PRIVACY POLICY
Our mission is to act as a trusted advisor, and we can’t do that without your trust. This Privacy Policy explains what information we collect about you, why we collect the information, as well as how we collect and use the information so that we can deliver the best experience that we can.

This Privacy Policy is intended for individuals that reside in the United States. By using any of our websites and mobile applications in the United States (collectively, “Sites”) or otherwise providing Personal Information to us, you agree to this Privacy Policy.

PERSONAL INFORMATION
“Personal Information” generally means any information that identifies you as an individual, and any other information we associate with it. We collect a few categories of information, from a few different sources.
Information that is passively collected when you use the Sites, such as by our web servers and by third party analytics tools we us

Our system logs may record certain information about visitors to our Sites, including the web request, Internet Protocol (“IP”) address, device and mobile ad identifiers, browser information, interaction with the Sites, pages viewed, app usage, and other such information; we may collect similar information from emails you receive from us that can help us track which emails are opened and which links are clicked by recipients.
We use certain cookies, pixel tags and other technologies to help us understand how you use the Sites and enable us to personalize your experience. To learn more about cookies, please visit http://www.allaboutcookies.org/. To learn more about Fairway’s use of cookies, please see our Cookie Policy. We may ask advertisers or other third party partners to serve ads or services to your devices, which rely on cookies or similar technologies placed on our Sites.
We may detect the physical location of your device by, for example, using GPS information collected by mobile apps or location information shared by your web browser. We collect this information for purposes of enhancing or facilitating our services, such as enabling certain functionalities of the Sites that can provide you with information about promotions or relevant product information near you. Should you wish to opt out of the collection of this information, please adjust the settings of your device so that information about your physical location is not sent to us or third parties by (a) disabling location services within the device settings; or (b) denying certain websites or mobile applications permission to access location information by changing the relevant preferences and permissions in your mobile device or browser settings. Please note that your location may be derived from your WiFi, Bluetooth, and other device settings. Please consult your device settings for further information.
HOW WE MAY USE PERSONAL INFORMATION
We may use Personal Information as permitted by law, for the following business purposes:

to respond to your inquiries and fulfill your requests
to send administrative information to you, such as about your account or loan or respond to your inquiries and requests for information
to communicate with you about loans, services, promotions, campaigns, programs, contests, and accounts
to inform you about our loan products, promotions, events or other promotional purpose
to re-contact you if we have not heard from you in a while
to send you advertising/promotional material from any of our affiliates, and on behalf of our promotional and strategic partners
to improve your experience with our products and services, such as by personalizing your experience with us
We may also use Personal Information as we believe to be necessary or appropriate for certain essential purposes, including:

to comply with applicable law and legal process
to respond to requests from public and government authorities, including public and government authorities outside your country of residence
to detect, prevent, or investigate potential security incidents or fraud
to facilitate the functionality of our mobile applications and websites
to provide important product safety information and notice of product recalls
to enforce our terms and conditions
to protect our operations or those of our affiliates
to protect our rights, privacy, safety or property, security and/or that of our affiliates, you or other
to allow us to pursue available remedies or limit the damages that we may sustain
HOW PERSONAL INFORMATION MAY BE DISCLOSED
To the extent permitted by law, all of your Personal Information may be disclosed to the following categories of third parties:

to our affiliates for the purposes described in this Privacy Policy
in connection with the essential purposes described above (e.g., to comply with legal obligations)
Information Sharing With Joint Venture Partners.
We may participate with another company or individual for purposes of jointly promoting our products, services, promotions or contests or their products, services, promotions, or contests. We reserve to right to disclose your personal information and usage data that you generate to them for purposes of (i) compensation, transaction processing, fulfillment, and support, and (ii) for purposes of offering you other products, services, promotions, and contests. These joint venture marketing partners may also contact you regarding other products, services, promotions, or contests.

DO NOT TRACK
We do not monitor or follow “Do Not Track” (DNT) signals because there is no standard interpretation or practice for DNT signals. Therefore, we handle all user information consistent with this Privacy Policy.

THIRD PARTY SITES
The Sites may link to other web sites and online services. We have no control over such third parties and therefore cannot be responsible for the content, availability, or security of such linked third-party websites, so please read their privacy policies carefully. Third parties may use your information for their own purposes, including behavioral or advertising purposes. This Privacy Policy does not address the privacy and data security practices of any third parties. The inclusion of a link on the Sites does not imply endorsement of the linked third-party website or their products and services, and is provided for your convenience only. If you decide to access any of the third-party websites linked to our Sites, you do so subject to the terms and conditions of use for such third-party websites.

