Filogix Expert Plus and
Expert Pro Privacy Policy
Updated February 1, 2021
The Filogix Expert Plus and Expert Pro platform made available by D+H
Mortgage Technology Corporation c.o.b. as Filogix (“Filogix”, “We”, “Us”
or “Our”) through Our website: https://expertpro.filogix.com/
(the “Service”) allows Customers, Brokers and lenders (“You”,
“Your”) to access, use, provide, exchange, and receive information and
data in connection with mortgage transactions and other related activities.
In this Privacy Policy, “Customers” means any person who accesses the
Service for the purpose of receiving mortgage services.
"Broker" means a mortgage company, mortgage brokerage, or a similar
entity that you are working for or with to either offer (in the case of an
agent) or secure (in the case of a Customer) mortgage services.
“Customer Data” means any data, including personal information,
relating to customers of mortgage brokers and lenders entered or stored
in the Service; and “Personal Information” means any information about
an identifiable individual but does not include the name, title or business
address (including business email address) or business telephone
number of an employee of an organization.
This Privacy Policy covers the privacy practices that Filogix employs with
respect to the collection, use, sharing, disclosure, and protection of
Customer Data or other Personal Information received through the
Service. This Privacy Policy does not extend to the data management
practices of third-party sites linked from the Service.
By accessing or using the Service, You agree to the terms of this Privacy
Policy. We may change certain parts of this Privacy Policy from time to
time so You should check it periodically. If We make changes that are
material, We will provide You with notice when such changes take effect
by posting a notification on the Service.
Collection of Information
When You use the Service, information is collected by Us as You interact
with the Service.
We collect information that You provide to Us or authorize Us to collect.
We also collect information automatically when You use the Service (e.g.,
cookies and other technical data described in the ‘Technical Data’ section
below).
We collect information when:
• You register for an account or make a purchase on the Service.
• You communicate with Us.
• You input information on the Service, such as when You upload
documents or information to Your account; and/or You choose to
sync/integrate a third party account or service (e.g., an email
account or an account with a financial institution) with the Service.
We may collect the following information:
• Contact and account registration information such as full name,
physical address, email address, phone number and image/photo.
• Payment information, including credit card details.
• Information that You provide when You integrate/sync a third-party
account or service with the Service, such as banking information
through bank account integration and email communications,
contacts and calendar information through email account
integration (as set out below).
• Broker registration or licensing information.
• Communications on the Service.
• Information You provide to Us when You contact Us, provide
feedback, make a complaint or other inquiries
• Other information required to provide You with access to the
Service.
For Customers, We do not directly collect Customer Data but rather
receive Customer Data from or on behalf of Your Broker and We use
Customer Data to perform services on Your behalf. Except as required
by law or provided in this Privacy Policy, We do not use or disclose
Customer Data that We have received for any new purpose, unless We
first identify and document the new purpose and obtain the Broker’s
consent where appropriate.
Third-Party Integration
You may use a third-party service provider to integrate and/or sync a
third-party account or service (e.g., an email account or an account with a
financial institution) with the Service via an API. This integration will only
be enabled with Your prior consent and You may revoke integration at
any time. You understand that these service providers may use Your
Personal Information and data in accordance with their own privacy
policies. You are strongly advised to review the privacy policy before You
enable integration. You are solely responsible for reviewing and
understanding these policies.
Information about Another Person
You may be able to enter Personal Information about another person on
the Service (e.g., employees, clients or a co- applicant). In such cases,
You are responsible for ensuring that You are compliant with relevant
data protection laws, including obtaining the necessary consent for
sharing another individual’s Personal Information with Us.
Consent
By using the Service, You consent to the collection or receipt (as the case
may be), use and disclosure of information by Us as described in this
Privacy Policy. For Customers accessing the Service, between You and
the Broker, use of the data by Your Broker will be governed by Your
Broker’s privacy policy.
Subject to exceptions afforded to us under applicable laws, You may
request the withdrawal of Your consent to the use of Your Personal
Information by contacting the Privacy Department as provided below.
Use of Personal Information
We use Personal Information to:
• Register and manage an account.
• Verify Your identity and the information that You provide to Us.
• Deliver and provide access to the Service and the tools and
features that You have requested through the Service.
• Facilitate interaction between Brokers and their clients.
• Verify transactions and process payments.
• Send You communications and notifications, including updates on
Your subscription or account.
• Send You promotional communications such as special offers on
products and services, newsletters or other promotions.
• Administer, troubleshoot, improve, and manage the Service.
Analyze the accuracy and effectiveness of the Service.
• Analyze and understand Our visitors.
• Meet obligations as required by applicable laws.
• Detect and prevent fraud or other illegal or unauthorized activities.
• Tailor and personalize Your experience while visiting and using the
Service. Respond to inquiries, complaints, disputes and other
communications to Us. Other purposes that We identify to You
from time to time.
Payment Processor
We use a third-party payment processor, Stripe, to process payments on
the Service. Please review Stripe’s privacy policy for more information on
how Stripe processes Personal Information: https://stripe.com/en-
ca/privacy
Technical Data and Analytics
When You access and use the Service, We may automatically collect
certain technical information about Your visit, including the date, time,
browser type, Your internet service provider, Your IP address, device
information (including device identifiers), geo-location information,
computer and network performance data, the version of the application
that You are using, the URL that You are coming from and Your
navigation history in order to customize and personalize Your experience
on the Service, improve the Service, understand usage of the Service and
for statistical research purposes.
Cookies and similar technologies: We use “cookies” (session and
persistent), scripts, pixel tags, web beacons and other similar
technologies and digital markers on the Service. These automatically
collect data from a visitor to the Service.
Cookies help Us recognize repeat visitors, personalize the Service and
communications and tailor content to match particular interests. We also
use these technologies to track usage trends and patterns on the Service.
You are always free to decline cookies. If You decline “cookies” or delete
them from Your computer, You will still be able to access the Service, but
You may find that some areas do not work as smoothly as when cookies
are enabled on Your system.
Disclosure of Information
In addition to using information as described in this Privacy Policy, We
disclose Customer Data and Personal Information to third parties in the
following circumstances:
Required by Law: We will disclose Customer Data and Personal
Information in Our custody when We believe that the disclosure is
required by law, including to comply with a judicial proceeding, court
order, or legal process served on Us and when We receive a request from
law enforcement authorities. We will only disclose Customer Data and
Personal Information to law enforcement authorities upon demonstration
of lawful authority.
Investigations: We will disclose Customer Data and Personal
Information where it is reasonable for the purposes of investigating a
breach of an agreement or a contravention of the law that has been, is
being or is about to be committed and it is reasonable to expect that
disclosure with the knowledge or consent of the individual would
compromise the investigation.
Fraud: We will disclose Customer Data and Personal Information where it
is reasonable for the purposes of preventing, detecting or suppressing
fraud and it is reasonable to expect that the disclosure with the knowledge
or consent of the individual would compromise the ability to prevent,
detect or suppress the fraud.
Business Transaction: We may disclose and share Customer Data and
Personal Information to explore and/or undertake a corporate transaction,
including a merger, acquisition, amalgamation, IPO, reorganization or
sale of Filogix and/or the Service. We will enter into an agreement that
ensures that Customer Data and Personal Information will be used and
disclosed solely for the purposes related to the transaction and will be
protected by security safeguards appropriate to the sensitivity of the
information.
Transfer of Information
We may transfer Customer Data and Personal Information to third-party
service providers, suppliers and sub-contractors who assist Us in
providing and administering the Service. We may transfer Customer Data
and Personal Information to a third-party service provider outside of Your
jurisdiction of residence for storage and processing. In the event that Your
Customer Data and Personal Information is transferred abroad, the
government, courts, law enforcement or regulatory agencies of that
jurisdiction may be able to obtain disclosure of the data through the laws
of that jurisdiction.
Aggregate Data
Filogix shall have: (a) the right to de-identify, anonymize, pseudonymize,
aggregate or otherwise convert Customer Data and Personal Information
into blind data (collectively, the “De-identified Data”); and (b) a perpetual,
irrevocable, worldwide right to use, sell or disclose De-identified Data for
product improvement and development, benchmarking, analytics and
insights, or any other lawful purpose, as long as such De-identified Data
does not directly identify You or any particular individual.
Security of Information
We are committed to data security and protecting the Customer Data and
Personal Information through integrated physical, technological, and
administrative safeguards. In particular, Customer Data and Personal
Information is protected by security safeguards appropriate to the level of
sensitivity of the data through (i) physical measures, such as secure
areas; (ii) technical measures, such as secure servers; and (iii)
organizational measures such as access policies based on the need-to-
know and employee security through vetting and supervision.
Secure Data Storage: The Service's document management system uses
server side encryption based on AES-256, and databases are encrypted
at rest and in transit using Amazon Web Services (AWS) Key
Management Service. All servers are located with AWS (Amazon Web
Services Cloud). Further information on AWS security can be found at the
following link: http://aws.amazon.com/security/.
Data Retention
Information will be retained as necessary to provide the Service as
required or allowed by law or in accordance with our Broker and Lender
contracts.
Children
We do not provide the Service to children. You represent that You are the
legal age of majority under applicable law to use the Service.
Privacy Rights
Individual Access: Upon request, We will provide You with access to
Your Personal Information in accordance with applicable laws. If You are
requesting access to Customer Data, We will refer all such requests for
access to the Broker.
Data Accuracy
When We receive information, We do not verify the accuracy of the
information. We rely on You and the Broker to ensure the accuracy and
completeness of the information that has been provided to us to perform
the services.
Contact Us
To contact us with questions about this Privacy Policy send us an email at
privacy@finastra.com and write “Privacy Policy” in the subject line.
Still Need Help? You may contact us at any of the following: Mailing
Address
Att: Privacy Officer
Filogix
5995 Avebury Road
2nd Floor
Mississauga, Ontario
L5R 3P9
Email: privacy@finastra.com
THIRD-PARTY INTEGRATION SERVICE PROVIDERS
Last updated: February 1, 2021
Flinks
Flinks Technology Inc. (“Flinks”) uses an application programming
interface (“API”) to connect with Your bank to obtain Your bank statement
information. This information is used by Your Broker to process Your
mortgage application. Flinks integration will only be enabled with Your
consent. You understand that Flinks may use Your Personal Information
and data in accordance with its privacy policy. To review the Flinks
privacy policy, please visit https://flinks.io/privacy-policy/
Nylas
Nylas Inc. (“Nylas”) uses an API to integrate and sync Your email
account(s), contacts and calendar(s) with the Service. Nylas integration
will only be enabled with Your consent. You understand that Nylas may
use Your Personal Information and data in accordance with its privacy
policy. To review the Nylas privacy policy, please visit
https://www.nylas.com/privacy-policy/
You are strongly advised to review the privacy policies of these third-
parties before You enable integration. You are solely responsible for
reviewing and understanding these policies.
For Gmail users, The Service's use of information received from Google
APIs will adhere to Google API Services User Data Policy, including the
Limited Use requirements.