Privacy Policy

Prosper First Funding Corporation dba Prosper First Capital Website Safeguard and Privacy Policy

Effective Date: February 3, 2020

This policy describes Prosper First Funding Corporation’s (“Prosper First Funding Corporation dba Prosper First Capital,” “we” or “our”) collection, processing, transfer and storage of data from visitors to our website at 8495663270.mortgage-application.net (our “Website”) including www.prosperfirstfunding.com and www.prosperfirstcapital.com. This Privacy Policy applies only to the data collected on the Website and not to other data collected or processed by Prosper First Funding Corporation dba Prosper First Capital.

If you are a Prosper First Funding Corporation dba Prosper First Capital customer, please see our Consumer Privacy Notice, which we provide to all our individual customers, for a comprehensive explanation of how we collect, use, and share personal information and your choices for limiting the use and sharing of your information as our customer.

*This site is not authorized by the New York State Department of Financial Services.  No mortgage solicitation activity or loan applications for properties located in the State of New York can be facilitated through this site.

1.      OUR COMMITMENT TO YOUR PRIVACY

This Safeguard and Privacy Policy describes:

  • How information about you is collected through our Website;
  • How we use and with whom we share this information;
  • How you can access and update this information; and
  • The choices you can make about how we collect, use and share your information.
  • The procedure and securities in place taken to secure and protect your information.

The Safeguard Policy from Prosper First Funding Corporation dba Prosper First Capital is coordinated by our designated point of contact Peter A. Prosper, III whom monitors and manages our relationship, usage and agreement with our third party service provider Ellie Mae.  

Risks to our consumer data and information systems are tested, identified and assessed by currently having regular third party penetration requests through IOActive.

Our company exercises appropriate due diligence in selecting service providers, and our management ensures service providers have implemented adequate security controls to safeguard customer information. Every Cost center has at least one “Vendor Manager” to police third party vendors. The Third Party Risk Management Department accesses the risk of a Vendor before they are used, and there is a due diligence kit. 

The security measures applied on user access control, data encryption, server security, penetration testing, intrusion detection systems, software patch updates and malicious code prevention are set as defined in the Ellie Mae Information Security Policy which outlines the rules in regards to user access, and requires compliance with the Access Management Standard. When Encryption is necessary it is handled through the Data Classification and handling Standard, and the encryption itself is mandated by the Encryption and Key Management standard. As the primary source for holding data, servers are also governed by the Data Classification and handling Standard. Penetration testing is currently performed by IOActive, and results are analyzed in accordance with the Risk Management Standard and Vulnerability Management standards based on likelihood and impact of a vulnerability. Software is managed by the helpdesk and Information Security, and patches are mandated to reduce vulnerabilities. All devices vulnerable to malware and viruses must have appropriate software installed to detect prevent and isolate infected systems. Software must automatically update and periodically scan for such advices.

The frequency in which the policy is reviewed and updated is well documented. Ellie Mae shall continually review and improve the Information Security Program. The Information Security Policy is regularly evaluated and adjusted annually as a result of testing, monitoring, changes in applicable laws and regulation and adoption of best practices. The Chief Security Officer is responsible for recommending changes, and the Board and/or the Technology and Cybersecurity Committee of the Board is responsible for approving such changes.

In turn all Safeguard Policies and Privacy practices are updated with our local administrators and should any issues arise we can address them immediately and thoroughly.    

If you have any questions, concerns or wish to learn more regarding this Safeguard and Privacy Policy or our information collection and use practices, please contact us using the information in the “Contact Us” section below. Additional documentation can be provided with more technically in depth details on upon request by our point of contact, Peter A. Prosper, III.

2.      INFORMATION COLLECTED THROUGH OUR WEBSITE

Prosper First Funding Corporation dba Prosper First Capital collects information from Website visitors and also obtains information from third parties (including from service providers) in the course of providing our mortgage and loan origination services (our “Services”), which we may add to the data we obtain through the Website. The information collected through our website includes:

