Notice At Collection (California Residents)
Last Revised: December 15, 2022
Do Not Sell or Share My Information
Kapitus reserves the right at its sole discretion, to change, modify, add, or remove portions of these terms, at any time. It is your responsibility to check these terms periodically for changes. Your continued use of the Sites following the posting of changes will mean that you accept and agree to the changes. As long as you comply with these terms, Kapitus grants you a personal, non-exclusive, non-transferable, limited privilege to enter and use the Sites.
We are committed to protecting your personal information (i.e., information that identifies an individual, such as a name and email address) and have implemented controls to protect information that is furnished to us directly, as well as information that we may obtain, with authorization, from third party sources.
Strategic Funding Source, Inc., d/b/a Kapitus
ATTN: Compliance Department
2500 Wilson Boulevard, Suite 350
Arlington, VA 22201
As a condition of your use of the Sites, you agree that you will not take any action intended to: (i) access data that is not intended for you; (ii) invade the privacy of, obtain the identity of, or obtain any personal information about any customer or user of the Sites; (iii) probe, scan or test the vulnerability of the Sites or the Kapitus network or breach security or authentication measures without proper authorization; (iv) attempt to interfere with service to any user, host or network or otherwise attempt to disrupt our business, including, without limitation, via means of submitting a virus to the Sites, overloading, “flooding,” “spamming,” “mail bombing” or “crashing;” or (v) send unsolicited mail, including promotions and/or advertising of products and services. Violations of system or network security may result in civil or criminal liability.
We take reasonable measures, including administrative, technical, and physical safeguards to protect your information from loss, misuse, unauthorized access, disclosure, alteration, and destruction. These security measures include firewalls, data encryption, physical access controls to our data centers, and information access authorization controls.
Information Collected Directly From You
In connection with our provision of Services, we collect business information, as well your personal financial information. We collect most of this information during your enrollment and application process. We may gather additional information during your subsequent use of the Sites or when we communicate with you via telephone, email, or other means. As described below, we may collect additional information, with your authorization, from third parties.
Certain personal information must be supplied during the application processes in order to meet our legal obligations, verify your identity, facilitate determinations for credit eligibility, protect against fraud, and complete your transaction. The following categories of information may be collected:
1. Basic user identifying information (for example, your name, account name, address, email, telephone number, and date of birth) or similar identifiers;
2. Basic business information (for example, business name, address, email, website URL, telephone number, company structure, industry type, ownership information, and date of incorporation) or similar identifiers;
3. Full or partial social security number and/or business identification numbers;
4. Annual revenue and sources of revenue; and
5. Financial information (for example, bank statements, credit card statements, average bank balance, and credit score).
Information Collected From Third Parties
In connection with an application, we will collect information from credit bureaus and other third parties to make determinations for financing eligibility, perform analyses, and assess risks related to your potential financing. If you are approved for financing, we also collect information throughout the life of our business relationship with you in order to assess risks associated with your financing and perform analyses. The following categories of information may be collected for customers:
1. Basic consumer identifying information (for example, your name, account name, address, email, telephone number, and date of birth) or similar identifiers;
2. Basic business information (e.g., business name, address, email, URL, telephone number, company structure, industry type, ownership information, and date of incorporation) or similar identifiers;
3. Credit score, credit history, and other information relating to creditworthiness and identity;
4. Bank account information; and
5. Financial, Tax, and transactional information about your business from third parties such as financial institutions, credit card processors, vendors and service providers, and publicly available sources.
Information Gathered Based on Your Activity on the Sites
For all users, Kapitus collects information about your visits to the Sites and the computer or device through which you access the Sites, such as your IP address, geographical location, operating system, browser type, referral source, time and length of visit, button clicks and/or page views, and your mobile device identifier (IDFA or AAID).
We use technologies such as but not limited to cookies, beacons, tags, and scripts, to analyze trends, administer the Sites, track users’ movements around the Sites, and gather information about our user base. We may receive reports on this activity on an individual and aggregated basis.
