Effective Date: January 1, 2021
What Information We Collect
We collect the following personal information about you:
- your name
- your email address
- your home address and telephone number
Other Identifying Information
- your date of birth
- your social security number
- your driver’s license or passport number
- digital signature
- professional or employment related history (in relation to prospective employment application)
- education information (in relation to prospective employment application)
- credit report, credit score and credit related information
Audio and Visual Information
- voice recordings of telephone conversations with customer service agents
- bank account information for ACH payments
- income information
- commercial information regarding the solar or home improvement agreement in relation to your financial product
Professional or Employment Sources
- information from third-party sites (in relation to prospective employment applications through Linkedin)
Internet or Other Electronic Activity
- information about your visits to and use of this website to help us maintain the appropriate features, functionality and user experience
- IP address, browser type, referral source, length of visit and page views, through the use of log files
- cookies, pixel tags, local shared objects or other similar technologies
- geolocation data
Why We Collect Information
We may use your personal information as follows:
Transactional: We use your contact information and other identifying information, to provide you with the services and products you request, including:
- providing and managing Services you have requested
- making offers of credit on behalf of Mosaic and/or Mosaic’s successors, assignees, affiliates, partners, vendors, representatives, third party lending partners, financial partners, loan brokers, or loan servicing providers
- assessing your eligibility to invest on the Mosaic platform
- creating borrower profiles on our website
- tailoring our services and otherwise enhancing features, functionality and customer experience
Security: We use your contact information and other identifying information, to provide you with the services and products you request, including:
- protecting against fraud and security threats, and otherwise managing risks
- verifying your identity and authenticating your identity
Marketing: We use your contact information, other identifying information, and internet or other electronic activity for:
- communicating with you regarding services that may be of interest
- communicating with other financial companies for joint marketing purposes evaluating and improving our website and other offerings
Legal: We use your contact information, other identifying information, demographic information, and inferences for:
- satisfying legal or regulatory requirements or law enforcement requests; and as permitted by applicable law
- detecting and preventing fraud
Prospective Employment: We use your contact information other identifying information, and inferences for:
- evaluating application for employment with Mosaic
We use aggregated information in the administration of our website to improve its usability and to evaluate the success of particular marketing and advertising campaigns, search engine optimization strategies and other marketing activities, as well as for security purposes. We use non-identifying and aggregated information to help optimize our website based on the needs of our users.
Where We Collect Information
We collect information about you:
- when you register on our website, use our website or apply for a financial product;
- from your transactions with us, including your financial product purchases, repayments, and disbursements;
- from your communications with us; and
- from third parties such as credit bureaus, identity verification services and other public records or websites.
How We Share Your Information
From time to time, we may establish a business relationship with other businesses to provide services to our company (“Service Providers”). For example, we may contract with Service Providers to provide certain services, such as hosting and maintenance, data storage and management, and marketing and promotions. We only provide our Service Providers with the information necessary for them to perform these services on our behalf. Each Service Provider must agree to use reasonable security procedures and practices, appropriate to the nature of the information involved, in order to protect your Personal Information from unauthorized access, use, or disclosure. Service Providers are prohibited from using personal information other than as specified by us.
We cooperate with government and law enforcement officials and private parties to enforce and comply with the law. We may disclose information about you to government or law enforcement officials or private parties if, in our discretion, we believe it is necessary or appropriate in order to respond to legal requests (including court orders and subpoenas), to protect the safety, property, or rights of our company or of any third party, to prevent or stop any illegal, unethical, or legally actionable activity, or to comply with the law.
Secondary Market Transactions
We may share information with businesses in relation to financial transactions on the secondary market including but not limited to whole loan sales and securitizations.