  • Personal and Loan-related Information. You may provide us information about you, which may include personal information and information relating to or necessary for the initiation, processing, or completion of certain financial transactions, including the issuance of loans.
  • Transactional Information. We may also create transactional records of each of the transactions or other events occurring through our Website. This transactional information is generally collected (i) to enable our Services, including loan document creation, origination, management, and distribution, (ii) to enable the services provided by third parties (including determinations regarding qualification for loans or the interest rates to be applied to loans), and (iii) to enable Prosper First Funding Corporation dba Prosper First Capital to comply with various legal obligations.
  • Device and Usage Information.Like most online services, our Website collects standard technical, non-personal information when you use it, including internet protocol (IP) addresses, browser types, internet service providers (ISPs), the pages and content you view or interact with on our Website, the information you search for, and the dates and times that you visit our Website.
  • Cookies and Other Technologies. Our Website collects certain information through the use of “cookies” and other tracking technologies. Cookies are small files that your browser places on your computer. We may use session cookies, persistent cookies, and other tracking technologies to better understand how you interact with our Website, to monitor usage by our users and web traffic routing on our services, and to improve and personalize our Website. Many Internet browsers automatically accept cookies. You may be able to instruct your browser to stop accepting cookies or to prompt you before accepting cookies from the websites you visit. Google provides some additional privacy options relating to Google analytics, described at www.google.com/policies/privacy/partners/. We do not respond to “do not track” browser signals at this time. We may also use web beacons, which are transparent graphic images on a webpage or within the body of one of our marketing emails, to allow us to measure visitor actions and assess the effectiveness of our email marketing campaigns. For example, we use web beacons in our email marketing to track instances where a user clicks through a link in the email.

3.      HOW WE USE INFORMATION

We and service providers working on our behalf use information collected on our Website in a variety of ways intended to provide our Website and Services and to operate our business, including the following:

  • To Provide our Services. We use the information that we collect (i) to operate, maintain, enhance and provide our Website and our Services, (ii) to provide other services and information that you request, and (iii) to provide customer support to you and other parties.
  • To Improve, Analyze, and Personalize our Website and Services. We use the information that we collect to understand and analyze usage trends and preferences; to monitor and analyze the effectiveness of our Website and Services; to improve our Website and Services and develop new products, services, features, and functionality; and to personalize our Website and Services, such as remembering your information so that you will not have to re-enter it during your visit or the next time you use our Website, or providing customized content and information.
  • To Contact You. We may use your email address or other information we collect to contact you for administrative purposes such as customer service or to send communications, including marketing or promotional communications, relating to our Website and Services. Generally, you have the ability to opt out of receiving promotional communications as described below.
  • Aggregate Data. We aggregate data collected through our Website and use it for purposes such as creating and sharing reports about the use of our products and services, including users’ interests, usage patterns, and trends.
  • Advertising. We may use non-identifiable information that you provide or that we collect to improve or tailor the effectiveness of advertising on our Website and to provide advertisements and other content that is tailored to you.

4.      HOW WE SHARE INFORMATION

We may share, transfer, or disclose your information if you consent to us doing so, as well as in the following circumstances:

  • To Service Providers. We work with third party service providers to provide services including loan or transaction processing or administration; Website hosting and other similar services, development and maintenance; advertising and marketing services; and other services related to our Website and Services for us. These third parties may have access to or process your information as part of providing those services for us. Generally, we limit the information provided to these service providers to that which is reasonably necessary for them to perform their functions, and we require them to agree to maintain the confidentiality of such information. These service providers are not permitted to use information we share that might identify you for any purpose other than to provide services to Prosper First Funding Corporation dba Prosper First Capital or to you.
  • In Aggregate Form. We may make certain aggregated non-personal information available to third parties for various purposes, including (i) compliance with various reporting obligations; (ii) for business or marketing purposes; or (iii) to assist such parties in understanding our users’ interests, usage patterns, and borrowing and loan origination trends.
  • Compliance with Laws and Law Enforcement; Protection of Our Rights. We may disclose your information (including your personal information) to a third party if (a) we believe that disclosure is reasonably necessary to comply with any applicable law, regulation, legal process or governmental request, (b) to enforce our agreements, policies and terms of service, (c) to protect the security or integrity of our Website or Services, (d) to protect the property, rights, and safety of Prosper First Funding Corporation dba Prosper First Capital, our users or the public from harm or illegal activities, (e) to respond to an emergency which we believe in the good faith requires us to disclose information to assist in preventing the death or serious bodily injury of any person, or (f) to investigate and defend ourselves against any third-party claims or allegations.
  • In Significant Business Transactions. Your information, including personal information, may be disclosed and otherwise transferred to an acquirer, successor, or assignee as part of any merger, acquisition, debt financing, sale of assets, or similar transaction, or in the event of an insolvency, bankruptcy, or receivership in which information is transferred to one or more third parties as one of our business assets.

