Back to top

PRIVACY POLICY

This privacy policy describes how Mercatus Finance and its subsidiaries and affiliates (collectively, “Mercatus,” the “Company,” “we”, “us” or “our”) collects and uses personal information (i.e., information that directly or indirectly identifies a person, including any borrower, investor, prospective borrower, prospective investor, employee, consultant, job applicant or visitor) collectively, such information, “Personal Information”). In particular, this privacy policy describes (a) the type of Personal Information that we may collect, (b) how we use that Personal Information and (c) the conditions under which we may disclose that information to affiliates and to non-affiliated third parties. Please also refer to https://mercatusfinance.com/privacy-policy/ for additional information concerning Mercatus’s privacy policy.

By completing a loan agreement, visiting our website or providing us with your Personal Information in any way, you agree that we may collect and use the information as set forth in this Privacy Policy. You should review this Privacy Policy carefully, because if you do not agree with our practices, you should not provide us with your Personal Information (which includes completing a loan application agreement, visiting our website or conducting business with Mercatus).

Types of Personal Information That We May Collect 

Information You Provide to Us

In order to receive our services or interact with us (e.g., as a borrower, investor, job applicant or third-party service provider), you may provide us Personal Information, including your name, email address, mailing address, phone number or other information. You may provide that Personal Information to us by various means, including our website, via email directly or through an application process.

Information We Collect or Generate About You

We may produce a record of our relationship with you and any Personal Information that you provide during telephone and email communications with us. We may update and maintain that record for a period of time.

Information We Obtain From Other Sources

We may obtain information from your agents and advisers and from third parties and public sources that we use to verify your identity or to confirm your eligibility to use our services in accordance with our legal obligations. If you visit our website, we may also obtain information through our website. See “Information We Collect” from our website.

Disclosure of Your Personal Information within Mercatus

When you visit our website, we may use “cookies”. We may use cookies for a variety of purposes, including improving your website experience. We may also use cookies to collect technical information from your computer, including your IP address and other information about your computer. No information directly identifying you is collected in the process. As is typical for most websites, we do not change our practices, described elsewhere in this privacy policy, in response to Do Not Track browser settings or signals.

How Do We Use Your Personal Information?

We may use the information we obtain about you to:

  • communicate with you (and, where required by applicable law, we will obtain your explicit consent to do so);
  • personalize your experience on website or portal;
  • operate, evaluate, develop, manage and improve our business (including operating, administering, analyzing and improving our website, products and services; developing new products and services; managing and evaluating the effectiveness of our communications);
  • process your loan application, provide information you have requested, create and administer your account, administer your loan, maintain registers;
  • maintain and enhance the safety and security of our website and prevent misuse;
  • protect against, identify and prevent fraud and other criminal activity, claims and other liabilities; and
  • comply with and enforce applicable legal requirements, relevant industry standards and policies.

In compliance with relevant law, we may retain information as needed or appropriate to serve our legitimate business purposes or as required by law.

Disclosure of Your Personal Information within Mercatus

In order to provide you with efficient and reliable services, Mercatus may share your Personal Information with our affiliates as required or permitted by applicable law.

Disclosure of Your Personal Information to Non-Affiliated Third Parties

We do not disclose Personal Information to non-affiliated third parties, except as permitted by law. In the normal course of providing services, we may disclose certain Personal Information to:

  • advisers (e.g., auditors, legal counsel and tax advisers) to Mercatus relating to or in connection with the operation of our business, compliance with our legal, regulatory or contractual obligations and/or your loans with us; and
  • law enforcement agencies, regulatory or tax authorities and other governmental or public agencies or authorities in order to comply with our legal or regulatory obligations or at their request in furtherance of their objectives.

In addition, we may disclose personal information about you (a) to others, if we are required or permitted to do so by law or legal process, for example due to a court order, (b) when we believe disclosure is necessary or appropriate to prevent physical harm or financial loss, (c) in connection with an investigation of suspected or actual fraudulent or other illegal activity, and (d) in the event we sell or transfer all or a portion of our business or assets (including in the event of a reorganization, dissolution, or liquidation). If we disclose your information to a private non-regulatory organization, Mercatus requires that these companies agree to (a) maintain the confidentiality of your Personal Information and (b) limit the use of such Personal Information to the purposes for which it was provided. Furthermore, in compliance with privacy laws, we also provide our opt-out lists to non-affiliated third party companies so that they can be suppressed from the communications those companies send on Mercatus’s behalf.

Safeguarding of Information

Mercatus maintains reasonable standards of confidentiality and security for this website and the Personal Information collected from customers. These standards are designed to safeguard such information against loss or theft, and unauthorized access, disclosure, copying, use or modification. Only Mercatus employees who need to know your Personal Information are authorized to access such information, and Mercatus also requires its affiliates and service providers to limit employee access to the data. Despite our reasonable efforts, it is possible that someone may intercept or access communications, transmissions and/or Personal Information.

Changes in this Privacy Policy

Mercatus reserves the right in its sole discretion to modify or amend this Privacy Policy in any way and at any time. Any such modifications or amendments are effective upon posting unless we indicate otherwise. You should review this Privacy Policy periodically for changes applicable to you. Please see the bottom of this Privacy Policy for the date of the latest version. Additionally, note that by using or accessing this website subsequent to any modification or amendment, you are deemed to have agreed to this Privacy Policy as modified or amended.

Governing Law 

Use of this Privacy Policy shall be governed by the laws of the State of New York of the United States of America, without regard to its conflict of law provisions.

Any dispute concerning this Privacy Policy or your use of this website shall be submitted to binding arbitration in New York County, within one (1) year from the date that the cause of action arose (or, if multiple cause of actions are involved, from the date that the first cause of action arose), with such arbitration conducted pursuant to the then prevailing rules of the American Arbitration Association. To the fullest extent permitted by law, no arbitration brought pursuant to this Privacy Policy shall be joined to any other arbitration initiated pursuant to this Privacy Policy.

Notwithstanding anything to the contrary set forth in this Privacy Policy, Mercatus may at any time seek injunctive or other appropriate relief against you and/or against others, in any state or federal court in the State of New York or in any other court having jurisdiction, in the event that Mercatus believes that you have violated or threatened to violate any of Mercatus’s intellectual property rights and, in such case, you hereby consent to the exclusive jurisdiction and venue of such court.

In the event that any portion of this Privacy Policy is deemed unenforceable, unlawful or void by a court of competent jurisdiction, in any jurisdiction for any reason, including but not limited to the scope, duration or area of its applicability, unless narrowed by construction, such provision shall for purposes of such jurisdiction only, be construed as if such invalid, prohibited or unenforceable provision had been more narrowly drawn so as not to be invalid, prohibited or unenforceable (or if such language cannot be drawn narrowly enough, the court making any such determination shall have the power to modify, to the extent necessary to make such provision or provisions enforceable in such jurisdiction, such scope, duration or area or all of them, and such provision shall then be applicable in such modified form in such jurisdiction). If, notwithstanding the foregoing, any such provision would be held to be invalid, prohibited or unenforceable in any jurisdiction for any reason, such provision, as to such jurisdiction only, shall be ineffective to the extent of such invalidity, prohibition or unenforceability, without invalidating the remaining provisions. No narrowed construction, court-modification or invalidation of any provision shall affect the construction, validity or enforceability of such provision in any other jurisdiction. No waiver by Mercatus of any term or condition of this Privacy Policy shall be deemed a further or continuing waiver of such term or condition or of any other term or condition, and Mercatus’s failure to assert any right or demand compliance with any provision of this Privacy Policy shall not be deemed to constitute a waiver of any such right or provision.

