MortgageCheck

Privacy Policy

We take your data—and your clients' data—seriously. This policy explains what we collect, how we use it, and how we protect it.

Last updated: November 2025

Information We Collect

Account Information: When you sign up, we collect your name, email address, phone number, brokerage details, and professional credentials.
Lead Data: Information submitted by borrowers through your microsite, including contact details, property information, income, debts, and credit band selections.
Usage Data: How you and your clients interact with the platform, including page views, feature usage, and session duration.
Payment Information: Billing details processed securely through Stripe. We do not store full credit card numbers on our servers.

Social Insurance Numbers (SIN): We never ask for or store SINs.
Hard Credit Checks: Our pre-qualification is educational only and does not pull credit reports.
Bank Account Details: We don't require or store banking information from borrowers.

Service Delivery: To power your personalized microsite, AI assistant, and lead notifications.
Communication: To send you lead alerts, product updates, and support responses.
Improvement: To analyze usage patterns and improve the platform experience.
Compliance: To meet legal obligations and respond to lawful requests from authorities.

With You: Lead data is shared with the broker whose microsite collected it.
Service Providers: We use trusted partners (Vercel, Supabase, Resend, Stripe) to host and operate the platform. These providers are bound by confidentiality agreements.
Never Sold: We do not sell, rent, or trade your personal information or lead data to third parties.

Encryption: All data is encrypted in transit (TLS 1.3) and at rest (AES-256).
Access Controls: Role-based access ensures only authorized personnel can access sensitive data.
Infrastructure: Hosted on SOC 2 compliant infrastructure with automatic backups and redundancy.

Active Accounts: Data is retained while your subscription is active.
After Cancellation: Account data is retained for 90 days, then permanently deleted. Lead data is retained for 7 years to support your compliance needs, unless you request earlier deletion.
Deletion Requests: Contact us through our Contact page to request data deletion. We process requests within 30 days.

Access: Request a copy of your personal data.
Correction: Update inaccurate information.
Deletion: Request removal of your data (subject to legal retention requirements).
Portability: Export your lead data in standard formats.
Withdrawal: Opt out of marketing communications at any time.

We use essential cookies to maintain sessions and remember preferences. We do not use third-party advertising trackers. Analytics are privacy-focused and do not track individual users across sites.

For privacy-related inquiries, visit our Contact page