11th of June 2020

Thank you for visiting our website and your interest in our company and services. Data protection and data security are very important to us. For your further visits to our website, we would like to inform you about data collection, processing and use when visiting, registering and using our service. As well as objection, revocation and other rights to which you are entitled as a person affected by data collection and use. 

This we do in compliance with the applicable data protection legislation and have committed to a vast selection of Privacy Laws form across the globe based on our customer base. In particular we adhere to the; 

  • EU-US Privacy Shield Framework published by the US Department of Commerce 
  • Federal Trade Commission FIPs 
  • California Consumer Privacy Act,
  • EU General Data Protection Regulation (GDPR)

Soho Realty and Mortgage Lending, Inc is the Controller of your personal data.

This Data Protection Policy describes how we handle and protect your personal data and the choices available to you regarding collection, process, access, and how to update, correct and delete your personal data. Additional information on our personal data practices can be found in our Terms and Conditions. This Data Protection Policy is intended for you as a user of our website and services. 

What is personal data?

Personal data refers to any information relating to an identified or identifiable natural person (“Personal Data”).

What data do we collect?

We may collect data or ask you to provide certain data when you use our website and services. The sources from which we collect Personal Data are:

Data collected directly from you or your device relating to an identified or identifiable natural person (“Data Subject”) and may include direct identifiers such as name, address, email address, phone number.

Data collected online or through indirect identifiers such as login account number, login password, payment details, or IP address.

Data collected that is linked, for example if you have used our service and later choose us again, we will link your data and treat that linked data as Personal Data.

We organise collected Personal Data as Account Data and Billing Data.

Account Data is everything we need to set up your account and includes your email address and username, and information connected with our services, such as license keys, your First and Last Name, your Business address and phone number.

Billing data is everything we need to set up your payment including your name, email address, masked credit card number and in certain circumstances, your billing address and your phone number if this is not already collected.

As described above, we link data and if we have already collected some of your data, we will only ask you for the remaining data that is necessary to carry out the service contracted for.

On what grounds do we use Personal Data?

We use your Personal Data for the following purposes and on the following grounds:

On the basis of fulfilling our contract (when you use our service)

On the basis of your consent (when you subscribe to our newsletter)

On the basis of legal obligations (for obligations such as tax, accounting, anti-money laundering, or when a court or other authority asks us to)

On the basis of our legitimate interest (for communications about security, privacy and performance improvements of our services. Or for establishing, exercising or defending our legal rights.)

Of course, before relying on any of those legitimate interests we balance them against your interests and make sure they are compelling enough and will not cause any unwarranted harm.

When do we disclose your Personal Data?

We disclose your Personal Data in response to your business enquiry or your request for information within our Company in order to provide the best service possible and within our legitimate interest.

We may share your information with organisations that help us provide the services described in this Data Protection Policy and who may process such data on our behalf and in accordance with this Data Protection Policy, to support this website and our services. For example, with our legal other professional advisors.

We may also share information with our secure payment gateway provider, and you may need to provide credit or debit card information directly to the provider in order to process payment details and authorise payment following a secure link. The information which you supply to in such cases is not within our control and is subject to the payment gateway provider’s own Privacy Notice and Terms and Conditions.

In relation to information obtained about you from your use of our website, we may share a cookie identifier and IP data with analytic and advertising network services providers to assist us in the improvement and optimisation of our website which is subject to our Cookies Policy.

We may disclose personal information in other circumstances such as when you agree to it or if the law, a Court order, a legal obligation or regulatory authority ask us to. If the purpose is the prevention of fraud or crime or if it is necessary to protect and defend our right, property or personal safety of our staff, the website and its users.

We will only keep the information required to provide our service as long as you are a client. So that we can meet our contractual obligations and for a period after that to identify issues, respect claim limitation periods and to resolve any legal proceedings.

You can learn how long your information is held and when it is destroyed from our Data Retention Policy which you can request using our contact form.

Your Rights

You have the right to:

  • information about the processing of your personal data
  • obtain access to the personal data held about you
  • ask for incorrect, inaccurate or incomplete personal data to be corrected
  • request that personal data be erased when it’s no longer needed or if processing it is unlawful
  • object to the processing of your personal data for marketing purposes or on grounds relating to your particular situation
  • request the restriction of the processing of your personal data in specific cases
  • receive your personal data in a machine-readable format and send it to another controller (‘data portability’)
  • request that decisions based on automated processing concerning you or significantly affecting you and based on your personal data are made by natural persons, not only by computers. You also have the right in this case to express your point of view and to contest the decision
  • Where the processing of your personal information is based on consent, you have the right to withdraw that consent without detriment at any time through our contact form.

California Privacy Rights

Sources and Categories of collected personal information you can find all sources and categories of collected personal information above.

Business or commercial purpose for collecting information you can find all purposes of processing personal information above.

Categories of third parties with whom the business shares personal information you can find all categories of recipients of personal information listed above.

If you are a California resident, you have the right to opt-out of the sale of your personal information. 

To make such a request, feel free to contact us by email [email protected]  

To opt-out of sharing your personal information with third parties to advertise our services, please additionally manage user-enabled global privacy controls, including disabling or deleting browser cookies through your browser settings as explained below.

How do we protect your Personal Data?

We protect your data using state of the art technical, and physical safeguards and operate a firm system of policies, confidentiality agreements, digital safeguards and procedures to ensure the highest level of administrative protection.

In more detail to access our database the user must be authorised, is challenged through a two-way authentication system and use an encrypted VPN. Also, the removal of Personal Data from our location is forbidden and made by using a complex encryption system very difficult. We use cutting edge antivirus and anti-malware software and up-to-date firewall protection. Moreover, authorised personnel must have a legitimate need to know interest such as being your point of contact or service your user account.

The data we collect from you may be stored, with appropriate technical and organisational security measures applied to it, on our servers in the USA. In all cases, we follow generally high data protection standards and advanced security measures to protect the personal data submitted to us, both during transmission and once we receive it.

To exercise any of your rights, or if you have any questions or complaints about our use of your Personal Data and this policy, please contact us using our contact form.

Use of cookies and Web analytics

We use the following technologies to analyze and optimize our website offering: Google Analytics from Google Inc., based in Mountain View, California, USA (hereinafter referred to as “Google”) as well as “Tealium Universal Data Hub” and “Tealium Tag Management System ( “TMS”) “, both services of Tealium Inc., 11085 Torreyana Road, San Diego, CA 92121, USA (” Tealium “). 

Google uses so-called cookies, which are stored on your computer. The tracking data collected by the cookies about your use of this website is transmitted to Google servers in the USA and stored there. Your IP address will also be transmitted but will be anonymized at Google before being saved so that it can no longer be assigned to you. Google uses the anonymize method for this.

When using our website, Google can store the following data and evaluate it anonymously and exclusively for statistical purposes: the pages visited and their sequence, the operating system and browser used, date and time of the page visits, the address of the previously viewed website.

From the data collected when using the website, Tealium uses pseudonyms to create usage profiles (“pseudonymized usage profiles”). Tealium uses the data collected on our behalf to make the use of the website automated and in real time as required. For this purpose, for example, the following information is collected: viewed and clicked advertisements, completed forms, advertising and use of the pages and functions. The pseudonymized usage profiles can also be merged with your data and personal data, which you provide on forms and logins, customer portals etc., as well as the data transmitted by your browser. Tealium uses cookies or similar technologies to create pseudonymized usage profiles.

Advertising technologies

Our website uses the following technologies for advertising purposes Universal Analytics, AdWords, Dynamic Remarketing from Google, Facebook Custom Audiences and Facebook Connect, Twitter Advertising, Optimizely and Mailchimp. Those are modern, advanced analysis methods and tools to understand users’ habits on our website. This information helps us improve our products and services and provide relevant services and information. In principle, we use only anonymized data that does not allow us to identify the user.

Below we describe the analysis services and technology that we use for such purposes. Additionally, we show how you can prevent these services from analysis of your use of our website.

Google Universal Analytics

Google Analytics is an analysis tool that prepares data on how users use our website for statistical evaluation. It sends information on page visits and user actions (i.e. the duration, sequence, and URL of visits and page visits, the previous page visited by the user and information on the user’s computer, operating system, browser, settings and approximate location) to Google’s servers. It uses cookies and similar resources, e.g. tracking pixels, to recognize users and attribute various actions and visits across different devices and sessions using anonymous characteristics, such as identification numbers. No personal data is sent to Google; IP addresses – used to locate a computer are masked in advance (certain characters are removed). Google provides more information in its data protection documentation. You can install an add-on to deactivate Google Analytics in your browser.

Google Adwords Conversions 

Google AdWords Conversions and Google DoubleClick Floodlight enable us to determine how clicks on adverts or information on Google platforms effectively lead to transactions and similar user actions on our website. These features use temporary cookies from Google and do not process user data. Google provides options to prevent the use of these cookies; alternatively, you can change the settings in your browser.

Google Dynamic Remarketing

With Google Dynamic Remarketing, we can use the anonymized IDs generated by cookies (e.g. Google Analytics) to compile groups and lists of users and website visitors based on certain criteria, e.g. certain activities or from existing datasets, in order to provide users with information and advertisements for our services and content, tailored to their interests and preferences, on Google’s services. Google cookies are also used for this. You can prevent the use of these cookies for advertisements on Google services and by several other providers at the Digital Advertising Alliance.

Google Tag Manager

We use Google Tag Manager to embed tags in our website. When it detects an incoming http request, it collects the IP address and stores it temporarily in order to correct any connection errors.

Facebook Custom Audiences

Facebook Custom Audiences enables us to use existing datasets to compile groups and lists of users based on certain criteria in order to provide users with information and advertisements, tailored to their interests and preferences, on Facebook’s services. Before transmission to Facebook, the data is irreversibly encrypted in the form of hash values on our computers; Facebook can compare these against its user databases. You can opt out of this form of advertising by changing the settings at the Digital Advertising Alliance page.

Facebook Lookalike Audiences

Facebook Lookalike Audiences enables us to use existing datasets to compile groups and lists of users based on certain criteria in order to provide users with similar interests and preferences with relevant information on Facebook’s services. Before transmission to Facebook, the data is irreversibly encrypted in the form of hash values (encrypted numeric values) on our computers. You can opt out of this form of advertising by changing the settings on the Digital Advertising Alliance page.

Facebook Connect

Facebook Connect is a Facebook tool that allows Facebook users to log into other websites, apps and services using their Facebook account. Thus, the other service gains access to some of the preferences of the user’s Facebook account and social connections on which it can base its own products and services. This is dependent on the user’s Facebook settings. More details are available in the privacy policy of Facebook. Facebook may use data on how users use such other services in order to recognize visitors to our website on its services, which enables it to tailor its advertisements to the interests and preferences of the user. You can opt out of this form of advertising by changing the settings at the Digital Advertising Alliance page.

Twitter advertising

Twitter provides advertising services that use cookies, mobile device IDs or hash values for email addresses in order to recognize visitors to our website on its services and provide them with advertisements tailored to their interests and preferences. These measures can be limited or deactivated by changing the settings of your Twitter account.

Social Media Widgets

We display sharing buttons so you can use social networking to share items from our site. It also includes the recommend buttons and other interactive programs that run on our site that collect your IP address, which page you are visiting on our site, and sets a cookie to enable the widget to function properly. Your interactions with these Widgets are governed by the privacy policy of the company providing them.


This Data Protection Policy and our commitment to protecting the privacy of your personal data can result in changes to this Data Protection Policy. Please regularly review this Data Protection Policy to keep up to date with any changes.

Queries and Complaints 

Any comments or queries on this policy should be directed to us using the following contact details.

Soho Realty and Mortgage Lending, Inc

19901 Southwest Fwy, Sugar Land, TX 77479

[email protected] 

+1 855-641-7646