Privacy Policy

Last updated: May 2025

RFFC Financial, LLC (“Company,” “we,” “us,” or “our”) is committed to protecting your privacy. We want you to understand how we collect, use, share, and protect your personal information. This website, rffc.biz (“Site”), is operated by RFFC Financial LLC. RFFC Financial LLC, along with its affiliated companies, are the primary controllers of your personal information provided or collected through this Site and our services.

This Privacy Policy applies to all personal data we collect, whether through our Site, offline interactions, or other means, as it may be modified or updated from time to time. This policy describes our practices in connection with information collected from individuals applying for or obtaining financial products and services from us, including retail installment contracts.

If you do not agree with the data handling practices described in this Privacy Policy, please do not use this Site or our services. Your use of this Site or provision of information to us constitutes your acceptance of this policy and your consent to these practices.

Personal data refers to information that identifies you as an individual or relates to an identifiable individual.

WHAT PERSONAL DATA WE COLLECT


Children’s Online Privacy Protection Act (COPPA) Compliance

We do not knowingly collect personal information from children under the age of 18. Our Site, products, and services are intended for users aged 18 and older. If you are under 18, you are not authorized to use this Site or provide us with your personal information. If we learn we have collected personal information from a child under 18, we will delete that information.


We collect the following categories of personal data:

a) Contact Information:

b) Identification Information:

c) Financial Information:

d) Employment Information:

e) Transaction Information:

f) Information from Third Parties:

g) Website/Online Activity (Information We Collect Through Technology):


   When you visit our Site, we and, in some cases, our third-party service providers may collect:

h) Communications:

Information You Provide to Third Parties

The Site may include links to, and plug-ins (such as social media buttons) from, sites or applications operated by third parties (“Third-Party Sites”). Company does not control any Third-Party Sites and is not responsible for any information they may collect. The information collection practices of a Third-Party Site are governed by its privacy policy. It is your choice to enter any Third-Party Site. We recommend that you read its privacy policy if you choose to do so.

PURPOSES FOR WHICH WE USE THE PERSONAL DATA WE COLLECT

We use the personal data we collect for the following purposes:

a) Processing Applications and Servicing Accounts:

b) Communication:

c) Verification and Security:

d) Operational and Business Improvement:

e) Legal and Compliance:

Data Retention

We retain your personal data for the duration necessary to fulfill the purposes outlined in this Privacy Policy, including for the duration of any customer relationship you have with us. We also retain your personal data for as long as required by applicable law or as necessary to resolve disputes or defend our legal rights, typically for a period after our last interaction with you (e.g., 12 months, or as legally mandated for financial records which can be longer).

HOW WE SHARE THE PERSONAL DATA WE COLLECT

We do not sell or rent your personal data to outside parties for their own independent marketing purposes. We may share your information in the following ways:


a) Service Providers/Vendors: We share personal data with third-party service providers who perform services on our behalf. These may include:


We require these service providers by contract to maintain security measures comparable to our own and to use the personal data only for the purposes for which we provide it to them.

b) Original Sellers/Merchants: We purchase Retail Installment Contracts from various sellers (e.g., door-to-door sales companies, brick-and-mortar stores, online sellers) who may use rffc.biz to submit contract information. These sellers may retain access to some of the data they originally entered into rffc.biz related to the contracts they sold to us, for their own record-keeping and customer service purposes related to the initial sale.

c) Credit Bureaus: We share information with credit bureaus (e.g., Experian, Equifax, TransUnion) as permitted or required by law, such as reporting account and payment history.

d) Affiliated Companies: Company may share your personal data with other entities within our corporate group (our affiliates) for purposes consistent with this Privacy Policy, such as to effectively respond to your requests, provide our services, for internal reporting, or for marketing their products and services if you have consented.

e) Government Authorities/Law Enforcement: We will disclose your personal data as required by law, regulation, or legal process, including in response to court orders, subpoenas, or requests from government or law enforcement authorities.

f) Legal Compliance and Protections: We may share your data if we believe it’s necessary to comply with legal obligations; to protect the rights, property, or safety of Company, our users, or others; to enforce our agreements; or for fraud prevention and credit risk reduction.

g) In Case of Business Transfers (Corporate Transactions): We reserve the right to disclose and transfer your data, including your personal data:

HOW WE PROTECT THE PERSONAL DATA WE COLLECT

We are committed to protecting the security and confidentiality of your personal data. We maintain technical, administrative, and physical safeguards designed to protect your information from unauthorized access, use, or disclosure.

For example, we use Transport Layer Security (TLS) encryption to secure data collection forms on our Site. We also restrict access to your personal data; only employees with a legitimate business need (e.g., customer service representatives, underwriters) are authorized to access it. Employees with access to personal data receive regular training on our security and privacy practices.

While we take these measures, it’s important for you to protect against unauthorized access to your password and computer. Always close your browser after using the Site.

Please note that, despite our reasonable efforts, no security system is foolproof, and we cannot guarantee the absolute security of your personal data.

YOUR DATA RIGHTS

You may have certain rights regarding your personal data, subject to local law. These may include the right to access, update, correct, or request deletion of your personal data.

You can contact us using https://www.rffc.biz/Contact_Us.aspx to make such requests. If you wish to unsubscribe from our marketing mailing list, please include ‘Unsubscribe’ in the comments/question box, specifying the email address(es) you wish to remove. We will process your request within a reasonable timeframe and in accordance with applicable law.

QUESTIONS?

If you have any questions about this Privacy Policy, please contact us:

Phone: 855-438-7398

Website: https://www.rffc.biz/Contact_Us.aspx

Mail:

2912 W. DAVIS ST. STE 200

CONROE, TX 77304

UPDATES TO THIS PRIVACY POLICY

We may update this Privacy Policy from time to time. Any changes will be posted on this page, and the "Last updated" date at the top of this policy will be revised. If material changes are made that significantly affect how we use or disclose your personal data, we will provide a prominent notice of these changes and their effective date before they take effect, or as otherwise required by law.

CALIFORNIA CONSUMER RIGHTS (CCPA/CPRA Addendum)

This section supplements the information contained in our Privacy Policy and applies solely to visitors, users, and others who reside in the State of California (“consumers” or “you”). We adopt this notice to comply with the California Consumer Privacy Act of 2018 (CCPA) as amended by the California Privacy Rights Act of 2020 (CPRA) and any implementing regulations.

1. Right to Know and Access: You have the right to request that we disclose certain information to you about our collection and use of your personal information over the past 12 months (or longer, as permitted by law). This includes the categories of personal information collected, sources, purposes for collecting/selling/sharing, and categories of third parties to whom it was disclosed.

2. Right to Delete: You have the right to request that we delete your personal information that we collected from you and retained, subject to certain exceptions (e.g., to complete a transaction, detect security incidents, comply with legal obligations).

3. Right to Correct: You have the right to request that we correct inaccurate personal information that we maintain about you.

4. Right to Opt-Out of Sale/Sharing: You have the right to opt-out of the "sale" of your personal information and the "sharing" of your personal information for cross-context behavioral advertising.


5. Right to Limit Use and Disclosure of Sensitive Personal Information (SPI): You have the right to direct us to limit our use of your SPI to that use which is necessary to perform the services or provide the goods reasonably expected by an average consumer. We only collect and use SPI (such as Social Security number, driver's license, financial account information) for purposes permitted by the CCPA/CPRA that do not require offering a right to limit (e.g., to perform services you requested, ensure security, prevent fraud, verify identity).

6. Right to Non-Discrimination: We will not discriminate against you for exercising any of your CCPA/CPRA rights.

7. How to Exercise Your Rights:

You can exercise your CCPA/CPRA rights by contacting us through the following methods:


We will need to verify your identity before fulfilling your request. We will respond to your request within 45 days of receiving it, unless we notify you that we need more time.

8. Categories of Personal Information Collected:

In the preceding 12 months, we have collected the following categories of personal information, as also described in the "WHAT PERSONAL DATA WE COLLECT" section of our main Privacy Policy:


9. Sources of Personal Information:

We collect personal information directly from you when you provide it to us (e.g., through our website, applications, communications). We also collect information through automated technologies on our Site and receive personal information from third parties such as credit bureaus, public record sources, and the original sellers/merchants of retail installment contracts.

10. Purposes for Collecting, Selling, or Sharing Personal Information:

We collect and use personal information for the business and commercial purposes described in the "PURPOSES FOR WHICH WE USE THE PERSONAL DATA WE COLLECT" section of our main Privacy Policy. As stated, we do not currently "sell" or "share" personal information as defined by CCPA/CPRA.

11. Disclosure of Personal Information for a Business Purpose:

In the preceding 12 months, we have disclosed the categories of personal information listed in point 8 above for a business purpose to the categories of third parties listed in the "HOW WE SHARE THE PERSONAL DATA WE COLLECT" section of our main Privacy Policy.