Privacy Policy

01Scope of this Privacy Policy

This Privacy Policy applies to information we collect or process when you:

• Visit our websites;
• Create or use an account;
• Create, join, administer, or use a workspace;
• Subscribe to or pay for the Services;
• Upload, sync, submit, or process loan files, documents, or data;
• Connect third-party systems, including loan origination systems, document systems, email systems, or related platforms;
• Communicate with us for support, sales, billing, onboarding, or account administration;
• Use AI-assisted features, document-processing features, reporting features, workflow tools, or automation features; or
• Otherwise interact with us or the Services.

This Privacy Policy does not replace the privacy notices or obligations of any lender, mortgage broker, mortgage company, employer, financial institution, or other organization that uses the Services. Our customers are responsible for their own privacy notices, borrower communications, data collection practices, compliance obligations, and use of the Services.

02Our Role

2.1 Business User and Account Information

For information we collect directly from business users, website visitors, prospects, subscribers, account owners, and administrators, Automatic Lender may act as a business, controller, or similar role under applicable privacy laws.

2.2 Customer Data and Loan File Data

For loan files, borrower information, documents, loan origination system data, and other information submitted to the Services by or on behalf of a customer (“Customer Data”), Automatic Lender generally processes that information as a service provider, processor, or similar role on behalf of the customer.

The customer determines what Customer Data is submitted to the Services, who may access it, how the Services are configured, and how the Services are used in connection with the customer’s mortgage business.

If you are a borrower, applicant, co-borrower, or other individual whose information was submitted to the Services by a lender, broker, mortgage professional, financial institution, or other customer, you should direct privacy requests to that customer. We may assist the customer in responding to requests as required by applicable law and our agreement with the customer.

03Information We Collect

3.1 Account and Profile Information

We may collect account and profile information, including:

• Name;
• Email address;
• Phone number;
• Company name;
• Job title or role;
• Workspace name;
• Account credentials or authentication identifiers;
• User role and permissions;
• Profile settings;
• Legal acceptance records; and
• Communication preferences.

3.2 Billing and Subscription Information

We may collect or receive billing and subscription information, including:

• Selected plan;
• Billing cycle;
• Subscription status;
• Usage limits and usage records;
• Invoice history;
• Payment status;
• Billing contact information;
• Tax-related information; and
• Payment processor identifiers.

Payment card and bank account information may be collected and processed by our third-party payment processor. We do not intend to store full payment card numbers on our own systems.

3.3 Customer Data and Loan File Information

Customers and users may upload, sync, transmit, or process Customer Data through the Services. Depending on how the Services are used, Customer Data may include:

• Borrower and co-borrower names;
• Contact information;
• Loan numbers and loan identifiers;
• Loan application data;
• Income information;
• Employment information;
• Asset information;
• Liability information;
• Credit-related information;
• Property information;
• Tax documents;
• Paystubs;
• W-2s, 1099s, K-1s, tax returns, and related income documents;
• Bank statements and asset statements;
• Letters of explanation;
• Identification documents;
• Mortgage disclosures and closing documents;
• Underwriting conditions;
• Loan origination system data;
• Documents uploaded by users;
• Documents synced from third-party systems; and
• Other information included in mortgage loan files or supporting documentation.

Customer Data may include sensitive personal information, financial information, and nonpublic personal information. Customers and users are responsible for ensuring they have authority to submit Customer Data to the Services.

3.4 Documents and Files

We may collect and process files and documents uploaded to or synced with the Services, including PDFs, images, document packages, loan files, forms, reports, and supporting mortgage documentation.

3.5 AI Inputs and Outputs

When users interact with AI-assisted features, automation features, reporting tools, or file-chat functionality, we may process:

• Prompts, questions, and instructions submitted by users;
• Loan file content and document excerpts used to generate answers or reports;
• Loan data used to generate summaries, calculations, worksheets, checklists, or analyses;
• AI-generated answers, summaries, calculations, analyses, conditions, reports, draft communications, and other outputs;
• Retrieval results and source references;
• Feedback on AI outputs; and
• Usage and performance data related to AI-assisted features.

3.6 Usage, Device, and Log Information

We may automatically collect information about use of the Services, including:

• IP address;
• Device identifiers;
• Browser type;
• Operating system;
• Pages or screens viewed;
• Features used;
• Dates and times of access;
• Referring URLs;
• Session activity;
• API calls;
• System logs;
• Performance metrics;
• Security logs;
• Error reports; and
• Diagnostic data.

3.7 Communications and Support Information

We may collect information you provide when you contact us for support, sales, onboarding, billing, product feedback, or other communications, including emails, chat messages, support tickets, call notes, attachments, and related metadata.

3.8 Cookies and Similar Technologies

We may use cookies, local storage, pixels, SDKs, and similar technologies to operate the Services, authenticate users, maintain sessions, remember preferences, improve performance, analyze usage, and support security.

Our public website may use limited analytics or similar technologies to understand website performance, improve our marketing, and evaluate how visitors interact with our website. We do not use borrower loan file data or Customer Data for third-party advertising.

04Sources of Information

We may collect information from:

• You directly;
• Your workspace, company, employer, team, or account administrator;
• Other users of the same workspace;
• Loan origination systems and other third-party systems connected by or on behalf of a customer;
• Documents and files uploaded or synced to the Services;
• Payment processors;
• Identity, authentication, and security providers;
• Analytics, logging, and support tools;
• Public sources; and
• Communications with us.

05How We Use Information

We may use information for the following purposes:

• To provide, operate, maintain, and secure the Services;
• To create and manage accounts and workspaces;
• To authenticate users and manage access permissions;
• To process loan files, documents, and Customer Data;
• To perform OCR, document classification, extraction, and data processing;
• To generate reports, summaries, calculations, worksheets, checklists, conditions, and analyses requested by users;
• To provide AI-assisted answers, workflow support, and decision-support outputs;
• To connect with authorized third-party systems and integrations;
• To process subscriptions, payments, invoices, usage records, and billing operations;
• To provide support, troubleshooting, onboarding, and training;
• To monitor usage, performance, reliability, and security;
• To detect, prevent, and respond to fraud, abuse, unauthorized access, security incidents, and technical issues;
• To improve, test, develop, and enhance the Services;
• To develop new features, workflows, and product offerings;
• To communicate with users about accounts, subscriptions, product updates, security, billing, and support;
• To send business, product, or marketing communications where permitted;
• To enforce our agreements and policies;
• To comply with legal obligations and legal process; and
• To protect the rights, safety, and interests of Automatic Lender, customers, users, borrowers, and third parties.

06AI-Assisted Features and Service Improvement

The Services may use artificial intelligence, large language models, retrieval-augmented generation, OCR, document extraction, classification systems, rules engines, workflow automation, and other automated technologies to process documents, interpret loan file information, answer questions, and generate reports or other outputs.

We use Customer Data as necessary to provide AI-assisted features, automation features, reporting features, document-processing features, and related Services requested by customers and users.

We do not use borrower loan file data or Customer Data to train third-party general-purpose AI models. Where third-party AI, OCR, hosting, infrastructure, or technology providers process Customer Data, they do so to support the Services and are subject to contractual obligations designed to protect Customer Data.

We may use aggregated, de-identified, or usage-level information to monitor performance, improve reliability, test and improve product functionality, develop product features, and understand how the Services are used, provided that such information does not identify a borrower, customer, user, or other individual.

PowerUW is designed to assist mortgage professionals, not replace them. We do not determine whether a borrower is approved or denied for credit, and we do not use borrower loan file data to make credit decisions.

For more information about our use of AI-assisted features, please see our AI Transparency Policy.

07How We Disclose Information

We may disclose information as described below.

7.1 Within a Workspace

Information submitted to a workspace may be available to the Account Owner, administrators, and authorized users of that workspace based on their roles, permissions, and product functionality.

7.2 Service Providers and Sub-Processors

We may disclose information to third-party service providers, subcontractors, and sub-processors that help us provide, host, secure, support, analyze, and improve the Services. These may include:

• Cloud hosting providers;
• Database and storage providers;
• AI model providers;
• OCR and document-processing providers;
• Payment processors;
• Authentication and identity providers;
• Email and communications providers;
• Analytics and logging providers;
• Customer support tools;
• Security and monitoring providers;
• Error tracking and performance tools;
• Professional advisors; and
• Other vendors that support our business and the Services.

7.3 Third-Party Integrations Authorized by Customers

If a customer or user connects a third-party system to the Services, such as a loan origination system, document management system, CRM, email platform, or payment processor, we may disclose information to and receive information from that system as necessary to provide the integration.

7.4 Business Transfers

We may disclose or transfer information in connection with a merger, acquisition, financing, reorganization, sale of assets, bankruptcy, or similar business transaction.

7.5 Legal, Safety, and Compliance

We may disclose information if we believe disclosure is necessary or appropriate to:

• Comply with applicable law, regulation, legal process, subpoena, or government request;
• Enforce our agreements or policies;
• Protect the rights, property, or safety of Automatic Lender, customers, users, borrowers, or others;
• Detect, prevent, or respond to fraud, abuse, security incidents, or technical issues; or
• Establish, exercise, or defend legal claims.

7.6 With Consent or Direction

We may disclose information with the consent or direction of the customer, Account Owner, user, or other authorized person.

08No Sale of Customer Data

We do not sell Customer Data. We do not sell borrower loan file data. We do not use Customer Data or borrower loan file data for third-party advertising.

We may use business contact information to communicate about our products and services, subject to applicable law and any available opt-out rights.

09Security

We maintain administrative, technical, and physical safeguards designed to protect information against unauthorized access, use, disclosure, alteration, or destruction. These safeguards may include:

• Access controls;
• Authentication controls;
• Encryption in transit and at rest;
• Logging and monitoring;
• Vulnerability management;
• Change management;
• Backup and recovery processes;
• Incident response procedures;
• Personnel confidentiality obligations; and
• Vendor security review and contractual controls.

Customers and users are responsible for using the Services securely, protecting credentials, configuring permissions appropriately, and ensuring that only authorized users access Customer Data.

10Data Retention

We retain information for as long as reasonably necessary to provide the Services, operate our business, maintain security, comply with legal obligations, resolve disputes, enforce agreements, and support legitimate business purposes.

Retention periods may vary based on the type of information, customer settings, workspace configuration, subscription status, legal requirements, backup cycles, security needs, and operational requirements.

During an active subscription, customers may be able to export certain Customer Data through the Services, depending on available functionality. After termination, cancellation, or expiration of a subscription, access to Customer Data may be limited or disabled, and Customer Data may be deleted, archived, or anonymized according to our retention practices and applicable agreements.

We may retain aggregated, de-identified, or usage-level information after termination, provided such information does not identify a customer, user, borrower, or other individual and is not reasonably capable of being re-identified using reasonable efforts.

11De-Identified and Aggregated Information

We may create and use de-identified, aggregated, or usage-level information to operate, analyze, improve, test, secure, and develop the Services and related offerings.

We take reasonable measures designed to prevent de-identified information from being associated with a specific customer, user, borrower, or other individual. We do not attempt to re-identify de-identified information except as permitted by law, such as to test the effectiveness of our de-identification processes or comply with legal requirements.

12Privacy Choices and Requests

12.1 Account Information

Users may be able to access, update, or correct certain account information through the Services or by contacting us.

12.2 Communications Preferences

You may opt out of marketing emails by using the unsubscribe link in the email or by contacting us. We may still send non-marketing communications, such as account, billing, security, legal, support, and service-related messages.

12.3 Borrower or Loan File Data

If your information was submitted to the Services by one of our customers, including a lender, mortgage broker, mortgage company, loan officer, processor, underwriter, or other mortgage professional, please direct privacy requests to that customer.

We process Customer Data on behalf of our customers and may not be able to respond directly to requests involving Customer Data without instructions from the applicable customer. Where appropriate, we may assist our customers in responding to privacy, data, or AI-related requests involving use of the Services.

12.4 State Privacy Rights

Depending on where you live and your relationship with us, you may have rights under applicable privacy laws, such as rights to access, correct, delete, or obtain a copy of personal information, or to opt out of certain processing activities. These rights may be subject to limitations and exceptions under applicable law.

To submit a privacy request, contact us using the information in the “Contact Us” section below. We may need to verify your identity and authority before responding.

13Financial Privacy and Customer Data

The Services are used by mortgage professionals and may process nonpublic personal information and other financial information contained in mortgage loan files.

Our customers are responsible for providing any privacy notices required for their own borrowers, applicants, customers, and consumers.

When we process Customer Data on behalf of a customer, we use that Customer Data to provide, secure, support, maintain, and improve the Services as described in this Privacy Policy, the Subscription Terms, and any applicable agreement with the customer.

We process nonpublic personal information only as needed to provide, secure, support, maintain, and improve the Services, as directed by our customer, or as otherwise permitted by applicable law.

We do not determine whether a borrower is approved or denied for credit, and we do not use borrower loan file data to make credit decisions.

14Children’s Privacy

The Services are intended for business users and are not directed to children. We do not knowingly collect personal information directly from children through the Services.

15International Processing

We and our service providers may process information in the United States and other locations where we or our service providers operate. If information is transferred across borders, we will use transfer mechanisms or safeguards as required by applicable law.

16Third-Party Websites and Services

The Services may contain links to or integrations with third-party websites, platforms, applications, or services. We are not responsible for the privacy practices, security, content, or terms of third-party services. Your use of third-party services is subject to their own privacy policies and terms.

17Changes to this Privacy Policy

We may update this Privacy Policy from time to time. When we update it, we will revise the effective date or version above. If changes are material, we may provide notice through the Services, by email, or by other appropriate means.

Continued use of the Services after an updated Privacy Policy becomes effective means that information will be handled as described in the updated Privacy Policy.

18Contact Us

If you have questions about this Privacy Policy or want to submit a privacy request, contact us at:

Automatic Lender, Inc.
1312 17th Street #1492
Denver, CO 80202
Email: nick@automaticlender.com

Please include enough information for us to understand and respond to your request. If your request relates to Customer Data submitted by one of our customers, we may direct you to contact that customer or may respond in coordination with that customer.