our website. The personal information we collect about a California resident depends on the relationship or interaction with that individual.
Personal Identifiers
Examples:
Name, alias, social security number, date of birth, driver’s license or state identification card number, passport number.
Disclosed in the last 12 Months to:
A, B, C, D, E
Contact Information
Examples:
Home, postal or mailing address, email address, home phone number, cell phone number.
Disclosed in the last 12 Months to:
A, B, C, D, E
Protected Classifications
Examples:
Race, ethnicity, national origin, gender, age, military status, familial status.
Disclosed in the last 12 Months to:
A, B, C,
Commercial Transactional Data
Examples:
Information regarding products or services provided or purchased.
Disclosed in the last 12 Months to:
A, B, C, D, E
Internet Network and Computer Activity
Examples:
Internet or online information such as browsing history and information regarding interaction with our websites or applications
Disclosed in the last 12 Months to:
C, E
Geolocation data
Examples:
IP address and/or GPS location.
Disclosed in the last 12 Months to:
B, C, E, H
Financial / Employment Data
Examples:
Information collected through credit applications, including employment history, company name, role, salary, dates of employment, bank accounts, income sources.
Disclosed in the last 12 Months to:
A, B, C, D
Online Portal and Mobile App Access and Usage Information
Examples:
Username, account history, usage history, file access logs, and security clearance level.
Disclosed in the last 12 Months to:
C, D, E
Visual, Audio or Video Recordings
Examples:
Your image when recorded or captured in surveillance camera footage or pictures of you taken on our premises or at our events or that you share with us.
Disclosed in the last 12 Months to:
E
Of the above categories of Personal Information, the following are categories of Sensitive Personal Information the Company may collect from or about consumers:
-
- Personal Identifiers (social security number, driver’s license or state identification card number, passport number)
- Account Information (your account log-in, in combination with any required security or access code, password, or credentials allowing access to the account)
- Protected Classifications (racial or ethnic origin, or sexual orientation)
- Geolocation Data (IP address and/or GPS location)
Personal information does not include:
-
- Publicly available information from government records.
- Information that a business has a reasonable basis to believe is lawfully made available to the general public by the consumer or from widely distributed media.
- Information made available by a person to whom the consumer or applicant has disclosed the information if the consumer or applicant has not restricted the information to a specific audience.
- De-identified or aggregated information.
We may collect your personal information from the following sources:
-
- You, the consumer, or your representatives
- We utilize cookies to automatically collect information about our website visitors
- Surveillance cameras at our physical locations
- Lead generators and referral sources
- Credit and consumer reporting agencies
- Service Providers and contractors who provide services
We may disclose your personal information with the following categories of service providers and third parties:
A. Financial institutions
B. Government agencies as required by law and regulations
C. Outside companies or organizations, including service providers subject to appropriate confidentiality and use restrictions, as a part of providing products and services, completing transactions, or supporting our everyday operations (examples include data storage providers, operating systems providers, ISP providers, data analytics providers, email service providers)
D. Outside companies or organizations in connection with routine or required reporting including consumer reporting agencies and other parties
E. Security and risk management vendors
We may collect your personal information for the following business purposes:
-
- To fulfill or meet the purpose for which you provided the information.
- To process, complete, and maintain records on transactions.
- To complete appraisals.
- To respond to consumer inquiries, including requests for information, customer support online, phone calls, and in-store inquiries.
- To improve user experience on our website.
- To understand the demographics of our website visitors.
- To detect security incidents.
- To debug, identify, and repair errors that impair existing intended functionality of our website.
- To verify and respond to consumer requests.
- To evaluate your job application and candidacy for employment, obtain and verify background check and references.
We do NOT and will not sell your personal information in exchange for monetary or other valuable consideration. We do not share your personal information for cross-context behavioral advertising.
We do not and will not use or disclose your sensitive personal information for purposes other than the following:
-
- To perform services including maintaining or servicing accounts, providing customer service, processing payments, verifying customer information, providing advertising or marketing (except for cross context behavioral advertising),
- To resist malicious, deceptive, fraudulent, or illegal actions directed at the business and to prosecute those responsible for those actions, provided that the use of a California resident’s Personal Information is reasonably necessary and proportionate for this purpose.
