Effective Date: April 8, 2025

Introduction and Scope

IntegriTech LLC (“IntegriTech“, “we“, or “us“) is a Florida-based company that provides a customer relationship management (CRM) platform for loan applications. Our services are intended for use by individuals and partner institutions within the United States only. This Privacy Policy describes how we collect, use, share, and protect personal information of users of our platform. It applies to all users of IntegriTech’s services in the U.S., including individual loan applicants (using our services for free) and business partners such as banks and financial institutions (our paying customers).

We are committed to protecting your privacy and adhering to all applicable U.S. privacy laws and regulations. This includes compliance with state-specific privacy requirements (such as California and Florida laws) as applicable. You will find information about specific rights granted by these laws in relevant sections of this Policy.

We do not offer our services to individuals outside the United States, and we do not knowingly collect personal information from anyone outside the U.S. or from children under 13 years of age.

By using the IntegriTech platform, you acknowledge that you have read and understood this Privacy Policy. If you do not agree with our practices, please do not use our services.

Information We Collect

We collect several types of information from and about you to provide and improve our services. This includes:

• Personal Identifiers: such as your full name, email address, phone number, mailing address, and other contact details.

• Government Identification: national identification numbers or other government-issued ID information (for example, Social Security Number or similar identifiers). This is typically collected from loan applicants for identity verification and compliance purposes.

• Financial Information (Applicants Only): if you are applying for a loan through our platform, we collect financial details such as bank account numbers and routing numbers (e.g., for loan disbursement or payments).

• Loan Application Data: information related to your loan application, which may include your employment and income details, credit history information (if provided), requested loan amount, and any supporting documents you upload. Supporting documents might include pay stubs, tax documents, identification documents, or other materials needed to process your loan application.
• Device and Usage Information: technical information we collect when you interact with our platform. This can include your IP address, browser type, device type, operating system, unique device identifiers, and browsing actions on our site (such as pages visited, dates and times of access, and referring URLs). We also collect information through cookies and similar technologies (see Cookies and Tracking below).

We collect most of this information directly from you when you fill out forms or communicate with us. We may also generate certain data automatically (like device and usage information), and in some cases, we might receive additional data from third parties (for example, an identity verification service or credit bureau, as authorized by you and applicable law, to assist with your loan application).

How We Use Your Information

We use the personal information we collect for various legitimate business purposes, including:

• Account Creation and Management: To create your account, authenticate your identity when you log in, and manage the user For example, we use your contact information to register you as a user (whether as an applicant or a partner bank user) and to maintain your profile.

• Loan Processing and Review: To process loan applications and facilitate the review process by our partner banks. This includes using your information to verify your identity and eligibility, evaluate your application, underwrite loans, and communicate your information to the bank or financial institution that will review or fund your loan. We also use your data to generate application summaries or reports for review by lenders.

• Communications and Notifications: To communicate with you about your account or transactions. For instance, we may send you status updates on your loan application, important notices about your account activity, or responses to your support We also send notifications to partner banks and other involved parties as needed to coordinate the loan process.

• Analytics and Platform Improvement: To analyze usage of our platform and improve performance. We monitor and analyze user interactions (such as page load times, feature usage, and error logs) to troubleshoot issues, optimize our services, and develop new This helps us ensure our CRM system is running smoothly and effectively for all users.

• Security and Fraud Prevention: To protect our platform and We use personal and device information to detect and prevent fraudulent activity, unauthorized access, hacking attempts, or other misuse. For example, IP addresses and other device data help us identify suspicious login attempts or multiple accounts that might indicate fraud.

• Legal and Regulatory Compliance: To comply with applicable laws, regulations, and legal obligations. As a platform facilitating financial services, we may use your information for purposes required under law—such as know-your-customer (KYC) identity verification, anti-fraud and anti-money laundering checks, responding to lawful requests by authorities, and maintaining records as required by financial regulations.

We will not use your personal information for purposes that are not compatible with those listed above without obtaining your consent. If we ever need to use your data for a new purpose, we will update this Privacy Policy and/or seek your permission as required by law.

Cookies and Tracking Technologies

We use cookies and similar tracking technologies to enhance your experience on our platform, perform essential functions, and gather analytics information. Cookies are small text files placed on your device when you visit our site. Here is how we use them:

• Essential Cookies (Session Maintenance): These cookies are necessary for the website to function properly. For example, when you log into your account, we use cookies to keep you logged in as you navigate between pages. They also help remember your preferences and ensure the website displays correctly.

• Performance Cookies: We use cookies to monitor site performance and These cookies help us understand how our platform is functioning by collecting information about system performance and any errors users might encounter. This data allows us to identify and fix technical issues and provide a smooth user experience.

• Analytics Cookies: We utilize analytics tools that use cookies or similar identifiers to collect anonymized or aggregated information about how users interact with our This includes metrics like which pages are most frequently visited, how long users stay on each page, and overall usage patterns. The information collected via analytics cookies does not directly identify you – it is used in aggregate form to improve our services and understand user needs.

• Your Choices (Cookie Controls): You have the ability to control or delete cookies through your web browser settings. Most browsers allow you to refuse new cookies, disable existing cookies, or alert you when new cookies are being sent. However, please note that if you block or delete essential cookies, some features of our platform (such as staying logged in or retaining your preferences) may not work properly. We do not currently respond to “Do Not Track” signals, but you can limit tracking by adjusting your browser settings to restrict cookies.

By continuing to use our website, you consent to the placement of cookies on your device as described in this section. For more detailed information on our use of cookies or how to manage them, you can contact us using the information provided in the Contact Us section below.

How We Share Your Information

We understand the importance of keeping your personal information private. We do not sell your personal data to third parties for their own marketing or commercial purposes. We only share your information in the following circumstances:

• With Partner Banks and Financial Institutions: If you are a loan applicant, we share your application information (including personal identifiers, loan details, and relevant documents) with the bank or lending partner that will review and potentially fund your loan. This sharing is necessary to provide our service – the bank uses this information to evaluate and process your loan request. Partner banks are required to keep your information confidential and use it only for evaluating your application and related regulatory purposes. Once your data is transferred to a partner bank, that bank will handle your information according to their own privacy policies and applicable financial privacy laws.
• With Service Providers (Processors): We employ trusted third-party companies to perform certain functions on our behalf and support our services. This includes services such as cloud hosting and data storage, identity verification providers, email/SMS delivery services (for sending verification codes or notifications), analytics providers, and customer support These third parties only receive the information

necessary for them to perform their specific services, and they are contractually obligated to protect your data, keep it confidential, and only use it as instructed by IntegriTech.

• Legal Requirements and Protection: We may disclose your information if required to do so by law or legal process. For example, we might need to share personal data in response to a subpoena, court order, or government We may also share information when we believe it is necessary to investigate or enforce our Terms and Conditions or other agreements, to detect or prevent fraud or security issues, or to protect the rights, property, or safety of IntegriTech, our users, or the public. Any such disclosure will be done in compliance with applicable laws.

• Business Transfers: If IntegriTech is involved in a merger, acquisition, sale of assets, or other business transaction, your personal information may be transferred to the successor or new owner as part of that In such cases, we will ensure that the new owner is bound to protect your personal data in a manner consistent with this Privacy Policy. We will notify you (for example, via email or a prominent notice on our website) if a business transfer occurs and results in any material changes to how your data is handled.

• With Your Consent or Direction: We may share your personal information with third parties when you explicitly request or consent to such For instance, if you ask us to share your information with a

co-applicant, a financial advisor, or another third party, we will do so with your authorization. Additionally, we might offer features that allow you to publish or share content (such as testimonials or reviews) – we will only publish personal information in that context with your consent.

• Anonymized or Aggregated Data: We may share information that has been anonymized or aggregated (so it can no longer be associated with you personally) with partners, researchers, or the public for purposes such as industry analysis, research, or improving our services. For example, we might publish reports or statistics about how many loan applications were processed through our platform in a year, but these reports would not contain any personal details.

Aside from the situations listed above, we do not disclose your personal information to third parties. In particular, we do not sell, rent, or give out your personal data to outside companies for their own marketing or advertising purposes.

Data Retention and Deletion

We retain your personal information only for as long as necessary to fulfill the purposes described in this Privacy Policy or as required by law. How long we keep specific data depends on the type of information and the purposes for which we collected it:

• Active Account Duration: For as long as you maintain an active account with us, we will keep the information you have provided so that we can continue to offer our services to For example, we retain your account details and loan history so you can log in and view your records, and so that we can process any ongoing or future loan applications.

• Business and Legal Needs: Even after you close your account or finish using our services, we may retain certain data for a period of time. We do this to comply with various legal, accounting, and regulatory obligations. For example, financial regulations and lending laws might require us (or the partner bank using our platform) to keep records of loan applications and transactions for a certain minimum period (such as a few years) for auditing or reporting purposes. We also retain information as necessary to resolve disputes, enforce our agreements, or protect our legal The duration of retention in such cases will depend on the specific legal requirement or statute of limitations in effect. Generally, personal information related to financial transactions may be retained for several years to meet regulatory standards.

• Deletion Requests: If you request deletion of your personal data, we will take reasonable steps to honor your request. You may do this by contacting us (see Contact Us below) with your deletion request. Upon receiving a verified request, we will delete or anonymize your information from our active systems, unless retaining it is permitted or required for legal reasons. Please note that we cannot delete information that we are legally required to keep. For instance, even if you request deletion, we might need to retain certain data to satisfy anti-fraud, compliance, or tax We will inform you if we are unable to delete certain data due to such requirements.

• Backup and Archival Copies: Even when we delete or anonymize data from our active databases, it might remain in backup archives for a period of time until those backups are overwritten or deleted in the normal course of our data management process. We maintain backups to ensure the integrity of our system and to protect against accidental loss. We secure any such archived data and will continue to protect it in accordance with this Privacy Policy until it is safely erased.

After the applicable retention period has ended and it is no longer necessary for us to keep your data, we will securely dispose of it or anonymize it so that it can no longer be associated with you.

Data Security

Protecting your personal information is a top priority for IntegriTech. We employ a variety of security measures to safeguard data against unauthorized access, alteration, disclosure, or destruction:

• Encryption: We use strong encryption to protect personal data during transmission and at rest. This means that when you provide information on our site, the data is encrypted (using protocols like HTTPS/TLS) as it travels over the We also encrypt sensitive information stored in our databases or servers, so that it is unreadable to unauthorized parties even if our data storage were compromised.

• Access Controls: We implement strict access controls to limit who within our organization can access personal Employee and contractor access to user data is based on role and business need (the principle of least privilege). Only authorized personnel who need to handle your data (for example, support staff or system administrators) are granted access, and they are bound by confidentiality obligations.

• Authentication and Account Security: We provide options for securing account access, including strong password requirements and support for two-factor or multi-factor authentication (2FA/MFA) for users, especially for administrative or highly sensitive accounts. These measures help prevent unauthorized access to your We also monitor account login attempts and will alert you of any suspicious activity related to your account.

• Network Security: Our servers are protected by firewalls and intrusion detection systems (IDS) that monitor and guard our network against potential intrusions or We regularly update our systems with security patches and employ anti-malware tools to protect against viruses or other harmful code. Our platform is also continuously monitored for unusual activity.

• Secure Software Practices: We follow industry best practices in secure software development to minimize vulnerabilities in our Our platform undergoes regular security assessments, such as vulnerability scans and penetration testing, to identify and address potential risks. We also maintain up-to-date systems and promptly address any security issues that may arise.

• Data Handling and Monitoring: Sensitive documents and files you upload (such as identification scans or financial documents) are stored securely and with restricted access. We keep detailed audit logs of when sensitive documents are accessed or downloaded by authorized users (for instance, when a bank officer views your loan documents) to maintain accountability. We utilize secure document handling procedures, ensuring that files are encrypted and only accessible to those with proper permissions.

• Backup and Recovery: We perform regular data backups and store them securely to prevent data In case of a system failure or emergency, we have disaster recovery plans to restore information and resume services as quickly as possible. Backup data is encrypted and protected similarly to our live systems.
• Training and Awareness: Our personnel are trained on data privacy and security best practices. We maintain internal policies and conduct ongoing training to ensure that employees understand the importance of safeguarding personal information and know how to handle data We also require any third-party service providers assisting us to implement robust security measures.

While we strive to protect your information, it’s important to note that no method of transmission over the internet or method of electronic storage is 100% secure. However, we continuously update and improve our security practices to meet or exceed industry standards. In the event of a data breach that affects your personal information, we will notify you and the appropriate authorities as required by law.

Your Privacy Rights

Depending on where you live and applicable law, you have certain rights regarding your personal information. We are committed to honoring these rights and giving you control over your data. These rights may include:

• Right to Access: You have the right to request a copy of the personal information we hold about you and to receive an explanation of how we use This is sometimes called the “right to know” – it allows you to confirm what data of yours we have.

• Right to Correction: If any of your personal information is inaccurate or incomplete, you have the right to request that we correct or update We encourage you to keep your account information current, and you can also contact us to have us make corrections.

• Right to Deletion: You have the right to request that we delete your personal information, subject to certain exceptions. As noted in Data Retention and Deletion above, if you ask us to delete your data, we will do so unless we are required or permitted to retain it for legal, regulatory, or legitimate business purposes.

• Right to Data Portability: For information you have provided directly to us, you may have the right to obtain it in a portable and commonly used format. This means you can request a copy of your data in a format that can be transferred to another service provider.

• Right to Opt Out of Sale or Sharing: Applicable especially to California residents (under the CCPA/CPRA) and certain other state laws, you have the right to direct us not to sell your personal IntegriTech does not sell personal information to third parties. Likewise, we do not share your personal information with third parties for cross-context behavioral advertising (targeted advertising) purposes. Because we do not engage in these practices, we do not provide a “Do Not Sell or Share My Info” link at this time. If this policy changes in the future, we will update our practices and give you a chance to opt out.

• Right to Limit Use of Sensitive Information: In some jurisdictions, you can request that a business limit how it uses certain sensitive personal information. IntegriTech only uses sensitive data (like government IDs or bank account details) for necessary business purposes (such as verifying identity or processing a loan) and to comply with law. We do not use sensitive information for purposes like personalized advertising. If in the future we consider new uses of sensitive data, we will obtain any required consent or provide appropriate opt-out options.

• Right of Non-Discrimination: We will not discriminate against you for exercising any of your privacy rights. This means that if you choose to exercise your rights (such as asking for your data to be deleted or opting out of any data sharing), we will not deny you our services, charge you different prices, or provide you a lower quality of service just because you exercised your rights.
• Additional State-Specific Rights: Residents of certain states, such as California or Florida, may have additional privacy rights under state law. For example, California residents have specific rights under the California Consumer Privacy Act (CCPA) and the California Privacy Rights Act (CPRA), and Florida residents have rights under the Florida Digital Bill of Rights. These rights (including those listed above like access, correction, deletion, etc.) are generally provided to you by IntegriTech regardless of your state of residence, as we strive to uniformly protect your privacy. If any state law provides additional rights or imposes specific requirements, we will comply with those obligations as applicable.

Exercising Your Rights: You can exercise your rights by contacting us using the information in the Contact Us

section below. Please specify which right you wish to exercise and provide us with enough information to verify your

identity (for your protection, we will need to confirm that the request is coming from you or your authorized representative). For certain requests, we might ask for additional information to verify your identity or clarify the scope of your request. We will respond to your request within the timeframe required by applicable law (for example, within 45 days for most requests under California law, with the possibility of a lawful extension if needed). If we cannot fulfill your request for a specific reason (such as a legal exception), we will provide an explanation. If we deny your request, we will also inform you of how you may appeal our decision, as applicable under state laws.

If you are a California resident and would like to designate an authorized agent to make a request on your behalf, you may do so. We will take steps to verify both your identity and your agent’s authority to act on your behalf, as required by California law.

Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technologies, legal requirements, or other factors. When we make changes, we will revise the “Effective Date” at the top of this policy. If the changes are significant, we may also provide a more prominent notice (such as by posting a notice on our website or sending an email notification). We encourage you to review this Privacy Policy periodically to stay informed about how we are protecting your information.
Your continued use of our platform after any changes to this Privacy Policy constitutes your acceptance of the updated terms.