Print This Page


 

This privacy policy applies to the information submitted by State or Federal Regulatory Agencies ("Agencies") and individuals or organizations ("End Users") to or available through the Nationwide Mortgage Licensing System ("NMLS"), to the extent that the information is stored in NMLS. The Agencies and End Users who use NMLS acknowledge and accept, and agree to abide by, this privacy policy.

I. Information collected and stored

NMLS collects and stores on behalf of the Agencies:

(1) Information provided by the Agencies and by End Users that is used by the Agencies to issue and maintain a state license or monitor a Federal registration. This may include nonpublic personal information of applicants as well as confidential information submitted by the Agencies.
(2) Communications and information relating to such licensing and registration, including without limitation such matters as license status, application approvals, denials and amendments made among Agencies and End Users through NMLS. NMLS also collects and disburses State license fees, system processing fees and information to process payment device transactions.
(3) Nonpublic personal information and confidential information to verify the identity of anyone who contacts the State Regulatory Registry LLC (SRR) which operates the NMLS.
(4) Nonpublic personal information and confidential information required to establish an account. In order to access and use NMLS, Agencies and End Users must first establish an account (with a unique user name and password).Each Agency and End User is responsible for all information accessed, used and/or disclosed through its account.

II. Use of information

NMLS makes available to Agencies the information they request to issue and maintain a license or monitor registrations (which may include nonpublic personal information and confidential information). NMLS makes available to End Users and other online viewers information as instructed by the Agencies.

SRR may copy, process, store, use or manipulate the information stored in NMLS for the purpose of disseminating aggregated information on a regional or national level. SRR may disseminate to the general public information stored in NMLS and not restricted from disclosure by the Agencies.

SRR may use Applicant contact information from time to time for the purposes of issuing communications concerning mortgage licensing and registration issues and NMLS to Applicants. Applicant Data may be checked against other State and Federal regulatory agency databases, the Social Security Administration or financial services or securities industry self regulatory organization databases, and Applicant Data may be shared with the relevant Agencies and financial services or securities industry self regulatory organizations subject to appropriate usage agreements.  Certain Applicant Data submitted via the System, and other data or content uploaded to the System by Agencies, may be accessed publicly. SRR has no obligation with respect to any third party's use of data or content accessed via NMLS.

III. Control of information

Information submitted by an End User to an Agency through NMLS will be considered to be under that Agency’s control. Information submitted by an End User to more than one agency will be considered to be under the control of each Agency to which it is submitted. SRR will not be required to correct or alter any such information unless all Agencies that have control of such information consent to the change.

Once transmitted to an Agency, information will be the Agency's responsibility and subject to any Agency-administered privacy policies and public information laws. SRR is not responsible for any such information.

NMLS will create a unique identifier associated with End Users who use NMLS. The unique identifier is confidential and proprietary to SRR. SRR may, in its sole discretion, make this unique identifier public.

IV. Disclosure of information

SRR may disclose nonpublic personal identification and confidential information stored in NMLS for licensees if SRR believes it is required to do so by law; to protect itself or to protect the rights of another user; to reduce risk of credit or other kind of fraud; or to comply with a court order or other legal, regulatory, self-regulatory or governmental mandated policy, procedure or process.  For federal registrants, such information would be shared only with the permission of the appropriate Federal Agency unless SRR is complying with a court order or other governmental mandated policy, procedure or process.

SRR uses third party service providers to help manage NMLS, its websites and databases, and to collect and disburse fees. These companies are required to maintain such information as confidential. SRR, however, is not responsible for the unauthorized access, use or disclosure of any nonpublic personal information or confidential information by a third party.

V. Breach and Breach Notification

In the event that SRR becomes aware of a security breach which SRR believes has resulted or may result in the unauthorized access, use or disclosure to nonpublic personal information of End Users, SRR will promptly investigate the matter and notify the applicable Agencies of such breach. Such investigation will be without delay, consistent with (1) legitimate needs of law enforcement; (2) measures necessary to determine the scope of the breach; (3) efforts to identify the individuals affected; and (4) steps to restore the reasonable integrity of NMLS.

The State Regulatory Agencies will be responsible for notifying their affected End Users and any other parties of any security breach in accordance with applicable law. Responsibility for notifying affected End Users and other third parties of any security breach will be in accordance with agreements between SRR and the respective Agencies.  Unless otherwise required by law, SRR is not responsible for notifying End Users or any other parties of any such breach.

VI. Security

SRR will undertake commercially reasonable efforts to prevent from unauthorized access, use or disclosure the information submitted to and available through NMLS.  SRR requires that its third party service providers implement security policies and procedures comparable to those used by SRR.  SRR, however, is not responsible for the unauthorized access, use or disclosure of any nonpublic personal information or confidential information by a third party.

VII. Record Retention

SRR will retain End User information in NMLS for a minimum of five years after an End User no longer holds a valid State license or registration that is maintained in NMLS.

VIII. Policy Changes

SRR reserves the right to modify or update this privacy policy at any time by posting modifications or updates on NMLS.


©2012 SRR LLC     |     SRR Home