Memphis Capital

Privacy Policy

Last updated: 2026-05-10

Memphis Capital ("we", "us") operates a business-to-business platform that allows authorized representatives of credit unions, banks, and other financial institutions ("client institutions") to view, analyze, and transact in whole-loan and participation offerings (the "Platform"). This Privacy Policy explains what information we collect about authorized users of client institutions and how we use it.

This Policy applies only to authorized users of client institutions. Memphis Capital personnel are governed by a separate internal policy.

1. Information we collect

Account information. When you accept an invitation to the Platform or create an account, we collect your name, work email address, the institution you represent, and the password you set (stored as a one-way cryptographic hash). You may optionally provide a telephone number.

Identity-verification information at non-disclosure agreement ("NDA") acceptance. When you sign an NDA through the Platform, we record the date and time of acceptance and the IP address from which it was submitted, as evidence that you executed the NDA.

Usage information. While you use the Platform, we record which pages and offerings you view, which documents you download, and the time you spend on Platform pages.

Email engagement information. When you click a link in an email we send you, we record the date and time of the click, your IP address, and your browser type.

Communications you submit. We retain notes, inquiries, requests for letters of intent, and other messages you submit through the Platform.

2. How we use information

We use the information described above to:

  • Operate, maintain, and secure the Platform.
  • Provide the offerings, documents, and information you request.
  • Allow your assigned Memphis Capital representative to follow up with you on offerings you have shown interest in.
  • Send you transactional and account-related communications (offerings, security notices, service messages).
  • Comply with applicable law and regulatory obligations.

We do not sell your personal information, and we do not share it for cross-context behavioral advertising.

3. Cookies and similar technologies

We use only cookies that are strictly necessary to operate the Platform: an authentication cookie that keeps you signed in, and a short-lived session cookie used when you access Platform content through a link in an email we sent you. We do not use cookies or similar technologies for advertising.

4. Service providers

We use third-party service providers to host and operate the Platform. These providers process information on our behalf under written contract and are not permitted to use your information for their own purposes. Categories of providers we use include:

  • Cloud hosting and content-delivery providers
  • Database and authentication providers
  • Email-delivery providers
  • Customer relationship management providers
  • Document-storage providers

We also reference certain public market-data sources that do not receive your personal information.

5. Data retention

We retain account and usage information for as long as your account remains active and for a reasonable period afterward for legal, audit, backup, and dispute-resolution purposes.

6. Your choices

Access and correction. You may request a copy of, or a correction to, the account information we hold about you by contacting us at the address below.

Deletion. You may request deletion of your account. We will honor the request subject to legal and contractual retention obligations.

Email preferences. You may opt out of non-essential emails by contacting your assigned representative. You will continue to receive transactional and security-related communications while your account is active.

7. California residents

If you are a California resident, you have rights under the California Consumer Privacy Act ("CCPA"), as amended, including:

  • The right to know what categories of personal information we have collected about you, the sources of that information, the purposes for which we use it, and the categories of third parties to whom we disclose it.
  • The right to request correction of inaccurate personal information.
  • The right to request deletion of your personal information, subject to legal retention requirements.
  • The right not to be discriminated against for exercising any of these rights.

We do not sell personal information, and we do not share personal information for cross-context behavioral advertising. To exercise any of these rights, contact us at the address below. We may verify your identity before responding.

8. Other state privacy rights

If you reside in a U.S. state with a comprehensive consumer privacy law (including Virginia, Colorado, Connecticut, Utah, Texas, Oregon, Montana, or other states with similar laws), you have rights similar to those described above. Contact us at the address below to exercise them.

9. Security

We use commercially reasonable administrative, technical, and physical measures designed to protect your information against unauthorized access, use, alteration, and disclosure. No information system is perfectly secure, and we cannot guarantee absolute security.

10. Children

The Platform is intended for use by authorized representatives of financial institutions acting in a professional capacity. It is not directed to, and we do not knowingly collect personal information from, individuals under 16.

11. Changes to this Policy

We may update this Privacy Policy from time to time. The "Last updated" date at the top of this Policy indicates when it was last revised. The current Policy will be displayed on your next login.

12. Contact

Questions about this Privacy Policy may be directed to:

Memphis Capital
6410 Poplar Avenue
Memphis, TN 38119
admin@memphiscapital.com