How We Use Your Information
We may use the information we collect to:
1. Process your business’s application and determine its qualification for financial products;
2. Facilitate servicing and collections activities;
3. Verify your identity, conduct appropriate diligence, and keep your information current;
4. Provide customer support;
5. Understand, personalize, and enhance your experience;
6. Show advertisements for our products and/or offers to you on third party sites;
7. Measure and improve the performance and functionality of the Sites;
8. Manage the security of the Sites; and
9. Compile and generate data analytics reports to better understand you and to improve the user experience.
How Kapitus Shares Your Information
Kapitus shares your information with third parties as permitted by law, including in the following specific ways:
Co-Applicants / Co-Borrowers. We may share your information with your co-applicant / co-borrower in order to process your business application and as needed to provide our Services.
Third Party Service Providers. We rely on third party service providers to help us conduct our business and marketing activities, such as maintaining our files and records, offering customer service, sending marketing communications, fraud prevention, identity verification, credit checks, collections, and payment processing. We may share any information we receive with such parties as is necessary for the provision of the Services. We may also share among affiliates (including but not limited to the companies covered by this policy) for this purpose where one affiliated company provides services to or on behalf of another affiliated company in connection with your account or application.
Other Sources of Commercial Financing. In connection with your request for commercial financing, we may share your information with financial institutions, lenders, purchasers of accounts receivable, factoring companies, equipment finance or leasing companies, or other similar sources of commercial financing.
Credit Bureaus. We may share your personal information with credit bureaus to meet our credit reporting obligations.
Your Consent. We may share your personal information with third parties at your direction or whenever you consent.
Legal Requests & Regulatory Requirements. We may also share information to comply with, or to allow investors or potential investors to comply with, any applicable law, regulation, legal process or governmental request; or for the purposes of limiting fraud; or in connection with an audit or the sale of Kapitus to a third party.
Blogs and other public forums
Our Sites offer publicly accessible blogs or community forums. You should be aware that any information you provide in these areas may be read, collected, and used by others who access them. To request removal of your personal information from our blog, community forum, or other social media, contact us by email at [email protected]. If we are unable to remove your personal information, we will let you know we are unable to do so and why.
We display personal testimonials of satisfied customers on our Sites in addition to other endorsements. With your consent, we may post your testimonial along with your name. If you wish to update or delete your testimonial, contact us by email at [email protected].
Important Privacy Choices
You may choose to stop receiving marketing emails by following the unsubscribe instructions included in those emails. You may also request that we do not call you for marketing-related purposes. In addition to following the unsubscribe instruction in relevant email communications, you may make these requests by contacting us at [email protected] or calling us at (844) 547-9396. We will respond to your request within a reasonable timeframe. In addition, if you no longer wish to receive marketing notifications through our mobile applications you can adjust your device’s privacy preferences by visiting the settings page of the device. Opting out of marketing emails or notifications will not stop your receipt of non-marketing emails and notifications related to our Services.
Notice at Collection (California Residents)
Effective January 1, 2023, the California Privacy Rights Act(“CPRA”) provides specific rights to California residents related to their “personal information,” as defined under the CPRA. CPRA provides you with certain rights with respect to this information. This section enumerates the CPRA required disclosures and details those rights under the CPRA. Personal information does not include information that is publicly available, deidentified, or aggregated.
This section only applies to California residents. The rights discussed in this section do not extend to individuals who are not California residents.
Information We Collect
Throughout your interactions with Kapitus, we collect various types of information about you. In the past 12 months, we have collected the following categories of personal information about California residents who are website visitors, users, and businesses that access Services provided by or through Kapitus:
First and last name, mailing address, Internet Protocol (IP) address, email address, social security number, driver’s license number, or other similar identifiers
Categories of information described in the California Customer Records Statute
First and last name, social security number, address, primary telephone number, job title, bank account number, or any other financial information
Commercial or transactions information
Products or services purchased, obtained, or considered
Audio or similar information
Internet or other electronic network activity information
Information about your internet connection, including IP address, geographical location, operating system, browser type, referral source, time and length of visit, button clicks and/or page views, and your mobile device identifier (IDFA or AAID)
Professional or employment-related information
Job title, income
We collect the information listed above from the following categories of sources: (i) information provided by you, (ii) information we collected when you use our Services, or (iii) information received from third parties. We may use information we collect for purposes set forth above.
