Apply Now

Privacy Policy

Privacy Policy of Fortress Loan and Finance LLC

Effective Date: April 15, 2026

This Privacy Policy describes how Fortress Loan and Finance LLC ("Fortress," "Company," "we," "our," or "us") collects, receives, stores, uses, discloses, retains, and otherwise processes personal information in connection with Payday Cah Advance by Fortress, our websites, consumer-facing forms, customer support channels, legal rights workflows, and related operational services (collectively, the "Services"). This Privacy Policy is intended to provide a detailed explanation of our information practices and should be read together with our Terms of Use, E-Consent disclosure, and any supplemental notices we provide for residents of specific jurisdictions.

1. Scope, Role, and Important Limitations

Fortress Loan and Finance LLC operates Payday Cah Advance by Fortress as an informational, consumer-facing, and loan matching platform. Fortress is not a lender, does not originate consumer credit, does not make underwriting decisions, does not set loan rates or fees, and does not issue final loan approvals or denials. The Services are designed to assist consumers in submitting information that may be evaluated by independent third-party lenders or lending networks. As a result, once information is disclosed to participating third parties, those third parties may process personal information under their own privacy policies, legal notices, and contractual terms.

This Privacy Policy applies to information collected directly through the Services, through our support communications, and through limited operational tracking technologies used on our websites. It does not apply to the privacy practices of third-party lenders, advertising networks, app stores, payment processors, analytics tools operating under their own terms, or linked websites not controlled by Fortress.

2. Categories of Personal Information We Collect

2.1 Information Collected Directly From You

  • Identifiers such as first and last name, mailing address, email address, telephone number, online identifier, and IP-linked session identifiers.
  • Application details such as requested loan amount, preferred repayment period, income-related information, employment-related details, and other information submitted through loan matching forms.
  • Account and preference data such as login attempts, unsubscribe requests, opt-out requests, communication preferences, and support ticket details.
  • Consumer rights request data including information needed to verify, process, document, and close privacy or marketing preference requests.
  • Communications content, including messages, attachments, and inquiry details submitted through contact forms, support email, or phone-based follow-up.

2.2 Information Collected Automatically

  • Device information, browser type, operating system, language preference, approximate geolocation based on IP, and screen/session configuration details.
  • Usage information, such as page views, session paths, referral source data, clickstream behavior, timestamps, and general interaction events.
  • Security and fraud-monitoring data, such as failed form attempts, anti-bot signals, IP reputation indicators, request headers, and suspicious interaction patterns.

2.3 Information Received From Third Parties

  • Lead validation, anti-fraud, or identity-related information from service providers supporting operational review.
  • Campaign, attribution, and performance data from advertising or analytics partners where lawfully used.
  • Status feedback from lending partners or networks where available and appropriate for fulfillment, analytics, quality review, or compliance.

3. Purposes of Processing

We process personal information for legitimate operational and contractual business purposes, including but not limited to: facilitating loan request workflows; routing consumer-submitted information to participating third-party providers; responding to customer service inquiries; maintaining and improving site performance; monitoring fraud, abuse, or unlawful activity; verifying and honoring privacy rights requests; communicating legal notices or administrative information; analyzing aggregate service usage; maintaining records necessary for dispute handling, audits, and compliance; and enforcing our policies, terms, and legal rights.

Where permitted by applicable law, we may also use personal information for internal reporting, service optimization, attribution analysis, suppression management, marketing frequency control, and operational risk review. We do not use personal information in a manner that is inconsistent with the disclosures made in this Privacy Policy without an updated notice or additional consent where legally required.

4. Legal Bases and Processing Context

Depending on the nature of the interaction and applicable law, we may process personal information because it is necessary to provide requested services, because the processing is required for compliance with legal obligations, because it is reasonably necessary for fraud prevention or network security, because it supports legitimate business interests that are not overridden by consumer rights, or because a user has provided legally sufficient consent for specific communications or workflows. Not all legal bases apply in every jurisdiction, and state privacy laws may describe rights differently.

5. How We Disclose Personal Information

We may disclose personal information to independent third-party lenders, lender networks, lead buyers, or financial service providers in order to facilitate the Services you request. We may disclose personal information to hosting providers, infrastructure vendors, fraud detection providers, analytics partners, legal counsel, auditors, compliance support providers, email service providers, and customer support vendors to the extent reasonably necessary to operate the Services. We may also disclose personal information when required by subpoena, court order, regulatory inquiry, law enforcement request, legal process, or where we believe disclosure is necessary to protect rights, safety, systems, or legal compliance.

If Fortress is involved in a merger, financing, acquisition, bankruptcy, reorganization, asset sale, or similar transaction, personal information may be transferred as part of the diligence or transaction process subject to applicable legal protections and confidentiality obligations.

6. Sale, Sharing, Targeted Advertising, and Opt-Out Context

Depending on the legal definitions applicable in your jurisdiction, certain disclosures of personal information for cross-context advertising, campaign attribution, or partner routing may be considered a "sale," "sharing," or similar regulated transfer. Fortress provides a Do Not Sell or Share request process for eligible consumers and will evaluate and honor valid requests consistent with applicable law. Request fulfillment may be limited where an exception applies, where identity cannot be verified, or where the information is necessary to complete a transaction, detect security incidents, comply with law, or otherwise satisfy a statutory exemption.

7. Cookies, Pixels, and Similar Technologies

We use cookies, session identifiers, storage technologies, tags, pixels, and similar tools for system functionality, security monitoring, analytics, attribution, service improvement, and preference management. Some technologies are essential to page operation, while others support campaign performance review, aggregate measurement, or user-experience enhancement. You may use browser settings to control certain technologies; however, disabling essential technologies may interfere with site functionality, fraud prevention, or proper form submission.

8. Retention and Recordkeeping

We retain personal information only for as long as reasonably necessary for the purposes described in this Privacy Policy, including business operations, consumer support, legal compliance, accounting obligations, suppression management, fraud detection, dispute resolution, and enforcement of contractual or legal rights. Retention periods vary depending on the nature of the data, the type of user interaction, whether a legal request or complaint is pending, and any applicable statutory or regulatory recordkeeping requirements.

9. Data Security and Incident Response

Fortress maintains administrative, physical, and technical safeguards designed to protect personal information from unauthorized access, disclosure, destruction, or misuse. These measures may include role-based access limitations, encrypted transmission channels where appropriate, vendor controls, monitoring, system review, and anti-abuse tooling. While we implement commercially reasonable safeguards, no platform, network, database, website, or transmission method is entirely secure. Consumers should avoid sharing unnecessary sensitive information and should maintain reasonable protections over their own devices and credentials.

10. Consumer Privacy Rights

Subject to applicable law and verification requirements, consumers may have rights to know what categories of personal information are collected, used, disclosed, sold, or shared; request access to specific pieces of information; request deletion or correction of certain records; request portability where required; limit certain sensitive information uses where applicable; and submit an opt-out request regarding sale or sharing. Certain requests may be denied in whole or in part where legal exceptions apply, such as fraud prevention, legal compliance, transaction completion, record retention obligations, exercise or defense of legal claims, or inability to verify identity with reasonable certainty.

11. Verification Procedures for Rights Requests

To protect consumers from unauthorized data access or account interference, Fortress may request information reasonably necessary to verify identity and confirm request authority. Verification methods may vary based on the sensitivity of requested data, the request type, and the existence of prior records. Agents submitting requests on behalf of consumers may be required to provide evidence of written authorization or applicable legal authority.

12. Children and Age Restrictions

The Services are intended for adults and are not directed to children under the age of 18. We do not knowingly solicit, collect, or maintain personal information from minors. If we become aware that information has been submitted by a person under 18 in a manner inconsistent with our policies, we will take commercially reasonable steps to delete or suppress the information as appropriate.

13. Third-Party Sites, Lender Portals, and App Providers

The Services may link to or integrate with third-party sites, lender portals, external forms, application providers, app stores, or service widgets. Fortress does not control those third-party environments and is not responsible for their content, security practices, data handling, or contractual disclosures. Users should review the privacy policy and legal terms of any third-party destination before submitting personal information or completing an application.

14. International, Cross-Border, and Jurisdictional Considerations

The Services are intended primarily for consumers in the United States. If any information is accessed, stored, or processed in multiple jurisdictions through vendors or technical infrastructure, that processing will be subject to applicable operational and legal safeguards. Users accessing the Services from outside the United States do so at their own initiative and are responsible for understanding local laws affecting their use of the Services.

15. Changes to this Privacy Policy

We may revise this Privacy Policy from time to time to reflect operational changes, legal requirements, vendor changes, security improvements, or updated data practices. Revised policies become effective upon posting unless another effective date is expressly stated. Material revisions may be accompanied by an additional website notice where appropriate.

16. Contact Information

If you have questions regarding this Privacy Policy, wish to exercise privacy rights, or need assistance with data-related inquiries, contact Fortress Loan and Finance LLC by email at [email protected], by telephone at (970) 406-7389, or by mail at 2265 Lima St, Aurora, CO 80010-1334.