Privacy Policy

Elevating Your Financial Journey

Privacy Policy

Théos Financial Inc.
23734 Valencia Blvd, Suite 206
Valencia, CA 91355

Effective Date: April 16, 2026

1. Introduction

Théos Financial Inc. ("Théos Financial," "we," "us," or "our") is a licensed mortgage brokerage operating exclusively in the State of California. We respect your privacy and are committed to protecting the personal and financial information you share with us. This Privacy Policy explains how we collect, use, disclose, and protect information about consumers and customers who visit our website, inquire about our services, or apply for a mortgage loan through us.

This Policy is provided in accordance with the federal Gramm-Leach-Bliley Act (GLBA), the California Financial Information Privacy Act (Cal. Fin. Code § 4050 et seq.), the California Consumer Privacy Act as amended by the California Privacy Rights Act (CCPA/CPRA), the Fair Credit Reporting Act (FCRA), the Equal Credit Opportunity Act (ECOA), the Electronic Signatures in Global and National Commerce Act (ESIGN), the Telephone Consumer Protection Act (TCPA), and other applicable laws.

2. Information We Collect

We collect personal information from and about you in the course of providing mortgage brokerage services. Categories of information we may collect include:

Information you provide directly:

  • Identifiers such as name, address, telephone number, email address, date of birth, Social Security number, Individual Taxpayer Identification Number, and driver's license or government ID number.
  • Financial information such as income, employment history, assets, debts, bank account numbers, credit card numbers, tax returns, W-2s, pay stubs, and bankruptcy or foreclosure history.
  • Property information, including the address, value, condition, occupancy, and insurance details of property to be financed.
  • Demographic information collected for federal Home Mortgage Disclosure Act (HMDA) reporting, such as race, ethnicity, sex, and age. Under Regulation C, we are required to request this information, you may decline to provide it, and we will record your decision as required by law.
  • Electronic signatures and typed-name signatures you provide when consenting to electronic disclosures, authorizing credit inquiries, or signing loan documents.

Information from third parties:

  • Credit reports and credit scores from consumer reporting agencies, obtained only with your written authorization under FCRA § 604. Credit authorizations are valid for 120 days.
  • Employment and income verification from employers, payroll services, and the IRS (via Form 4506-C or equivalent).
  • Asset verification from financial institutions and aggregation services.
  • Appraisals, title reports, flood certifications, and insurance information from service providers.
  • Fraud-prevention and identity-verification data from identity-verification vendors.

Information collected automatically:

  • When you visit our website, we automatically collect IP address, browser type and version, operating system, device identifiers, pages visited, referring URL, landing page, approximate geolocation derived from IP address (state and city), session identifiers, and date and time of access.
  • When you start or submit a loan application, we record the IP address, user agent, session ID, and timestamp of each consent, signature, and document upload event, as required by the ESIGN Act and our internal audit-trail policy.
  • We use cookies and similar technologies, including first-party session cookies, and campaign-tracking parameters such as UTM tags, Google Click Identifier (gclid), and Facebook Click Identifier (fbclid). These help us attribute marketing campaigns, measure website performance, and improve our services.

3. Sensitive Personal Information

Under the CPRA, some of the information we collect is classified as "Sensitive Personal Information" (SPI), including:

  • Social Security number, driver's license number, state ID card number, and passport number.
  • Account log-in, financial account, debit card, or credit card number in combination with any required security code, access code, or password.
  • Precise geolocation.
  • Racial or ethnic origin (collected solely for HMDA reporting).
  • Contents of mail, email, and text messages directed to us.

We use SPI only for the purposes permitted by Cal. Code Regs. Tit. 11 &Sect; 7027(m), specifically: to provide the mortgage brokerage services you request, to verify your identity, to prevent fraud, to comply with applicable law, and to maintain records required by our regulators. We do not use SPI to infer characteristics about you.

4. How We Use Your Information

We use your personal information to:

  • Evaluate and process your mortgage loan inquiry or application.
  • Submit your loan application to prospective lenders on your behalf.
  • Verify your identity, income, employment, assets, and creditworthiness.
  • Communicate with you about your application, available loan products, rate changes, conditions, and our services by email, phone, text message, or postal mail.
  • Deliver required federal and state disclosures (such as the Loan Estimate, Closing Disclosure, Adverse Action notices, Privacy Notice, and California Financing Disclosures) in the manner you have consented to receive them.
  • Generate internal insights and workflow recommendations to assist our loan officers and processors. Any such insights are used only to support human decision-making by our licensed personnel, we do not make solely automated decisions about your loan application that produce legal or similarly significant effects on you.
  • Comply with federal and California legal, regulatory, licensing, and reporting obligations, including those of the Consumer Financial Protection Bureau (CFPB), the Nationwide Multistate Licensing System (NMLS), the California Department of Financial Protection and Innovation (DFPI), and/or the Department of Real Estate (DRE), as applicable.
  • Detect and prevent fraud, unauthorized access, and misuse, and protect the security of our systems and records.
  • Maintain business records as required by law and defend our legal rights.

