Welcome to the website (“Site”) or mobile application (“App”) of Kikoff Inc. and its affiliates and

subsidiaries (collectively, “Kikoff,” “we,” “our,” or “us”).

This Privacy Policy explains what personal and other data we collect through the Site, the App, email,

and call center (collectively the “Services”), how we use and share that data, and your choices

concerning our data practices. This Privacy Policy forms part of our Terms of Service, which are

available at: https://kikoff.com/terms.pdf/.

By providing us with your personal data when using the Services you agree to the data practices

described in this Privacy Policy. If you do not agree to these practices, please do not access or use

the Services. Before you submit any Personal Data (as defined below) to Kikoff through the Services,

please review this Privacy Policy carefully, and contact us at support@kikoff.com if you have any

questions.

Please note that if you create an account with us, our Gramm-Leach-Bliley Consumer Privacy Notice

applies to you. Please review our Gramm-Leach-Bliley Consumer Privacy Notice at the end of this

document.

Information We Collect

Personal Data You Voluntarily Provide Us

Personal Information. When you interact with our Services, apply for a financial product, contact us

with inquiries or create an account to access the Services, we collect information you voluntarily give

us that alone or in combination with other information could be used to identify you (“Personal Data”).

The Personal Data we collect from you generally includes your name, email address, social security

number, date of birth, bank account and routing numbers, marital status, household income, credit

report data, and the login credentials you use to create and access an account with us.

Other Information.

•

In order to help us determine if you qualify for financial products or services, we may obtain

credit reports from consumer credit reporting agencies. If required by law, we will provide notice

and/or obtain your consent to do so.

•

To prevent fraud, verify your identity, and secure accounts, we may obtain information about your

mobile service from your wireless carrier, such as your subscriber data (including mobile

number, name, address, email, network status, customer type, customer role, billing type, mobile

device identifiers (IMSI and IMEI) and other subscriber and device details).

•

When you voluntarily provide it to us, we may also use the information you use to login to your

accounts with your financial institutions (such as the username and password you use to

access your bank's website). We may also access your bank account balance before

initiating an ACH transfer.

Information We Receive Automatically from Your Use of the

Site and App

When you visit, use and interact with the Site or App, we may receive certain information about your

visit, use or interactions that alone cannot identify you. For example, we may monitor the number of

people that visit our Site, peak hours of visits, which page(s) are visited on our Site, the domains our

visitors come from (e.g., google.com, facebook.com, etc.), and which browsers people use to access

and visit our Site (e.g., Firefox, Google Chrome, etc.), broad geographical information, and Site-

navigation patterns. In particular, the following information is created and automatically logged in our

systems:

•

Log data. Information (“log data”) that your browser automatically sends whenever you visit the

Site. Log data includes your Internet Protocol (“IP”) address (so we understand which country

you are connecting from when you visit the Site), browser type and settings, the date and time of

your request, and how you interacted with the Site.

•

Cookies, Pixel Tags and other technologies. Information from cookies, pixel tags and/or

other technologies. These technologies may be placed by us or by third parties who provide

services to us. Please see the “Cookies” section below to learn more about how we use cookies

and other technologies.

Please note that both Log Data and cookies may collect the following types of data:

•

Device information. Includes name of the device, operating system, and browser you are using.

Information collected may depend on the type of device you use and its settings.

•

Usage Information. We collect information about how you use our Site and App, such as the

types of content that you view or engage with, the features you use, the actions you take, and

the time, frequency and duration of your activities.

In operating the Services, we may use a technology called “cookies.” A cookie is a piece of

information that the computer that hosts our Services gives to your browser when you access the

Services. Our cookies help provide additional functionality to the Services, including helping us

analyze Services usage more accurately. For instance, our Site may set a cookie on your browser

that allows you to access the Services without needing to remember and then enter a password

more than once during a visit to the Site. On most web browsers, you will find a “help” section on the

toolbar. Please refer to this section for information on how to receive notification when you are

receiving a new cookie and how to turn cookies off. In order to personalize your use of the Site, we

use local shared objects, also known as Flash cookies, to display content based upon what you

view. Flash cookies are different from browser cookies (discussed above) because of the amount

and type of information they generate, and how they store that information. Cookie management

tools provided by your browser will not remove Flash cookies. To learn how to manage privacy and

storage settings for Flash cookies click here.

When you visit the Site or view one of our emails, we will use pixel tags or “clear” gifs to track links

and/or similar technology to note some of the pages you visit on our Site and to personalize your

experience. Pixel tags are a technology similar to cookies that can be embedded in online content or

within the body of an email for the purpose of tracking activity on websites (for example, to know

when content has been shown to you), or to know when you have viewed particular content or a

particular email message.

Analytics and Tracking Technologies. We may allow third party service providers to use cookies

or pixels (as noted above) or other tracking technologies to help us understand your use of our Site

and collect information about your browsing activities over time and across different websites. For

example, our Site uses Google Analytics for these purposes. To opt-out of Google Analytics

collecting your information, go to https://chrome.google.com/webstore/detail/google-analytics-opt-

out/fllaojicojecljbmefodhfapmkghcbnh?hl=en.

How We Use Your Information

We use Personal Data and other information for the following purposes:

•

To provide you with the Services and related customer service, including communicating with

you as necessary in connection with your application for financial products and services;

•

To market our products and services to you;

•

To respond to your inquiries, comments, feedback, or questions;

•

To send administrative information to you, for example, information regarding the

Services, and changes to our terms, conditions, and policies;

•

To analyze how users interact with our Services so we can provide, maintain, customize, and

improve the content and functionality of the Services;

•

To enforce the terms of our Terms of Use or Privacy Policy or any other agreement between us and

you;

•

To prevent actual or potential fraud, criminal, illegal, wrongful, or harmful activity, or

misuses of our Services, and to ensure the security of our IT systems, architecture and

networks;

•

To comply with legal obligations and legal process and to protect our rights, privacy, safety or

property, and/or that of our affiliates, you or other third parties;

•

To conduct and publish market research, e.g., consumer surveys, polls, statistics, etc.;

•

To publish user-generated content for use on our Site, social media, or other marketing

platforms, websites, or mobile apps; and

•

Any other purpose disclosed at the time you provide information or otherwise with your

consent or if you authorize or direct us to release information about you.

Direct Marketing and Online Advertising. We may use your information to contact you in the future

to tell you about products or services we believe may be of interest to you. If we do, each marketing

communication we send you will contain instructions permitting you to “opt-out” of receiving future

marketing communications. In addition, if at any time you wish not to receive any future marketing

communications or you wish to have your name deleted from our mailing lists, please contact us as

indicated below.

We m

ay partner with third-party service providers to display advertising on our Site or to manage our

advertising on other sites. These partners may use data technologies such as cookies and pixels to

collect information about your activities on this and other websites to provide you targeted

advertising based upon your interests. We may also use web beacons to tell when a user is

redirected to the Site because of an advertisement that we ran was clicked on or otherwise

interacted with and to better target our advertisements (known as “retargeting”). Service providers

we use may track Site visitors over time and across multiple websites and social media services to

retarget Site visitors. Users logged in to social media programs may be tracked by service providers

who track such users across multiple websites and who may disregard the privacy settings in your

web browsers.

If you wish to not have this information used for the purpose of serving you targeted ads, you may be

able to opt-out by visiting:

• http://www.aboutads.info/

• https://optout.networkadvertising.org/?c=1

Please note that opting-out will not mean that you will no longer be served advertising. Instead, you

will continue to receive generic ads that are not based on your specific interests.

Aggregated Data. We may aggregate the information that we collect and use such data for

commercial, statistical and market research purposes. This data may include location information

derived from your IP address or, if authorized, from the GPS of your mobile device.

How We Store Your Information

We keep your personal information for as long as it's needed to provide the services you've asked for,

fulfill transactions, meet legal requirements, resolve disputes, establish legal defenses, conduct audits,

enforce agreements, and to effect other legitimate business objectives. The exact duration can differ

depending on factors like the type of data, user consent, data sensitivity, availability of automated

deletion controls, and our legal or contractual obligations.

Due to regulatory recordkeeping obligations, we may retain information related to you and your

account and transactions in accordance with applicable laws.

Any personal information we do not keep will be securely disposed of through methods such as

shredding, erasing, or altering the records to render the information unreadable or incomprehensible

by any means.

Security. Ensuring the security of all information related to our Services is a top priority. We utilize

technology on our servers to establish a secure connection between your device and our servers,

ensuring a private session.

To safeguard our servers from external threats, we employ firewalls and other security measures,

securely storing your Personal Data. Access to this information is restricted to authorized

personnel or third parties only on a need-to-know basis through secure web pages. Our data

security protocols are aligned with industry standards aimed at protecting nonpublic personal

information.

We implement reasonable measures to protect and secure your Personal Data. Still, it's important

to note that no method of data transmission or storage can be guaranteed to be entirely secure

against all potential threats.

No Internet or email transmission is ever fully secure or error free. In particular, email sent to or

from us in connection with the Services may not be secure. Therefore, you should take special

care in deciding what information you send to us via email. Please keep this in mind when

disclosing any Personal Data to us via the Internet.

Sharing and Disclosure

Mobile information will not be sold or shared with third parties for promotional or marketing purposes.

Your Personal Data will not be sold or shared with outside third parties for promotional or

marketing purposes. Your Personal Data will only be shared with our partners for providing the

services for which you have signed up.

We may share Personal Data with certain third parties without further notice to you unless required

by law in the following circumstances:

Business Transfers. As we develop our business, we might sell or buy businesses or assets. In the

event of a corporate sale, merger, reorganization, dissolution, bankruptcy, or similar event, Personal

Data may be part of the transferred assets.