How Kapitus Discloses Personal Information
Kapitus may share your personal information with third party service providers to help us conduct the business purposes listed above, including, but not limited to, sharing with service providers to assist us in providing the Services. Our service providers are authorized to use your personal information only as necessary to provide their services to us. Additionally, Kapitus may share your personal information: (i) as required by law; (ii) in connection with an audit or the sale of Kapitus to a third party; or (iii) with your consent. We do not sell or otherwise share your personal information.
Your Rights Under the CPRA
Right to Know/Right to Access. Under the CPRA, California residents have the right to request that Kapitus disclose what information we have collected, used, disclosed, or sold over the past 12 months. Once we receive and confirm your verifiable consumer request for such information, (see “How You Can Exercise Your Rights Under CPRA”), we will disclose to you:
1. The categories and specific pieces of personal information we collected about you over the past 12 months;
2. The categories of sources from which such personal information has been collected over the past 12 months;
3. The business or commercial purpose for collecting, disclosing or selling such personal information over the past 12 months;
4. The categories of third parties with whom we shared your personal information over the past 12 months; and
5. If we disclosed your personal information for a business purpose, the personal information categories that each category of recipients obtained.
Right to Delete. Under the CPRA, California residents have the right to request that we delete any of your personal information that we collected from you and retained, subject to certain exceptions. Once we receive and confirm your verifiable consumer request (see “How You Can Exercise Your Rights Under CPRA”), we will delete your personal information from our records, and direct our service providers to do the same, unless an exception applies.
Right to Opt-Out of Sale of Sharing of Personal Information. Under the CPRA, California residents have the right to direct us to not sell your personal information (the “right to opt-out”). Kapitus does not and will not sell or otherwise share personal information of consumers.
Right to Non-Discrimination. Under the CPRA, California residents have the right not to be discriminated against for having exercised the rights established by the CPRA. We will not discriminate against you for exercising any of your CPRA rights. Unless permitted by the CPRA, we will not:
Deny you goods or services;
Charge you different prices or rates for goods or services, including through granting discounts or other benefits or imposing penalties;
Provide you with a different level or quality of goods or services;
Suggest that you may receive a different price or rate for goods or services or a different level or quality of goods or services.
We may, however, offer you certain financial incentives permitted by the CPRA that can result in different prices, rates, or quality levels. Such financial incentives may include gift cards, credits, and other monetary offerings; additional details related to the material terms of these financial incentives will be provided to you at the time the incentive is presented to you. Any CPRA-permitted financial incentive we offer will reasonably relate to your personal information’s value and contain written terms that describe the program’s material aspects. Participation in a financial incentive program requires your prior opt in consent, which you may revoke at any time.
How You Can Exercise Your Rights Under CPRA
In order to exercise the right to know/right to access information and the right to request deletion, you or your authorized agent may submit a verifiable consumer request either by contacting us by phone at (800) 780-7133 with a brief description of yourere request or by submitting the request online by clicking here. Please note that we may request additional information from you or your agent as needed to authenticate your request. You may only make a verifiable consumer request to know or request for access twice within a 12-month period.
The verifiable consumer request must do the following:
• Provide sufficient information to allow us to reasonably verify that you are the person about whom we collected personal information or that you are an authorized representative.
• Describe your request with sufficient detail so that we can properly understand, evaluate, and respond to it.
If we are able to verify your request, we will make our best effort to respond within forty-five (45) days of our receipt of your request. If we require more time (up to 45 additional days), we will inform you of the reason and extension period in writing.
We will not disclose information to you or delete information if we cannot verify your identity.
How California Residents Can Designate an Authorized Representative
Only you as a California resident, or a person registered with the California Secretary of State that you authorize to act on your behalf, may make a verifiable request to know/request for access, request for deletion, or request to opt-out. To appoint an authorized representative to submit requests on your behalf, please provide us with written instructions stating the identity of the authorized representative and your authorization to have the representative act on your behalf by emailing us. We may also request additional information from you as needed to authenticate your request. If an authorized representative is acting on your behalf, your representative may contact us by phone at (800) 780-7133 with a brief description of your request or may submit your request online by clicking here. Please note that we may request additional information from your representative as needed to authenticate your request.