Last Updated: January 15, 2025

INTRODUCTION

LenderDock Inc. ("LenderDock," "we," "us," or "our") values the privacy of our users. This Privacy Policy ("Policy") explains how we collect, use, disclose, and protect personal information from visitors to our website at www.lenderdock.com and users of our online facilities and services.

Our Policy has been designed to ensure compliance with applicable privacy laws, including the General Data Protection Regulation (GDPR), California Consumer Privacy Act (CCPA), California Privacy Rights Act (CPRA), and other state and federal privacy regulations.

We reserve the right to modify this Policy at any time. If you have not registered with us, we encourage you to review this page periodically. If you are a registered user, we will notify you via email of any material changes. If we decide to use personally identifiable information in a manner materially different from that stated at the time of collection, we will notify affected users via email and provide the option to consent to such new uses.

By using www.lenderdock.com, you consent to the data collection and usage practices described in this Policy.

SCOPE OF THIS POLICY

This Policy applies to LenderDock Inc. and governs all data collection and usage by us through our website. This Policy does not govern the collection and use of information by third-party companies or websites that we do not control. If you visit a third-party website that we mention or link to, please review its privacy policy before providing any information.

WHAT THIS POLICY COVERS

This Policy will inform you of:

1. What personally identifiable information is collected from you through our website
2. Why we collect personally identifiable information and the legal basis for such collection
3. How we use the collected information and with whom it may be shared
4. Your choices regarding the use of your data and your privacy rights
5. Security procedures in place to protect your information
6. How long we retain your information
7. International data transfers
8. Your rights under various privacy laws

INFORMATION WE COLLECT

Types of Information Collected

Disclosure of personally identifiable information is voluntary. However, if you elect not to provide certain information, we reserve the right not to register you as a user or provide certain products or services.

We collect the following types of information:

Personal Information You Provide:

• Contact information (name, email address, phone number, mailing address)
• Account credentials (username, password)
• Payment information (credit card details, billing address)
• Professional information (company name, job title)
• Communication preferences
• Information you provide in surveys, forms, or correspondence

Information Automatically Collected:

• IP address
• Browser type and version
• Operating system
• Device information
• Pages visited and time spent on pages
• Referring/exit pages
• Clickstream data
• Cookies and similar tracking technologies

Demographic Information (when voluntarily provided):

• Age or age range
• Gender
• Household income range
• Geographic location
• Professional interests

Information from Third Parties:

• Data from business partners and service providers
• Publicly available information
• Information from social media platforms (if you connect your account)

COOKIES AND TRACKING TECHNOLOGIES

What Are Cookies

Cookies are small text files stored on your device that help us provide and improve our services. We use cookies, web beacons, pixels, and similar technologies.

Types of Cookies We Use

Strictly Necessary Cookies:
Required for website operation, including security, network management, and accessibility features. These cannot be disabled.

Performance/Analytics Cookies:
Help us understand how visitors interact with our website by collecting anonymous information. We use services like Google Analytics to analyze website traffic and usage patterns.

Functional Cookies:
Remember your preferences and choices (e.g., language, region, login information) to provide enhanced, personalized features.

Targeting/Advertising Cookies:
Used to deliver relevant advertisements and track advertising campaign effectiveness. These may be set by our advertising partners.

Managing Cookies

You can control and manage cookies through your browser settings. You can choose to:

• Block all cookies
• Accept only certain cookies
• Delete cookies after each session
• Receive notifications when cookies are set

Please note that disabling certain cookies may limit website functionality. Most browsers accept cookies automatically, but you can modify your browser settings to decline cookies.

For more information about cookies and how to manage them, visit www.allaboutcookies.org or www.youronlinechoices.eu (for EU users).

Third-Party Analytics

We use third-party analytics services, including:

• Google Analytics: To analyze website traffic and user behavior. For information on Google Analytics' privacy practices, visit https://policies.google.com/privacy
• Other analytics providers as necessary for business operations

You can opt-out of Google Analytics by installing the Google Analytics Opt-out Browser Add-on.

Do Not Track Signals

Our website does not currently respond to "Do Not Track" (DNT) signals from browsers. We will update this Policy if we implement DNT recognition in the future.