- To detect security incidents that compromise the availability, authenticity, integrity, and confidentiality of stored or transmitted personal information.
- To ensure safety and integrity to the extent personal information is reasonably necessary and proportionate for these purposes.
- To perform services on behalf of the Company.
- To identify and repair errors that impair existing intended functionality.
- For purposes that do not involve inferring characteristics about the consumers.
- To comply with laws and regulations.
Retention of Personal Information
The length of time that we intend to retain each category of Personal Information will depend on a number of criteria, including (i) the length of time we are required to retain Personal Information in order to comply with applicable legal and regulatory requirements, (ii) the length of time we may need to retain Personal Information in order to accomplish the business or commercial purpose(s) for which such Personal Information is collected, used or disclosed (as indicated in this Notice), and (iii) whether you choose to exercise your right, subject to certain exceptions, to request deletion of your Personal Information.
We apply our data retention procedures on an annual basis to determine if the business purposes for collecting the personal information, and legal reasons for retaining the personal information, have both expired. If so, we will purge the information in a secure manner.
Compliance with Law and Safety
We may disclose specific personal and/or sensitive personal information based on a good faith belief that such disclosure is necessary to comply with or conform to the law or that such disclosure is necessary to protect our employees or the public.
Rights Under the CCPA and CPRA
If you are a California resident, you have the following rights
-
- Right to Know. The right to request, up to 2 times in a 12-month period, that we identify to you (1) the categories of personal information we have collected about you going back to January 1, 2022, unless doing so would be impossible or involve disproportionate effort, or unless you request a specific time period, (2) the categories of sources from which the personal information was collected, (3) the business or commercial purpose for collecting, selling, or sharing this information, (4) the categories of third parties with whom we share or have shared your personal information, (5) the categories of personal information that we have sold or shared about you and the categories of third parties to whom the personal information was sold or shared, by category or categories of personal information for each category of third parties to whom the personal information was sold or shared, and (6) the categories of personal information that we have disclosed about you for a business purpose and the categories of persons to whom it was disclosed for a business purpose;
- Right to Access. The right to request, up to 2 times in a 12-month period, that we disclose to you, free of charge, the specific pieces of personal information we have collected about you going back to January 1, 2022, unless doing so would be impossible or involve disproportionate effort, or unless you request a specific time period;
- Right to Delete. The right to request, up to 2 times in a 12-month period, that we delete personal information that we collected from you, subject to certain exceptions;
- Right to Correct. The right to request that we correct inaccurate personal information (to the extent such an inaccuracy exists) that we maintain about you;
- Right to Opt-Out. The right to opt-out of the selling or sharing of your personal information to third parties;
- Right to Limit. The right to limit the use or disclosure of your sensitive personal information;
- The right to designate an authorized agent to submit one of the above requests on your behalf. See below for how you can designate an authorized agent; and
- The right to not be discriminated or retaliated against for exercising any of the above rights, including an applicant’s and independent contractor’s right not to be retaliated against for exercising the above rights.
You can submit any of the above types of consumer requests through the options below:
-
- Submit an online request on our website at https://www.prmg.net/prmg-ccpa-disclosure
- Call our privacy toll-free line at 888.365.4989.
Exemptions under Gramm-Leach-Bliley and other Privacy and Data Protection Laws
The CCPA does not apply to personal information to the extent that we collect, process, sell, or disclose it subject to the Gramm-Leach-Bliley Act. Therefore, certain rights under the CCPA may be limited to the extent such requests to exercise CCPA rights relate to the collection, processing, selling, or disclosure of personal information in connection with financial activities covered by the Gramm-Leach-Bliley Act. In addition, privacy and data protection laws, other than the CCPA, apply to much of the Personal Data that we collect, use, and disclose. When these laws apply, Personal Data may be exempt from, or outside the scope of, Access Requests and Deletion Requests. For example, information subject to certain federal privacy laws, such as the Gramm-Leach-Bliley Act or the Health Insurance Portability and Accountability, is exempt from CCPA Requests. As a result, in some instances, we may decline all or part of an Access Request or Deletion Request related to Personal Data exempt from CCPA Requests. This means that we may not provide some or all of this Personal Data when you make an Access Request. Also, we may not delete some or all of this Personal Data when you make a Deletion Request.
As examples, our processing of or response to an Access Request or Deletion Request may not include some or all of the following Personal Data:
-
- Consumer Accounts. Personal Data connected with consumer accounts used for personal, family, or household purposes. We have other privacy notices providing certain information on use and sharing of this data.
- Employment. Personal Data about an individual who is a current or former employee (team member) or job applicant, and we use that Personal Data within the context of that individual’s role as a current or former employee (team member) or job applicant.
- Business-to-Business Relationships. Certain Personal Data we collect in the course of providing a product or service to another business, or in the course of receiving a product or service from another business.
The types of Personal Data described above are examples. We have not listed all types of Personal Data that may not be included when we respond to or process Access Requests or Deletion Requests. In addition to the above examples, we may not include Personal Data when we respond to or process Access Requests or Deletion Requests when the CCPA recognizes another exception. For example, we will not delete Personal Data when it is necessary to maintain that Personal Data to comply with a legal obligation.
How We Will Verify That it is Really You Submitting the Request
If you are a California resident, when you submit a Right to Know, Right to Access, Right to Delete, or Right to Correct request through one of the methods provided above, we will ask you to provide some information in order to verify your identity and respond to your request. Specifically, we will ask you to verify information that can be used to link your identity to particular records in our possession, which depends on the nature of your relationship and interaction with us.
Responding to Your Right to Know, Right to Access, Right to Delete, and Right to Correct Requests
Upon receiving a verifiable request from a California resident, we will confirm receipt of the request no later than 10 business days after receiving it. We endeavor to respond to a verifiable request within forty-five (45) calendar days of its receipt. If we require more time (up to an additional 45 calendar days, or 90 calendar days total from the date we receive your request), we will inform you of the reason and extension period in writing. We will deliver our written response by mail or electronically, at your option. The response we provide will also explain the reasons we cannot comply with a request, if applicable.
For a request to correct inaccurate personal information, we will accept, review, and consider any documentation that you provide, and we may require that you provide documentation to rebut our own documentation that the personal information is accurate. You should make a good-faith effort to provide us with all necessarily information at the time that you make the request to correct. We may deny a request to correct if we have a good-faith, reasonable, and documented belief that a request to correct is fraudulent or abusive. If we deny your request to correct, we shall inform you of our decision not to comply and provide an explanation as to why we believe the request is fraudulent.
If You Have an Authorized Agent:
If you are a California resident, you can authorize someone else as an authorized agent who can submit a request on your behalf. To do so, you must either (a) execute a valid, verifiable, and notarized power of attorney or (b) provide other written, signed authorization that we can then verify. When we receive a request submitted on your behalf by an authorized agent who does not have a power of attorney, that person will be asked to provide written proof that they have your permission to act on your behalf, and we will also contact you and ask you for information to verify your own identity directly with us and not through your authorized agent. We may deny a request from an authorized agent if the agent does not provide your signed permission demonstrating that they have been authorized by you to act on your behalf.
Changes to Our Privacy Policy
As our services evolve and we perceive the need or desirability of using information collected in other ways, we may from time to time amend this Privacy Policy. We encourage you to check our website frequently to see the current Privacy Policy in effect and any changes that may have been made to them. If we make material changes to this Privacy Policy, we will post the revised Privacy Policy and the revised effective date on this website.
Consumers With Disabilities
This policy is in a form that is accessible to consumers with disabilities.
Questions About the Policy
This website is owned and operated by Paramount Residential Mortgage Group Inc. If you have any questions about this Privacy Policy, please contact us using the information below:
Email: Privacy@prmg.net
Mail: Paramount Residential Mortgage Group, Inc.
Attn: Privacy Team
1265 Corona Pointe Court, Suite 301
Corona, CA 92879
United States
Phone: 888-365-4989
California Privacy Request: CCPA Privacy Information Request
Opt Out Request: https://www.prmg.net/ca-opt-out/