Limiting Our Sharing Of Your Information
Modifying or deleting information about you:
Customers can access information about themselves (such as name, email address, and mailing address) that we collect online and maintain by visiting their borrower portal. All other requests to change or remove information we collect about you can be sent to us at firstname.lastname@example.org. We will respond to your request within a reasonable timeframe. We may not be able to modify or delete information in all circumstances. Due to the regulated nature of our industry, we are under legal requirements to retain certain data and are generally not able to delete consumer transactional data upon request. Certain regulations issued by state and/or federal government agencies may require us to maintain and report demographic information on the collective activities of our customers. We may also be required to maintain information about you for at least seven years to be in compliance with applicable federal and state laws regarding recordkeeping, reporting and audits.
Your Information Choices
You can access and review the personal contact information you submit by accessing the borrower portal provided by your loan servicer who may be Mosaic and/or any of Mosaic’s successors, assignees, affiliates, partners, vendors, representatives, third party lending partners, financial partners, or loan servicing providers. To update your personal profile information on Mosaic’s platform, you can log in to your account using your email address and password specified at the time of registration. Click on the “Settings” section of “My Account” and make changes to your profile as necessary. Please note that if the servicing of your loan is transferred to an entity other than Mosaic, then you will have to update your personal profile with your new loan servicer, not Mosaic. You will be provided with notice of any loan servicing transfer in writing. If you believe that information reported by the credit bureau is inaccurate, please contact the credit bureau to make any changes.
To help operate Mosaic’s website or the websites of our successors, assignees, affiliates, partners, vendors, representatives, third party lending partners, financial partners, or servicing providers, enhance your experience and collect information about online activity, we may place small data files on your computer or other device. These data files may be in the form of cookies, pixel tags, local shared objects or other similar technologies. Cookies and similar technologies enable us to personalize our website and Services for you. These technologies may allow us to store and manage your preferences and settings, measure and analyze how you use our website and the effectiveness of our communications, offer services and help us improve our services and security.
- “Cookies” are small amounts of data a website can send to a visitor’s web browser. They are often stored on the device you are using to help track your areas of interest. Cookies may also enable us or our service providers and other companies we work with to relate your use of our online services over time to customize your experience.
- Clear GIFs, pixel tags or web beacons—which are typically one-pixel, transparent images located on a web page or in an email or other message—or similar technologies may be used on our sites and in some of our digital communications (such as email or other marketing messages). They may also be used when you are served advertisements or you otherwise interact with advertisements outside of our online services. These are principally used to help recognize users, assess traffic patterns and measure site or campaign engagement.
- Local shared objects, sometimes referred to as “flash cookies,” may be stored on your hard drive using a media player or other software installed on your device. Local shared objects are similar to cookies in terms of their operation but may not be managed in your browser in the same way. For more information on managing local shared objects, visit https://helpx.adobe.com/flash-player/kb/disable-local-shared-objects-flash.html.
Most browsers provide you with the ability to block, delete or disable these technologies. If you choose to reject cookies or similar technologies, some Services may not be available or some functionality may be limited or unavailable. Please review your browser’s help pages for assistance with changing your settings.
“Do Not Track” Signals
California law requires that operators of websites disclose how they respond to a “Do Not Track” signal. However, because there is not yet a common understanding of how to interpret Do Not Track signals, we do not currently respond to Do Not Track signals, if any, that we might receive from browsers. If you have any questions about cookies and other technologies, please visit http://www.allaboutcookies.org/ or http://networkadvertising.org/, or contact us as indicated in the How You Can Contact Us section below.
If you use Mosaic’s blog or other social media feature on Mosaic’s site, you should be aware that any personally identifiable information you submit there can be read, collected or used by other users of this forum, and could be used to send you unsolicited messages. We are not responsible for the personally identifiable information you choose to submit in this forum.
Links to or from Other Websites and Services
We are committed to maintaining the security and confidentiality of your personal information. We maintain physical, electronic and procedural safeguards that meet or exceed industry standards for financial institutions.
We protect your sensitive account information by storing it in encrypted form on computers not publicly accessible via the Internet. We control access to this information via secure web pages and limit access to employees and third parties on a need-to-know basis. We do not allow visibility to social security numbers or bank account information via the website.
