LendSimple

Privacy Policy

Last updated: March 12, 2026

1. Introduction

LendSimple ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our loan management platform ("Service").

By accessing or using the Service, you consent to the practices described in this Privacy Policy. If you do not agree, please discontinue use of the Service.

2. Information We Collect

We collect information in the following categories:

  • Account Information: Name, email address, phone number, company name, and role when you register for an account.
  • Platform Data: Loan records, borrower information, financial data, and other content you enter into the Service.
  • Usage Data: Log files, device information, IP addresses, browser type, pages visited, and features used.
  • Communication Data: Information you provide when contacting us for support or through our demo request form.
  • Payment Data: Billing address and payment method details, processed securely through our payment processor.

3. How We Use Your Information

We use the information we collect to:

  • Provide, maintain, and improve the Service
  • Process your transactions and manage your subscription
  • Send you technical notices, security alerts, and support messages
  • Respond to your requests, comments, and questions
  • Monitor and analyze usage trends to improve the user experience
  • Detect, investigate, and prevent fraudulent or unauthorized activity
  • Comply with legal obligations and enforce our Terms of Service

4. Data Storage and Security

Each tenant's data is stored in a fully isolated PostgreSQL database schema. This architectural design ensures that your data is never commingled with another tenant's data.

We implement industry-standard security measures, including:

  • Encryption of data at rest and in transit (TLS 1.2+)
  • Regular security audits and vulnerability assessments
  • Role-based access control with object-level permissions
  • Audit logging of all data access and modifications
  • Automated backups with point-in-time recovery

5. Data Sharing

We do not sell your personal information. We may share your information with:

  • Service Providers: Third-party vendors who assist us in operating the Service (e.g., hosting, payment processing, email delivery), bound by confidentiality agreements.
  • Legal Requirements: When required by law, subpoena, or government request, or to protect our rights, privacy, safety, or property.
  • Business Transfers: In connection with a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction.

6. Cookies and Tracking

We use cookies and similar tracking technologies to maintain your session, remember your preferences, and understand how you use the Service. You can control cookies through your browser settings, though disabling them may affect the functionality of the Service.

We use analytics tools to collect anonymized usage data. This data is used solely to improve the Service and is not shared with third-party advertisers.

7. Data Retention

We retain your account information and platform data for as long as your subscription is active. Upon termination, you may request a data export within 30 days, after which your data will be permanently deleted in accordance with our retention schedule.

Usage data and logs are retained for up to 12 months for security and analytics purposes. Communication data is retained for as long as necessary to fulfill your request.

8. Your Rights

Depending on your location, you may have the following rights regarding your personal information:

  • Access: Request a copy of the personal information we hold about you.
  • Correction: Request correction of inaccurate or incomplete information.
  • Deletion: Request deletion of your personal information, subject to legal retention requirements.
  • Portability: Request a machine-readable export of your data.
  • Objection: Object to certain processing of your personal information.

To exercise any of these rights, contact us at privacy@lendsimple.io.

9. California Privacy Rights (CCPA)

If you are a California resident, the California Consumer Privacy Act (CCPA) provides you with additional rights, including the right to know what personal information is collected, the right to request deletion, and the right to opt out of the sale of personal information.

We do not sell personal information. To submit a CCPA request, contact us at privacy@lendsimple.io.

10. Children's Privacy

The Service is not intended for individuals under the age of 18. We do not knowingly collect personal information from children. If we become aware that we have collected information from a child, we will take steps to delete it promptly.

11. International Data Transfers

Your information may be transferred to and processed in countries other than your country of residence. We ensure that appropriate safeguards are in place, such as standard contractual clauses, to protect your information during international transfers.

12. Changes to This Policy

We may update this Privacy Policy from time to time. Material changes will be communicated via email or through the Service at least 30 days before they take effect. The "Last updated" date at the top of this page indicates when this policy was last revised.

13. Contact Us

If you have any questions about this Privacy Policy or our data practices, please contact us at: