Commitment to Privacy Protection for Its Customers

Contemporary Mortgage Services, Inc. (CMS) is committed to safeguarding the individual privacy rights of all of its customers. CMS strongly believes that it has a responsibility to protect from disclosure to unauthorized parties the nonpublic, personal information (e.g., name, address, date of birth, social security number, etc.) of its customers. Therefore, CMS has adopted and implemented this privacy policy to protect your account and nonpublic personal information.

Section 1. Collection and Receipt of Nonpublic Personal Information

Since you are our customer, we collect and receive nonpublic personal information about you. This includes information such as your name, Social Security Number, birth date, assets, and income. We collect this information from the following sources:

· Information we receive from you or your representative on loan applications, verifications, correspondence, e-mail and other communications;

· Information received from credit reporting agencies and public records, used to verify your identity, to assess creditworthiness, or to better understand your need for products or services;

· Information received from other lenders or financial institutions when, with your consent;

· Information that CMS may automatically collect and store from all website customers;

Section 2. Notice and Disclosure

CMS does not sell, trade, or disclose nonpublic personal information of its customers to any unauthorized third parties. However, CMS is required to share your information in the delivery of financial products and services, in the following circumstances:

1) When you have authorized the disclosure of information in circumstances including but not limited to certifications you have made on loan applications to financial institutions/investors which offer and underwrite mortgage loan programs.

3) When CMS needs to share your information to provide products or services that you requested; for example, as when an authorized credit check is performed.

4) When CMS is required to disclose your information by order of court or subpoena, pursuant to state, local, federal, or international statute, regulation or mandate, and in cooperation with law enforcement agencies.

Additionally, CMS sometimes shares information with other companies that perform services, or produce goods and products, which CMS does not. For example, we sometimes use outside companies to print documents, prepare statements, to perform software programming, or to provide loan processing support. When outside companies are used, CMS provides them with only the information needed to perform that particular service. Before representatives of the outside company receive such information, we require that they sign an agreement to keep all nonpublic personal or proprietary information confidential. These outside companies may not use this information for their own purposes.

Section 3. Access to Written (Hard Copy) Information

No hard copy customer files are to be left on desks in areas where persons other than CMS employees have access. All customer files must either be stored each evening either in locked filing cabinets or in locked offices. Hard copy documents containing customer information no longer necessary for the processing of the mortgage loan application or otherwise required to be maintained for file retention purposes are to be immediately shredded or placed in locked storage areas until such time as the documents may be shredded/destroyed.

Section 4. Data Quality and Access

CMS will take all reasonable steps to assure that the information about its customers is accurate, complete, and timely for the purpose for which it is intended to be used. CMS will take every measure to establish appropriate processes or mechanisms so that inaccuracies or errors in customers’ information may be corrected timely by CMS. For information on how to contact CMS, refer to the How to Contact CMS section of this CMS Privacy Policy. CMS will try to make these processes and mechanisms as simple and easy to use as possible, while providing assurances that the erroneous and inaccurate information has been corrected timely.

The information contained on CMS websites is subject to change without prior advance notice.

Section 5. Data Security

Securing customers’ nonpublic personal information is very important to CMS. Therefore, CMS has implemented several security measures to protect customers’ personally identifying information from loss, misuse, or alteration.

When customers send personally identifying information to CMS via CMS websites, CMS requires that a secure session be established first, using Secure Socket Layer (SSL) technology. Basically, SSL does three things:

1. Creates a secure communication channel by encrypting communication between the user and the server.

2. Authenticates that the server to which you are connected is indeed correct. You can be assured that you are actually communicating with us, and not a third party trying to intercept the transaction.

3. Conducts a cryptographic word count to ensure data integrity between the server and the user. He word count (or checksum) provides a count of the number of bytes in a document and ensures the exact number of bytes is transmitted and received. With SSL, even this check sum is encrypted so it cannot be modified. If a message is not received in its entirety, it is rejected and another copy of the message is sent automatically.

For security purposes, CMS uses special software programs to monitor web site traffic and to identify unauthorized attempts to upload or change information or otherwise to cause damage to CMS websites. These programs do not collect personally identifying information about customers, but do enable CMS to collect information allowing CMS to identify website users attempting to tamper with CMS websites. CMS has policies in place against the misuse, misappropriation, unauthorized access, tampering, damage, destruction, or unlawful utilization of CMS websites and computer systems and will seek the maximum enforcement of state, federal, and international criminal laws against any individual engaging in such activity. Additionally, CMS will seek the maximum amount of civil damages available under the law for the unauthorized use and/or misuse of its websites and computer systems.

