Effective Date: March 1, 2025

This Privacy Policy describes how MTGBroker, LLC (“MtgBroker,” “Mtg.Broker,” “MtgBroker.app,” “we,” “us,” or “our”) collects, uses, discloses, and safeguards information when you use our websites, web applications, mobile applications, and SaaS platform (collectively, the “Service”), including MtgBroker.app and mtg.broker.

By accessing or using the Service, you agree to the practices described in this Privacy Policy. If you do not agree, please do not use the Service.

1. Information We Collect

We collect information in three main ways: (a) information you provide directly, (b) information collected automatically when you use the Service, and (c) information from integrations with third-party tools.

1.1 Information You Provide

We may collect personal and business information you voluntarily provide, including:

  • Name

  • Email address

  • Phone number

  • Company, brokerage, or organization details

  • Account login details (such as username and password)

  • Subscription and billing-related information

  • Loan-related or borrower-related data you enter into the platform (e.g., loan scenarios, property details, notes, high-level borrower information)

  • Information submitted through forms, support requests, or feedback

  • Private user notes and internal comments you enter in the app

  • Favorites (for example, favorite lenders, vendors, or products)

Payment Information:
Payment card details are processed securely by third-party payment processors (such as Stripe). We do not store your full payment card number on our systems.

1.2 Information Collected Automatically

When you access or use the Service, we may automatically collect certain technical and usage information, such as:

  • IP address

  • Device identifiers

  • Browser type and version

  • Operating system and device information

  • Pages or screens viewed, features used, and actions taken

  • Dates and times of access (timestamps and log data)

  • Referring URLs

  • Diagnostic and performance data

This information helps us operate, secure, and improve the Service.

1.3 Cookies & Tracking Technologies

We may use cookies, pixels, and similar tracking technologies to:

  • Remember your preferences and settings

  • Keep you signed in

  • Analyze usage and performance

  • Improve the user experience

You can control cookies through your browser settings, but disabling cookies may affect certain features of the Service.

2. How We Use Your Information

We use the information we collect for purposes such as:

  • Providing and operating the Service (including account creation, authentication, and core features)

  • Processing payments and managing subscriptions

  • Saving and displaying your data, such as loan scenarios, private notes, and favorites

  • Maintaining and improving the Service, including performance, reliability, usability, and security

  • Responding to inquiries and providing customer support

  • Sending important communications, such as service announcements, security alerts, and policy updates

  • Analyzing usage and trends to understand how the Service is used and where improvements are needed

  • Enforcing our Terms of Service and other policies

  • Complying with legal and regulatory obligations

  • Preventing, detecting, and responding to fraud, abuse, or security incidents

We do not use your data for advertising-based profiling or selling your personal information.

3. User Responsibilities & Sensitive Information

The Service is designed primarily for professional use in the mortgage and real estate industry (e.g., loan scenarios, lender/product information, and related notes).

You agree to:

  • Use the Service thoughtfully and in compliance with applicable privacy and lending laws.

  • Avoid storing unnecessary highly sensitive data in free-text or notes fields, such as:

    • Full Social Security numbers

    • Full bank account numbers or passwords

    • Credit card numbers

    • PINs or authentication codes

If you choose to enter sensitive data into the Service, you do so at your own risk, and you remain responsible for complying with any applicable legal and regulatory requirements related to that data.

4. How We Share Your Information

We do not sell your personal information.

We may share information in the following limited circumstances:

4.1 Service Providers

We may share information with trusted third-party vendors that help us operate and support the Service, including:

  • Payment processors

  • Email and communication tools

  • Hosting and cloud infrastructure providers

  • Analytics and performance monitoring services

  • Customer support tools

  • Security and fraud prevention providers

These service providers are permitted to use your information only to perform services on our behalf and are expected to protect it appropriately.

4.2 Third-Party Integrations

If you choose to connect the Service to third-party tools (such as CRM systems, lender portals, or other vendor platforms), we may share or receive data as needed to enable those integrations.

Your use of third-party integrations is subject to those third parties’ privacy policies and terms. We are not responsible for their data practices.

