Effective date: January 1, 2020
The Nourish Group LLC, doing business as LoanStack.io (“Company”, “we” or “us”) provides a platform and tools to enable clients (“Clients” or “Customers”) to handle lead management and response for the real estate industry (“Service” or “Services”).
1. What Information Do You Collect and How Do You Collect It?
At various times, you could be asked to provide information such as your name, title, company, email address, contact phone number or other information. Information collected is often defined as being either anonymous or personally identifiable:
- Anonymous Information refers to information that cannot be tied back to a
- Personally Identifiable Information refers to information that tells us
specifically who you are, such as your name, email address, or phone number. Registering for or using a Service may allow the Company to “recognize” you to allow us to personalize our service for you.
As is true of most applications and web sites, we gather certain information (such as mobile provider, operating system, etc.) automatically and store it in log files. We use this information, which does not identify individual users, to analyze trends, to administer the application, to track users movements around the application or web site and to gather demographic information about our user base as a whole. We may link this automatically-collected data to certain Personally Identifiable Information.
Personally Identifiable Information
If you are a Client, when you register with us via our Website, we will ask you for personally identifiable information, such as your first and last name, company name, title, email address, billing address, credit card information and password information for your email accounts. You may review and update the personally identifiable information in your profile by logging in and editing such information in your dashboard. If you decide to delete all of your information, we may cancel your account.
In addition, in connection with our Service, you may upload your private data or have third parties upload your private data to our Service. Given the confidential nature of the business information and data which may be uploaded in connection with our Service, we will treat this confidential information in the same manner as we treat personally identifiable information. We may retain an archived copy of your records as required by law or for reasonable business purposes in connection with our provision of Services.
We do not honor “Do Not Track” requests through your web browser because the data we collect is necessary to improve security, to generate reporting statistics and to improve the user experience with our Services.
Enchant LLC is the owner of the information collected through the Service, provided however that you remain the owner of all business information and data uploaded to our Service, see “Customer Data” below.
Categories of personal information collected
(a) Information you give us
Account and user profile information. To create or join a LoanStack.io account you or your account owner (e.g. your employer or broker) provide personal details such as your name, email address, phone number, password and similar account details.
Billing information. If you have a paid account with us, we collect billing details such as credit card information, billing address, transaction history.
Communications, such as information you provide when you contact our team, respond to surveys, participate in market research activities, participate in telephone conferences with our representatives, receive customer support, participate in a focus group, contest, activity or event, apply for a job, enroll in a program, interact with our social media accounts or otherwise communicate with us.
Customer Data. Customers and users granted access to a LoanStack.io account by a customer routinely submit customer data to us when using the services. For example, leads imported into LoanStack.io by a Customer or on behalf of a Customer are Customer Data.
Marketing information, such your preferences for receiving marketing communications and details about how you engage with them.
(b) Information from third party sources
We may combine personal information we receive from you with personal information we obtain from other sources, such as our customers, partners, data providers, affiliates, business partners, such as joint marketing partners and event co-sponsors and publicly accessible sources such as Internet and social media platforms.
(c) Data collected automatically
Usage Data. When you visit our Websites or use our Services we collect usage information such as the website you visited before browsing to the site, pages or screens you viewed, how long you spent on a page or screen, navigation paths between pages or screens, information about your activity on a page or screen, access times, duration of access, screen resolution, general location information such as city or town.
Log data. Like most websites and services delivered over the Internet, our servers automatically collect information when you access or use our Website or Services and record it in log files. This includes information such as date and time of access, address of the page visited, your computer or mobile device operating system type and version number, browser type and version, IP address, unique identifiers, information about browser configuration and plugins, language preferences.
Device information. We collect information about devices accessing the Services, including type of device, manufacturer and model, what operating system is used, the version of the app you’re using, device settings, application IDs, unique device identifiers and crash data.
Cookies, which are text files stored on a visitor’s device to uniquely identify the visitor’s browser or to store information or settings in the browser for the purpose of helping you navigate between pages efficiently and remembering your preferences, enabling functionality, helping us understand user activity and patterns, facilitating online advertising and measuring the effectiveness of our ads.
No Information Collected from Children
As per our Terms of Service, we do not allow use of our Services and Websites by anyone younger than 18 years old. Company will never knowingly collect any personal information about children under the age of 18. If Company obtains actual knowledge that it has collected personal information about a child under the age of 18, that information will be immediately removed from any access. Because it does not collect such information, Company has no such information to use or to disclose to third parties. Company has designed this policy in order to comply with the Children’s Online Privacy Protection Act (“COPPA”) and California Consumer Privacy Act (“CCPA”).
2. How Do You Use Personal Information?
General Use. For Clients, we use personal information to provide the Services and contact Clients regarding account activities, new version and product offerings, or other communications relevant to the Services. If you contact us by email or by filling out a registration form, we may keep a record of your contact information and correspondence, and may use your email address, and any information that you provide to us in your message, to respond to you. In addition, we may use the personal information described above to send you information regarding the Service. If you decide at any time that you no longer wish to receive such information or communications from us, you can access your account and remove any personal information, but this may result in the closure of your account. The circumstances under which we may share such information with third parties are described in part (4) below.
Customer Data is used in accordance with Customer’s instructions, including any applicable terms in the Terms of Service and Customer’s use of Services functionality, and as required by applicable law. Customers may, for example, use the Services to grant and remove access to a LoanStack.io account, assign roles and configure settings, access, modify, export, share and remove Customer Data and otherwise apply its policies to the Services. With regards to Customer Data we act as a Service Provider and do not retain, use or disclose the personal information for a commercial purpose other than providing the Services.
We use your personal information for the following purposes or as otherwise described to you at the time of collection:
(a) Service delivery
- Provide, operate, maintain, and improve our Service and Websites
- Communicate with you regarding the Service, including by sending you Service announcements, technical notices, updates, security alerts, and support and administrative messages or other communication
- Process your Service subscription transactions and process your related payments
- Understand your needs and interests, and personalize your experience with the Service and our Websites
- Provide support for the Service and respond to your requests, questions and feedback
(b) Research and development
We may use your personal information for research and development purposes, including to analyze and improve the Service and our business and develop other products and services. As part of these activities, we may create aggregated, de-identified or other anonymous data from personal information we collect. We make personal information into anonymous data by removing information that makes the data personally identifiable to you. We may use this anonymous data and share it with third parties for our lawful business purposes, including to analyze and improve the Service and promote our business.
We and our third party advertising partners may collect and use your personal information for marketing and advertising purposes:
- Direct marketing. If you request information from us, use the Service or participate in our surveys, promotions or events, we may send you related marketing communications as permitted by law but will provide you with the ability to opt out.
- Other marketing activities to pursue our legitimate business interest to offer you products or services that may be of your interest.
(d) Compliance and protection
- Protect our, your or others’ rights, privacy, safety or property (including by making and defending legal claims)
- Audit our internal processes for compliance with legal and contractual requirements and internal policies
- Enforce our Terms of Service
- Protect, investigate and deter against fraudulent, harmful, unauthorized, unethical or illegal activity, including cyberattacks and identity theft
- Comply with applicable laws, lawful requests and legal process, such as to respond to subpoenas or requests from government authorities
(e) Other purposes with your consent
In some cases we will ask for your consent to collect, use or share your personal information for other purposes. For example, we may ask for your consent to post your testimonial or endorsement.
3. How Do You Store My Personal Information?
Storage of Personal Information
Company operates or leases secure data networks protected by industry standard firewall and password protection systems. Our security and privacy policies are periodically reviewed and enhanced as necessary, and only specially authorized individuals have access to the information provided by our Clients. Notwithstanding such measures, Company cannot guarantee that its security measures will prevent its computers from being illegally accessed and the individual information on them stolen or altered.
Third Party Hosting, Serving and Storage
COMPANY MAY CONTRACT WITH A VARIETY OF THIRD PARTY SUPPLIERS/PROVIDERS/VENDORS FROM TIME TO TIME, TO PROVIDE FOR COMPANY’S HOSTING, SERVING, STORAGE AND TELECOMMUNICATION NEEDS, ETC., INCLUDING WITHOUT LIMITATION STORAGE OF OUR USERS’ PERSONALLY IDENTIFIABLE INFORMATION. COMPANY SHALL NOT BE RESPONSIBLE OR LIABLE, AND HEREBY DISCLAIMS ALL RESPONSIBILITY AND LIABILITY, FOR CULPABLE (INCLUDING WITHOUT LIMITATION NEGLIGENT) ACTS OR OMISSIONS BY ITS THIRD PARTY SUPPLIERS/VENDORS.
4. Do You Share And Disclose Any Personal Information?
We may use third parties to help operate our applications and Services and to deliver products and services, and may share your Personally Identifiable Information with our affiliates, service providers, vendors, suppliers, and other third parties that provide products or services for or through this Service (such as Web Site or database hosting companies, authentication providers, address list hosting companies, email service providers, analytics companies, distribution companies and other similar service providers that use such information on our behalf). Unless otherwise stated, these companies do not have any right to use the Personally Identifiable Information we provide to them beyond what is necessary for them to assist us.
We may disclose aggregate statistics regarding user behavior as a measure of interest in, and use of, our Service, our applications and send emails to third parties in the form of aggregate data, such as overall patterns or demographic reports that do not describe or identify any individual user.
Complying with Legal Process
Company reserves the right to use or disclose your Personally Identifiable Information in response to subpoenas, court orders, warrants, or legal process, or to otherwise establish or exercise our legal rights or defend against legal claims or in the event you violate or breach an agreement with Company. Company will use and disclose your Personally Identifiable Information if we believe you will harm the property or rights of Company, its owners, or those of Company’s other customers. Finally, we will use or disclose your Personally Identifiable Information if we believe it is necessary to share information in order to investigate, prevent, or take action regarding illegal activities, suspected fraud, situations involving potential threats to the physical safety of any person or property, violations of Company’s other policies, or as otherwise required by law when responding to subpoenas, court orders and other legal processes.
In the event Company goes through a business transition, such as a merger, acquisition by another company, or sale of all or a portion of its assets as well as in the event of a bankruptcy, assignment for benefit of creditors or receivership, your Personally Identifiable Information may be disclosed and will likely be among the assets transferred. You may be notified thereafter via prominent notice on our Company web site for 30 days of any such change in ownership or control of your personal information. Company further reserves the right to disclose, transfer or sell your personal information to companies who are affiliated with Company in Company’s sole discretion.
5. Do You Allow Foreign Use Of The Service?
To the extent that you are accessing our Service in the United States while domiciled outside of the United States, you acknowledge that the Personally Identifiable Information you are providing Company may be collected and stored in the United States and elsewhere and therefore consent to the transfer of information to and storage of the information outside of your domiciled country and in the United States and elsewhere.
6. Additional Limits on Use of Your Google User Data
- The App will only use access to read, write, modify or control Gmail message bodies (including attachments), metadata, headers, and settings to provide a web email client that allows users to compose, send, read, and process emails and will not transfer this Gmail data to others unless doing so is necessary to provide and improve these features, comply with applicable law, or as part of a merger, acquisition, or sale of assets.
- The App will not use this Gmail data for serving advertisements.
- The App will not allow humans to read this data unless we have your affirmative agreement for specific messages, doing so is necessary for security purposes such as investigating abuse, to comply with applicable law, or for the App’s internal operations and even then only when the data have been aggregated and anonymized.
7. Your California Privacy Rights
California Consumer Privacy Act or “CCPA” gives California residents certain rights and control over their personal information:
- Right to request that we disclose what personal information we collect, use, disclose or sell, including specific pieces of your personal information. For more details about the personal information we have collected over the last 12 months, including the categories and sources, please see the What Information Do You Collect and How Do You Collect It section above. We collect this information for the business and commercial purposes described in the How Do You Use Personal Information section above. We share this information with the categories of third parties described in the Do You Share And Disclose Any Personal Information section above.
- Right to request the deletion of your personal information collected or maintained by us
- Right to opt-out of the sale of your personal information. Please note we do not sell your personal information.
- Right to not being discriminated for the exercise of your privacy rights above
To exercise your CCPA rights please contact us at firstname.lastname@example.org. We will verify your request using the information associated with your account, including email address and phone number. For security of your data, government identification may be required. We may also need to confirm your California residency.
You can also designate an authorized agent to make a request under the CCPA on your behalf. If you use an authorized agent to submit a request, we will verify both your and your agent’s identities and ask to provide us additional information demonstrating that the agent is acting on your behalf such as a power of attorney.
We do not sell your personal information
Under the CCPA, a business that sells California residents’ personal information to others: 1) must give notice to California residents before selling their personal information to others; and 2) must provide the right to opt out of the sale of their personal information.
We do not sell personal information and will not sell it without providing a right to opt out, including personal information of anyone under 16 years old. Thus, these notification and opt-out requirements do not apply to us.