WHY WE COLLECT INFORMATION (LEGAL BASIS AND PURPOSE)

Purposes of Collection

We collect and process your personal information for the following purposes:

Service Delivery:

• To provide, maintain, and improve our services
• To process transactions and fulfill orders
• To create and manage your account
• To respond to your inquiries and provide customer support

Legitimate Business Interests:

• To improve our website, products, and services
• To conduct research, analytics, and product development
• To detect, prevent, and address fraud, security issues, and technical problems
• To protect the rights, property, and safety of LenderDock, our users, and the public

With Your Consent:

• To send promotional emails and marketing communications
• To contact you for surveys and market research
• To customize website content based on your preferences and behavior
• To display targeted advertisements

Legal Compliance:

• To comply with applicable laws, regulations, and legal processes
• To respond to lawful requests from government authorities
• To enforce our Terms of Service and other agreements
• To maintain records as required by law

Legal Basis for Processing (for GDPR Compliance)

For users in the European Economic Area (EEA), United Kingdom, and Switzerland, we process personal information based on:

• Contract Performance: Processing necessary to fulfill our contract with you
• Consent: You have given clear consent for specific purposes
• Legitimate Interests: Processing necessary for our legitimate business interests, provided these do not override your rights
• Legal Obligation: Processing necessary to comply with legal requirements

HOW WE USE COLLECTED INFORMATION

LenderDock uses collected information to:

• Operate and maintain our website and services
• Process and complete transactions
• Send service-related communications (account notifications, updates, security alerts)
• Provide customer support and respond to inquiries
• Send newsletters and promotional materials (with your consent)
• Personalize user experience and deliver customized content
• Conduct surveys and gather feedback
• Analyze website usage and improve our offerings
• Detect and prevent fraud, abuse, and security incidents
• Comply with legal obligations
• Enforce our Terms of Service
• Protect the rights and safety of LenderDock and our users

INFORMATION SHARING AND DISCLOSURE

We Do Not Sell Your Information

LenderDock does not and will not sell, rent, or lease customer lists, names, or personal information to third parties for their marketing purposes.

When We Share Information

We may share your personal information in the following circumstances:

Service Providers:
We share information with third-party service providers who perform services on our behalf, including:

• Payment processors (for secure transaction processing)
• Cloud hosting providers (for data storage)
• Email service providers (for communications)
• Customer relationship management (CRM) systems
• Analytics providers (e.g., Google Analytics)
• Marketing and advertising platforms
• IT support and security services

These service providers are contractually obligated to protect your information and may only use it for specified purposes.

Business Transfers:
In the event of a merger, acquisition, reorganization, bankruptcy, or sale of assets, your information may be transferred as part of that transaction. We will notify you via email and/or prominent notice on our website of any change in ownership or use of your personal information.

Legal Requirements:
We may disclose information when required by law or in response to:

• Court orders, subpoenas, or search warrants
• Legal processes and government requests
• Requests from law enforcement or regulatory authorities
• Protection of our legal rights and property
• Investigation of fraud, security issues, or illegal activity
• Protection of the safety and rights of our users and the public

With Your Consent:
We may share information with third parties when you have provided explicit consent.

Aggregated or De-identified Information:
We may share aggregated or de-identified information that cannot reasonably be used to identify you.

Professional Advisors:
We may share information with lawyers, accountants, auditors, and other professional advisors who have agreed to keep information confidential.

Enforcement of Terms:
We may share information as necessary to enforce our Terms of Service and other agreements.

DATA RETENTION

How Long We Keep Your Information

We retain personal information only as long as necessary for the purposes stated in this Policy or as required by law. Retention periods are determined based on:

• The nature and sensitivity of the information
• The purposes for which we process the information
• Legal, regulatory, tax, accounting, or reporting requirements
• The existence of your consent
• Our legitimate business interests

Specific Retention Periods:

• Account Information: Duration of your account plus 7 years after closure for legal and financial compliance
• Transaction Records: 7 years from the date of transaction for financial, tax, and legal requirements
• Marketing Communications: Until you unsubscribe or request deletion
• Website Analytics Data: Up to 26 months
• Customer Support Records: 5 years after last interaction
• Cookies: As specified in our Cookie Policy (typically 30 days to 2 years)
• Security Logs: Up to 2 years for security and fraud prevention

After retention periods expire, we will securely delete or anonymize your personal information. You may request deletion of your information at any time, subject to our legal obligations.

DATA SECURITY

How We Protect Your Information

LenderDock takes the security of your personal information seriously. We implement appropriate technical and organizational measures to protect against unauthorized access, alteration, disclosure, or destruction of information.

Security Measures Include:

Encryption:

• Sensitive information (including credit card data) is encrypted using Secure Socket Layer (SSL) technology during transmission
• Data is encrypted both in transit and at rest
• Look for "https://" and the lock icon in your browser's address bar when submitting sensitive information

Access Controls:

• Only employees and contractors who need access to personal information to perform their job functions are granted access
• Access is limited based on role and necessity
• All personnel sign confidentiality agreements

Physical Security:

• Servers and computers storing personal information are kept in secure, access-controlled environments
• Physical access is restricted and monitored

Regular Security Assessments:

• We conduct regular security audits and vulnerability assessments
• We monitor systems for suspicious activity
• We maintain incident response procedures

Vendor Management:

• Third-party service providers must maintain appropriate security measures
• We conduct due diligence on vendors handling personal information

Employee Training:

• Staff receive regular training on data protection and security best practices

Important Note:
While we implement strong security measures, no method of transmission over the internet or electronic storage is 100% secure. We cannot guarantee absolute security but are committed to protecting your information to the best of our ability.

If you believe your account has been compromised, please contact us immediately at security@lenderdock.com.

DATA BREACH NOTIFICATION

In the event of a data breach that affects your personal information, we will:

• Notify you without undue delay, typically within 72 hours of becoming aware of the breach
• Notify relevant supervisory authorities as required by applicable law
• Provide information about the nature of the breach, the data affected, and steps we are taking to address it
• Offer guidance on steps you can take to protect yourself

Notifications will be made via email to the address on file and/or through prominent notice on our website.

YOUR PRIVACY RIGHTS

General Rights

Access and Correction:
You may request access to your personal information and request corrections to inaccurate data.

Opt-Out of Marketing:
You may unsubscribe from marketing emails by clicking the "unsubscribe" link in any promotional email or by emailing remove@lenderdock.com.

Account Deletion:
You may request deletion of your account by contacting us at privacy@lenderdock.com.

CALIFORNIA PRIVACY RIGHTS (CCPA/CPRA)

If you are a California resident, you have specific rights under the California Consumer Privacy Act (CCPA) as amended by the California Privacy Rights Act (CPRA).

Categories of Personal Information We Collect

We collect the following categories of personal information:

• Identifiers (name, email, IP address, account name)
• Commercial information (transaction history, purchase records)
• Internet activity (browsing history, interactions with our website)
• Geolocation data
• Professional or employment information
• Inferences drawn from the above to create a profile

Your California Rights

Right to Know:
You have the right to request:

• Categories of personal information we have collected about you
• Categories of sources from which we collected personal information
• Business or commercial purpose for collecting or selling personal information
• Categories of third parties with whom we share personal information
• Specific pieces of personal information we have collected about you

Right to Delete:
You may request deletion of personal information we have collected from you, subject to certain exceptions.

Right to Correct:
You may request correction of inaccurate personal information.

Right to Opt-Out of Sale/Sharing:
We do not sell your personal information. If our practices change, we will update this Policy and provide an opt-out mechanism.

Right to Limit Use of Sensitive Personal Information:
If we use or disclose sensitive personal information beyond what is necessary to provide services, you have the right to limit such use.

Right to Non-Discrimination:
We will not discriminate against you for exercising any of your CCPA/CPRA rights, including by:

• Denying goods or services
• Charging different prices or rates
• Providing a different level or quality of services

Authorized Agents:
You may designate an authorized agent to make requests on your behalf. The agent must provide written authorization, and we may require you to verify your identity directly with us.

How to Exercise Your California Rights

To exercise your rights under CCPA/CPRA:

• Email: privacy@lenderdock.com
• Phone: (866) 960-8588
• Mail: LenderDock Inc., Attention: Privacy Officer, PO Box 985, Washington, Utah 84780

We will respond to verifiable consumer requests within 45 days. If we need more time (up to 90 days total), we will inform you of the reason and extension period.

Verification Process:
To protect your privacy, we must verify your identity before responding to requests. We may request additional information to verify your identity, which we will only use for verification purposes.

California "Shine the Light" Law

California Civil Code Section 1798.83 permits California residents to request information about disclosure of personal information to third parties for direct marketing purposes. We do not disclose personal information to third parties for their direct marketing purposes.

OTHER STATE PRIVACY RIGHTS

Residents of Virginia, Colorado, Connecticut, Utah, Montana, and other states with comprehensive privacy laws may have additional rights similar to those described above, including:

• Right to access personal information
• Right to correct inaccuracies
• Right to delete personal information
• Right to opt-out of targeted advertising
• Right to opt-out of the sale of personal information
• Right to opt-out of profiling in furtherance of decisions that produce legal or similarly significant effects

To exercise these rights, please contact us at privacy@lenderdock.com. We will respond in accordance with applicable state law.

