The Mortgage Information Standards Maintenance Organization, Inc. (“MISMO” or “we”) knows that you care how information about you and your organization is used and shared, and we appreciate your trust that we will do so carefully and sensibly. This notice describes our privacy policy. By visiting mxcompliance.mismo.org, you are accepting the practices described in this Privacy Statement.

Information Collection

Most data MISMO collects is used to help MISMO serve site users.  MISMO is the sole owner of the information collected on mxcompliance.mismo.org. MISMO collects information from our users at several different points on this Web site:

Server Logs: Users to the public areas of this Web site browse anonymously.  However, the MISMO web server does collect aggregate data, such as number of access attempts by page.

MXCompliance Service Ordering: MISMO collects and saves information provided to it when you order an MXCompliance Service (“Applicant Order Information”), which Information will include both company and user-specific information. 

Provision of MXCompliance Services: MISMO collects and saves information provided to it in the process of performing the MXCompliance Services, including without limitation, XML files, log files, and self-assertion statements.

Request Information: MISMO collects contact information from users who wish to request additional information.  To be directed to MISMO contact information use the “Contact” link on the web site.

Information Use

Applicant Order Information and Information Collected in connection with the Provision of MXCompliance Services
The information collected and retained by MISMO is used to supply you and your company with requested MXCompliance Services in accordance with the MISMO XML Compliance Certification Policy and related agreements, administer MISMO business, perform Verification Services for third parties pursuant to the MISMO XML Compliance Certification Policy, and communicate with you or provide products, services, and other information to you.  MISMO does not share this information with any third parties other than (a) third-party order processing providers or other vendors that MISMO may engage in connection with the provision of MXCompliance Services and (b) its parent, MBA, Mortgage Bankers Association whose personnel may assist MISMO with the provision of the Services.

Information Requests
Personal information collected from users who request information from MISMO will only be used to respond to the inquiry and alert you (via email) to announcements, information, and updates relating to MXCompliance or MISMO.

Cookies
MISMO does not use persistent cookies on our site. However, under normal use we do employ session ID cookies while a user is logged in. A session ID cookies vanishes once a user closes his or her browser. A user can disable session ID cookies and still utilize the Site’s services. In this case, session information is appended to the URL that is used to request new pages.

Log Files
Like most standard Web site servers we use log files. This includes internet protocol (IP) addresses, browser type, internet service provider (ISP), referring/exit pages, platform type, date/time stamp, and number of clicks to analyze trends, administer the site, track user’s movement in the aggregate, and gather broad demographic information for aggregate use. IP addresses, etc. are not linked to personally identifiable information.

Communications from the Site
Relating to Provision of MXCompliance Services: We send all new Applicants an email during registration to verify password and username. Changes in user preferences (e.g. changing login password) and the subsequent addition of users to your account will also lead to a confirmation email sent for security purposes.  In addition, during the course of provision of MXCompliance Services, Applicants will receive emails as set forth in the MISMO XML Compliance Certification Policy and related agreements. 

Service Announcements: On rare occasions it is necessary to send out a strictly service related announcement. For instance, if our service is temporarily suspended for maintenance we might send users an email.  These communications are not promotional in nature.

Customer Service: We communicate with users on a regular basis to respond to service questions and requests. In regards to issues relating to their account, we reply via email or phone, in accordance with the user’s wishes, if expressed to MISMO in writing.

Links
This Web site may contains links to other sites. Please be aware that MISMO is not responsible for the privacy practices of such other sites. We encourage our users to be aware when they leave our site and to read the privacy statements of each and every Web site that collects personally identifiable information. This privacy statement applies solely to information collected by this Web site.

Sharing
LEGAL DISCLAIMER: Although we make every effort to preserve user privacy, we do need to disclose Applicant Order Information to third-party order processing providers utilized in connection with the MXCompliance Services.  In addition, we may need to disclose personal information when required by law if we have a good-faith belief that such action is necessary to comply with a current judicial proceeding, a court order or legal process served on our Web site.

In no other circumstances do we share any personal information with any partners, service providers or other third parties. We may however share with third parties aggregate data that do not disclose any personally-identifiable information.

Security
This Web site takes commercially reasonable precautions to protect our users’ information. When users submit sensitive information via the Web site, their information is protected both online and off-line.

All Applicant Order and other information entered by a user on the site is encrypted and is protected with SSL encryption software. While on a secure page the lock icon on the bottom of Web browsers such as Netscape Navigator and Microsoft Internet Explorer becomes locked, as opposed to un-locked, or open, when users are just ‘surfing’.

While we use SSL encryption to protect sensitive information online, we also protect user-information off-line. User information is restricted in our offices and requires proper authorization to be accessed. Only employees who need the information to perform a specific job are granted access to personally identifiable information. Furthermore, we strive to keep all employees up-to-date on our security and privacy practices. Periodically, our employees are notified and/or reminded about the importance we place on privacy, and what they can do to ensure our users’ information is protected. Finally, the servers that store personally identifiable information are in a secure locked environment.

If users have any questions about the security at our Web site, users can send an email to mxcompliance@mismo.org.

Correcting/Updating/Deleting/Deactivating Personal Information
If a user’s personally identifiable information changes (such as zip code, phone, email or postal address), or if a user no longer desires our service, email our Customer Support at mxcompliance@mismo.org or click the “Contact” link on this Web site in order to inform MISMO of the changes.

Notification of Changes
If we decide to change our privacy policy, we will post those changes to this privacy statement, the homepage, and other places we deem appropriate so our users are aware of what information we collect, how we use it, and under what circumstances, if any, we disclose it.   If we make any material changes in our privacy practices, we will post a notice on our Web site notifying users of the change.  In some cases we may also email users, notifying them of the changes in our privacy practices.

Contact Information
If users have any questions or suggestions regarding our privacy policy, please contact us at:
Phone: (202) 557-2843
Fax: (202) 721-0245
Email: mxcompliance@mismo.org
Postal Address: MISMO, 1919 Pennsylvania Avenue, Washington DC 20016

Corrections and Updates
If you have an account with us, you may correct or modify your Applicant information by using the “Contact” link on this website or sending us an e-mail to mxcompliance@mismo.org.

Miscellaneous
MISMO may modify this policy from time to time and at any time. You can determine whether the policy has been updated since you last reviewed it by checking the "Last Updated On" date at the top of this Privacy Policy.

If at any time you believe MISMO has not adhered to this policy, please notify us and we will use commercially reasonable efforts to promptly identify, diagnose and correct the problem. This is MISMO’s sole obligation and your sole remedy for MISMO’s breach of this Privacy Policy. You may reach us by e-mail at mxcompliance@mismo.org or by mail at MISMO, 1919 Pennsylvania Avenue, N.W., Washington, D.C. 20006.