This California Privacy Statement is for California Residents only. This policy describes the personal information that Beal Nevada Service Corporation d/b/a CSG Investments, Inc., an affiliate of Beal Bank USA (collectively, “we,” “our,” or “us”) collects in the course of its business, explains how this information is collected, used, shared, and disclosed, describes rights provided by the California Privacy Rights Act of 2020 (CPRA) to California Residents (“consumers” or “you”) regarding their personal information, and explains how consumers can exercise those rights.
We may collect, use, or share your personal information. We do not and will not sell personal information. Personal information is information that identifies, relates to, describes, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, with you or your household (“personal information”). “Personal information” does not include: (1) publicly available information, such as information that is lawfully made available from federal, state, or local records, and (2) de-identified or aggregate consumer information.
As described in more detail below, the CPRA provides you with certain rights regarding the collection, use, retention, and disclosure of your personal information.
You have the right to request that we provide you with certain information about the personal information we collect, use, or disclose about you as well as the categories and specific pieces of information that we have collected about you in the 12 months before your submission of a verifiable consumer request. Specifically, you have the right to request the following information:
A household may request to know aggregate household personal information by submitting a verifiable consumer request. Also, if all consumers in a household jointly request access to specific pieces of information for the household, and we can individually verify all the members of the household, then we will comply with the request.
However, there is certain information that we will not disclose to you. This information includes but is not limited to your Social Security number, driver’s license number or other government-issued identification number, financial account number, any health insurance or medical identification number, an account password, or security questions and answer. Also, we will not provide you with specific pieces of personal information if the disclosure creates a substantial, articulable, and unreasonable risk to the security of that personal information, your account with us, or the security of our systems or networks.
This right does not apply to Business Consumers.
The CPRA requires us to disclose certain information regarding our collection, use, and sharing of personal information. The following table outlines the categories of personal information that we have collected about consumers in the last 12 months. For each category, if applicable, we have identified the categories of sources from which that information was collected, the business or commercial purpose(s) for which the information was collected, and the categories of third parties and service providers with whom we share personal information.
Business or commercial purposes are defined as follows:
Disclosing Your Personal Information for a Business or Commercial Purpose
We may disclose your personal information to third parties in order to carry out specific business or commercial purposes. In the preceding 12 months, we have disclosed consumer personal information for business or commercial purposes to our service providers and the following categories of third parties:
In the last 12 months, we have disclosed the following categories of personal information (as described in more detail above) for a business or commercial purpose:
Selling Your Personal Information for a Business or Commercial Purpose
We have not sold consumer personal information to third parties for a business or commercial purpose in the preceding 12 months. We do not and will not sell your personal information. In addition, we do not sell the personal information of minors under 16 years of age.
The Right to Request Deletion of Personal Information
You have the right to request that we delete any personal information that we have collected from you and maintained about you. Once we receive and confirm your verifiable consumer request, if we determine that we must comply with a deletion request and delete your personal information from our records, we will also direct any service providers we work with to also delete your personal information from their records.
A household may request the deletion of aggregate household personal information by submitting a verifiable consumer request. If all consumers in a household jointly request deletion of household personal information, and we can individually verify all the members of the household, then we will comply with the request.
Please note that we may deny your deletion request for a number of different reasons, which are identified in the CPRA.
Submitting a Verifiable Request to Know or Request to Delete
To exercise your Right to Know or your Right to Delete, please submit a verifiable consumer request to us by either:
Whether you are a customer or not a customer, to submit a verifiable consumer request, you will be asked to:
Only you (or an authorized agent) may make a verifiable consumer request for your personal information or for deletion of your personal information. You may also make a verifiable consumer request on behalf of your minor child.
Please note that we are only required to respond to your request for access to your personal information twice within a 12-month period.
How We Verify Your Request
We will verify you as follows:
If we suspect fraudulent or malicious activity related to your request, we will not comply with your request until we perform further verification to determine whether your request is authentic and you are the person about whom we have collected the personal information.
We will generally avoid requesting additional information from you to verify you. However, if we cannot verify your identity based on the information we currently maintain, we may request additional information from you, which will only be used to verify your identity and for security or fraud-prevention purposes. We will delete any new personal information we collect to verify your identity as soon as practical after processing your request unless otherwise required by the CPRA.
Generally, if we are unable to verify your identity, we will inform you of this inability and explain why we were unable to do so.
Our Response to Your Request
Once we receive your verifiable consumer request, we will confirm our receipt of your request within 10 days and provide you with additional information about how we will process the request. Our goal is to respond to your request within 45 days of receiving the request, beginning on the day we receive the request. However, in the event that we need more time (up to 90 days) to respond to your request, we will provide you with notice and an explanation of the reasons that we will take more than 45 days to respond. For requests to know, any personal information we provide will cover the 12-month period preceding our receipt of your verifiable consumer request. If we are unable to comply with a given request, we will provide you with a response explaining why we have not taken action on your request and identifying any rights you may have to appeal the decision.
We will not charge you to process or respond to your verifiable consumer request unless it is excessive, repetitive, or manifestly unfounded. If we determine that the request warrants a fee, we will tell you why we made that decision and provide you with a cost estimate before completing your request.
Authorized Agent for Requests
You may designate an authorized agent to make a request on your behalf. If you would like to use an authorized agent, which is an individual or business registered with the Secretary of State that you have authorized to act on your behalf, to submit a request, you must provide the authorized agent with written permission to do so and verify your own identity directly with us. We may deny a request from an agent that does not submit proof that they are authorized to act on your behalf.
We will not discriminate against you for exercising any of your CPRA rights. For example, unless otherwise permitted by the CPRA, we will not:
We are required by law to update this California Privacy Statement at least once each year. This California Privacy Statement was last updated on January 1, 2021.
If you have any questions regarding our privacy policies, our California Privacy Statement, the ways in which we collect, use, and disclose your personal information, or how to exercise your rights under the CPRA, please do not hesitate to contact us at:
Postal Address: 6000 Legacy Dr., Plano, Texas 75024
Attn: CPRA Information Request
Do you have a question, want to know more about the type of information we have collected, or if you'd like to request that your information be deleted, please fill out the form below, click "Submit" and we will contact you promptly.
By accessing the noted link you will be leaving the CSG Investments, Inc. website and entering a website hosted by another party. CSG Investments, Inc. has not approved this as a reliable partner site. Please be advised that you will no longer be subject to, or under the protection of, the privacy and security policies of CSG Investments, Inc. website. We encourage you to read and evaluate the privacy and security policies of the site you are entering, which may be different than those of CSG Investments, Inc.