Privacy Policy

1. Introduction

Let's Loan Connect ("we," "us," or "our") operates a mortgage marketplace platform that connects homebuyers ("Borrowers") with licensed loan originators ("Lenders"). This Privacy Policy explains how we collect, use, disclose, and protect your personal and financial information in compliance with the Gramm-Leach-Bliley Act (GLBA), the California Consumer Privacy Act (CCPA), and applicable state laws.

2. Information We Collect

Account Information: Name, email address, phone number, and password (hashed). For Google Sign-In users, we receive your name, email, and profile picture from Google.

Financial Information (Borrowers): Annual income, monthly debts, employment history, credit score range (self-reported), loan amount requested, purchase price, down payment, and property location.

Documents: Pay stubs, W-2 forms, bank statements, tax returns, and government-issued identification. All documents are encrypted with AES-256 encryption at rest.

Lender Information: Company name, NMLS ID, lending criteria, and supported loan types.

Technical Data: IP address, browser type, session duration, and pages visited. This is collected for security, fraud prevention, and platform improvement.

3. How We Use Your Information

We use your information to: operate and improve the platform; calculate your Mortgage Readiness Score (MRS); match you with qualified lenders based on your financial profile; facilitate lender offers and communications; comply with GLBA Safeguards Rule requirements; prevent fraud and maintain platform security; and communicate important account and service updates.

4. Information Sharing (GLBA Disclosure)

With Matched Lenders: When you submit your financial profile, matched lenders on our platform can view your anonymized financial summary (income range, credit score range, loan amount, property state, MRS score). Lenders do not receive your name, contact information, or documents until you accept an offer.

No Selling of Data: We do not sell your personal or financial information to third parties for marketing purposes.

Service Providers: We share data with trusted service providers who help us operate the platform (hosting, encryption, analytics) under strict confidentiality agreements.

Legal Requirements: We may disclose information when required by law, subpoena, or government investigation.

5. Data Security

We implement safeguards consistent with the GLBA Safeguards Rule, including: AES-256 encryption for all uploaded documents; encrypted data transmission via TLS/HTTPS; automatic session expiration after 15 minutes of inactivity; bcrypt password hashing with salt rounds; role-based access controls; and a comprehensive audit trail for all data access.

No system is 100% secure. While we implement industry-standard protections, we cannot guarantee absolute security of your data.

6. No Hard Credit Pulls

Let's Loan Connect does not perform hard credit inquiries. Your credit score range is self-reported and used solely for lender matching. Accepting a lender's offer may result in the lender performing their own credit inquiry as part of their standard underwriting process.

7. Your Rights

Access & Correction: You can view and update your personal and financial information at any time through your account settings and application page.

Deletion: You may request deletion of your account and associated data by contacting us at privacy@letsloanconnect.com. We will process your request within 30 days, subject to legal retention requirements.

Opt-Out: You can opt out of marketing communications through your account notification settings. This does not affect transactional notifications (offer received, document status, etc.).

California Residents (CCPA): You have the right to know what personal information we collect, request its deletion, and not be discriminated against for exercising your privacy rights.

8. Data Retention

We retain your account data for as long as your account is active. Financial documents and profile data are retained for 3 years after account closure to comply with regulatory requirements. Audit logs are retained for 7 years. You may request earlier deletion, subject to these legal retention periods.

9. Cookies & Tracking

We use essential cookies for authentication and session management. We do not use third-party advertising cookies. We may use analytics tools to understand platform usage patterns in aggregate.

10. Changes to This Policy

We may update this Privacy Policy from time to time. Material changes will be communicated via email and/or a prominent notice on the platform. Continued use of the platform after changes constitutes acceptance of the updated policy. The version number and effective date at the top of this page will always reflect the current version.

11. Contact Us

If you have questions about this Privacy Policy or your personal data, contact us at:

Email: privacy@letsloanconnect.com
Let's Loan Connect, Attn: Privacy Team