5. How We Share Your Information

We do not sell your personal information, and we do not share your personal information for cross-context behavioral advertising as those terms are defined under the CCPA/CPRA.

We may disclose your information to the following categories of recipients, only as needed to provide our services or as permitted or required by law:

  • Lenders, investors, and warehouse facilities to whom we submit your application.
  • Service providers that perform functions on our behalf, such as credit reporting agencies, appraisers, title and escrow companies, flood certification vendors, document preparation services, identity-verification vendors, electronic-signature vendors, cloud hosting and storage providers, email and SMS communication platform providers, and loan origination software vendors. These service providers are contractually restricted to using your information only for the purposes we specify.
  • Government and regulatory authorities, including in response to subpoenas, court orders, audits, and examinations, and to comply with reporting obligations such as HMDA, SARs, and currency-transaction reports.
  • Professional advisors, such as attorneys, accountants, and auditors.
  • Successors in interest, in connection with a merger, acquisition, reorganization, or sale of all or a portion of our assets.

California Financial Information Privacy Act Notice. Under California law, we will not share your nonpublic personal information with non-affiliated third parties for marketing purposes without your consent, except as permitted by the California Financial Information Privacy Act and the Gramm-Leach-Bliley Act. In general, we share information only to process and service the mortgage loan transaction you have requested. We will provide you with the short-form GLBA privacy notice at the time you apply for a loan and annually thereafter for as long as you remain our customer.

6. Your California Privacy Rights (CCPA/CPRA)

Much of the information we collect is governed by the GLBA and is therefore exempt from the CCPA/CPRA. However, to the extent the CCPA/CPRA applies to information we hold about you, California residents have the right to:

  • Know what personal information we collect, use, disclose, and (if applicable) sell or share.
  • Access a copy of the specific personal information we have collected about you.
  • Delete personal information we have collected from you, subject to legal exceptions (including our recordkeeping obligations as a California-licensed mortgage broker).
  • Correct inaccurate personal information.
  • Limit the use and disclosure of sensitive personal information to what is necessary to provide our services.
  • Opt out of any sale or sharing of personal information (we do not sell or share as defined by the CCPA/CPRA).
  • Opt out of the use of your personal information for automated decision-making that produces legal or similarly significant effects, to the extent such use occurs.
  • Non-discrimination for exercising your rights.

To exercise any of these rights, contact us using the information in Section 13. We will verify your identity before responding. You may designate an authorized agent to make a request on your behalf, subject to verification of the agent's authority.

California "Shine the Light" Under California Civil Code § 1798.83, California residents who have an established business relationship with us may request once per year, free of charge, a notice describing the categories of personal information we have shared (if any) with third parties for those third parties' direct marketing purposes during the prior calendar year. We do not share personal information with third parties for their own direct marketing purposes.

7. SMS / Text Messaging Program

Program Name: Théos Financial Loan Application Updates.

Program Description. Théos Financial operates a text-messaging program to communicate with consumers and customers about mortgage loan inquiries and applications. By opting in, you agree to the terms of this Section 7 and to this Privacy Policy. Types of messages you may receive include:

  • Account verification and one-time security codes.
  • Loan application status updates and milestone notifications.
  • Document requests and reminders to upload supporting documents.
  • Loan condition, disclosure, and closing-document notices.
  • Appointment confirmations and schedule changes.
  • Responses to customer-service questions you have asked us.
  • If you have separately opted in to marketing messages: rate alerts, new-product announcements, and promotional offers.

Marketing text messages are never sent unless you have separately opted in. Consent to receive marketing text messages is not a condition of applying for, receiving, or being approved for any loan or service from Théos Financial.

How to Opt In. You may opt in to the program by checking the SMS consent checkbox on a loan application, registration form, or contact form on our website, by replying "START," "YES," or "SUBSCRIBE" to a message requesting your consent, or by giving verbal or written permission to one of our licensed loan officers. When you opt in, we record the date and time of your consent, your IP address, the wording of the opt-in prompt you saw, and (where applicable) your browser user agent, to document your consent as required by the TCPA.

Message Frequency. Message frequency varies based on the activity of your loan application and your interactions with us. Transactional messages are sent only as needed. If you have separately opted in to marketing messages, you will receive no more than ten (10) marketing messages per month.

Message and Data Rates. Message and data rates may apply. Check with your mobile carrier for details on the cost of text messages. Théos Financial is not responsible for any charges you incur from your wireless carrier.

How to Opt Out (STOP). You can cancel the SMS service at any time by replying "STOP" to any message you receive from us. After you send "STOP," we will send you a confirmation message and no further text messages will be sent unless you opt in again. You may continue to receive text messages for a short period while we process your opt-out request. You may also opt out by contacting us using the information in Section 13.