4.3 Legal & Safety

We may disclose information if we believe in good faith that it is necessary to:

  • Comply with applicable laws, regulations, or legal processes

  • Respond to lawful requests from law enforcement or regulatory authorities

  • Protect the rights, property, or safety of MtgBroker, our users, or others

  • Detect, investigate, and help prevent fraud or security issues

4.4 Business Transfers

If we are involved in a merger, acquisition, financing, reorganization, or sale of all or a portion of our assets, your information may be transferred as part of that transaction. We will take reasonable steps to ensure that the recipient continues to respect your privacy consistent with this Policy.

5. Developer & Internal Access

To maintain and improve the Service, certain authorized members of our team (including developers and support staff) may have access to:

  • Your account information (e.g., email, profile)

  • Application data such as loan scenarios, private notes, and favorites, only as reasonably necessary to:

    • Diagnose technical issues

    • Provide support and respond to your requests

    • Improve functionality and user experience

    • Maintain security and system integrity

We take measures to ensure that internal access to data is limited, logged where appropriate, and handled in a secure and ethical manner.

6. Data Security

We use commercially reasonable administrative, technical, and organizational safeguards designed to protect your information against unauthorized access, loss, misuse, or alteration.

These measures may include:

  • Encryption in transit (e.g., HTTPS/TLS)

  • Access controls and authentication

  • Regular software updates and security patches

  • Monitoring for unusual activity

However, no system or transmission over the internet is completely secure. You acknowledge that:

  • We cannot guarantee absolute security of your data.

  • You are responsible for maintaining the security of your login credentials and devices.

  • If you believe your account or information has been compromised, you should notify us promptly.

7. Data Retention

We retain personal information only for as long as reasonably necessary to:

  • Provide and maintain the Service

  • Fulfill the purposes described in this Policy

  • Comply with legal, regulatory, tax, or accounting requirements

  • Resolve disputes and enforce our agreements

When information is no longer needed for these purposes, we may anonymize it, aggregate it, or delete it, subject to any legal obligations to retain it for a longer period.

You may request deletion of your data where permitted by law (see “Your Rights & Choices” below).

8. Your Rights & Choices

Depending on your location and applicable law (such as CCPA/CPRA, GDPR, or similar laws), you may have some or all of the following rights:

  • Access: Request confirmation of whether we process your personal information and, where applicable, a copy of that information.

  • Correction: Request that we correct inaccurate or incomplete personal information.

  • Deletion: Request deletion of your personal information, subject to legal and operational limitations.

  • Restriction: Request that we limit the processing of your personal information in certain circumstances.

  • Portability: Request a copy of your personal information in a structured, commonly used, and machine-readable format, where technically feasible.

  • Objection / Opt-Out: Object to certain types of processing or opt out of specific uses or disclosures where provided by law.

  • Withdraw Consent: Where processing is based on your consent, you may withdraw that consent at any time (this will not affect processing that occurred before withdrawal).

To exercise any of these rights, you can contact us at:

We may need to verify your identity before responding to your request. We will not discriminate against you for exercising any privacy rights granted under applicable law.

You may also:

  • Adjust your browser settings to manage cookies and tracking.

  • Unsubscribe from certain emails by using the opt-out links provided in the messages (service and transactional emails may still be sent as needed).

9. Third-Party Websites & Services

The Service may contain links to, or interact with, third-party websites, tools, or services that are not owned or controlled by us.

We are not responsible for the privacy practices, content, or security of these third parties. Your use of third-party websites and services is governed by their own terms and privacy policies. We encourage you to review those policies before providing any information.

10. Children’s Privacy

The Service is not intended for, and we do not knowingly collect personal information from, individuals under 16 years of age.

If we become aware that a child under 16 has provided personal information, we will take steps to delete that information as soon as reasonably possible. If you believe a child has provided us with personal information, please contact us.

11. International Users

Our systems and servers are primarily located in the United States. If you access or use the Service from outside the United States, you understand that your information may be transferred to, stored in, and processed in the United States (or other countries where our service providers operate), which may have different data protection laws than your country of residence.

By using the Service, you consent to this transfer and processing.

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time.

When we do:

  • We will update the “Effective Date” at the top of this page; and

  • For material changes, we may provide additional notice through the Service or via email.

Your continued use of the Service after any changes become effective constitutes your acceptance of the updated Privacy Policy. If you do not agree to the changes, you should stop using the Service.

13. Contact Us

If you have any questions about this Privacy Policy, our data practices, or your rights, you can contact us at: