California Consumer Notice at Collection and Privacy Policy

Last Updated / Effective Date: January 1, 2023

This California Consumer Notice at Collection and Privacy Policy (“California Privacy Notice” or “Notice”) supplements and is expressly made part of the Privacy Policy (available here) of Guaranteed Rate, Inc dba Certainty Home Lending. (referred to herein as “we”, “us”, or “our”), all of which are contained in our Privacy Center and applies solely to all visitors, users, and individuals we interact with in the course of our business relationships, including with our commercial clients or other third parties, service providers, or contractors, and others who reside in the State of California (“consumers” or “you”). This California Privacy Notice explains our privacy practices when we review your eligibility, evaluate, process, complete, approve or dispose of your application for a product or service, create an account with us using any available method, when you are approved and close on a product or service, when we provide a product or service, and when we act as a servicer, as well as any other business interactions you may engage in with us (collectively, “Services”). Any terms defined in the California Consumer Privacy Act as amended from time to time (“CCPA”) or its implementing regulations have the same meaning when used in this Notice.

Information We Collect

Our Services may involve the collection of information that identifies, relates to, describes, references, is capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer that resides in California or a device located in California (“Personal Information”). In particular, through our Services, we may collect the following categories of Personal Information from you:

CategoryExamples
A. IdentifiersA real name, alias, postal address, unique personal identifier, online identifier, Internet Protocol address, email address, account name, or other similar identifiers
B. Personal Information categories listed in the California Customer Records statute (Cal. Civ. Code § 1798.80I)A name, signature, physical characteristics or description, address, telephone number, insurance policy number, education, employment, employment history, bank account number, credit card number, debit card number, or any other financial information, medical information, or health insurance information. Some Personal Information included in this category may overlap with other categories.
C. Protected classification characteristics under California or federal law.Age (40 years or older), race, color, ancestry, national origin, citizenship, religion or creed, marital status, medical condition, physical or mental disability, sex (including gender, gender identity, gender expression, pregnancy or childbirth and related medical conditions), sexual orientation, veteran or military status, genetic information (including familial genetic information).
D. Commercial InformationRecords of personal property, products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies.
E. Internet or other similar network activityBrowsing history, search history, information on a consumer’s interaction with a website, application, or advertisement.
F. General Geolocation DataPhysical location or movements.
G. Sensory DataAudio, electronic, visual, thermal, olfactory, or similar information.
H. Inferences drawn from Personal InformationDerivation of information, data, assumptions, or conclusions from facts, evidence, or another source of information or data; a characteristic deduced about a consumer. 
I. Non-public education information (per the Family Educational Rights and Privacy Act (20 U.S.C. Section 1232g, 34 C.F.R. Part 99))Education records directly related to a student maintained by an educational institution or party acting on its behalf, such as grades, transcripts, class lists, student schedules, student identification codes, student financial information, or student disciplinary records.
J. Sensitive Personal InformationSocial Security number, driver’s license number, or passport number.

Personal Information does not include:

  • Publicly available information from government records.
  • De-identified or Aggregated consumer information as defined by the CCPA.
  • Information excluded from the CCPA’s scope, like:
  • Health or medical information covered by the Health Insurance Portability and Accountability Act of 1996 (HIPAA) and the California Confidentiality of Medical Information Act (CMIA) or clinical trial data
  • Personal Information covered by certain sector-specific privacy laws, including the Fair Credit Reporting Act (FCRA), the Gramm-Leach-Bliley Act (GLBA) or California Financial Information Privacy Act (FIPA), and the Driver’s Privacy Protection Act of 1994.
  • We obtain the categories of Personal Information listed above from the following categories of sources:
  • Directly from you. For example, from forms you complete or products and services you purchase.
  • Indirectly from you. For example, from observing your actions when using our Services.
  • Records and copies of your correspondence (including email addresses), if you contact us.
  • Your responses to surveys that we might ask you to complete for research purposes.
  • From third-party business partners such as internet service providers, data analytics providers, government entities, operating systems and platforms, social networks, data brokers and other service providers we use for ordinary business purposes including, but not limited to, evaluating a financial transaction with you or marketing our Services to you.

Use of Personal Information

We use Personal Information to offer products and services to you, fulfill your requests, improve the quality of our products and services, engage in research and analysis relating to our products and services, personalize your experience, track usage of our products and services, market our products and services, provide customer support, message you, back up our systems, allow for disaster recovery, enhance the functioning and security of our products and services, manage any other business relationship between you and us, and comply with legal obligations. Even when we do not retain such information, it still must be transmitted to our servers initially and stored long enough to process.

We also use information that we collect about you or that you provide to us, including any Personal Information:

  • To present the content of our products and services to you.
  • To provide you with information, products, or services that you request from us.
  • To fulfill any other purpose for which you provide it.
  • To provide you with notices about your account, including expiration and renewal notices.
  • To carry out our obligations and enforce our rights arising from any contracts entered into between you and us, including for billing and collection.
  • To notify you about changes to our products or services we offer or provide through it.
  • In any other way we may describe when you provide the information.
  • For any other purpose with your consent.
  • As appropriate, in our sole discretion, for other legitimate business activities.

We may use or disclose the Personal Information we collect for one or more of the following business purposes:

  • To fulfill or meet the reason you provided the information. For example, if you disclose your name and contact information to request a rate quote or ask a question about our products or services, we will use that Personal Information to respond to your inquiry. If you provide your Personal Information to purchase a product or service, we will use that information to process your payment and facilitate delivery. We may also save your information to facilitate new product orders or process returns.
  • To provide, support, personalize, and develop our Services, products, and other services.
  • To create, maintain, customize, and secure your account with us.
  • To process your requests, purchases, transactions, and payments and prevent transactional fraud.
  • To provide you with support and to respond to your inquiries, including to investigate and address your concerns and monitor and improve our responses.
  • To personalize your Services experience and to deliver content and product and service offerings relevant to your interests, including targeted offers and ads through our Services, third-party sites, and via email or text message (with your consent, where required by law).
  • To provide advertising and marketing services.
  • To help maintain the safety, security, and integrity of our Services, products and other services, databases and other technology assets, and business.
  • For testing, research, analysis, and product development, including to develop and improve our Services, products, and other services.
  • To respond to law enforcement requests and as required by applicable law, court order, or governmental regulations.
  • As described to you when collecting your Personal Information or as otherwise set forth in the CCPA.
  • To evaluate or conduct a merger, divestiture, restructuring, reorganization, dissolution, or other sale or transfer of some or all of our assets, whether as a going concern or as part of bankruptcy, liquidation, or similar proceeding, in which Personal Information held by us about our Services’ users is among the assets transferred.
  • Auditing related to counting ad impressions to unique visitors, verifying positioning and quality of ad impressions, and auditing compliance with this specification and other standards.
  • Helping to ensure security and integrity to the extent the use of the consumer’s Personal Information is reasonably necessary and proportionate for these purposes.
  • Debugging to identify and repair errors that impair existing intended functionality.
  • Short-term, transient use, including, but not limited to, non-personalized advertising shown as part of a consumer’s current interaction with us.
  • Performing services on behalf of the business, including maintaining or servicing accounts, providing customer service, processing or fulfilling orders and transactions, verifying customer information, processing payments, providing financing, providing analytic services, providing storage, or providing similar services on behalf of the business.
  • Undertaking internal research for technological development and demonstration.
  • Undertaking activities to verify or maintain the quality or safety of a product, service or device that is owned, manufactured, manufactured for, or controlled by the business, and to improve, upgrade, or enhance the product, service or device that is owned, manufactured, manufactured for, or controlled by the business.
  • We will not collect additional categories of Personal Information or use the Personal Information we collected for materially different, unrelated, or incompatible purposes without providing you notice.

Disclosures of Personal Information

All financial companies need to disclose Personal Information to run their everyday business and provide the Services you hope to obtain. Financial companies choose how to disclose your information. Federal and state laws and regulations may further dictate your ability to limit such disclosures.

We have disclosed the above categories of Personal Information to the following categories of third parties:

  • Authorized third parties. We will disclose your information to a third party with your consent.  
  • Affiliates, subsidiaries, and businesses under our control. We may disclose your Personal Information to our affiliates, subsidiaries, and companies under common control.
  • Service providers, contractors, and third parties. We may disclose Personal Information to service providers, vendors, or contractors, or they may disclose, collect, store, access, transfer, or otherwise process your Personal Information on our behalf to help us carry out our Services or run our business. We require service providers, vendors, and contractors to implement reasonable organizational controls to maintain the privacy and security of Personal Information provided to them.
  • Marketing partners. We may disclose Personal Information to third parties, marketing affiliates, or subsidiaries for marketing purposes, analytics, (ex: Adobe Analytics, Google Analytics) and to jointly market products, services, promotions, and events. We may receive your Personal Information from a third party you authorized to share or sell your Personal Information.   
  • Government, regulatory, and legal entities.   We disclose your Personal Information to government, regulatory, and legal entities in response to their inquiries, to enforce our terms and conditions, to exercise or defend a claim, or if we determine disclosure is necessary or appropriate to protect the life, safety, or property of our business, ourselves or others.
  • Change of control. We may disclose, receive, or transfer your Personal Information in connection with an actual or proposed sale, merger, acquisition, dissolution, divestiture, joint venture, bankruptcy, or any similar transaction where the control and responsibility of your Personal Information changes to or from us.  We may transfer or have transferred to us, all information collected about you to merge, transition or wind-down a company’s activities.

We will comply with other federal and state laws and regulations that impact our disclosure practices.  

Sales and Sharing of Personal Information

We have not sold Personal Information during the prior 12 months.  We may have shared Personal Information for  cross-context behavioral advertising in the past 12 months.  We have no actual knowledge of selling or sharing Personal Information of anyone under the age of 16 years.  Notwithstanding the foregoing, we will accept a verified request from you to not sell or share your Personal Information should our practices change in the future.

Retention of your Personal Information 

We retain your Personal Information throughout our business relationship with you and thereafter only for as long as required to fulfil the purposes for which it was collected. However, in some circumstances we may retain Personal Information for longer periods of time, for instance when we are required to do so in accordance with legal and regulatory requirements or to resolve disputes that may arise between you and us.

Exercising Your California Privacy Rights

The CCPA requires we create a way for eligible California residents to exercise their rights under the CCPA, and to fulfill those consumer privacy rights regarding their Personal Information. These rights include the: 

  • right to know your Personal Information;
  • right to delete Personal Information collected from you;
  • right to opt-out of the sale or sharing of Personal Information (if applicable);
  • right to non-discriminatory treatment or no retaliation for exercising any rights; 
  • right to initiate a private cause of action for data breaches;
  • right to correct inaccurate Personal Information; and
  • right to limit use and disclosure of Sensitive Personal Information.

When you make a request, we may require that you provide information and follow procedures so that we can verify the request and your jurisdiction before responding to it. The verification steps we take may differ depending on the request you make. We will match the information that you provide in your request to information we already have on file to verify your identity. If we can verify your request, we will process it. If we cannot verify your request, we may ask you for additional information to help us verify your request.

Consumers will be required to submit their first and last name and email address and may also be asked to provide their telephone number or address so that we can verify the request. Please provide as much of the requested information as possible to help us verify the request. We will only use the information received in a request for the purposes of responding to the request.

California law permits California consumers to use an authorized agent to make privacy rights requests. We require the authorized agent to provide us with proof of the California consumer’s written permission (for example, a power of attorney) that shows the authorized agent has the authority to submit a request for the California consumer. An authorized agent must follow the process described below to make a request. The authorized agent must also verify his/her own identity. We will confirm the agent’s authority with the California consumer about whom the request was made.

You may submit a privacy rights request to us by:

Guaranteed Rate, Inc. dba Certainty Home Lending
Attn: Privacy Compliance Officer
3940 N. Ravenswood
Chicago, IL 60613

Notice to Job Applicants, Employees and Former Employees

If you are a California resident and you have applied for a job, are employed by us or your employment with us has ceased, please read our California Applicant Notice at Collection and Privacy Policy, or our California Employee Privacy Notice, as applicable.

Minors

We do not knowingly collect, process, use, sell, or share Personal Information of those 16 years old or younger.

Changes to Our California Privacy Notice

We reserve the right to amend this California Privacy Notice at our discretion and at any time. When we make changes to this California Privacy Notice, we will post the updated Notice through the Services and update the Notice’s effective date that appears at the beginning of this Notice. Your continued use of our Services following the posting of changes constitutes your acceptance of such changes.

Contact Information

If you have any questions or comments about this California Privacy Notice, the ways in which we collect and use your information described above, your choices and rights regarding such use, or wish to exercise your rights under California law, please do not hesitate to contact us at:

Guaranteed Rate, Inc. dba Certainty Home Lending
Attn: Privacy Compliance Officer
3940 N. Ravenswood
Chicago, IL 60613