Please note that when customers send electronic mail messages (e-mail) to CMS, the customers’ messages will contain the customers’ return e-mail address. Thus, CMS may utilize customers’ e-mail addresses in responding to customer inquiries and the content of customers’ e-mail in formulating a response.

Customer e-mail sent to CMS is not necessarily secure against interception. Do not initiate communication with CMS by e-mail if your communication will include nonpublic personal information like your Social Security Number, bank account number, or other personally identifying information that you wish to protect.

Section 6. Links to Other Websites

CMS may have links on its websites to other vendors and third parties. These links give customers the opportunity to explore opportunities with vendors or third parties having a relationship with CMS.

Customers should be aware that other websites to which a customer links from CMS websites may contain privacy policies, statements, promises, or provisions that differ from the CMS Privacy Policy and customers are encouraged to fully review the privacy statements of other websites to determine whether or not the customers’ use of the sites comports with the customers’ desire to maintain the privacy of his/her personally identifying information.

CMS expressly forbids others to link to an CMS website without gaining authorization from CMS first.

If you wish to link to a CMS website, contact CMS at:

Website Linking

Contemporary Mortgage Services, Inc.

498 Palm Springs Drive Ste. 220

Altamonte Springs, FL 32701

info@contemporarymortgage.com

Section 7. Contacts from CMS

CMS will contact its customers via phone, e-mail, fax, and regular mail depending on the relationship between CMS and the customer. The nature, method, and frequency of contact will all be driven by the relationship between the customer and CMS. It is important to note that CMS will reasonably accommodate customers’ requests for a specific type of communication except in instances involving matters with prescribed communication requirements.

Section 8. Changes to CMS’S Privacy Policy

The CMS Privacy Policy may be modified when necessary to conform to federal, state, local, and international laws and regulations, and at other times to conform to technological changes, court decisions, or changes in CMS policy. Changes to the CMS Privacy Policy will be notated here when made so that customers may be fully informed about the privacy protections afforded to customers by CMS enabling customers to make an informed decision concerning a customer’s opt-out choices. It is recommended that customers check the CMS Privacy Policy each time a customer visits a CMS website.

Section 9. How to Contact CMS

CMS will strive to keep customer account data accurate and up-to-date. If a customer ever believes that the customer’s account information is not correct or incomplete, please feel free to contact CMS using the contact information listed below. CMS will investigate and correct any inaccuracies as quickly as possible.

Should a customer have any questions, concerns, or desire additional information concerning the CMS Privacy Policy please contact CMS by one of the following means:

E-mail: info@contemporarymortgage.com

or mail your inquiry to:

Contemporary Mortgage Services, Inc.

498 Palm Springs Drive Ste. 220

Altamonte Springs, FL 32701

Attn: Privacy Policy

Identity Theft Prevention Program

Purpose

To establish an Identity Theft Prevention Program designed to detect, prevent and mitigate identity theft in connection with the opening of a covered account or an existing covered account and to provide for continued administration of the Program in compliance with Part 681 of Title 16 of the Code of Federal Regulations implementing Sections 114 and 315 of the Fair and Accurate Credit Transactions Act (FACTA) of 2003.

 

Definitions

Identify theft means fraud committed or attempted using the identifying information of another person without authority.

 

A covered account means:

1. An account that a financial institution or creditor offers or maintains, primarily for personal, family, or household purposes that involves or is designed to permit multiple payments or transactions. Covered accounts include credit card accounts, mortgage loans, automobile loans, margin accounts, cell phone accounts, utility accounts, checking accounts and savings accounts; and

2. Any other account that the financial institution or creditor offers or maintains for which there is a reasonably foreseeable risk to customers or to the safety and soundness of the financial institution or creditor from identity theft, including financial, operational, compliance, reputation or litigation risks.

 

A red flag means a pattern, practice or specific activity that indicates the possible existence of identity theft.

 

The Program

CMS establishes an Identity Theft Prevention Program to detect, prevent and mitigate identity theft. The Program shall include reasonable policies and procedures to:

1. Identify relevant red flags for covered accounts it offers or maintains and incorporate those red flags into the program;

2. Detect red flags that have been incorporated into the Program;

3. Respond appropriately to any red flags that are detected to prevent and mitigate identity theft; and

4. Ensure the Program is updated periodically to reflect changes in risks to customers and to the safety and soundness of the creditor from identity theft.

 

The program shall, as appropriate, incorporate existing policies and procedures that control reasonably foreseeable risks.

 

Administration of Program

1. Contemporary Mortgage Services, Inc shall be responsible for the development, implementation, oversight and continued administration of the Program.