We are also not responsible for the privacy and data security practices of other organizations, such as Facebook, Instagram, Apple, Google, Microsoft, Twitter or any other app developer, app provider, social media platform provider, operating system provider, wireless service provider or device manufacturer. Please read their privacy policies and consider customized settings on your browser or through your mobile phone to limit disclosure of certain information, such as location data.

Any Personal Information that you provide through these third-party websites, mobile applications, or social platforms will be subject to the privacy policy of its operator, and not this Privacy Policy.

SECURITY
With recent events and regulatory changes, our customers and business partners are increasingly asking how Fairway protects the sensitive information entrusted to us. We recognize that this is a significant trust and one that we don’t take lightly. Information Security is a very complex subject, and the technical details are beyond the scope of this document. However, this document will provide a general overview of the Information Security Controls in place and operating at Fairway.

The Fairway Information Security Program relies on the National Institute of Standards and Technology (NIST) 800 series of standards as the primary framework for our control design, implementation and operation. Those controls include Physical, Technical, Administrative and Procedural controls. We continually invest in and enhance these controls to meet new threats and vulnerabilities. We work with several leading Information Security firms which assist us in the implementation, operation and review of our security controls. This includes periodic assessments and testing.

A significant part of our strategy is our implementation of application virtualization technology throughout Fairway. This technology significantly reduces the potential attack points by centralizing the location of borrower data within our datacenters. We replicate data between servers in our primary and secondary data centers – data is never put on tape or other physical media for transport.

Additionally, all of our associates are provided training on the protection of borrower information and are engaged in an active, continual Information Security Awareness program that keeps Information Security in focus all throughout the year.

Fairway’s primary tool for loan processing is the Encompass Loan Origination system by Ellie Mae. Additional services (Credit Reporting, Anti-fraud, etc…) are provided by third party organizations via the Ellie Mae Network. Data movement between Ellie Mae software clients to the central server is encrypted throughout transmission. Borrower information stored on the central server is also encrypted while “at rest”. Similarly, information passed through the Ellie Mae Network is encrypted throughout transit.

Secure exchange of information between borrowers and Fairway Loan Officers and associates is facilitated by the Encompass eFolder functionality. Additionally, our email system is configured to automatically establish Transport Layer Security with any correspondent email systems that support this encryption mechanism. Finally, we have an Encrypted Email system for communications with those that don’t have access to a secure email system.

We use standard physical, technical and administrative measures designed to reduce the risk of loss, misuse, unauthorized access, disclosure or modification of your Personal Information. Unfortunately, no system or network can be guaranteed to be 100% secure. If you have reason to believe that your interaction with us is no longer secure (for example, if you feel that the security of any account you might have with us has been compromised), please immediately notify us in accordance with the “Contacting Us” section below (note that physical mail notification will delay the time it takes for us to respond to the problem).

YOUR CHOICES AND ACCESS RIGHTS
RETENTION PERIOD
We will retain your Personal Information for the period necessary to fulfill the purposes outlined in this Privacy Policy unless a longer retention period is required or permitted by for legal, auditing, or compliance purposes.

CHILDREN’S PRIVACY
We do not intend for our websites or other online services to knowingly collect or solicit any information from anyone under the age of 13 or knowingly allow minors under the age of 13 to disclose their Personal Information to us through the Sites. The Sites are directed to individuals who are permitted to share their Personal Information without parental consent. If you believe that we might have any information from a child under the age of 13, please contact us as directed below in the “Contacting Us” section. You may mark your inquiry “COPPA Information Request.” Parents can learn more about how to protect children’s privacy online here.

UPDATES TO THIS PRIVACY POLICY
We may periodically update this Privacy Policy. Any changes to this Privacy Policy will become effective when we post the revised Privacy Policy on our Sites. Your use of the Sites following these changes means that you accept the revised Privacy Policy.

CONTACTING US
We welcome your questions, comments, and concerns about privacy. If you have any questions about this Privacy Policy or our data practices, please contact us as follow

You may email us at: privacy@fairwaymc.com.
You may call us at (800) 447-2603.
Please note that email communications are not always secure, so please do not include credit card information or other sensitive information in any emails to us.