REGIONAL FINANCE MOBLE APP PRIVACY POLICY

Effective Date: January 2, 2024

Last Updated Date: January 2, 2024

Introduction

Regional Management Corp. and its subsidiaries and affiliates (“Regional Finance,” “we,” “our,” or “us”) respects the privacy of your information. This Privacy Policy is designed to assist you in understanding how we collect, use, share, and safeguard the information you provide to us in using our Regional Finance mobile application (“App”) and the services provided through our App (collectively, “Services”). For information regarding our web-based consumer operations, please see our Online Privacy Policy.

If you have a consumer financial product or service with us, we will use and share any information that we collect from or about you in accordance with our U.S. Consumer Privacy Notice, which offers you certain choices with respect to the use and sharing of your personal information.

From time to time, we may change this Privacy Policy. If we do, we will post an amended version on this page. Please review this Privacy Policy periodically.

This Privacy Policy covers the following topics:

  1. Information We Collect
  2. How We Use Your Information
  3. How We Share Your Information
  4. Tracking Technologies
  5. Third-Party Payment Processor
  6. Opt-Out Preference Signals
  7. Choices About Your Information
  8. Security
  9. Third-Party Links
  10. Children’s Privacy
  11. Notice to California Residents
  12. Biometric Authentication
  13. Accessibility
  14. How to Contact Us

 

 

  1. Information We Collect

We collect Personally Identifiable Information from you through your use of the App and Services. “Personally Identifiable Information” is individually identifiable information about an individual consumer that we collect online and that we maintain in an accessible form. We collect the following types of Personally Identifiable Information:

Information You Provide

We collect the following Personally Identifiable Information that you voluntarily provide to us in using our App and Services:

  • Register for a Digital Account. To register for a digital account, we will collect your first and last name, last four digits of your Social Security number, date of birth, and we may require you to provide an email address or phone number for validation purposes.
  • Sign In. When you sign in to your account, you will provide us with your account username and password.
  • Make a Payment. When you make a payment, we will receive your payment amount along with the payment method ID assigned to you by our payment processor, Speedpay. Please review Speedpay’s privacy policy here.
  • Contact Us. If you choose to contact us through the telephone numbers provided in the App, you will provide us with your name, email address, phone number, and any information that you choose to provide in your message. We maintain record of your correspondence.

Information as You Navigate Our App

We automatically collect certain Personally Identifiable Information through your use of the App and Services, such as the following:

  • Usage Information. For example, the screens on the App you access, the frequency of access, and what you tap on within the App.
  • Device Information. For example, hardware model, operating system, and application version number.
  • Mobile Device Information. Aggregated information about whether the App is accessed via a mobile device or tablet, the device type, and the carrier.
  • Location Information. Location information from App visitors on a city-regional basis.
  1. How We Use Your Information

We use the Personally Identifiable Information we collect to provide the Services to you, to improve our App and Services, and to protect our legal rights. In addition, we may use the Personally Identifiable Information we collect to:

  • Process your account registration;
  • Verify your identity and prevent fraud;
  • Communicate with you about your account and transactions;
  • Contact you regarding our products and services that we feel may be of interest to you;
  • Communicate with you about our App or Services or to inform you of any changes to our App or Services;
  • Contact you regarding surveys or to review your experience with our products or services;
  • Provide support;
  • Maintain and improve our App and Services;
  • Protect the security and integrity of our App and Services;
  • Investigate, prevent, or take action regarding illegal activities, suspected fraud, situations involving potential threats to the physical safety of any person, or violations of our Terms of Use, and to otherwise fulfill our legal obligations;
  • Monitor compliance with and enforce this Privacy Policy and any other applicable agreements and policies;
  • Defend our legal rights and the rights of others;
  • Fulfill any other purposes for which you provide it, or any other purpose we deem necessary or appropriate;
  • Efficiently maintain our business; and
  • Comply with applicable law.
  1. How We Share Your Information

We may share the information that we collect about you in the following ways:

  • With our corporate family, such as with subsidiaries, joint ventures, and affiliates;
  • With vendors who perform data or App-related services on our behalf (e.g., maintenance, backup, analysis, etc.);
  • With vendors to prepare, deploy and analyze advertising content;
  • For identity verification and fraud prevention;
  • With consumer reporting agencies (e.g., the status of your account);
  • To the extent that we are required to do so by law;
  • In connection with any legal proceedings or prospective legal proceedings;
  • To establish, exercise, or defend our or a third party’s legal rights, including providing information to others for the purposes of fraud prevention;
  • With any person who we reasonably believe may apply to a court or other competent authority for disclosure of that Personally Identifiable Information where, in our reasonable opinion, such court or authority would be reasonably likely to order disclosure of that Personally Identifiable Information;
  • With any other person or entity as part of any business or asset sale, equity transaction, merger, acquisition, bankruptcy, liquidation, or similar proceeding, or in preparation for any of these events;
  • With any other person or entity where you consent to the disclosure; and
  • For any other purpose disclosed by us when you provide the Personally Identifiable Information or for any other purpose we deem necessary, including to protect the health or safety of others.
  1. Tracking Technologies