 

2. The Program shall train staff, as necessary, to effectively implement the Program; and

 

3. The Program shall exercise appropriate and effective oversight of service provider arrangements.

 

Identification of Relevant Red Flags

1. The Program shall include relevant red flags from the following categories as appropriate:

a. Alerts, notifications, or other warnings received from consumer reporting agencies or service providers, such as fraud detection services;

b. The presentation of suspicious documents;

c. The presentation of suspicious personal identifying information;

d. The unusual use of, or other suspicious activity related to, a covered account; and

e. Notice from customers, victims of identity theft, law enforcement authorities, or other persons regarding possible identity theft in connection with covered accounts.

 

2. The Program shall consider the following risk factors in identifying relevant red flags for covered accounts as appropriate:

a. The types of covered accounts offered or maintained;

b. The methods provided to open covered accounts;

c. The methods provided to access covered accounts; and

d. Its previous experience with identity theft.

 

3. The Program shall incorporate relevant red flags from sources such as:

a. Incidents of identity theft previously experienced;

b. Methods of identity theft that reflect changes in risk; and

c. Applicable supervisory guidance.

 

Detection of Red Flags

The Program shall address the detection of red flags in connection with the opening of covered accounts and existing covered accounts, such as by:

1. Obtaining identifying information about, and verifying the identity of, a person opening a covered account; and

 

2. Authenticating customers, monitoring transactions, and verifying the validity of change of address requests in the case of existing covered accounts.

 

Response

The Program shall provide for appropriate responses to detected red flags to prevent and mitigate identity theft. The response shall be commensurate with the degree of risk posed. Appropriate responses may include:

1. Monitor a covered account for evidence of identity theft;

2. Contact the customer;

3. Change any passwords, security codes or other security devices that permit access to a covered account;

4. Reopen a covered account with a new account number;

5. Not open a new covered account;

6. Close an existing covered account;

7. Notify law enforcement; or

8. Determine no response is warranted under the particular circumstances.

 

Updating the Program

The Program shall be updated periodically to reflect changes in risks to customers or to the safety and soundness of the organization from identity theft based on factors such as:

1. The experiences of the organization with identity theft;

2. Changes in methods of identity theft;

3. Changes in methods to detect, prevent and mitigate identity theft;

4. Changes in the types of accounts that the organization offers or maintains;

5. Changes in the business arrangements of the organization, including mergers, acquisitions, alliances, joint ventures and service provider arrangements.

 

Oversight of the Program

1. Oversight of the Program shall include:

a. Assignment of specific responsibility for implementation of the Program;

b. Review of reports prepared by staff regarding compliance; and

c. Approval of material changes to the Program as necessary to address changing risks of identity theft.

2. Reports shall be prepared as follows:

a. Staff responsible for development, implementation and administration of the

Program shall report to the president at least annually on compliance by the organization with the Program.

b. The report shall address material matters related to the Program and evaluate issues such as:

i. The effectiveness of the policies and procedures in addressing the risk of identity theft in connection with the opening of covered accounts and with respect to existing covered accounts;

ii. Service provider agreements;

iii. Significant incidents involving identity theft and management’s response; and

iv. Recommendations for material changes to the Program.

 

Oversight of Service Provider Arrangements

The organization shall take steps to ensure that the activity of a service provider is conducted in accordance with reasonable policies and procedures designed to detect, prevent and mitigate the risk of identity theft whenever the organization engages a service provider to perform an activity in connection with one or more covered accounts.

 

Duties Regarding Address Discrepancies

The organization shall develop policies and procedures designed to enable the organization to form a reasonable belief that a credit report relates to the consumer for whom it was requested if the organization receives a notice of address discrepancy from a nationwide consumer reporting agency indicating the address given by the consumer differs from the address contained in the consumer report.

The organization may reasonably confirm that an address is accurate by any of the following means:

1. Verification of the address with the consumer;

2. Review of the organization’s records;

3. Verification of the address through third-party sources; or

4. Other reasonable means.

 

If an accurate address is confirmed, the organization shall furnish the consumer’s address to the nationwide consumer reporting agency from which it received the notice of address discrepancy if:

1. The organization establishes a continuing relationship with the consumer; and

2. The organization, regularly and in the ordinary course of business, furnishes information to the consumer reporting agency.

 

This program will take effect immediately upon its passage, public welfare requiring it.

 

Approved this ___10th__day of ___April____, 2009_.

 

 

___Howard Howland___________________

President

Contemporary Mortgage Services, Inc.

 

Verification of Consumers’ Identity

CMS ensures consistency of information gathered at the application interview by obtaining 2 types of identifying documents required under the Patriot Act as well as paystubs, W-2s, bank statements and other documents which can be used to cross reference and verify identity.

Quality control reviews also re-verify consumers’ identity and address by performing “reverse look-up” searches on the consumers’ phone and address listings.

Credit reports ordered during the processing of the loan application include High Risk Fraud alerts to monitor the existence of possible fraudulent activity.

Red Flag Alerts

 

1. Fraud alert included with consumer report.

All credit reports ordered in connection with mortgage loan applications are require to perform High Risk Fraud alert / Safescan service.

 

2. Notice of a credit freeze in response to a request for a consumer report.

Verified through review of the variation section of the credit report.

 

3. A consumer reporting agency providing a notice of address discrepancy.

<<Credit report with Factual ID alerts>>

 

4. Unusual credit activity such as an increased number of accounts or inquiries.

Incorporated into the credit report review are the number of recent trade lines opened and recent inquiries.

 

5. Documents provided for identification appearing altered or forged.

During the application process as part of compliance to Patriot Act guidelines, we obtain the applicant name(s), date(s) of birth, physical address(s) and Social Security number(s). Additionally, we collect two forms of identification pursuant to Patriot Act guidelines to confirm this information.

 

6. Photograph on ID inconsistent with appearance of customer.

During the application process as part of compliance to Patriot Act guidelines, we obtain the applicant name(s), date(s) of birth, physical address(s) and Social Security number(s). Additionally, we collect two forms of identification pursuant to Patriot Act guidelines to confirm this information.

 

7. Information on ID inconsistent with information provided by person opening account.

During the application process as part of compliance to Patriot Act guidelines, we obtain the applicant name(s), date(s) of birth, physical address(s) and Social Security number(s). Additionally, we collect two forms of identification pursuant to Patriot Act guidelines to confirm this information.

 

8. Information on ID such as signature, inconsistent with information on file at the financial institution.

During the application process as part of compliance to Patriot Act guidelines, we obtain the applicant name(s), date(s) of birth, physical address(s) and Social Security number(s). Additionally, we collect two forms of identification pursuant to Patriot Act guidelines to confirm this information.

 

9. Application appearing forged or altered or destroyed and reassembled.

 

10. Information on ID not matching any address in the consumer report, Social Security number has not been issued or appears on the Social Security Administration’s Death Master File, a file of information associated with Social Security numbers of those who are deceased.

<<Credit report with Factual ID alerts>>

 

11. Lack of correlation between Social Security number range and date of birth.

<<Credit report with Factual ID alerts>>

 

12. Personal identifying information associated with known fraud activity.

<<Credit report with Factual ID alerts>>

 

13. Suspicious addresses supplied, such as a mail drop or prison, or phone numbers associated with pagers or answering service.

<<Credit report with Factual ID alerts>>

 

14. Social Security number provided matching that submitted by another person opening an account for other customers.

<<Credit report with Factual ID alerts>>

 

15. An address or phone number matching that supplied by a large number of applicants.

 

16. The person opening the account unable to supply identifying information in response to notification that the application is incomplete.

 

17. Personal information inconsistent with information already on file at financial institution or creditor.

 

18. Person opening account or customer unable to correctly answer challenge questions.

 

19. Shortly after change of address, creditor receiving request for additional users of account.

 

20. Most of available credit used for cash advances, jewelry or electronics, plus customer fails to make first payment.

Part of the credit report review is to examine current trade lines, delinquencies and defaults to determine if a pattern can be established.

 

21. Drastic change in payment patterns, use of available credit or spending patterns.

Part of the credit report review is to examine current trade lines, delinquencies and defaults to determine if a pattern can be established.

 

22. An account that has been inactive for a lengthy time suddenly exhibiting unusual activity.

 

23. Mail sent to customer repeatedly returned as undeliverable despite ongoing transactions on active account.

 

24. Financial institutions or creditor notified that customer is not receiving paper account statements.

 

25. Financial institution or creditor notified of unauthorized charges or transactions on customer’s account.

 

26. Financial institutions or creditor notified that it has opened a fraudulent account for a person engaged in identity theft.

 

 

These materials are not from HUD or FHA and were not approved by HUD or a government agency. The Sender is not in any way affiliated with any organization listed or referenced within this website, including HUD/FHA. The inclusion of various education, information, web links, or materials are not an endorsement of the Sender or any of its employees or business partners. For information directly from HUD/FHA, visit http://www.hudclips.com

 

Got a Question?

Do you have a question? We can help. Simply fill out the form below and we'll contact you with the answer, with no obligation to you. We guarantee your privacy.

Your Information
Your Question