Effective Date: 03/18/2026
This Privacy Policy describes the practices of BMG Services, LLC d/b/a CreditSoup (“CreditSoup,” “we,” “us,” or “our”).
CreditSoup provides a free online service that helps consumers evaluate and discover credit card and loan offers based on their financial profile. We are not a lender, loan broker, or credit service organization, and we do not make credit decisions.
This Privacy Policy explains how we collect, use, share, and protect your information.
1. Information We Collect
A. Information You Provide
We may collect:
- Name
- Address
- Email address
- Phone number
- Date of birth
- Social Security number (when required for credit verification)
- Annual income (exact or range)
- Other information submitted through our forms
We do not collect payment information.
B. Credit Profile Information
With your written authorization, we obtain limited credit report information (including credit score and related attributes) from a consumer reporting agency to evaluate your eligibility for financial offers. This is a soft inquiry and does not impact your credit score.
We may obtain updated credit profile information from time to time in connection with providing refreshed eligibility evaluations and updated financial product recommendations, unless you revoke your authorization.
You may revoke this authorization at any time through our privacy portal or by contacting us.
C. Automatically Collected Information
We collect certain information automatically, including:
- IP address
- Device and browser information
- Website activity and usage data
- Cookies and similar tracking technologies
- General geolocation derived from IP address
2. Credit Report Authorization (Fair Credit Reporting Act Notice)
When you request personalized recommendations, you authorize CreditSoup to obtain information about you from a consumer reporting agency for the purpose of evaluating your eligibility for financial product offers.
You further authorize CreditSoup to obtain updated credit report information from time to time in connection with providing refreshed eligibility evaluations and updated financial product recommendations, unless you revoke your authorization.
This authorization:
- Permits soft inquiries only
- Does not constitute a credit application
- Does not impact your credit score
CreditSoup does not make credit decisions. All credit approvals, rates, and terms are determined solely by the issuing lender.
3. How We Use Information
We use your information to:
- Perform eligibility matching and deliver personalized recommendations
- Obtain updated credit profile data (as described above)
- Display relevant advertisements and offers
- Facilitate redirection to lenders when you choose to engage
- Share information with independent marketing partners (as described below)
- Operate, maintain, and improve our services
- Send transactional communications
- Send marketing communications (where permitted)
- Send SMS messages where you have provided consent
- Detect fraud and enhance security
- Comply with legal and regulatory obligations
4. Automated Processing
We use automated systems to analyze credit attributes, income information, and demographic data to match you with financial product offers.
This automated processing:
- Is used for informational and marketing purposes only
- Does not produce legal or similarly significant effects
- Does not replace lender underwriting
We do not use protected characteristics (such as race, religion, gender, or sexual orientation) to determine eligibility recommendations.
5. How We Share Information
A. Service Providers
We share information with vendors who perform services on our behalf, including:
- Credit reporting agencies
- Hosting and infrastructure providers
- Analytics providers
- Security and fraud prevention vendors
- SMS and communication platforms
These providers are contractually restricted to using information only for the services we request.
B. Lenders (Eligibility Processing Only)
We may share limited personal information and credit attributes with lenders under contractual service-provider arrangements to evaluate eligibility prior to application.
Lenders may not use this information for independent marketing unless you separately engage with them.
C. Independent Marketing Partners (Sale/Sharing)
We may share certain categories of personal information with independent marketing partners who use that information to market their own products or services.
Under certain state privacy laws, this may be considered a “sale” or “sharing.”
Categories that may be shared include:
- Name
- Address
- Email address
- Age range
- Credit range (not exact score)
- Income range (not exact amount)
We do not sell or share:
- Phone numbers
- Exact credit scores
- Social Security numbers
- Payment information
You may opt out of this sharing as described below.
6. Communications
We may send:
- Transactional emails related to your request
- Marketing emails (you may unsubscribe at any time)
- SMS messages where you have provided consent
We do not sell or share your phone number with third parties for their independent marketing purposes.
7. Your Privacy Rights
Residents of certain states may have rights to:
- Access personal information
- Request deletion
- Request correction
- Opt out of sale or sharing
- Opt out of targeted advertising
- Opt out of certain profiling
- Appeal a denied request
- Receive equal service regardless of privacy requests
You may exercise these rights through our privacy request portal powered by Osano or by using our contact form found at https://creditsoup-nc.azurewebsites.net/contact-us.aspx.
We may verify your identity before processing certain requests.
8. Global Privacy Control (GPC)
We recognize and honor browser-based Global Privacy Control (GPC) signals. When detected, we treat the signal as a request to opt out of the sale or sharing of personal information.
9. Data Retention
We retain personal information until:
- You request deletion or revoke authorization, or
- It is no longer necessary for legitimate business or legal purposes.
Due to regulatory, compliance, audit, fraud prevention, or contractual obligations, we may retain certain information as required by law.
When deletion is requested, we delete information from our systems and instruct applicable partners to delete it, subject to legal retention requirements.
10. Data Security
We implement administrative, technical, and physical safeguards designed to protect personal information against unauthorized access, disclosure, alteration, or destruction.
These safeguards may include:
- Encryption in transit
- Firewalls and intrusion detection systems
- Access controls
- Vendor security assessments
No method of transmission over the internet is completely secure. By using our services, you acknowledge and accept this risk.
If we believe the security of your personal information has been compromised, we may notify you as required by law.
11. Identity Theft Resources
If you believe you are the victim of identity theft or suspect unauthorized use of your personal information, you may contact:
You may also visit www.identitytheft.gov for guidance on reporting and recovery steps.
12. Children’s Privacy
Our services are intended for individuals 18 years of age or older. We do not knowingly collect personal information from children under 18.
13. Business Transactions
If we undergo a merger, acquisition, asset sale, restructuring, or bankruptcy, personal information may be transferred as part of that transaction.
14. State-Specific Privacy Rights
Residents of certain U.S. states, including California, Colorado, Virginia, Connecticut, Texas, Oregon, Delaware, and other states with applicable privacy laws, may have additional rights under state law.
These rights may include:
- Right to Know / Access – Request confirmation of whether we process your personal information and have access to the categories or specific pieces of personal information we have collected about you.
- Right to Delete – Request deletion of personal information we maintain about you, subject to certain legal exceptions.
- Right to Correct – Request correction of inaccurate personal information.
- Right to Opt Out of Sale or Sharing – Opt out of the sale or sharing of personal information for marketing or targeted advertising purposes.
- Right to Opt Out of Targeted Advertising – Opt out of the use of personal information for cross-context behavioral advertising.
- Right to Opt Out of Certain Profiling – Where applicable, opt out of automated processing that produces legal or similarly significant effects.
- Right to Appeal – In certain states, you may appeal a denial of your privacy request.
- Right to Non-Discrimination – We will not discriminate against you for exercising your privacy rights.
You may exercise these rights through our privacy request portal powered by Osano or by using our contact form found at https://creditsoup-nc.azurewebsites.net/contact-us.aspx.
We may verify your identity before processing certain requests. Authorized agents may submit requests where permitted by law.
For additional detail regarding the categories of personal information we collect, disclose, or sell, please refer to the Supplemental State Privacy Disclosures below.
Supplemental State Privacy Disclosures
The following tables provide additional information regarding our data practices during the preceding 12 months.
Categories of Personal Information Collected
| Category |
Examples |
Collected |
| Identifiers |
Name, postal address, email address, IP address |
Yes |
| Contact Information |
Email address, phone number |
Yes |
| Demographic Information |
DOB |
Yes |
| Financial Information |
Annual Income |
Yes |
| Credit Profile Information |
Credit score, credit attributes (via soft pull) |
Yes |
| Internet/Network Activity |
Browser type, device information, site interactions |
Yes |
| Geolocation Data (General) |
IP-based location |
Yes |
| Sensitive Personal Information |
SSN, Annual Income, exact DOB |
Yes |
Categories Disclosed for Business Purposes (Service Providers)
| Category |
Purpose |
| Identifiers |
Hosting, eligibility processing, analytics |
| Demographic Information |
Eligibility matching |
| Financial Information |
Eligibility matching |
| Contact Information |
Transactional communications |
| Credit Profile Information |
Eligibility matching |
| Internet Activity |
Site functionality and analytics |
| Geolocation (General) |
Fraud prevention |
Categories Sold or Shared for Marketing Purposes
| Category |
Sold/Shared |
Recipient Type |
| Identifiers (Name, Address, Email) |
Yes |
Independent marketing partners |
| Demographic Information (Age Range) |
Yes |
Independent marketing partners |
| Financial Profile Ranges (Credit Range, Income Range) |
Yes |
Independent marketing partners |
| Phone Number |
No |
Not sold |
| Exact Credit Score |
No |
Not sold |
| Social Security Number |
No |
Not sold |
Automated Processing
| Activity |
Description |
Legal Effect |
| Eligibility Matching |
Automated analysis of credit attributes to display offers |
Informational only |
| Offer Ranking |
Personalized advertisement display |
Informational only |
15. Changes to This Policy
We may update this Privacy Policy periodically. Updates will be posted with a revised effective date.