This Policy describes how we collect such information, how we use it and to whom and under what circumstances we may disclose it. California residents are entitled to specific notices and rights under the California Consumer Privacy Act (“CCPA”). That information can be found by clicking on the link at the end of this policy.
When you click onto our website, we use “cookies” to collect information about your use of our website, such as the domain and internet address of the website from which you accessed our website, the date and time you access our website, and your IP address (which is an identifier for your individual computer). This information is not “personal information” and does not tell us who you are. We may use the non-personal information collected to analyze and enhance the website and may aggregate and share this information with our business partners, service providers and sponsors.
Stonebriar only collects PII that you voluntarily share or authorize to be shared with us and/or is necessary and relevant to our business. When you provide us with your PII, we may store and process it to better understand your needs and improve our products and services. We may also use it to send you information, marketing, and promotional information and administrative information about the website. We may use and disclose your PII to third parties to the extent necessary to provide you with the specific products or services that you have requested. We may also disclose PII to third parties if we believe that disclosing it is necessary to protect the rights or property of Stonebriar or anyone else or if we believe in good faith that the law requires it. We may also transfer your PII to successors of our business assets. Except as stated in this policy, or as otherwise stated at the time PII is gathered, we will not provide it to third parties. We do not sell your personal information, nor do we offer financial incentives for the collection or sale of your personal information.
Stonebriar will keep PII confidential and will instruct its employees and third-party processors to do the same. Stonebriar has implemented appropriate technical and organizational measures to ensure a level of security appropriate to the risk in its technology infrastructure and systems, IT support functions, and various tools for storing and disseminating company information, including PII.
To remove or change your contact information or other PII, to not receive future mailings or other communications, as well as for all other inquiries, please contact us at the email or physical mailing address shown below. The Company will, upon receipt of a request from the subject of the PII, delete the related PII to the extent reasonably possible. It is important to note that it is not reasonably possible to remove from our system each and every record of your PII we may have collected. The need to back-up our systems to protect information for inadvertent loss means that a copy of your PII may exist in a non-erasable form that will be difficult to impossible for us to locate. However, after your receiving your request, all PII stored in databases we actively use and other readily searchable media will be updated, corrected, changed, or deleted, as appropriate, as soon as reasonably practicable. Please note that we may decline your request to delete your PII if we have a reasonable purpose for retaining it. For example, we may retain your PII as long as you are an officer or director of an enterprise with which we have a business relationship.
Subject data requests must be submitted in writing via email to firstname.lastname@example.org to the attention of the Legal Department, or by writing to the below address:
Stonebriar Commerial Finance
Attention: Legal Department
5601 Granite Parkway
Plano, TX 75024
California residents, click here for notices and rights to which you are entitled under the California Consumer Privacy Act.
Privacy Notice for California Residents – California Consumer Privacy Act (CCPA)
The following is provided to give California residents the additional information required by the California Consumer Privacy Act (the “CCPA”). The Company is committed to protecting the privacy and security of all the personal information that is entrusted to us.
California Residents Rights:
This California Consumer Privacy Act Notice (“Notice”) is provided by Stonebriar Finance Holdings LLC and its subsidiaries that either: (1) act as a business within the meaning of the CCPA, or (2) are controlled by Stonebriar Finance Holdings LLC and use the Stonebriar or SCF names. As an example, companies providing this Notice include Stonebriar Commercial Finance LLC. These companies are referred to in this Notice as “Stonebriar” “we” or “us.”
This Notice explains how we collect, use, and disclose personal information about California residents. The Notice also explains certain rights that California residents have under the California Consumer Privacy Act (“CCPA”). This Notice explains how California residents can exercise their rights under the CCPA to request that we: (1) provide certain personal information that we have collected about them during the past 12 months, along with related information described below, or (2) delete certain personal information that we have collected from them.
The CCPA only applies to information about residents of California.
Under the CCPA, “personal information” is information that identifies, relates to, or could reasonably be linked with a particular California natural person or household. This information is referred to in this Notice as “Personal Data.”
Please note that we do not sell your personal information, nor do we offer financial incentives for the collection or sale of your personal information. We will not discriminate against you if you exercise your rights under CCPA.
Categories of Personal Data that We Collect and Disclose
We collect and disclose Personal Data in a variety of contexts. For example, we collect and disclose Personal Data to provide commercial financial products and services to a business enterprise with which you may be associated, and for our employment and human resource purposes.
The Personal Data that we collect, use, or disclose about a specific California resident will depend on, for example, our relationship or interaction with that individual.
During the past 12 months, we have collected the following categories of Personal Data:
- personal unique identifiers, such as full name and federal or state issued identification numbers including Social Security number, driver’s license number, and passport number;
- personal information, including contact details such as telephone number and address, financial information such as account number and balance, as well as medical and health insurance information;
- characteristics of protected classes or groups under state or federal law, such as sex or marital status;
- internet or online information such as information regarding interaction with our websites, applications, or advertisements;
- education information; and
- inferences based on information about an individual to create a summary about, for example, an individual’s creditworthiness or the creditworthiness of a business they own or with which they are associated.
During the past 12 months, we have also disclosed the categories of Personal Data listed above for our business purposes. We have not, however, sold Personal Data that is subject to the CCPA’s sale limitations. The CCPA defines a “sale” as the disclosure of Personal Data for monetary or other valuable consideration.
Why We Collect Personal Data and How We Use It
The purposes for which we collect and use Personal Data depend on, among other things, our relationship or interaction with a specific California resident. The table below lists examples of certain purposes for which we collect and use Personal Data in different contexts.
|Purposes for Collection and Use||Examples|
|Provide and manage products and services||Establish and process transactions for our products and services, including commercial leases and loansSupport the ongoing management and maintenance of our products and services, including to provide account statements, payments and collections|
|Support our everyday operations, including to meet risk, legal, and compliance requirements||Perform accounting, monitoring, and reportingEnable information security and anti-fraud operations, as well as credit, underwriting, and due diligenceSupport audit and investigations, legal requests and demands, as well as to exercise and defend legal claimsEnable the use of service providers for business purposesComply with policies, procedures, and contractual obligations|
|Manage, improve, and develop our business||Market, personalize, develop, and improve our products and servicesConduct research and analysis, including to drive product and services innovationSupport customer relationship managementEvaluate and engage in mergers, acquisitions, and other transactions involving transfers of all or part of a business, or a set of assets|
|Support employment, infrastructure, and human resource management||Provide benefits to employees and dependents, including healthcare and retirement plansManage pay and compensation activitiesManage and operate our facilities and infrastructureProcess employment applications|
Sources of Personal Data
The sources from which we collect Personal Data depend on, among other things, our relationship or interaction with a specific California resident. The information below lists examples of certain categories of sources from which we collect Personal Data in different contexts.
- From California residents directly, or other individuals acting on their behalf, through physical (e.g., paper application), audible (e.g., phone), or electronic (e.g., website) sources.
- Public records or widely available sources, including information from the media, and other records and information that are made available by federal, state, or local government entities.
- Outside companies or organizations that provide data to support activities such as fraud prevention, underwriting, and marketing.
- Outside companies or organizations from whom we collect Personal Data to support human resource and workforce management activities.
- Outside companies or organizations from whom we collect personal data as part of providing products and services, completing transactions, supporting our everyday operations, or business management and development. Examples include companies or organizations to whom we provide products or services; other parties, partners, and financial institutions; and parties involved with mergers, acquisitions, and other transactions involving transfers of all or part of a business, or a set of assets.
Categories of Third Parties with Whom We Share Personal Data
The categories of third parties with whom we share Personal Data depend on, among other things, our relationship or interaction with a specific California resident. The information below lists examples of certain third parties with whom we share Personal Data in different contexts.
- Outside companies or organizations with whom we share Personal Data as part of providing products and services, completing transactions, supporting our everyday operations, or business management and development. Examples include companies or organizations to whom we provide products or services; service providers, partners, and financial institutions; and parties involved with mergers, acquisitions, financings and other transactions involving transfers of all or part of a business, or a set of assets.
- Companies or individuals that represent California residents such as an accountant or attorney.
- Government agencies including to support regulatory and legal requirements.
- Outside companies or organizations, including service providers, to whom we provide Personal Data to support human resource activities and workforce management.
- Outside companies or organizations, in connection with routine or required reporting, including accountants and other parties.
Requests Under the CCPA
A California resident has the right to request that we:
- Disclose to you the following information covering the 12-month period prior to your request (“Access Request”):
- The categories of Personal Data we collected about you and the categories of sources from which we collected the Personal Data;
- The business or commercial purpose for collecting Personal Data about you;
- The categories of third parties to whom we disclosed Personal Data about you, and the categories of Personal Data disclosed;
- The specific pieces of Personal Data we collected about you; and
- Delete Personal Data we collected from you (“Deletion Request”).
If you are a California resident, a business may not discriminate against you for exercising your rights under the CCPA.
Responding to Requests
Privacy and data protection laws, other than the CCPA, may apply to the Personal Data that we collect, use, and disclose. When these laws apply, Personal Data may be exempt from, or outside the scope of, Access Requests and Deletion Requests. As a result, in some instances, we may decline all or part of an Access Request or Deletion Request related to this Personal Data. This means that we may not provide some or all of this Personal Data when you make an Access Request. Also, we may not delete some or all of this Personal Data when you make a Deletion Request.
As examples, our processing of or response to an Access Request or Deletion Request may not include some or all of the following Personal Data:
- Employment. Personal Data about an individual who is a current or former employee or job applicant, and we use that Personal Data within the context of that individual’s role as a current or former employee or job applicant.
- Business-to-Business Relationships. Certain Personal Data we collect in the course of providing a product or service to another business, or in the course of receiving a product or service from another business.
The types of Personal Data described above are examples. We have not listed all types of Personal Data that may not be included when we respond to or process Access Requests or Deletion Requests.
In addition to the above examples, we may not include Personal Data when we respond to or process Access Requests or Deletion Requests when the CCPA recognizes another exception. For example, we will not provide the Personal Data about another individual where doing so would adversely affect the data privacy rights of that individual. As another example, we will not delete Personal Data when it is necessary to maintain that Personal Data to comply with a legal obligation.
How to Make Requests
If you are a California resident, you can make an Access Request or a Deletion Request by submitting your request to: Info@StonebriarCF.com.
Changes to this Notice
We may change or update this Notice periodically. When we do, we will post the revised Notice on this webpage indicating when the Notice was last updated.