Agents, Consultants, Vendors, and Service Providers. Like many businesses, we sometimes hire

other companies to perform certain business-related functions. Examples of such functions include

mailing information, maintaining databases and processing payments. Additionally, we may partner

with other businesses to provide products or services to you.

Legal Requirements. We may disclose your Personal Data if required to do so by law or in the good

faith belief that such action is necessary to (i) comply with a legal obligation, legal process, our

internal policies, or with prudent legal, data privacy, or data security practice as we may determine,

(ii) protect and defend our rights or property or the rights or property of others, (iii) prevent actual or

potential fraud or illegal, criminal, wrongful, or harmful activity, (iv) act to protect the safety of users of

the Services or the public, or (v) protect against legal liability. You can review our Gramm-Leach-

Bliley Act Privacy Notice at the end of this document for more information.

We may also share Personal Data with third parties for any purpose described above in the section

titled “How We Use Your Information” or for any other purpose that has been disclosed to you or to

which you have consented,

Information Access and Choice

You can contact us at support@kikoff.com to do the following at any time:

•

See what Personal Data you provided through the Services, if any.

•

Change/correct any Personal Data you provided through the Services.

•

Express any concern you have about our use of your Personal Data.

Children

The Services are not intended for children who are under 18 years of age and we do not knowingly

collect Personal Data from children under 18. If you are under the age of 18, please do not submit

any Personal Data through the Services. We encourage parents and legal guardians to monitor their

children's Internet usage and to help enforce our Privacy Policy. If you believe we have collected

information from a child who is under 18 please contact us and we will endeavor to delete the

information.

California Privacy Rights

Do Not Track Signals. Our Site currently does not respond to “Do Not Track” (DNT) signals and

operates as described in this Privacy Policy whether or not a DNT signal is received. If we do so in

the future, we will describe how we do so in this Privacy Policy.

Rest

rictions on Sharing. If you are a California resident and have concluded a customer

relationship with us, you can restrict our sharing of certain information. For more information, review

our California Privacy Notice here.

we disclose certain Personal Data to third parties who use it for their direct marketing purposes,

you have a right to request further information about the recipients of your Personal Data. To obtain

a list of this information, please contact us at the address provided in the “Contact Information”

section below.

Links to Other Websites

This Privacy Policy only applies to information collected by Kikoff through our Services. The Kikoff

Services may contain links to other websites, apps or online services not operated or controlled by

Kikoff (“Third Party Sites”). The policies and procedures described here do not apply to Third Party

Sites. By providing links to Third Party Sites or services we do not imply that we endorse or have

reviewed such websites or services. We suggest that you contact those sites directly for information

about their data practices and policies.

Contact Information

Please feel free to contact us if you have any questions about this Privacy Policy or information

practices:

Email: support@kikoff.com

Effective Date and Updates

This Privacy Policy is effective as of 10/16/2024. If we materially change this Policy, we will post the

revised version here. Your continued use following any changes shall be deemed to be your

acceptance of the changes. We suggest that you check here periodically for the most up-to-date

version of our Privacy Policy.



marketing with other nancial companies

For our af liates everyday business purposes

For our af liates to market to you

For nonaf liates to market to you

All nancial companies need to share

business. In the section below, we list the reasons nancial companies can share their

Gramm-Leach-Bliley Consumer Privacy Notice

These measures include computer safeguards and secured les

Apply for

Give us your contact information

Why cant I limit all sharing?

sharing for af liates everyday business purposes

af liates from using your information to market to

sharing for nonaf liates to market to

De nitions

Af liates

Nonaf liates

nancial and non nancial

A formal agreement between nonaf liated nancial companies that

together market

nancial products or services to you.

nancial and non nancial companies.

Our affiliates include companies with a Kikoff name; financial

companies such as Kikoff Lending, LLC.

Our joint marketing partners include financial institutions with whom

we have joint marketing agreements and companies that provide

marketing services on our behalf.

Kikoff Inc.

Other Important Information

For California and Vermont Residents: We will not share personal information we collect about you with affiliated and

nonaffiliated third parties, except as permitted by law, including, for example, for our own marketing purposes, our

everyday business purposes, or with your consent.

For Vermont Residents: We will not share your credit information or information about your creditworthiness,

transactions, or experience, other than as permitted by Vermont law, unless you authorize us to make those disclosures.

For additional information email support@kikoff.com.

For Nevada residents only: We are providing you this notice under state law. You may be placed on our internal Do Not

Solicit List by following the directions in the “To limit direct marketing contact” section above. Nevada law requires we

provide the following contact information: Bureau of Consumer Protection, Office of the Nevada Attorney General, 555 E.

Washington St., Suite 3900, Las Vegas, NV 89101; phone number: 702-486-3132; email: bcpinfo@ag.state.nv.us.