Firebase Crashlytics

We use Firebase Crashlytics, a mobile app crash reporting tool Google, Inc. provides. Firebase Crashlytics uses tracking technologies to collect analytics and details about crashes and errors that occur in the App and provide insight into App performance and user experience to help us diagnose and solve problems. The technologies Firebase Crashlytics uses may collect information such as your device details (e.g., device model and operating system) and the times when the App is started and when a crash occurs. The information Firebase Crashlytics generates will be transmitted to and stored by Google and will be subject to Google’s Firebase privacy policy.

Heap

We use Heap to obtain anonymous data about how users interact with the App. This information enables us to monitor and improve the user experience. The data Heap collects includes information about how users navigate around the App (e.g., screens visited, buttons clicked, and user taps). Heap’s privacy policy is available here.

  1. Third-Party Payment Processor

As mentioned above, we use Speedpay, a third-party payment processor, to process the payments you make within the App. To make a payment within the App, you will provide your payment information directly to Speedpay. For more information regarding Speedpay’s collection of this information, please see Speedpay’s privacy policy.

  1. Opt-Out Preference Signals

The Global Privacy Control (“GPC”) signal does not work with mobile applications and, therefore, the App does not currently recognize the GPC signal. For more information on the GPC signal and to download and use a browser supporting the GPC browser signal, click here: https://globalprivacycontrol.org/orgs. If you choose to use the GPC signal, you will need to turn it on for each supported browser or browser extension you use.

Some internet browsers incorporate a “Do Not Track” feature that signals to websites you visit that you do not want to have your online activity tracked. Given that there is not a uniform way that browsers communicate the “Do Not Track” signal, the App does not currently interpret, respond to or alter its practices when it receives “Do Not Track” signals.

  1. Choices About Your Information

Review and Request Changes to Your Information

You may use your account to access, correct, or view certain Personally Identifiable Information we have collected and which is associated with your account.

Marketing Communications

To unsubscribe from our marketing emails, please click the unsubscribe link included in the footer of our emails. You also may submit a request to us at [email protected].

  1. Security

We maintain commercially reasonable security measures to protect the Personally Identifiable Information we collect and store from loss, misuse, destruction, or unauthorized access. However, no security measure or modality of data transmission over the Internet is 100% secure. Although we strive to use commercially acceptable means to protect your Personally Identifiable Information, we cannot guarantee absolute security.

  1. Third-Party Links

The App and Services may contain links that will let you leave them and access a third-party website. Linked websites are not under our control. We accept no responsibility or liability for these third-party websites.

 

 

  1. Children’s Privacy

The App and Services are not intended for children under 13 years of age. We do not knowingly collect, use, or disclose personal information from children under 13.

  1. Notice to California Residents

The California Consumer Privacy Act, as amended by the California Privacy Rights Act of 2020 (“CCPA”), requires that we provide California residents with a privacy policy that contains a comprehensive description of our online and offline practices regarding the collection, use, disclosure, sale, sharing, and retention of personal information and of the rights of California residents regarding their personal information. This section of the Privacy Policy is intended solely for, and is applicable only as to, California residents. If you are not a California resident, this section does not apply to you and you should not rely on it.

The CCPA defines “personal information” to mean information that identifies, relates to, describes, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular California resident or household. Personal information does not include publicly available, deidentified or aggregated information or lawfully obtained, truthful information that is a matter of public concern. For purposes of this “Notice to California Residents” section we will refer to this information as “Personal Information.”

The CCPA’s privacy rights described below do not apply to Personal Information that we collect, process, sell, or disclose subject to the federal Gramm-Leach-Bliley Act and its implementing regulations or the California Financial Information Privacy Act. Because we are subject to those laws and regulations, much of the Personal Information that we collect is exempt from the CCPA. Your choices and rights with respect to our use and sharing of that information are subject to our U.S. Consumer Privacy Notice.

The CCPA’s privacy rights also do not apply to certain types of Personal Information subject to the federal Fair Credit Reporting Act (“FCRA”). Some of our Services are subject to the FCRA and, therefore, exempt from the CCPA on that basis.

If you are California resident and a current or former employee, job applicant, or independent contractor of ours, please see our privacy notice available here for more information on our collection and use of your Personal Information in that capacity.

