Privacy Policy

This policy uses the following terms:

• PII (Personally Identifiable Information): Information that identifies or can be used to identify you, such as name, email address, phone number, physical address, or similar identifiers.
• NPI (Non-Public Personal Information): As defined in the Gramm-Leach-Bliley Act (GLBA), personally identifiable financial information that is provided by you, results from a transaction or service, or is otherwise obtained by us—and that is not publicly available. This includes, for example, income, credit score, financial account information, Social Security number, property value, debt amounts, and other sensitive financial data you provide in connection with mortgage or financial services. See FTC guidance on GLBA for more information.

When we refer to PII or NPI in this policy, we mean information that falls within these definitions. In accordance with the Gramm-Leach-Bliley Act (GLBA), we maintain a written security policy on how we handle protected information.

We collect PII, NPI, and other information that you provide directly to us, and we automatically collect certain information (including via cookies—see below) when you use Budget Sidekick:

• Affiliate integrations: When you submit a mortgage, refinance, or home equity quote request form, or use integrations such as rate tables, we collect contact information and property location to connect you with lenders and partners. When you subscribe to our newsletter, we collect your email to send you education articles, rate trends, and homeownership tips.
• Conversion Tracking: On our mortgage application and similar flows, we capture information you provide—including name, email, phone number, property details, and financial information—for conversion tracking. This helps us measure campaign effectiveness, connect you with partners, and improve our services. We use cookies and conversion tracking that may store PII/NPI for security and quality purposes, not for mortgage origination.
• Budget App Data: Our dashboard/budget app (at /dashboard) stores data locally on your device. PII/NPI may be stored on your device if you explicitly enter it and save it within the app. That product is governed by its own Terms and EULA. We do not intentionally collect or hold that data on our servers.
• Usage Information: We collect information about how you interact with our application, including features you use, pages you visit, and actions you take.
• Device Information: We collect information about the device you use to access our service, including device type, operating system, and browser type.

We use cookies and conversion tracking that may store PII/NPI for security and quality purposes, not for mortgage origination.

We use cookies and browser storage for specific purposes. Outside of the budgeting app, we do not intentionally store PII/NPI on device storage. Within the budgeting app, PII/NPI may be stored on your device if you explicitly enter it and save it.

• Cookies: Small text files stored on your device. We use essential cookies (e.g., session management) and analytics cookies (see below).
• Session storage: We may store non-PII attribution data in session storage to help attribute conversions when you navigate between pages. Session storage is cleared when you close your browser tab.
• Local storage: We may use local storage for preferences and non-PII data on the public site.
• Dashboard (/dashboard): Our budget app uses IndexedDB and local storage for its features. PII/NPI may be stored on your device if you explicitly enter it and save it within the app. That product has its own Terms and EULA governing its data practices.

Analytics cookies: We use Google Analytics to understand how visitors use our site (e.g., pages visited, traffic sources). Google Analytics may set cookies and collect data as described in Google's Privacy Policy. You can opt out of Google Analytics using the Google Analytics Opt-out Browser Add-on.

You can manage or disable cookies through your browser settings. You can also clear session storage, local storage, and IndexedDB via your browser. Disabling or clearing certain storage may affect site functionality.

We use the PII, NPI, and other information we collect for various purposes, including:

• Affiliate integrations: To connect you with mortgage lenders, brokers, or partners who can fulfill your request; to share or sell your PII and NPI to qualifying third parties; to follow up on incomplete submissions; and to send our newsletter, education articles, rate trends, and homeownership tips. You can unsubscribe from the newsletter at any time.
• Conversion Tracking and Analytics: To measure the effectiveness of our campaigns, attribute conversions to traffic sources, ensure lead quality, prevent spam, and—when you have given consent—for marketing purposes. We use cookies and conversion tracking that may store PII/NPI for security and quality purposes, not for mortgage origination.
• Providing Services: To provide our mortgage and financial education services. Our dashboard/budget app has its own Terms and EULA.
• Improving Our Services: To understand how users interact with our application, identify areas for improvement, and develop new features.
• Communications: To send you important updates about new features or relevant financial insights. You can opt out of non-essential communications at any time.
• Security: To ensure the security of our platform.
• Legal Compliance: To comply with applicable laws, regulations, and legal processes.

