Privacy Policy

Effective Date: April 22, 2026

Safeguarding our customers' privacy and protecting nonpublic personal information (NPI) is Tradata's highest priority. This Privacy Policy explains how Tradata, Inc. ("Tradata", "we", "us") collects, uses, secures, and protects information when you use our commercial lending automation services.

1. Information We Collect

Account & Business Information: When you request a demo or create an account, we collect your name, business email, company name, and phone number to provide our services and communicate with you.

Customer Data (Financial Documents): To provide our underwriting automation, we collect the documents you upload or sync via LOS integrations. This includes bank statements, 1099s, borrower profiles, and custom credit overlays. This data is processed exclusively to provide the exact service you requested.

2. How We Use Information

We use the information we collect to:

  • Operate the Service and process your uploaded Non-QM loan files.
  • Extract income data, perform DTI calculations, and generate audit-ready reasoning.
  • Maintain enterprise-grade security and prevent unauthorized access.
  • Comply with applicable legal and regulatory requirements.

We do not sell personal information or Customer Data. We do not use your data for advertising purposes.

3. AI Processing & Strict Data Isolation

Because we handle sensitive mortgage data, Tradata utilizes strict data isolation protocols. We do not use your proprietary Customer Data, borrower NPI, or custom credit overlays to train generalized or public AI models. Your data remains siloed in your tenant environment and is used solely to execute your specific loan calculations.

4. Data Security

We maintain physical, electronic, and procedural safeguards designed to protect nonpublic personal information in accordance with industry standards (including GLBA guidelines). We implement:

  • AES-256 Encryption for data at rest and TLS encryption for data in transit.
  • Strict role-based access controls (RBAC) and least-privilege policies.
  • SOC 2 compliant infrastructure hosting.

5. Information Sharing

We share information only with trusted subprocessors (such as highly secure cloud infrastructure providers) strictly necessary to operate the Service. All subprocessors are bound by rigorous confidentiality agreements. We may also disclose information to comply with valid legal subpoenas, court orders, or regulations.

6. Your Privacy Rights

Depending on your jurisdiction (including the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA)), you may have the right to request access to, correction of, or deletion of the personal information we hold about you. Because Tradata operates as a B2B service provider, requests regarding individual borrower data must generally be routed through the Lending Institution (our Customer) that uploaded the data.

To exercise your rights, email us at danny.tang@tradataai.com with "Privacy Request" in the subject line.

7. Contact Us

For questions, concerns, or technical support relating to this Privacy Policy, please contact us at:

Tradata, Inc.
Email: danny.tang@tradataai.com