Updated February 1, 2021
The Filogix Expert Plus and Expert Pro platform made available by D+H Mortgage Technology Corporation c.o.b. as Filogix (“Filogix”, “We”, “Us” or “Our”) through Our website: https://expertpro.filogix.com/ (the “Service”) allows Customers, Brokers and lenders (“You”, “Your”) to access, use, provide, exchange, and receive information and data in connection with mortgage transactions and other related activities.
In this Privacy Policy, “Customers” means any person who accesses the Service for the purpose of receiving mortgage services.
“Broker” means a mortgage company, mortgage brokerage, or a similar entity that you are working for or with to either offer (in the case of an agent) or secure (in the case of a Customer) mortgage services.
“Customer Data” means any data, including personal information, relating to customers of mortgage brokers and lenders entered or stored in the Service; and “Personal Information” means any information about an identifiable individual but does not include the name, title or business address (including business email address) or business telephone number of an employee of an organization.
This Privacy Policy covers the privacy practices that Filogix employs with respect to the collection, use, sharing, disclosure, and protection of Customer Data or other Personal Information received through the Service. This Privacy Policy does not extend to the data management practices of third-party sites linked from the Service.
By accessing or using the Service, You agree to the terms of this Privacy Policy. We may change certain parts of this Privacy Policy from time to time so You should check it periodically. If We make changes that are material, We will provide You with notice when such changes take effect by posting a notification on the Service.
Collection of Information
When You use the Service, information is collected by Us as You interact with the Service.
We collect information that You provide to Us or authorize Us to collect. We also collect information automatically when You use the Service (e.g., cookies and other technical data described in the ‘Technical Data’ section below).
We collect information when:
We may collect the following information:
For Customers, We do not directly collect Customer Data but rather receive Customer Data from or on behalf of Your Broker and We use Customer Data to perform services on Your behalf. Except as required by law or provided in this Privacy Policy, We do not use or disclose Customer Data that We have received for any new purpose, unless We first identify and document the new purpose and obtain the Broker’s consent where appropriate.
Third-Party Integration
You may use a third-party service provider to integrate and/or sync a third-party account or service (e.g., an email account or an account with a financial institution) with the Service via an API. This integration will only be enabled with Your prior consent and You may revoke integration at any time. You understand that these service providers may use Your Personal Information and data in accordance with their own privacy policies. You are strongly advised to review the privacy policy before You enable integration. You are solely responsible for reviewing and understanding these policies.
Information about Another Person
You may be able to enter Personal Information about another person on the Service (e.g., employees, clients or a co- applicant). In such cases, You are responsible for ensuring that You are compliant with relevant data protection laws, including obtaining the necessary consent for sharing another individual’s Personal Information with Us.
Consent
By using the Service, You consent to the collection or receipt (as the case may be), use and disclosure of information by Us as described in this Privacy Policy. For Customers accessing the Service, between You and the Broker, use of the data by Your Broker will be governed by Your Broker’s privacy policy.
Subject to exceptions afforded to us under applicable laws, You may request the withdrawal of Your consent to the use of Your Personal Information by contacting the Privacy Department as provided below.
Use of Personal Information
We use Personal Information to:
Payment Processor
We use a third-party payment processor, Stripe, to process payments on the Service. Please review Stripe’s privacy policy for more information on how Stripe processes Personal Information:https://stripe.com/en-ca/privacy
Technical Data and Analytics
When You access and use the Service, We may automatically collect certain technical information about Your visit, including the date, time, browser type, Your internet service provider, Your IP address, device information (including device identifiers), geo-location information, computer and network performance data, the version of the application that You are using, the URL that You are coming from and Your navigation history in order to customize and personalize Your experience on the Service, improve the Service, understand usage of the Service and for statistical research purposes.
Cookies and similar technologies: We use “cookies” (session and persistent), scripts, pixel tags, web beacons and other similar technologies and digital markers on the Service. These automatically collect data from a visitor to the Service.
Cookies help Us recognize repeat visitors, personalize the Service and communications and tailor content to match particular interests. We also use these technologies to track usage trends and patterns on the Service.
You are always free to decline cookies. If You decline “cookies” or delete them from Your computer, You will still be able to access the Service, but You may find that some areas do not work as smoothly as when cookies are enabled on Your system.
Disclosure of Information
In addition to using information as described in this Privacy Policy, We disclose Customer Data and Personal Information to third parties in the following circumstances:
Required by Law: We will disclose Customer Data and Personal Information in Our custody when We believe that the disclosure is required by law, including to comply with a judicial proceeding, court order, or legal process served on Us and when We receive a request from law enforcement authorities. We will only disclose Customer Data and Personal Information to law enforcement authorities upon demonstration of lawful authority.