We employ firewalls and other security technologies to protect our servers from external attack. We enable our servers with Secure Socket Layer (SSL) technology to establish a secure connection between your computer and our servers, creating a private “conversation” that cannot be viewed or accessed by other parties. We test our systems regularly to ensure that our security mechanisms are up to date.
We also employ session time-outs to protect your account. You will be logged out of the site automatically after a specified period of inactivity. This time-out feature reduces the risk of others being able to access your account if you leave your computer unattended.
We do not knowingly solicit from, and the Services are not intended for, children under 13, and children under 13 should not provide personal information online. If a parent or guardian becomes aware that his or her child under the age of 13 has provided us with information without their consent, he or she should contact us. We will delete such information from our files.
NOTICE TO NEVADA RESIDENTS/YOUR NEVADA PRIVACY RIGHTS
NOTICE TO CALIFORNIA RESIDENTS / YOUR CALIFORNIA PRIVACY RIGHTS
Right to Opt Out from Sharing your Personal Information with Third Parties for their Direct Marketing
To opt out of sharing your Personal Information with third parties for their direct marketing purposes, please e-mail us at email@example.com and clearly state your request, including your name, mailing address, e-mail address and phone number.
CALIFORNIA CONSUMER PRIVACY ACT
If you are a California resident, you have certain privacy rights under the California Consumer Privacy Act (“CCPA Rights”). This section describes those rights and how you can exercise them with Mosaic. Certain information that Mosaic collects and uses is not subject to CCPA Rights. Information that you provide to us or that we otherwise collect when you obtain a financial product as well as information we obtain from or provide to credit reporting agencies is excluded from the CCPA Rights and this section does not apply to that information.
Right to Know and Right to Delete
You can request what personal information we have collected, used, disclosed, and sold in the preceding 12 months. Specifically, you may request the following:
- The specific pieces of personal information we have collected about you.
- The categories of personal information we have collected about you.
- The categories of sources from which the personal information was collected.
- The business or commercial purpose for collecting the personal information.
- The categories of third parties with whom we shared personal information.
You can also request that we delete your personal information. We may not delete all of your personal information if an exception applies, such as one of the following:
- Transactional: to complete a transaction for which the personal information was collected, provide a good or service requested by you, or perform a contract we have with you;
- Security: to detect data security incidents;
- Error Correction: to debug or repair any errors;
- Legal: to protect against fraud or illegal activity or to comply with applicable law or a legal obligation, or exercise rights under the law, such as the right to free speech; or
- Internal Use: to use your personal information, internally, in a lawful manner that is compatible with the context in which you provided the information (i.e. to improve our services).
To submit a request to know or a request to delete, please send an email to firstname.lastname@example.org with the details of your request. We will verify your identity through our email confirmation procedures. Alternatively, you may call (855) 746-7849 to submit a request. We will verify your identity through our standard verbal authentication procedures, which includes verification of the following information: account holder’s or applicant’s first and last name, the last four digits of the account holder’s or applicant’s social security number, and the account holder’s or applicant’s date of birth. In order to designate an authorized agent to act on your behalf, written or verbal authorization must be provided through our standard process for accepting third party representation. This process can be initiated by emailing us at email@example.com or by calling (855) 746-7849. If you wish to make multiple requests under this section, we recommend sending the deletion request last, as we will not be able to fulfill your other requests once we have deleted your information..
Sale of Personal Information
Mosaic does not and will not “sell” personal information as defined by CCPA.
We will not discriminate against you for exercising any of your California privacy rights and we will not deny you goods or services, charge you a different price, or provide you with a lesser quality of goods or services if you exercise any of those rights.
Consent and Updates
Except as stated above, all changes will apply to the personal data that is already collected and to the personal data that is collected after the effective date of the revised Policy. If any proposed change is unacceptable to you, you will have the right to terminate your relationship with us. You are advised to consult this Policy regularly for any changes.
How You Can Contact Us
If you have questions or concerns regarding this Policy, please contact:
Solar Mosaic, Inc.
Attention: Customer Service Department
300 Lakeside Dr., 24th Floor
Oakland, CA 94612