5.      OUR POLICY CONCERNING CHILDREN

Our website is not directed to children under 13, and we do not knowingly collect any personal information from children under the age of 13 through our website. If we become aware that a child under 13 has provided us with personal information through our website, we will take steps to delete such information.

6.      PRIVACY POLICIES OF LINKED SITES AND ADVERTISERS

Our Website may contain links to other sites, as well as advertisements from companies linking to their own sites. We are not responsible for the privacy practices or the content of such sites. If you have any questions about how these other sites use your information, you should contact them directly.

7.      SECURITY

The Safeguard Policy from Prosper First Funding Corporation dba Prosper First Capital is coordinated by our designated point of contact Peter A. Prosper, III whom manages our relationship, usage and agreement with our service provider Ellie Mae. 

Risks to our consumer data and information systems are tested, identified and assessed by currently having regular third party penetration requests through IOActive.

Our company exercises appropriate due diligence in selecting service providers, and our management ensures service providers have implemented adequate security controls to safeguard customer information. Every Cost center has at least one “Vendor Manager” to police third party vendors. The Third Party Risk Management Department accesses the risk of a Vendor before they are used, and there is a due diligence kit. 

The security measures applied on user access control, data encryption, server security, penetration testing, intrusion detection systems, software patch updates and malicious code prevention are set as defined in the Ellie Mae Information Security Policy which outlines the rules in regards to user access, and requires compliance with the Access Management Standard. When Encryption is necessary it is handled through the Data Classification and handling Standard, and the encryption itself is mandated by the Encryption and Key Management standard. As the primary source for holding data, servers are also governed by the Data Classification and handling Standard. Penetration testing is currently performed by IOActive, and results are analyzed in accordance with the Risk Management Standard and Vulnerability Management standards based on likelihood and impact of a vulnerability. Software is managed by the helpdesk and Information Security, and patches are mandated to reduce vulnerabilities. All devices vulnerable to malware and viruses must have appropriate software installed to detect prevent and isolate infected systems. Software must automatically update and periodically scan for such advices.

The frequency in which the policy is reviewed and updated is well documented. Ellie Mae shall continually review and improve the Information Security Program. The Information Security Policy is regularly evaluated and adjusted annually as a result of testing, monitoring, changes in applicable laws and regulation and adoption of best practices. The Chief Security Officer is responsible for recommending changes, and the Board and/or the Technology and Cybersecurity Committee of the Board is responsible for approving such changes.

In turn all Safeguard Policies and Privacy practices are updated with our local administrators and should any issues arise we can address them immediately and thoroughly.    

Prosper First Funding Corporation dba Prosper First Capital has certain measures in place to maintain the security, confidentiality and integrity of the information gathered through the Website, and to help protect against the loss, misuse and alteration of such information. While we take measures to protect your personal information against security breaches and unauthorized access, we cannot guarantee that our safeguards will be effective all of the time against all security threats.

If you have any questions, concerns or wish to learn more regarding this Safeguard and Privacy Policy or our information collection and use practices, please contact us using the information in the “Contact Us” section below. Additional documentation can be provided with more technically in depth details on upon request by our point of contact, Peter A. Prosper, III.

8.      CHANGES TO OUR PRIVACY POLICY

This Privacy Policy may be revised from time to time. If we decide to make material changes to our Privacy Policy, we will make reasonable efforts to notify you of the changes by sending a notice to the primary email address provided to us and/or by placing a notice on our Website.

9.      HOW TO ACCESS AND UPDATE YOUR INFORMATION

You can access and update the information that you have provided to us as follows:

  • If you are a Prosper First Funding Corporation dba Prosper First Capital customer, you can access and update certain personal information in connection with your account or application by logging into your account online.
  • You may contact us at [email protected] and request to review, amend or delete certain personal information collected by us.
  • Please note that we may not be able to delete all information we collect through our Website.
  • You may opt-out of receiving marketing emails at any time by following the steps to “unsubscribe” described in the footer of our marketing emails. Your opt-out will become effective in 10 days or less.

10.  CONTACT US

If you have any questions, comments or concerns regarding our Privacy Policy and/or practices, please send an email to: [email protected].

You may also call or write us at our Connecticut or New York offices to the attention of

Peter A. Prosper, III
Prosper First Funding Corporation dba Prosper First Capital
2465 Black Rock Turnpike, Fairfield, CT 06825

Phone: (203) 368-6441

Or

Prosper First Funding Corporation dba Prosper First Capital
763 Saratoga Road, Suite 4, Burnt Hills, NY 12027 

Phone (518) 807-0185

Or

Toll Free at (877) 824-2582