Investigations: We will disclose Customer Data and Personal Information where it is reasonable for the purposes of investigating a breach of an agreement or a contravention of the law that has been, is being or is about to be committed and it is reasonable to expect that disclosure with the knowledge or consent of the individual would compromise the investigation.
Fraud: We will disclose Customer Data and Personal Information where it is reasonable for the purposes of preventing, detecting or suppressing fraud and it is reasonable to expect that the disclosure with the knowledge or consent of the individual would compromise the ability to prevent, detect or suppress the fraud.
Business Transaction: We may disclose and share Customer Data and Personal Information to explore and/or undertake a corporate transaction, including a merger, acquisition, amalgamation, IPO, reorganization or sale of Filogix and/or the Service. We will enter into an agreement that ensures that Customer Data and Personal Information will be used and disclosed solely for the purposes related to the transaction and will be protected by security safeguards appropriate to the sensitivity of the information.
Transfer of Information
We may transfer Customer Data and Personal Information to third-party service providers, suppliers and sub-contractors who assist Us in providing and administering the Service. We may transfer Customer Data and Personal Information to a third-party service provider outside of Your jurisdiction of residence for storage and processing. In the event that Your Customer Data and Personal Information is transferred abroad, the
government, courts, law enforcement or regulatory agencies of that jurisdiction may be able to obtain disclosure of the data through the laws of that jurisdiction.
Aggregate Data
Filogix shall have: (a) the right to de-identify, anonymize, pseudonymize, aggregate or otherwise convert Customer Data and Personal Information into blind data (collectively, the “De-identified Data”); and (b) a perpetual, irrevocable, worldwide right to use, sell or disclose De-identified Data for product improvement and development, benchmarking, analytics and insights, or any other lawful purpose, as long as such De-identified Data does not directly identify You or any particular individual.
Security of Information
We are committed to data security and protecting the Customer Data and Personal Information through integrated physical, technological, and administrative safeguards. In particular, Customer Data and Personal Information is protected by security safeguards appropriate to the level of sensitivity of the data through (i) physical measures, such as secure areas; (ii) technical measures, such as secure servers; and (iii) organizational measures such as access policies based on the need-toknow and employee security through vetting and supervision.
Secure Data Storage: The Service's document management system uses server side encryption based on AES-256, and databases are encrypted at rest and in transit using Amazon Web Services (AWS) Key Management Service. All servers are located with AWS (Amazon Web Services Cloud). Further information on AWS security can be found at the following link: http://aws.amazon.com/security/.
Data Retention
Information will be retained as necessary to provide the Service as required or allowed by law or in accordance with our Broker and Lender contracts.
Children
We do not provide the Service to children. You represent that You are the legal age of majority under applicable law to use the Service.
Privacy Rights
Individual Access: Upon request, We will provide You with access to Your Personal Information in accordance with applicable laws. If You are requesting access to Customer Data, We will refer all such requests for access to the Broker.
Data Accuracy
When We receive information, We do not verify the accuracy of the information. We rely on You and the Broker to ensure the accuracy and completeness of the information that has been provided to us to perform the services.
Contact Us
To contact us with questions about this Privacy Policy send us an email at privacy@finastra.com and write “Privacy Policy” in the subject line.
Still Need Help? You may contact us at any of the following: Mailing Address
Att: Privacy Officer
Filogix
5995 Avebury Road
2nd Floor
Mississauga, Ontario
L5R 3P9
Email: privacy@finastra.com
THIRD-PARTY INTEGRATION SERVICE PROVIDERS
Last updated: February 1, 2021
Flinks
Flinks Technology Inc. (“Flinks”) uses an application programming interface (“API”) to connect with Your bank to obtain Your bank statement information. This information is used by Your Broker to process Your mortgage application. Flinks integration will only be enabled with Your consent. You understand that Flinks may use Your Personal Information and data in accordance with its privacy policy. To review the Flinks privacy policy, please visit https://flinks.io/privacy-policy/
Nylas
Nylas Inc. (“Nylas”) uses an API to integrate and sync Your email account(s), contacts and calendar(s) with the Service. Nylas integration will only be enabled with Your consent. You understand that Nylas may use Your Personal Information and data in accordance with its privacy policy. To review the Nylas privacy policy, please visit https://www.nylas.com/privacy-policy/
You are strongly advised to review the privacy policies of these thirdparties before You enable integration. You are solely responsible for reviewing and understanding these policies.
For Gmail users, The Service's use of information received from Google APIs will adhere to Google API Services User Data Policy, including the Limited Use requirements.