We understand the sensitive nature of financial information and are committed to protecting it. We may share or sell your PII and NPI in the following circumstances:

• Affiliate integrations: When you submit a mortgage, refinance, or home equity quote request form, or use integrations such as rate tables, you consent to our sharing or selling your PII and NPI with our lending partners, brokers, or third-party lead buyers who may contact you regarding your request. We partner with Mortgage Research Center, LLC (MRC); PII and NPI shared with MRC is subject to their Privacy Policy. Our affiliate MRC handles PII/NPI through their integration widgets and is subject to their privacy and security policies; you should review the MRC Privacy Policy, which is available on every page where their widgets appear.
• Service Providers: We work with trusted third-party service providers who perform services on our behalf, such as hosting, data analytics, and customer support. These providers handle your PII and NPI only to perform these tasks on our behalf and are obligated to protect it. Our hosting provider may process PII/NPI in the course of hosting our services; they meet industry standards for security and compliance—you can review their security policies at Vercel Trust Center.
• Legal Requirements: We may disclose your PII and NPI if required to do so by law or in response to valid requests by public authorities (e.g., a court or government agency).
• Business Transfers: If we are involved in a merger, acquisition, or sale of all or a portion of our assets, your PII and NPI may be transferred as part of that transaction. We will notify you of any change in ownership or uses of your PII and NPI.
• With Your Consent: We may share or sell your PII and NPI with third parties when you have given us your consent to do so.

We implement appropriate technical and organizational measures to protect your PII and NPI:

• Encryption: We use industry-standard encryption to protect your PII and NPI in transit and at rest.
• Access Controls: We restrict access to your PII and NPI to authorized personnel only, based on the principle of least privilege.
• Secure Infrastructure: Our application is hosted in secure, monitored environments with appropriate security protections.
• Employee Training: Our team members receive privacy and security training in accordance with our information security program.

While we strive to use commercially acceptable means to protect your PII and NPI, no method of transmission over the Internet or electronic storage is 100% secure. We cannot guarantee absolute security.

Depending on your location, you may have certain rights regarding your PII and NPI:

• Do Not Sell or Share (CCPA and similar state laws): If you are a California or other qualifying state resident, you have the right to opt out of the sale or sharing of your PII and NPI. Please email us at support@primordial-software.com with the subject line "Do Not Sell My Personal Information" and include the email address you used on our site. We will not sell or share your PII and NPI after we process your opt-out. See our Do Not Sell or Share My Personal Information page for details.
• Access and Update: For form submissions and other PII or NPI we hold, you may contact us to request updates. Dashboard users can access and update budget data directly on their device (see dashboard Terms).
• Data Portability: You can request a copy of your PII and NPI in a structured, commonly used, and machine-readable format.
• Deletion: You can request that we delete your PII and NPI, subject to certain exceptions provided by law.
• Opt-Out: You can opt out of marketing communications and certain data collection or sharing by following the instructions in our communications.
• Consent Withdrawal: If we process your PII and NPI based on your consent, you have the right to withdraw that consent at any time.

To exercise these rights, please contact us at support@primordial-software.com.

Our site is not directed to children under 13. We do not knowingly collect PII or NPI from children under 13. If you believe we have collected such information, please contact us and we will delete it.

We may update this Privacy Policy from time to time to reflect changes in our practices or for other operational, legal, or regulatory reasons. We will notify you of any material changes by:

• Posting the updated policy on our website with a new "Last Updated" date
• Sending an email to the address you provided in a form submission or newsletter signup
• Displaying a prominent notice within the application

Your continued use of Budget Sidekick after the effective date of the revised Privacy Policy constitutes your acceptance of the changes.

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us at: