Lendari Privacy Policy

v2 · pre-counsel review. This policy reflects Lendari as it operates today (invite-only, no Lendari billing — access via Lords of Lending membership or admin invitation) and remains subject to qualified legal counsel review prior to general availability. Contact team@lordsoflending.com with any questions.

1. Who we are

Lendari (the "Service") is operated by CX Lending LLC d/b/a Lords of Lending ("we," "us," or "Lendari"), a North Carolina limited liability company with a principal place of business at 3001 Wrightsville Ave., Suite A, Wilmington, NC 28403. References to "Lords of Lending" or "LoL" refer to our sister training and membership platform operated under the same legal entity at learn.lordsoflending.com.

This Privacy Policy explains how we collect, use, share, and protect information when you use Lendari, whether as an SBA broker (a paying member of Lords of Lending who uses Lendari to manage loan deals) or as a borrower (a customer of a broker who completes a loan application through a link your broker sent you).

2. What we collect

Account information

• Email address, password (hashed by Supabase, never stored in plain text), and authentication identifiers (e.g., Google OAuth subject ID if you sign in with Google).
• Name, company name, phone number, and profile picture if you provide them.
• For brokers: the email address associated with your active Lords of Lending Stripe membership, used to verify your access.

Loan application information (provided by borrowers)

• Business information: legal name, address, EIN, industry, years in business, revenue, EBITDA, ownership structure, and similar facts you supply on the SBA 7(a) application form.
• Personal information about owners, guarantors, and beneficial owners: full names, contact information, ownership percentages, U.S. citizenship status, prior bankruptcy/foreclosure disclosures, and credit-score ranges as self-reported.
• Loan request details, use-of-proceeds breakdown, financial history, existing debts, collateral information, and any notes you choose to add.

What we do NOT collect: Lendari does not pull consumer credit reports, run background checks, or verify income/employment. We do not request Social Security Numbers, driver's license images, full financial-account numbers, or banking credentials. All financial information in Lendari is self-reported by you. Document files (tax returns, financial statements, etc.) are not stored on our servers — they are uploaded directly to your broker's chosen cloud storage (e.g., Box, Dropbox, ShareFile, Google Drive) using a link the broker provides.

Usage information

• Pages you visit, actions you take (e.g., creating a deal, generating an AI memo), timestamps, and approximate location derived from IP address.
• Device and browser information (user agent, screen size, language).
• Cookies and similar technologies for authentication, session management, and security (e.g., Cloudflare Turnstile bot protection).

3. How we use information

• To operate the Service: account creation, authentication, loan pipeline management, AI credit-memo generation, document checklist coordination, and email delivery to borrowers and guarantors at your direction.
• To verify your eligibility (for brokers, by checking your active Lords of Lending Stripe subscription each session).
• To improve the Service: we may use de-identified, aggregated data — combined across Lendari and Lords of Lending — to improve our AI models, detect issues, and design new features. We do not use identifiable customer information to train AI models.
• To provide customer support and respond to your inquiries.
• To send transactional emails (account confirmations, checklist deliveries you request, application status updates) and, if you opt in, occasional product updates. Lendari itself does not bill users — broker access is granted through Lords of Lending membership or direct admin approval, so there are no Lendari invoices.
• To prevent fraud, abuse, and unauthorized access; to enforce our Terms of Service; and to comply with legal obligations.

4. How we share information

Lendari does not sell your personal information. We share it only in the following circumstances:

With your broker (if you are a borrower)

When you submit a loan application through a broker's invitation link, the broker named on that link receives all information you provided. The broker is the "data controller" of that information and may share it with SBA-participating lenders, underwriters, referral partners, and their own service providers as part of the loan-evaluation process. You authorize this sharing when you submit the application; review the consent prompt at submission for the exact scope.

Within our corporate family

We share information among CX Lending LLC and our sister brand Lords of Lending LLC for product operations, analytics, and de-identified AI improvement. These entities are governed by this Privacy Policy.

With sub-processors

We use vendors to operate Lendari. They access information only as needed to perform their service and are contractually bound to confidentiality and security:

• Supabase — Database, authentication, file storage (United States)
• Stripe — Payment processing, membership verification (United States)
• Vercel — Application hosting and edge delivery (United States)
• SendGrid (Twilio) — Transactional email delivery (United States)
• OpenAI — AI credit memo and content generation (United States)
• Anthropic — AI assistance (when used) (United States)
• Google — OAuth authentication, Places API (United States)
• Cloudflare — Bot protection (Turnstile) (United States)

For legal reasons

We may share information when we believe in good faith that disclosure is required to comply with a subpoena, court order, or other legal process; to enforce our agreements; to protect the safety of users or the public; or in connection with a corporate transaction (merger, acquisition, asset sale).

5. Data retention

We retain loan application data for seven (7) years after a loan is closed, declined, or abandoned, consistent with banking and recordkeeping conventions. Account profile data is retained while your account is active and for a reasonable period thereafter for dispute resolution, legal compliance, and to provide continuity if you reactivate. Server logs and AI/chat interaction logs are retained for thirty (30) days for security and quality purposes and then deleted or de-identified. Consent audit records (your acceptance of this Policy and the Terms) are retained indefinitely as legal evidence.

6. Security

All traffic to and from Lendari is encrypted with TLS. Data at rest in our database is encrypted using industry-standard mechanisms provided by Supabase. Access to production systems is limited to authorized personnel and protected by multi-factor authentication. Row-Level Security (RLS) policies enforce that borrowers see only their own loans, brokers see only deals they are working on, and unrelated parties cannot read data they do not own. No security system is impenetrable; we do not warrant absolute security.

7. Your rights and choices

• Access: Request a copy of the personal information we hold about you.
• Correction: Request correction of inaccurate information (much of it you can edit yourself in your account settings).
• Deletion: Request deletion of your account and associated personal information, subject to limited exceptions (e.g., loan records we are obligated to retain for the seven-year retention period, audit logs, or fraud prevention).
• Marketing opt-out: Unsubscribe from marketing emails using the link in any such email, or by emailing us. Transactional emails (account, application notifications) cannot be opted out while you have an active account.
• AI-processing withdrawal: Borrowers may withdraw consent for AI processing of their loan data at any time at /settings/privacy. Withdrawal stops new AI runs from including your data; previously generated AI output is preserved as part of the broker's records.

To exercise any of these rights, email team@lordsoflending.com. We respond within thirty (30) days.

8. California Privacy Rights (CCPA / CPRA)

If you are a California resident, you have the rights described in Section 7, plus the right to know which categories of personal information we collect and share, and the right not to be discriminated against for exercising your rights. We do not sell personal information.

9. International users

Lendari is operated from and hosted in the United States. If you access Lendari from outside the U.S., you understand that your information will be transferred to and processed in the U.S., which may have different data protection laws than your country of residence.

10. Children

Lendari is not intended for users under eighteen (18) years of age. We do not knowingly collect information from anyone under eighteen. If we learn that we have collected such information, we will delete it.

11. AI processing

Lendari uses artificial intelligence services (currently OpenAI and, in some flows, Anthropic) to generate credit memos, business descriptions, and similar content from the information you provide. Information sent to these providers is governed by their respective data processing agreements, which prohibit use of API inputs for model training. We may use de-identified, aggregated data combined across Lendari and Lords of Lending to improve our own AI features.

Borrower AI consent. When you submit your loan application as a borrower, you separately consent to AI processing of the information you supply for credit-memo generation by your broker. You may withdraw this consent at any time at /settings/privacy; your broker will be notified and will no longer be able to run new AI summaries against your data, although existing summaries already generated remain part of the broker's records. AI output is never a substitute for a qualified human's review.

12. Changes to this Policy

We may update this Policy from time to time. The "Effective" version label at the top of this page reflects the current version. If we make material changes, we will notify you by email and require re-acceptance before you continue using the Service.

13. Contact us

For questions about this Policy or your information, contact team@lordsoflending.com or by mail at:

See also: Terms of Service