For Mortgage Brokers & Lending Partners
The short version: We collect only required information to run your account and process loans. We don’t sell your data. You have real rights over your information, and this policy explains how to use them.
This policy covers anyone who uses the ResiCentral platform as a licensed mortgage broker, loan originator, or referral partner. If you’re a borrower whose loan is being processed through a broker, your information is handled as part of that loan file — this policy explains how we treat it.
ResiCentral is a licensed California mortgage lender. That means we follow both California privacy law and federal financial privacy rules. We’ve written this policy to satisfy both without burying you in legal jargon.
We only collect what we actually need. Here’s what that looks like in practice:
When you create an account
When you submit a loan
We handle borrower data with the same care as your own. It’s used only to process that specific loan and is not repurposed.
Automatically, when you use the platform
This is standard for any secure financial platform. We use it to keep the system safe, fix problems, and meet audit requirements.
We use your information for four things:
That’s it. We don’t use your data to build marketing profiles, train AI models, or sell to third parties.
The rule: We don’t sell your information. We don’t share it for advertising. We share it only when it’s necessary to run your account or required by law.
Service providers
We work with vendors who help us operate the platform — things like cloud hosting, payment processing, and email delivery. These vendors can only use your data to perform their specific job for us. They’re contractually prohibited from doing anything else with it.
Loan processing partners
When you submit a loan, we may share borrower information with title companies, appraisers, and credit reporting agencies to process that transaction. They receive only what they need for their role.
Regulators and government agencies
We may share information with agencies like the California DFPI, the CFPB, or the IRS when required by law or in response to a regulatory examination. Where legally permitted, we’ll let you know if this happens.
If ResiCentral is sold or merged
If our business is acquired or merged, partner information may transfer to the new entity. We’ll give you advance notice and an opportunity to opt out before that happens.
California law (CIPA, Cal. Penal Code § 630 et seq.) requires us to tell you clearly about any monitoring or tracking — and in some cases, get your consent before doing it. Here’s exactly what we do:
Cookies
We use three types of cookies:
When you first visit, a cookie banner will ask for your preferences. You can change them through the settings in the platform footer. We don’t use advertising or retargeting cookies.
Email open tracking
Emails we send may include a small invisible image that tells us whether the email was opened. We use this in aggregate — to know if a communication was reaching people generally, not to monitor you individually. If you prefer plain‑text emails without any tracking, email compliance@resicentral.com and we’ll switch your account.
Session activity
We log what happens in your platform sessions — which pages you visited, what you uploaded, what you searched. This is required for security and regulatory audit compliance. By using the platform, you consent to this logging. We don’t monitor anything outside of ResiCentral.
Phone calls
If we record a support or account call, we’ll tell you before the call starts. Under California law, everyone on the call must agree. If you’d rather not be recorded, just say so and we’ll note it unrecorded.
Do Not Track
If your browser sends a Do Not Track signal, we turn off analytics cookies for your session. Security cookies still run because they’re required for you to log in.
California Penal Code § 502 protects computer systems from unauthorized access. To be clear about what that means on our platform:
You’re authorized to:
You’re not authorized to:
Unauthorized access may result in account termination, civil liability under Cal. Penal Code § 502(e), and referral to law enforcement. If you think your account has been compromised, contact compliance@resicentral.com right away.
What it is | How long we keep it | Why |
What it is Your account and license records | How long we keep it 7 years after account closes | Why GLBA; regulatory readiness |
What it is Loan files | How long we keep it 3–5 years after closing | Why Federal mortgage regulations |
What it is Tax and compensation records | How long we keep it 7 years | Why IRS rules |
What it is Platform session logs | How long we keep it 2 years | Why Security and audit compliance |
What it is Support and communication records | How long we keep it 3 years | Why Dispute resolution |
What it is Cookie and analytics data | How long we keep it 13 months | Why Industry standard; CPRA |
After the retention period, data is securely deleted or permanently de‑identified.
If you’re a California resident, you have meaningful rights over your information under the CCPA and the California Privacy Rights Act (CPRA). Here’s what they are in plain terms:
🔍 Right to Know
You can ask us what personal information we have about you, where we got it, why we have it, and who we’ve shared it with. We’ll tell you, in writing, within 45 days.
🗑️ Right to Delete
You can ask us to delete your information. We’ll do it unless we’re legally required to keep it — which applies to a lot of mortgage data under federal law. If we can’t delete something, we’ll tell you exactly why.
✏️ Right to Correct
If something we have about you is wrong, you can ask us to fix it. Send us the correction and we’ll update our records and confirm the change.
🚫 Right to Limit Sensitive Information
Sensitive information (like your Social Security number or bank account details) is used only for the specific purpose we collected it for. We don’t use it for profiling or secondary analysis.
❌ Right to Opt Out of Sale or Sharing
We don’t sell your data and we don’t share it for advertising. There’s nothing to opt out of today, but if that ever changes, we’ll add an opt‑out before it happens.
⚖️ Right to Non‑Discrimination
Exercising any of these rights won’t affect your account, your compensation, or how we treat you as a partner. Full stop.
📬 To make a request: Email compliance@resicentral.com, call 1‑800‑647‑8750, or write to us at ResiCentral, Attn: Privacy Compliance Officer, 19417 Shumard Oak Drive, Unit 102, Land O’ Lakes, Florida 34638. We’ll acknowledge your request within 10 business days and respond within 45 days.
Note: A significant amount of the information we hold in connection with mortgage transactions is governed by federal financial privacy law (GLBA, FCRA) and is exempt from some CCPA rights. Where an exemption applies, we’ll explain it clearly in our response.
We use industry‑standard security to protect what you share with us:
If there’s ever a security incident involving your data, we’ll notify you as required by California’s data breach notification law (Cal. Civil Code § 1798.82) and any applicable federal rules.
Because we’re a mortgage lender, we’re also covered by the Gramm‑Leach‑Bliley Act (GLBA). GLBA requires us to:
We don’t share your nonpublic personal information with non‑affiliated third parties for marketing, so no opt‑out is required under GLBA. If that ever changes, we’ll give you the choice before it does
We review this policy at least once a year. When something material changes:
The current version is always at [resicentral.com/privacy]. If you want to see an older version, just ask.
If something in this policy is unclear, or if you want to exercise any of your rights, reach out:
Category | Contact Info |
Category Privacy Requests | Contact Info |
Category Partner Support | Contact Info |
Category Security Concerns | Contact Info |
Category Phone | Contact Info 1‑800‑647‑8750 (Mon–Fri, 8am–5pm PT) |
Category | Contact Info ResiCentral, Attn: Privacy Compliance Officer 19417 Shumard Oak Drive, Unit 102, Land O’ Lakes, Florida 34638 |
You can also file a complaint with the California Privacy Protection Agency at cppa.ca.gov or the California Department of Financial Protection and Innovation at dfpi.ca.gov.