Contact Us

If you have any questions concerning this Privacy Policy, you may contact us at the following email or write to us at the following address:

Email: info@mercatusfinance.com

Mercatus Finance
Attn: Compliance
30 Burton Hills Boulevard, Suite 210
Nashville, TN 37215

Date of this version of Privacy Policy: October 1, 2023

NOTICE TO PERSONS LOCATED IN CALIFORNIA

CALIFORNIA CONSUMER PRIVACY ACT PRIVACY NOTICE

Introduction

The purpose of this Privacy Policy/Notice is to provide you with information on our use of Personal Information (as defined below) in accordance with the California Consumer Privacy Act (the “CCPA”).

In this Privacy Notice, “we”, “us” and “our” refers collectively to Mercatus and its affiliates and/or delegates (together, “Mercatus”).

This Privacy Notice applies to all California residents who are our Investors, borrowers, employees, job applicants, part-time and temporary workers, and contractors (including current, future and former categories of these types of persons) with whom our course of conduct does not occur wholly outside the state of California.

Personal Information

“Personal Information” means personal information that reasonably can be used to identify any individual person, and may include personal information on investors or borrowers that investors or borrowers provide to us, as well as the personal information of individuals connected with investors (for example directors, trustees, employees, representatives, shareholders, investors, borrowers, clients, beneficial owners or agents).

In our use of Personal Information, we are characterized as a “business” under the CCPA. Our affiliates and delegates may act as “service providers.”

If you are a natural person, this will affect you directly. If you are a corporate investor or borrower (including, for these purposes, legal arrangements such as trusts or exempted limited partnerships) that provides us with Personal Information on individuals connected to you for any reason in relation to your investment or business with us, this will be relevant for those individuals, and the content of this Privacy Notice applies to such individuals also unless otherwise exempted pursuant to the CCPA.

What Type of Personal Information do we collect and how?

We may collect the following forms of Personal Information:

  • Identifiers such as your name, postal and residential address, email address, contact details, corporate contact information, tax identification number, and passport number.
  • Information classified as personal or protected information by state or federal law, including your nationality, place and date of birth, and correspondence records.
  • Commercial information, including tax information, credit history, bank account details, source of funds details, and details related to your investment activity.
  • Internet or other electronic network activity information, including, but not limited to, browsing history, search history, and information regarding a consumer’s interaction with an internet website, application, or advertisement.
  • Visual information, including your signature.
    Professional or employment-related information, including your employment, employer’s name, and income.
  • Education information, including your level of education.
    Inferences that we draw from your personal information to create a profile about your preferences.

 

We may collect this Personal Information in various ways, including:

  • Directly from you: You provide us with Personal Information through various interactions, including, but not limited to, investment in Mercatus loan affiliates, a loan or credit application (whether past, present or future), a resume submitted through our website, by a recruiter or other interactions and an interview.
  • Indirectly from other sources: We may also obtain Personal Information from associates with which you are associated and public sources.

Automatic Collection Tools. In addition, we automatically collect certain data from individuals who visit our website. To this end, we use data collection tools (“Cookies”) on our website to record certain usage information, such as the number and frequency of visitors to the website. This information may include the websites that you access immediately before and after your visit to our website, and which Internet browser you are using. Our website does not respond to Do Not Track Signals.

How and on what basis do we use Personal Information?

We use Personal Information for a variety of reasonable and legitimate business purposes, including, but not limited to, the following:

Where necessary for the performance of a contract, including:

  • administering or managing each loan or credit facility
  • sending you statements relating to your investment or loan
  • facilitating the continuation or termination of the contractual relationship between you and the Company
  • facilitating the transfer of funds, and administering and facilitating any other transaction, between you and the Company (including any third party acting on behalf of the Company, such as a service provider)

 

Where necessary for compliance with applicable legal or regulatory obligations, including:

  • undertaking investor due diligence including anti-money laundering and counter-terrorist financing checks, including verifying the identity and addresses of our investors and customers (and, where applicable, their beneficial owners)
  • sanctions screening and complying with applicable sanctions and embargo legislation
  • complying with requests from regulatory, governmental, tax and law enforcement authorities
  • surveillance and investigation activities
  • carrying out audit checks, and instructing our auditors
  • maintaining statutory registers
  • preventing and detecting fraud

 

Other business purposes, including:

  • complying with a legal, tax, accounting or regulatory obligation to which we or the third party are subject
  • assessing and processing requests you make
  • sending updates, information and notices or otherwise corresponding with you in connection with your investment or loan
  • investigating any complaints, or pursuing or defending any claims, proceedings or disputes
  • providing you with, and informing you about products and services
  • managing our risk and operations
  • complying with audit requirements
  • ensuring internal compliance with our policies and procedures
  • protecting the Company against fraud, breach of confidence or theft of proprietary materials
  • seeking professional advice, including legal advice
  • facilitating business asset transactions involving the Company
  • monitoring communications to/from us (where permitted by law)
  • protecting the security and integrity of our IT systems

Should we wish to use Personal Information for other specific purposes, we will contact you or provide you with other prior notice. We will not use Personal Information for any purposes inconsistent with this Privacy Notice without your permission.

With whom do we share Personal Information?

We do not sell any Personal Information to unaffiliated third-parties and have not sold any Personal Information in the past 12 months.

We may share Personal Information to carry out and implement any and all purposes and objects of the Company’s, including:

  • With the Company’s service providers (the “Delegates”), such as the Fund’s administrator and auditor, which may use Personal Information, for example to discharge the legal or regulatory requirements that apply directly to it. A Delegate will always use Personal Information in a way that is compatible with at least one of the purposes listed above for which we process Personal Information. The Delegates shall not retain, use, sell or otherwise disclose Personal Information for any purpose other than the specific business purpose for which we have provided the information to the Delegate.
  • With regulatory, administrative, law enforcement agencies, ombudsmen or other oversight bodies in certain circumstances where we and/or our Delegates are legally obliged to share Personal Information and other information with respect to with the relevant regulatory authorities. They, in turn, may exchange this information with other authorities, including foreign tax authorities.
  • As required by law or regulation, including to comply with a subpoena or similar legal process, including when we believe in good faith that disclosure is legally required.
  • Where necessary to protect the Company’s rights and property

Retention of Personal Information

We retain Personal Information for as long as required by us to meet contractual obligations and perform the services or comply with applicable legal or regulatory obligations.

How do we protect Personal Information?

We and our duly authorized Delegates apply appropriate technical, physical, and administrative information security measures designed to protect against unauthorized or unlawful processing of Personal Information, and against accidental loss or destruction of, or damage to, Personal Information.

Children’s Privacy

We are committed to protecting the privacy needs of children and we encourage parents and guardians to take an active role in their children’s online activities and interests. Our services are not intended for and may not be used by children under the age of 13. We do not knowingly collect information from children under the age of 13 and we do not target children under the age of 13.

Non-Discrimination

Under the CCPA, you cannot be discriminated against for exercising your rights to access or request erasure of your Personal Information.

California Shine the Light Disclosure

California’s “Shine the Light” law permits California residents to annually request and obtain information free of charge about what personal information is disclosed to third parties for direct marketing purposes in the preceding calendar year. We do not distribute your personal information to outside parties without your consent for their direct marketing.

Rights under the CCPA

You have certain rights under the CCPA. These include the right to: (i) request the deletion of your Personal Information that we collect or maintain; (ii) opt out of the sale of Personal Information; and (iii) obtain a copy of your Personal Information in a portable format.

How to exercise your CCPA Rights

Individuals who submit requests for access or erasure of personal information will be required to verify their identity by answering certain questions. We will not disclose or delete any information until such individual’s identity is verified.

If you are making a request for access, we may not be able to provide specific pieces of personal information if the disclosure creates a substantial, articulable, and unreasonable risk to the security of your personal information, your account with us, or our systems or networks.

If you are making a request for erasure, we will ask that you confirm that you would like us to delete your personal information again before your request is submitted. In certain circumstances, we may not erase all personal information, as permitted by the CCPA.

You may designate an authorized agent to submit a request on your behalf by providing that agent with your written permission. If an agent makes a request on your behalf, we may still ask that you verify your identity directly with us before we can honor the request.

Agents who make requests on behalf of individuals will be required to verify the request by submitting written authorization from the individual. We will not honor any requests from agents until authorization is verified.

Complaints

We take very seriously any complaints we receive about our use of Personal Information. Please contact us using the information below if you have any questions, comments, requests or complaints regarding this Privacy Notice, or if you wish to discuss your data protection rights with us.

Contact Information

You may have certain rights under the CCPA. These include the right to: (i) request the deletion of your Personal Information that we collect or maintain; (ii) opt out of the sale of Personal Information; and (iii) obtain a copy of your Personal Information in a portable format. If you wish to exercise any of these rights, you should contact Mercatus at the address below.

Mercatus Finance
Attn: Compliance
30 Burton Hills Boulevard, Suite 210
Nashville, TN 37215

Email: info@mercatusfinance.com

DATA PROTECTION INFORMATION AND DISCLOSURES TO EU RECIPIENTS

In the course of our correspondence and other dealings with you, we will receive information relating to you and/or, where you act as an agent or a representative of a legal person or other entity (rather than a natural person), information relating to other officers, directors, partners, members or employees of that legal person or other entity (such information, “personal information”). If the personal information you provide to us does not relate to you, you agree to provide the disclosures set out below to the individuals whose personal information you have provided.

Personal information is subject to certain legal safeguards specified in the General Data Protection Regulation (2016/679) (“GDPR”) and any secondary and domestic legislation implementing the GDPR (together, the “Data Protection Legislation”). Mercatus (the “Firm” or “we”) is a ‘controller’ of your personal information for the purposes of the GDPR. The Data Protection Legislation prescribes the way in which we may collect, retain and handle personal information.

With whom do we share your personal information?

We may share certain of your personal information with the following categories of third parties for the following reasons:

  • advisers (e.g. auditors, legal counsel and tax advisers) to the Company relating to or in connection with the operation of the Company’s business, compliance with its legal, regulatory or contractual obligations and/or your investments with us
  • affiliates of the Company for the purpose of undertaking its business
  • law enforcement agencies; regulatory or tax authorities and other governmental or public agencies or authorities in order to comply with our legal or regulatory obligations or at their request in furtherance of their objectives

They may in turn use the services of their affiliates or service providers to process your personal information where necessary or appropriate. Where we share your personal information with a third party, we, to the best of our ability, take steps to help ensure the recipients of that personal information will process it appropriately.

What personal information will we process?

The types of personal information relating to you may include, for example:

  • name, business and/or private email address, postal address and/or telephone number, date of birth and gender
  • domicile and other geographic location data
  • bank account details, source of wealth information, accounts and bank statements
  • information relating to regulatory status or eligibility to make investments
  • copies of passports and other documentation required for identity or address verification purposes

How do we use your personal information?

We will process your personal information in order to process queries, undertake normal business activities in order to offer our services and manage loans on behalf of clients, and to exercise our rights at law or under contract. We will also use your personal information, where required, in order to comply with our legal and regulatory obligations. This may include, without limitation, preventing fraud, carrying out money laundering checks or conflict checks, and reporting to national and international regulatory and tax authorities. We may also process your personal information to manage and administer our business, to analyze and improve relationships with our customers and service providers, and for business development activities. We may share your personal information with third parties (including legal advisors and law enforcement agencies) in order to respond to investigations, court orders, legal process, or to investigate, prevent or take action regarding illegal activities, suspected fraud, or as otherwise required by law.

The Company may also use your information in order to provide you with information of products you may be interested in.

Lawful bases for processing your personal information

The lawful bases for processing your personal information are as follows:

  • Performance of contract: to ensure our ability to perform our obligations under investment or loan contracts, agreements and other documents that form the basis for our contractual relationship with you (or, in certain circumstances, another person), and certain required pre-contractual steps. If we cannot process personal information as required, it may not be possible for us to perform our obligations under the relevant contract, and we may be required to terminate the contract.
  • Legal obligations: we are required to comply with applicable legal and regulatory requirements, including, for example, any regulatory or tax reporting requirements; to carry out money laundering/terrorist financing checks, conflict checks, for purposes of fraud prevention, to comply with any applicable auditing or financial reporting requirements; and to comply with information disclosure requests from regulatory, tax or other governmental or public authorities

In addition to the above lawful bases for processing your personal information, your personal information will also be processed on the basis of our legitimate interests:

  • to exercise and comply with the Company’s rights and obligations at law or under regulation, where such obligations are set out under the laws of countries outside the European Economic Area (“EEA”), or under a contract to which we are a party
  • to manage and administer our business and to analyze and improve our business relationships
  • to communicate with you in respect of any products offered by us
  • to undertake risk assessment and operational control exercises; for statistical and trend analysis; for systems administration, operation, testing and support and to manage and ensure the security of our information systems
  • to help detect, prevent, investigate, and prosecute fraud and/or other criminal activity
  • to disclose information to a governmental, tax or regulatory body, financial market, broker or other intermediaries, counterparties, court, auditors or other third parties and to undertake compliance activities, when this is in our interests, or in the interests of any of our clients, including where the laws of the European Union or a member state of the European Economic Area do not require us to do the same
  • to establish, exercise or defend legal claims; and in order to protect and enforce the rights, property, or safety of the Company, our customers, or to assist our customers or investors or others to do the same
  • to investigate and respond to any complaints about the Company and its business or any incidents relating to the Firm and to help maintain quality and to deal with complaints and disputes.

When processing your personal information, we will comply with the relevant requirements under the GDPR as applicable to us.

Transfers of your personal information outside Europe

The Company may transfer certain of your personal information to non-EEA affiliates and third party service providers, as described above, located in countries outside of the European Economic Area (the “EEA”). Such transfers may be made at least to the following jurisdictions: the United States, the Cayman Islands, Canada.

Where we share your personal information with persons outside the EEA we will, to the extent practicable, take appropriate steps to ensure your personal information is subject to safeguards in compliance with the requirements of Data Protection Legislation. We will seek to achieve this by entering into appropriate data transfer agreements with third party recipients of your personal information which may set out the standard contractual clauses approved by the European Commission governing the transfer of personal data outside the EEA, where possible. Please contact us if you would like a copy of the standard contractual clauses.

How long is your personal information retained?

We will not seek to retain your personal information for longer than is necessary in relation to the purposes for which your personal information is processed and in accordance with regulatory requirements. Generally, we will retain your personal information for 5 years after the end of any relevant relationship. Personal information may be retained for longer if it is required by law, or by a tax or regulatory authority, a law enforcement agency or other governmental or public body, or considered necessary in order to allow us to act in accordance with a specific set of circumstances, for example, in light of an actual or a potential legal action or a regulatory investigation.

Where do we collect your Personal Information?

The Company may collect personal data through a range of means. These may include direct interactions (where a person provides personal data to us through correspondence or other direct methods of communication, including communications relating to investments), and third-party or publicly available sources (where the Company receives personal data through a publicly available source such as a website or publicly-available registry).

Your rights in relation to the personal information we process about you

You have various rights under Data Protection Legislation in relation to the personal information relating to you. These include:

  • the right to request access to your personal information
  • the right to have your personal information rectified
  • the right to have your personal information erased in certain circumstances
  • the right to request that your personal information is only used for restricted purposes
  • (if the lawful basis for processing your personal information is the legitimate interest of the Company) the right to object to your personal information being processed, for example, for marketing purposes
  • (in some circumstances) the right to require certain of your personal information to be transferred to you or a third party
  • the right to lodge a complaint with the relevant data regulator in your jurisdiction

You can seek to exercise any of these rights by contacting us at: info@mercatusfinance.com.

Questions or complaints

If you have any questions or complaints regarding the processing of your personal information, please contact us directly at: info@mercatusfinance.com.

Complaints regarding our processing of your personal information may also be made directly to the relevant data protection regulator in the EU.