How Capstar Lending, LLC Protects Your Personal Information:
Information We Collect
When you visit our website, we may collect certain types of information from you, such as information you voluntarily provide via forms, applications, etc.
Identification and Assessment of Risks
Capstar Lending LLC (Capstar) understands the importance of identifying internal and external threats that could result in unauthorized disclosure, misuse, alteration, or destruction of consumer information or consumer records.
These risks include, but are not limited to:
- Unauthorized access of consumer information by someone other than the owner of the consumer information.
- Compromised information as a result of computer access by an unauthorized person.
- Interception of data during transmission.
- Physical loss of data.
- Unauthorized access of consumer information by employees.
- Unauthorized requests for consumer information.
- Unauthorized access to files or reports.
- Unauthorized transfer of consumer information through a third party.
Ongoing assessments of risk are conducted for all areas of operations of Capstar.
All new hires of Capstar are checked against the HUD Limited Denial of Participation List and the GSA Excluded Party List Search.
Each new employee of Capstar will receive training on the importance of safeguarding NPPI, the proper use of computer information and passwords, and how to properly dispose of documents that contain NPPI. Annual reminders will go out to current Capstar employees at least once a year to increase awareness of the importance of preserving the confidentiality and security of NPPI.
Oversight of Service Providers
Capstar monitors its’ Service Providers for compliance with information security requirements by:
- Conducting due diligence in the initial selection of a Service Provider with compliance to information security;
- Requiring all Service Providers to implement appropriate security procedures to ensure the security of all consumer information provided to them;
- Cancellation of a contract if it is discovered that the Service Provider is not complying with their information security program.
Employees of Capstar must care for electronic data, paper data, correspondence, computer screens, and other repositories of borrower information to safeguard it from unauthorized disclosure or corruption. Capstar policy requires that borrower information be disclosed only to those necessary to complete the loan transaction.
Additional precautions are:
- A Clean Desk. Files must be secured or put away and all files and work papers must be secured at the end of each work day.
- Awareness. All employees must be aware of Capstar’s security requirements. All employees are required to report any breach of the security safeguards to the Capstar Operations Manager.
- Password–Protected Screen Savers. Password-protection screen savers are set to automatically enable after 15 minutes. As a standard practice employees must log out of their computers or lock them for longer absences.
- Telephone Security. Identity theft and other privacy invasions often begin with telephone inquiries. Employees will make sure that the person requesting information is the owner of the information or someone authorized to have access to the information.
- Employee Terminations. When an employee is no longer employed by Capstar, that employee will no longer have access to Capstar loan files.