CHILDREN'S PRIVACY

Age Restrictions

Our website and services are not directed to children. We do not knowingly collect personal information from:

• Children under the age of 13 in the United States
• Children under the age of 16 in the European Economic Area

Parental Consent:
Anyone under the required age must obtain parent or guardian permission before using our website or providing any personal information.

If We Learn of Children's Data:
If we become aware that we have inadvertently collected personal information from a child under the applicable age without proper parental consent, we will:

• Take immediate steps to delete such information from our systems
• Deactivate the associated account
• Notify the parent or guardian if contact information is available

Parents and Guardians:
If you are a parent or guardian and believe we have collected information from your child without consent, please contact us immediately at privacy@lenderdock.com. We will investigate and delete the information within 30 days.

AUTOMATED DECISION-MAKING AND PROFILING

We may use automated systems to analyze your information to:

• Improve service delivery and user experience
• Detect fraud and security threats
• Personalize content and recommendations

We do not make decisions based solely on automated processing that produce legal or similarly significant effects concerning you. If our practices change, we will update this Policy and provide appropriate information about the logic involved and the significance of such processing.

If you are subject to automated decision-making, you have the right to:

• Obtain human intervention
• Express your point of view
• Contest the decision

NON-MARKETING COMMUNICATIONS

LenderDock reserves the right to contact you for non-marketing purposes, including:

• Bug alerts and security breaches
• Account issues and notifications
• Changes to LenderDock products and services
• Updates to this Privacy Policy or Terms of Service
• Responses to your inquiries
• Legal notices

These communications are necessary for service delivery and account management. You cannot opt-out of non-marketing communications related to your account or legal notices.

In certain circumstances, we may use our website, email, or other public means to post important notices.

UNSUBSCRIBE AND OPT-OUT OPTIONS

Marketing Communications

You may opt-out of receiving promotional emails and newsletters from us at any time by:

Email Unsubscribe:
Send an email to remove@lenderdock.com with "Unsubscribe" in the subject line.

Click Unsubscribe Link:
Click the "unsubscribe" link at the bottom of any promotional email.

Account Settings:
Log into your account and update your communication preferences.

We will process your opt-out request within 10 business days. Please note that even after opting out of marketing communications, we may still send you non-promotional messages related to your account and services.

Third-Party Communications

To unsubscribe from communications from third-party websites or services, you must contact those third parties directly. LenderDock is not responsible for third-party privacy practices.

Cookies

You may opt-out of certain cookies as described in the "Cookies and Tracking Technologies" section above.

LINKS TO THIRD-PARTY WEBSITES

Our website may contain links to affiliate websites, partner sites, and other third-party websites. LenderDock does not claim responsibility for, nor do we accept liability for, the privacy policies, practices, or procedures of other websites.

We encourage all users to:

• Read the privacy policies of any website that collects personally identifiable information
• Be aware when leaving our website
• Exercise caution when providing personal information to third parties

This Privacy Policy applies only to information collected by www.lenderdock.com.

CHANGES TO THIS PRIVACY POLICY

We reserve the right to modify this Privacy Policy at any time to reflect changes in our practices, services, legal requirements, or for other operational, legal, or regulatory reasons.

How We Notify You:

• Registered Users: We will send email notification of material changes to the email address on file
• Non-Registered Visitors: We will post the updated Policy on this page with a new "Last Updated" date
• Significant Changes: For material changes, we may provide additional prominent notice (such as a banner on our website)

Your Continued Use:
Your continued use of our website and services after any changes to this Policy constitutes your acceptance of the updated terms. If you do not agree with the changes, please discontinue use of our services.

We encourage you to review this Policy periodically to stay informed about how we protect your information.

ACCEPTANCE OF TERMS

By using this website and our services, you acknowledge that you have read, understood, and agree to be bound by this Privacy Policy and our Terms of Service.

If you do not agree with this Policy, you must refrain from using our website and services.

HOW TO CONTACT US

If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

Privacy-Related Inquiries:
Email: privacy@lenderdock.com

General Support:
Email: support@lenderdock.com

Security Concerns:
Email: security@lenderdock.com

Telephone:
(866) 960-8588
Monday - Friday, 9:00 AM - 5:00 PM MST

Mailing Address:
LenderDock Inc.
Attention: Privacy Officer
PO Box 985
Washington, Utah 84780

Response Time:
We will respond to your inquiry within 30 days for GDPR requests and 45 days for CCPA/CPRA requests.

© 2025 LenderDock Inc. All rights reserved.

ONLINE PRIVACY POLICY