Notice at Collection of Personal Information

We currently collect and, in the 12 months prior to the Last Updated Date of this Privacy Policy, have collected the following categories of Personal Information:

  • Identifiers (name, alias, home address, postal address, online identifier, Internet Protocol address, email address, account name)
  • Unique personal identifiers (device identifier; cookies, beacons, pixel tags, mobile ad identifiers, or other similar technology; telephone number)
  • Internet or other electronic network activity information (information regarding consumer’s interaction with application or advertisement)
  • Geolocation data
  • Commercial information (records of personal property, products or services purchased, obtained or considered; other purchasing or consuming histories or tendencies)
  • Sensitive Personal Information (account login or financial account number in combination with any required security or access code, password, or credentials allowing access to an account)

We collect Personal Information directly from California residents and from our analytics providers. We do not collect all categories of Personal Information from each source.

In addition to the purposes stated above in the Section “How We Use Your Information” we currently collect and have collected the above categories of Personal Information for the following business or commercial purposes:

  • Helping to ensure security and integrity to the extent the use of your Personal Information is reasonably necessary and proportionate for these purposes
  • Debugging to identify and repair errors that impair existing intended functionality
  • Performing services, including maintaining or servicing accounts, providing customer service, processing or fulfilling transactions, verifying customer information, processing payments, providing financing, providing advertising or marketing services, providing analytic services, or providing similar services
  • Undertaking activities to verify or maintain the quality or safety of our Services and to improve, upgrade, or enhance same

Sale, Sharing, and Disclosure of Personal Information

The following table identifies the categories of Personal Information that we disclosed for a business purpose in the 12 months preceding the Last Updated Date of this Privacy Policy and, for each category, the category of recipients to whom we disclosed the Personal Information.

We disclosed Personal Information for the business and commercial purposes identified in the prior section of this Privacy Policy.

We have not sold or shared Personal Information in the twelve (12) months preceding the Last Updated Date of this Privacy Policy. We do not knowingly sell or share the Personal Information of minors under 16 years of age. We do not use sensitive Personal Information for purposes other than those allow by the CCPA and its regulations.

Retention of Personal Information

We retain your Personal Information for as long as necessary to fulfill the purposes for which we collect it, such as to provide you with the service you have requested, and for the purpose of satisfying any legal, accounting, contractual, or reporting requirements that apply to us.

Your Rights

If you are a California resident, you have the following rights with respect to your Personal Information:

  • The right to know what Personal Information we have collected about you, including the categories of Personal Information, the categories of sources from which we collected Personal Information, the business or commercial purpose for collecting, selling or sharing Personal Information (if applicable), the categories of third parties to whom we disclose Personal Information (if applicable), and the specific pieces of Personal Information we collected about you;
  • The right to delete Personal Information that we collected from you, subject to certain exceptions;
  • The right to correct inaccurate Personal Information that we maintain about you;
  • If we sell or share Personal Information, the right to opt out of the sale or sharing;
  • If we use or disclose sensitive Personal Information for purposes other than those allowed by the CCPA and its regulations, the right to limit our use or disclosure; and
  • The right not to receive discriminatory treatment by us for the exercise of privacy rights the CCPA confers.

How to Submit a Request to Know, Delete, and/or Correct

You may submit a request to know, delete, and/or collect by calling us toll free at (833) 708-4357 or by completing our webform, available here.

As mentioned above, if you are a California resident who has a financial product or service with us, much of the Personal Information that we collect is exempt from the CCPA and, therefore, is not subject to the rights discussed in this “Notice to California Residents” section. Your choices and rights with respect to our use and sharing of that information are subject to our U.S. Consumer Privacy Notice.

If you are submitting a request on behalf of a California resident, please submit the request through one of the designated methods discussed above. After submitting the request, and if the request is not subject to an exemption or exception, we will require additional information to verify your authority to act on behalf of the California resident.

Our Process for Verifying a Request to Know, Delete, and/or Correct

If we determine that your request is subject to an exemption or exception, we will notify you of our determination. If we determine that your request is not subject to an exemption or exception, we will comply with your request upon verification of your identity and, to the extent applicable, the identity of the California resident on whose behalf you are making such request. We will verify your identity either to a “reasonable degree of certainty” or a “reasonably high degree of certainty” depending on the sensitivity of the Personal Information and the risk of harm to you by unauthorized disclosure, deletion, or correction as applicable. To do so, we will ask you to verify data points based on information we have in our records concerning you.

  1. Biometric Authentication

If you enable your use of biometric authentication functionality in your device (such as Face ID, Touch ID, or Fingerprint), you understand and agree that any such authentication stored on your device can be used to enable user access to your accounts. You understand and agree that you are responsible for any activities conducted on your account when your account is accessed with biometric authentication. For more information on how the biometric functionality might work for your device, including processing of biometric information, please refer to your device manufacturer’s support resources. We do not collect or process any biometric data when you use biometric authentication.

  1. Accessibility

We are committed to ensuring this Privacy Policy is accessible to individuals with disabilities. If you wish to access this Privacy Policy in an alternative format, please contact us as described below.

  1. How to Contact Us

To contact us for questions or concerns about our privacy policies or practices, please email us at [email protected].

Regional Management Corp.
979 Batesville Road,
Suite B
Greer, SC 29651
(864) 448-7003