​
​
​
This privacy policy ("Privacy Policy") governs TY2, Inc and its subsidiaries and affiliates (collectively, “TY2” “we” “our” and “us”). We are committed maintaining your trust and confidence as it relates to our Privacy Policy and the security of your personal information. for your use of services or features on the sites owned and controlled by TY2, Inc. ("TY2"), including www.tomofinance.com (the "Services").
This page informs you of our policies regarding the collection, use, and disclosure of personal data when you use our Services and the choices you have associated with that data. You consent to this Privacy Policy through your use of the Services.
​
We use your data to provide and improve the Services. By using the Services, you agree to the collection and use of information in accordance with this policy. We may change or update this Privacy Policy periodically. Please refer to the “Last Updated” date on this policy. Any changes to this Privacy Policy will become effective when posted unless indicated otherwise.
​
Information Collection and Use
​
We collect several different types of information for various purposes to provide and improve our Services to you.
​
Types of Data Collected
​
Personal Data: While using our Services, we may ask you to provide us with certain personally identifiable information that can be used to contact or identify you (“Personal Data”). Personally identifiable information may include, but is not limited to:
​
-
Identity Information: Including name, date of birth, marital status, social security number, and other data on government-issued identification documents.
-
Contact Information: Including home address, telephone number, email address, and emergency contact details.
-
Employment Information: Including job title/position and annual income.
-
Cookies and Usage Data
Use of Data: We use the collected data for various purposes:
-
To provide and maintain our Services
-
To notify you about changes to our Services
-
To provide customer support
-
To monitor the usage of our Services
-
To detect, prevent, and address technical issues
Third-Party Sources: We collect information about you from third parties. We may also combine personal information we receive from you with personal information we obtain from other sources. We receive information from the following categories of sources.
-
Data providers such as information services and data licensors that provide demographic information, mailing addresses, and other information, (e.g., data aggregators, data compilers, data compilers/originators).
-
Public sources, such as government agencies, public records, social media platforms, and other publicly available sources (e.g., public record sources and collection agencies).
-
Consumer Reporting Agencies, as a company engaged in lending, TY2 both receives and transmits data to consumer reporting agencies. We obtain information from these agencies to assess your creditworthiness and to prevent fraud and identity theft. This is done as part of our regular underwriting, fraud prevention and loan servicing processes.
-
Information about open and closed credit accounts, including the date opened, the date closed (if applicable), the latest reported monthly balance and monthly payment.
Cookies and Usage Data
We reserve the right to use the following technologies to facilitate automatic data collection:
-
Cookies, which are small text files that websites store on user devices and that allow web servers to record users’ web browsing activities and remember their submissions, preferences, and login status as they navigate a site. Cookies used on our sites include both “session cookies” that are deleted when a session ends, “persistent cookies” that remain longer, “first party” cookies that we place and “third party” cookies that we place on our websites and app for social media, advertising, analytics companies, and other service providers.
-
Logical storage technologies, like HTML5, that provide cookie-equivalent functionality but can store larger amounts of data on your device outside of your browser in connection with specific applications.
-
Pixels or web beacons, also known as pixel tags or clear GIFs, enable collection, storage, and sometimes sharing of your information and/or your actions taken, such as whether you accessed or opened a webpage or email or that you viewed or clicked certain content. Certain pixels include computer-code snippets that enable the collection and sharing of information back to web servers of third parties.
-
Session Replay Technologies. TY2 will capture your use of the Site and may record your use. We use third-party services that employ software code to record users’ interactions with the Website in a manner that allows us to watch DVR-like replays of those user sessions. The replays include users’ clicks, mobile app touches, mouse movements, scrolls and keystrokes/key touches during those sessions. These replays help us diagnose usability problems and identify areas for improvement. We may use the Cookies and similar technologies for the following purposes:
-
Technical operation. To allow the technical operation of our Services, such as by remembering your selections and preferences as you navigate our websites and app.
-
Functionality. To enhance the performance and functionality of our Services.
-
Advertising. To help our third-party marketing providers collect information about how you use our Services over time to show you ads on other online services they believe will interest you and measure how the ads perform.
-
Analytics. To help us understand user activity on the Website, including which pages are most and least visited and how visitors move around the Website, as well as user interactions with our emails.
-
​
Cookie Opt-outs. You can disable cookies via most browsers. This may affect site functionality.
​
Transfer of Data
​
Your information, including Personal Data, may be transferred to — and maintained on — computers located outside of your state, province, country, or other governmental jurisdiction where the data protection laws may differ from those of your jurisdiction.
​
Data Privacy
​
TY2 will take all the steps reasonably necessary to ensure that your data is treated securely and in accordance with this Privacy Policy and no transfer of your Personal Data will take place to an organization or a country unless there are adequate controls in place including the security of your data and other personal information.
​
Disclosure of Data
​
Legal Requirements TY2 may disclose your Personal Data in the good faith belief that such action is necessary to:
-
To comply with legal obligations
-
To protect and defend the rights or property of TY2
-
To prevent or investigate possible wrongdoing in connection with the Services
-
To protect the personal safety of users of the Service or the public
-
To protect against legal liability
Security of Data
​
Retention of Personal Information
​
We retain information we collect about you, and use the following factors to determine the retention period of personal information:
-
to maintain an ongoing relationship with you as a customer, member, or business contact (for example, when you are a recipient of any of our financial services/products).
-
to perform under applicable terms and services to which you agreed.
-
as necessary in connection with the lawful purposes set out in this Privacy Policy.
-
to comply with applicable laws
-
to establish, exercise or defend our legal rights.
How We Use Your Personal Information
We use your personal information for the following purposes, or as otherwise described at the time of collection:
-
Provide Financial Services and Products. We use your personal information to provide you with financial services and products and review your application and determine eligibility for financial products and services.
-
Process transactions and payments, fulfill orders, and verify your customer information.
-
Provide, operate, and maintain your TY2 financial accounts and services.
-
Communicate with you about our products and services.
-
Provide support for the Website, our financial services, and products, and respond to your requests, questions, and feedback.
-
Research and development and business promotion. We may use your personal information for research and development purposes, including to analyze and improve the Website and our business, and for business promotion purposes.
-
Marketing and advertising. We, our service providers, advertising and marketing platforms, and our third-party companies with which we maintain advertising agreements may collect and use your personal information for marketing and advertising purposes.
-
Meet compliance and legal obligations. We may use your personal information to:
-
comply with applicable laws, lawful requests, and legal process, such as to respond to subpoenas or requests from government authorities.
-
protect our, your or others’ rights, privacy, safety, or property (including by making and defending legal claims).
-
audit our internal processes for compliance with legal and contractual requirements or our internal policies.
-
enforce the terms and conditions that govern our Services.
-
-
Fraud Detection and prevention. We may use your personal information to prevent, identify, investigate, and deter fraudulent, harmful, unauthorized, unethical, or illegal activity, including cyberattacks, and identity theft.
-
With your consent. In certain cases, we ask for your consent to collect, use, and share your personal information, such as when obtaining a credit report.
Our Disclosure of Your Personal Information for Business Purposes
We share your personal information with the following parties and as otherwise described in this Privacy Policy, or at the time of collection.
-
Service providers. Third parties that provide services to TY2, or to you on our behalf, or help us operate our business (such as data cloud providers), information technology, customer support, email delivery, marketing, consumer research and website analytics.
-
Advertising and marketing partners. Third-party advertising companies that advertise and promote TY2.
-
Consumer reporting agencies.
-
Social Media Platforms. If you interact with us or our TY2 Services on or through social media platforms, the platform may be able to collect information about you and your interaction with us. If you interact with social media objects on our sites, both the social media platform and your connections on the platform may be able to view that activity. To control the sharing of information, please review the privacy policy of the relevant social media platform.
-
Third parties designated by you. We may share your personal information with third parties where you have instructed us or provided your consent to do so. We will share personal information these other companies need to provide the services that you requested.
-
Business and marketing partners. Third parties with whom we co-sponsor events or promotions, with whom we jointly offer products or services, or whose products or services may be of interest to you.
-
Other lenders. TY2 may share your information with other lenders or loan brokers to offer products and services to you.
-
Professional advisors. Professional advisors, such as lawyers, auditors, bankers, and insurers, where necessary in the course of the professional services that they render to us.
-
Legal authorities. Law enforcement, government authorities, regulatory agencies, and third parties, as we believe in good faith to be necessary or appropriate for the compliance and protection purposes described above, and in compliance with applicable law.