How to Get Help (HELP). If you are experiencing issues or have questions, reply "HELP" to any message we send, or contact us using the information in Section 13.

Supported Carriers. This program is compatible with most major U.S. Wireless carriers, including AT&T, Verizon Wireless, T-Mobile, Sprint, US Cellular, Boost Mobile, Cricket, MetroPCS, and Virgin Mobile. Wireless carriers are not liable for delayed or undelivered messages.

Eligibility. You must be at least 18 years of age and a legal resident of the United States to participate in this program. By opting in, you represent that you are at least 18, that you are the subscriber or customary user of the mobile phone number you have provided, and that you have authority to consent to receive text messages at that number.

Privacy and Data Sharing for SMS. No mobile information will be shared with third parties or affiliates for marketing or promotional purposes. All of the categories of information described in this Privacy Policy exclude text messaging originator opt-in data and consent, this information will not be shared with any third parties. Phone numbers and opt-in data collected for the SMS program are not sold, rented, shared, or otherwise transferred to any third party for marketing, promotional, or advertising purposes, including to subsidiaries, affiliates, data brokers, or resellers. SMS opt-in data may be shared only with service providers that help us operate the messaging program (such as our SMS platform provider and the wireless carriers who route the messages), and only to the extent necessary to deliver the messages you have requested.

8. Email and Other Marketing Communications

By providing your email address, you consent to receive transactional communications about your loan inquiry or application by email. We may send marketing emails only if you have separately consented or if permitted by law. You may opt out of marketing emails at any time by clicking the "unsubscribe" link in any marketing email or by contacting us using the information in Section 13. Opting out of marketing communications will not affect transactional communications we send in connection with an active loan application or existing customer relationship.

9. Electronic Consent and Signatures

Before we deliver legally required disclosures to you electronically, we ask you to provide your consent under the federal ESIGN Act. When you provide e-consent, we record your typed-name signature, the date and time of consent, your IP address, your browser user agent, and your session identifier as part of the audit trail required by the ESIGN Act and our compliance policies. You may withdraw your e-consent at any time by contacting us, after withdrawal, we will deliver disclosures by U.S. Mail. Withdrawal does not affect the legal validity of disclosures delivered before withdrawal.

10. Data Security

We maintain physical, electronic, and procedural safeguards designed to protect your personal and financial information in accordance with applicable law, including the GLBA Safeguards Rule (16 C.F.R. Part 314). These safeguards include encryption of sensitive data at rest and in transit, role-based access controls, least-privilege assignments, multi-factor authentication for employee accounts, audit logging of access to consumer records, vendor due diligence, and employee training.

No method of transmission or storage is 100% secure. If we experience a security incident affecting your personal information, we will notify you as required by California Civil Code § 1798.82, the GLBA Safeguards Rule breach-notification requirement (16 C.F.R. &Sect; 314.5), and other applicable laws.

11. Data Retention

We retain your information for as long as necessary to provide our services, comply with our legal, tax, accounting, and regulatory obligations, resolve disputes, and enforce our agreements. Specific retention periods include, at a minimum:

  • Loan application records, disclosures, and supporting documentation: five (5) years after consummation, or five years after the application is denied, withdrawn, or the loan is sold, as required under TILA-RESPA Integrated Disclosure (TRID) and 12 C.F.R. &Sect; 1026.25.
  • HMDA-related records: three (3) years, per 12 C.F.R. &Sect; 1003.5.
  • ECOA / Regulation B records, including adverse action notices: twenty-five (25) months, per 12 C.F.R. &Sect; 1002.12.
  • Ability-to-Repay / Qualified Mortgage documentation: three (3) years after consummation, per 12 C.F.R. &Sect; 1026.25(c)(3).
  • SMS consent records: for as long as you remain opted in, plus a reasonable period thereafter to demonstrate compliance with the TCPA and applicable regulations.
  • California mortgage licensing records: as required by the DFPI or DRE under California law.

After the applicable retention period expires, we will destroy or de-identify your records in a manner designed to prevent unauthorized access.

12. Children's Privacy

Our services are directed to adults and are not intended for individuals under the age of 18. We do not knowingly collect personal information from children under 16, and we do not sell or share personal information of consumers under 16 as defined by the CCPA/CPRA.

13. Changes to This Policy

We may update this Privacy Policy from time to time. When we do, we will revise the "Effective Date" above and, where material changes are made, provide additional notice as required by law. We encourage you to review this Policy periodically.

14. Contact Us

If you have questions about this Privacy Policy, wish to exercise your privacy rights, or need help with our SMS program, contact us at:

Théos Financial Inc.
Attn: Privacy Officer
23734 Valencia Blvd, Suite 206
Valencia, CA 91355
Phone: 661-812-3950
Email: peter@theosfinancial.com
NMLS ID: 2685114
California DFPI License: 02253229

users image
close

Hi, How can I help you?