Privacy Policy

Last Reviewed: June 2023

PRIVACY POLICY

Welcome to the website (the “Site”) of Stavvy, Inc. (“Stavvy,” “we,” “us,” or “our”). Stavvy provides a digital platform service, (the Service”) that allows banks and lenders to work across their vendor portfolio more efficiently. This Privacy Policy (“Policy”) is created to inform you of what types of personal information we may collect, how we use the collected information, with whom we share that data, and your choices concerning our data practices. This Policy applies to any visitor of the website or user of the Service. Please read this Policy carefully to fully understand how we handle your information. By visiting our website, using Stavvy platform, or providing us with your information online, you are consenting to the collection, use, and sharing practices described below. This Privacy Policy is incorporated into and forms part of our Terms of Service.

1. INFORMATION COLLECTED

Information Provided Directly By You or Other Parties Involved In A Transaction

The following information is collected for the purpose of conducting a transaction through our Site or Service:

      • Personal information including, but not limited to, name, address, contact information,social security number, and various types of financial account information;
      • Audio and video recording of transaction
      • Documents exchanged or stored using our Service, including, but not limited to, files related to lending, banking, title, appraisal, credit and creditor details and information, or settlement services and/or products;
      • Images of government-issued identification 
      • Public and private information about properties or assets involved with transactions being facilitated by the Service; and
      • Professional or employment-related information of employees’ of our business customers.

We process such information pursuant to our agreements with our business customers. We have no direct relationship with the individuals whose  information we process on behalf of our business customers.


Information Received From Third Parties

We receive various types of information from third-parties such as business partners, marketers, researchers, and analysts, on some occasions, such as when we jointly offer services or sponsor events and when we integrate with third-parties to improve our service offerings. This information may include demographic and statistical information, from third parties, and other parties, that we may combine with information collected directly from our customers, partners, or users which may be attributed to you based on your assignment to certain statistical groups.

We also collect data from third party providers and online databases in connection with our research activities and product improvement initiatives that may relate to various components of financial lending services. This data can include information such as property addresses, current and former owners, title history, credit and creditor details and information, appraisal history, and any other relevant metadata about property and associated transactions.


Information Collected Automatically

We may automatically collect certain information based on your use and interaction with the Site or Platform. The following information is created and automatically logged in our systems:

      • Log data: Information that your browser automatically sends whenever you visit the Site (“log data”). Log data includes your Internet Protocol address, browser type and settings, the date and time of your request, and how you interacted with the Site.
      • Cookies and tracking pixels: Information sent to your browser by our website when you visit it. Cookies enable us to: recognize your computer, store your preferences and settings, understand your use of the Site, enhance your experience by providing content specific to your interests,and perform analytics. Most browsers automatically accept cookies, but you have a choice to disable them. By doing so, some features or services may not work as intended. Please note, our Site does not respond to “do not track” requests. For more details on cookies, please visit All About Cookies. 
      • Device information: Includes the name of the device, operating system, and browser you are using. Information collected may depend on the type of device you use and its settings.
      • Usage Information: We collect information about how you use our Site or Platform, such as the types of content that you view or engage with, the features you use, the actions you take, and the time, frequency, and duration of your activities.

2. HOW WE USE COLLECTED INFORMATION

We use collected information to:

      • Provide the requested Service and help lending and/or banking institutions and their borrowers, buyers, and partners experience a smoother and safer transaction;
      • Respond to your inquiries, comments, feedback, or questions;
      • Send administrative information to you, for example, information regarding the Service, changes to our terms,conditions, and policies;
      • Analyze how you interact with our Service or Site;
      • Maintain and improve the content and functionality of the Service or Site;
      • Conduct research initiatives;
      • Develop new products and services;
      • Prevent fraud, criminal activity, or misuses of our Service, and to ensure the security of our IT systems, architecture, and networks; and
      • Comply with legal obligations and legal process and to protect our rights, privacy, safety, or property, and/or that of our affiliates, you, or other third parties.

Aggregated Information

We may aggregate the information that was collected in order to analyze the effectiveness of our Service, to improve and add features to our Service, and for other similar purposes. In addition, from time to time, we may analyze the general behavior and characteristics of users of our Services and share aggregated information like general user statistics with prospective business partners . We may collect aggregated information through the Service, through cookies, and through other means described in this Privacy Policy.

Marketing

We may occasionally send promotional or informational emails to you. You may opt out of receiving emails by following the instructions contained in each email we send you.


3. SHARING AND DISCLOSURE OF PERSONAL DATA

    • Vendors and Service Providers: To assist us in meeting business operations needs and to perform certain services and functions, we may share information that was collected with vendors and service providers, including providers of hosting services, cloud services, other information technology services providers that assist in making the transaction easier or faster, event management services, email communication software and email newsletter services, advertising and marketing services, payment processors, customer relationship management and customer support services, and web analytics services. Pursuant to our instructions, these parties will access, process, or store Personal Data in the course of performing their duties to us.

    • All Parties Involved in the Transaction: All documents uploaded during the transaction along with video and audio recording are shared with all signers, witnesses, notaries, our customers, their agents and successors and assigns, to effect the transaction.

    • Business Transfers: If we are involved in a merger, acquisition, financing due diligence, reorganization, bankruptcy, receivership, sale of all or a portion of our assets, or transition of service to another provider , your Personal Data and other information may be shared in the diligence process with counterparties and others assisting with the Transaction and transferred to a successor or affiliate as part of that Transaction along with other assets.

    • Promoting Research: Information related to the research we conduct may be shared with various organizations, including academic institutions or publications, but only when this information is already freely publicly available and/or non-identifiable. We may also publish this research online on our Site or through our Social Media Pages.

4. UPDATE YOUR INFORMATION

Please log in to your account or contact us if you need to change or correct your Personal Data.

5. CHILDREN

Our Service is not directed to children. Stavvy does not knowingly collect Personal Data from individuals under the age of 18. If you have reason to believe that a child under the age of 18 has provided Personal Data to Stavvy through the Service please contact us and we will endeavor to delete that information from our databases.

6. LINKS TO OTHER WEBSITES

The Site may contain links to other websites not operated or controlled by Stavvy, including social media services (“Third Party Sites”). The information that you share with Third Party Sites will be governed by the specific privacy policies and terms of service of the Third Party Sites and not by this Privacy Policy. By providing these links we do not imply that we endorse or have reviewed these sites. Please contact the Third Party Sites directly for information on their privacy practices and policies.

7. SECURITY

We implement commercially reasonable technical, administrative, and organizational measures to protect Personal Data both online and offline from loss, misuse, and unauthorized access, disclosure, alteration, or destruction. However, no Internet or e-mail transmission is ever fully secure or error free. In particular, e-mail sent to or from us may not be secure. Therefore, you should take special care in deciding what information you send to us via the Site, Service, or e-mail. Please keep this in mind when disclosing any Personal Data to Stavvy via the Internet. In addition, we are not responsible for circumvention of any privacy settings or security measures contained on the Service, or third party websites.

8. INTERNATIONAL USERS

By using our Service, you understand and acknowledge that your Personal Data will be transferred from your location to our facilities and servers in the United States. Our services and platform are not targeted at citizens of countries other than the United States.

9. YOUR RIGHTS AND CHOICES

In certain circumstances providing Personal Data is optional. However, if you choose not to provide Personal Data that is needed to use some features of our Service, you may be unable to use those features. You can also contact us to ask us to update or correct your Personal Data.

You may have a right to request that we delete any of your personal information collected, subject to exceptions. We may deny your deletion request due to contractual or legal requirements.

10. CHANGES TO THE PRIVACY POLICY

We may update our Privacy Policy from time to time as services or business change. Updated version of the Policy will be posted on this page. You are advised to review this page periodically for any changes.

11. CALIFORNIA RESIDENTS

This section of the Privacy Policy applies solely to all visitors, users, and others who reside in the State of California in compliance with California Consumer Privacy Act of 2018 (CCPA) and any terms defined in the CCPA have the same meaning when used in this Policy.

Information We Collect 

We collect information that identifies, relates to, describes, references, is reasonably capable of being associated with, or could reasonably be linked (directly or indirectly) with a particular consumer, household, or device (“personal information”). Personal information does not include: publicly available information from government records, de-identified or aggregated consumer information, health/medical information covered by the Health Insurance Portability and Accountability Act of 1996, personal information covered by certain sector-specific privacy laws, including the Fair Credit Reporting Act, the Gramm-Leach Bliley Act, or California Financial Information Privacy Act.

In particular, we have collected or been provided the following categories of personal information from consumers within the last twelve (12) months:

Category

Examples

Identifiers

A real name, alias, postal address, unique personal identifier, online identifier, Internet Protocol address, email address, account name, Social Security number, driver's license number, passport number, or other similar identifiers.

Personal Information categories listed in the California Customer Records statute (Cal.Civ.Code 1798.80e)

A name, signature, Social Security number, physical characteristics or description, address, telephone number, passport number, driver's license or state identification card number, insurance policy number, education, employment, employment history, bank account number, credit card number, debit card number, or any other financial information, medical information, or health insurance information.

Protected classification

Age (40 years or older), race, color, ancestry, national origin, citizenship, religion or creed, marital status, medical condition

Commercial information

Records of personal property, products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies

Biometric information

Genetic, physiological, behavioral, and biological characteristics, or activity patterns used to extract a template or other identifier or identifying information, such as, fingerprints, faceprints, and voiceprints, iris or retina scans, keystroke, gait, or other physical patterns, and sleep, health, or exercise data.

Internet or other similar network activity

Browsing history, search history, information on a consumer's interaction with a website, application, or advertisement.

Geolocation data

Physical location or movements.

Sensory data

Audio, electronic, visual, thermal, olfactory, or similar information

Professional or employment-related information

Current or past job history or performance evaluations.

Above information has been collected directly from you (from forms or information you provided to us or another party in the transaction), indirectly (from observing your actions on our website or usage of our product), and operating systems and platforms.

Your Rights and Choices 

The CCPA provides consumers (California residents) with specific rights regarding their personal information. This section describes your CCPA rights and explains how to exercise those rights.

Right to Know- You have the right to request that we disclose certain information to you about our collection and use of your personal information over the past 12 months. Once we receive your request and confirm your identity, we will disclose to you the categories of personal information we collected about you, the categories of sources for the personal information, our business purpose for collecting that personal information, and the categories of third parties with whom we share that personal information.

Right to Delete- You have the right to request that we delete any of your personal information that we collected from you and retained, subject to certain exceptions. Once we receive your request and confirm your identity, we will review your request to see if an exception allowing us to retain the information applies. We may deny your deletion request if retaining information is necessary for us or our service provider(s) to:

1. Complete the transaction for which we collected the personal information, provide a good or service that you requested, take actions reasonably anticipated within the context of our ongoing business relationship with you, fulfill the terms of a written warranty or product recall conducted in accordance with federal law, or otherwise perform our contract with you.

2. Detect security incidents, protect against malicious, deceptive, fraudulent, or illegal activity, or prosecute those responsible for such activities.

3. Debug products to identify and repair errors that impair existing intended functionality.

4. Exercise free speech, ensure the right of another consumer to exercise their free speech rights, or exercise another right provided for by law.

5. Comply with the California Electronic Communications Privacy Act (Cal. Penal Code § 1546 et. seq.).

6. Enable solely internal uses that are reasonably aligned with consumer expectations based on your relationship with us.

7. Comply with a legal obligation.

8. Make other internal and lawful uses of that information that are compatible with the context in which you provided it.

We will delete or deidentify personal information not subject to one of these exceptions from our records and will direct our service providers to take similar action.

To exercise your rights to know or delete described above, please submit a request by either calling us at (508)318-8392 or emailing us at privacy@stavvy.com. Only you, or someone legally authorized to act on your behalf, may make a request to know or delete related to your personal information and we may take reasonable steps to ensure your identity before acting. You may only submit a request to know twice within a 12-month period. Your request to know or delete must provide sufficient information that allows us to reasonably verify you are the person whom we collected personal information. Please describe your request with sufficient details that allows us to properly understand, evaluate, and respond to it. We cannot respond to your request if we cannot verify your identity or authority to make the request and confirm the personal information related to you. You do not need to create an account with us to submit a request to know or delete. We will confirm receipt of your request within 10 business days and will respond to a verifiable consumer request within 45 days of its receipt. If we require more time, we will inform you of the reason and extension period in writing.

Right to Opt Out of Sale- Stavvy does not sell personal information in exchange for monetary compensation. CCPA broadly defines “sale” in that it includes delivery of targeted advertising/websites. We have provided such information for advertising or data analytics purposes in ways that may be considered a “sale”. We disclosed this type of information in order to enhance or maintain our product.

California’s “Shine the Light” Law permits users of our Website that are California residents to request certain information regarding our disclosure of personal information to third parties for their direct marketing purposes which Stavvy has not done.

Non-Discrimination 

We will not discriminate against you for exercising any of your CCPA rights. 

CCPA Right Request Metrics 

From January 1, 2022 to May 15, 2023, we have not received any consumer rights requests from California residents.

12. CONTACT US

If you have any additional questions about our Privacy Policy or our information sharing practice, please feel free to contact us by email at privacy@stavvy.com