-
Business transferees. Acquirers and other relevant participants in business transactions (or negotiations of or due diligence for such transactions) involving a corporate divestiture, merger, consolidation, acquisition, reorganization, sale or other disposition of all or any portion of the business or assets of, or equity interests in, TY2 or our affiliates (including, in connection with a bankruptcy or similar proceedings).
-
Other users and the public Your user-generated content may be visible to other users of our Services and the public. For example, other users or the public may have access to your information if you provide comments, reviews, blog posts, messages or share other content. This information can be viewed, collected, and used by others, including being cached, copied, screen captured or stored elsewhere by others (e.g., search engines), and we are not responsible for any such use of this information.
Sale/Sharing of Personal Information
Security
TY2 takes the privacy and security of its members’ personal information seriously. We maintain administrative, technical, and physical safeguards designed to protect your information’s security, confidentiality, and integrity.
​
Your Personal Information Choices
​
You may have additional choices if you are from California and Nevada. Please see below if you are a resident of those areas. We want you to be aware of the choices you have in limiting the sharing of your personal information.
-
Direct Mail Opt-Out: To opt out of TY2’s marketing and advertising campaigns conducted via direct/postal mail, please make your request at info@tomofinance.com
-
Correcting Information Maintained by the National Credit Reporting Agencies: Credit reporting agencies maintain Information related to your creditworthiness. If you find that there is an error or want to dispute the information found in your credit report, please contact the national credit reporting agencies.
-
Equifax – https://www.equifax.com/
-
Experian – https://www.experian.com/
-
TransUnion – https://dispute.transunion.com/
-
-
Advertising choices You can limit use of your information for interest-based advertising by:
-
Browser settings. Blocking third-party cookies in your browser settings.
-
Privacy browsers/plug-ins. By using privacy browsers or ad-blocking browser plug-ins that let you block tracking technologies.
-
Platform settings. Google and Bing offer opt-out features that let you opt-out of use of your information for interest-based advertising:
-
-
Do Not Track: Certain Internet browsers can be configured to send “Do Not Track” signals to the online services that you visit. If your browser is set to “Do Not Track” or “Send a Do Not Track Request,” we interpret this as a valid request to not sell or share the personal information for that browser or device.
-
Cookie Options
-
Other Privacy Choices
-
CCPA Compliance
-
-
Declining to provide information: We need to collect personal information to provide certain services. If you do not provide the information we identify as required or mandatory, we may not be able to provide those services.
California Privacy Rights
This section applies solely to residents of California and their personal information that is subject to the California Consumer Privacy Act (CCPA). The CCPA allows exceptions for, therefore, does not apply to the following:
​
-
Publicly available information made lawfully available from government records.
-
Information that is deidentified, meaning that the information is rendered so that it cannot reasonably be used to infer information about or link to a specific person.
-
Information subject to other laws, such as the following:
-
Personal information covered by certain sector-specific privacy laws, including the Fair Credit Reporting Act (“FCRA”), the Gramm-Leach Bliley Act (“GLBA”) or California Financial Information Privacy Act (“FIPA”), and the Driver’s Privacy Protection Act of 1994.
-
California residents have the right to:
​
-
Know what personal information we have collected about you, including the categories of personal information, the categories of sources from which the personal information is collected, the business or commercial purpose for collecting, selling, or sharing personal information, the categories of third parties to whom the business discloses personal information, and the specific pieces of personal information the business has collected about you;
-
Request the deletion of certain personal information collected by us
-
Correct inaccurate personal information
-
Know/access or receive a disclosure of your personal information;
-
Know what personal information is sold or shared and to whom;
-
Opt-out of the sale or sharing of your personal information;
-
In certain cases, limit the use and disclosure of sensitive personal information; and
-
No retaliation for opting out or exercising any other rights, including an employee’s right not to be retaliated against for the exercise of their CCPA rights.
Your Nevada Privacy Rights
Senate Bill No. 220 (May 29, 2019) amends Chapter 603A of the Nevada Revised Statutes to permit a Nevada consumer to direct an operator of an Internet Website or online service to refrain from making any sale of any covered information the operator has collected or will collect about that consumer. You may submit a request pursuant to this directive by calling us at 702-425-2304.
We will provide further information about how we verify the authenticity of the request and your identity.
​
How to Exercise Your Rights to Know (Access), Delete, or Correct Your Personal Information
We must verify your identity before processing most requests, which may require you to provide additional information. You may submit a request by reaching out to our customer service team at 702-425-2304.
Privacy Policy
Last updated: 3.18.24