Information We Collect

Our risk assessment platform requires certain information to function properly. We collect data in three main ways: directly from you, automatically through our systems, and from third-party sources when you authorize us to do so.

Information You Provide Directly

• Personal identification details including name, date of birth, Social Security number, and contact information
• Financial data such as income sources, employment history, assets, and existing debt obligations
• Business information if you're seeking commercial risk assessment
• Account credentials and security information for platform access
• Communications you send us through support channels or inquiry forms

Information Collected Automatically

When you use our platform, we automatically gather technical data that helps us maintain security and improve functionality. This includes your IP address, browser type, device information, and how you navigate through our system. Our AI algorithms also generate and store analysis metadata related to your risk assessments.

Third-Party Data Sources

With your explicit permission, we retrieve information from credit bureaus, financial institutions, and public records. This external data strengthens the accuracy of our risk models and helps us provide more reliable assessments.

How We Use Your Information

We use your data for specific purposes tied directly to providing financial services. We don't sell your information to marketers or use it for purposes unrelated to our core business.

• Processing financial risk assessments through our AI analysis systems
• Verifying your identity and preventing fraudulent activity
• Meeting legal obligations under US financial regulations and reporting requirements
• Improving our algorithms and service quality based on aggregated, anonymized data patterns
• Communicating with you about your assessments, account status, and service updates
• Maintaining system security and protecting against unauthorized access

Data Sharing and Disclosure

We share your information only when necessary for service delivery or when required by law. Here's who might receive your data and why:

We don't sell, rent, or trade your personal information. When we share data with service providers, they're contractually bound to use it only for the specific purposes we've authorized and must maintain security standards equivalent to our own.

Your Privacy Rights

US privacy laws give you several rights regarding your personal information. We've built straightforward processes to help you exercise these rights without unnecessary hassle.

To exercise any of these rights, contact our privacy team using the information at the bottom of this page. We'll verify your identity before processing requests to prevent unauthorized access to your information.

Data Security Measures

Protecting financial data requires multiple layers of security. We've implemented technical, physical, and administrative safeguards that meet or exceed industry standards for financial institutions.

Technical Protections

• End-to-end encryption for data transmission using TLS 1.3 protocol
• AES-256 encryption for stored data at rest
• Multi-factor authentication requirements for account access
• Regular penetration testing and vulnerability assessments
• Intrusion detection systems with 24/7 monitoring
• Automated backup systems with encrypted redundancy

Access Controls

We limit data access to employees who need it for their job functions. Staff undergo background checks and regular security training. All access is logged and audited to detect any unusual patterns.

Infrastructure Security

Our systems operate in secure data centers with physical access restrictions, environmental controls, and redundant power supplies. We use reputable cloud providers that maintain SOC 2 Type II certifications and comply with financial industry security standards.

Data Retention and Deletion

We keep your information only as long as necessary for business purposes or legal requirements. Financial regulations mandate specific retention periods for certain records.

Retention Periods

• Active account data: Retained while your account remains open plus seven years after closure
• Transaction records: Seven years from transaction date per federal banking requirements
• Identity verification documents: Five years after account closure
• Marketing communications data: Until you opt out or two years of inactivity
• Technical logs: 90 days unless needed for security investigations

Deletion Process

When retention periods expire, we securely delete or anonymize your data using industry-standard methods. For electronic records, this means cryptographic erasure that makes data unrecoverable. Physical documents are shredded through certified destruction services.

If you close your account, we'll delete data that isn't subject to legal retention requirements within 30 days. Records we must keep by law will be isolated from active systems and deleted once retention periods end.

International Data Transfers

While we primarily serve US customers, some data processing occurs through international service providers. Our operations involve data transfers to servers in the European Union where our parent organization maintains technical infrastructure.

Cross-border transfers comply with applicable data protection frameworks. We use standard contractual clauses approved by regulatory authorities and ensure foreign processors maintain adequate security standards. Your data receives the same protection regardless of where it's physically processed.

If you're accessing our services from outside the United States, your information may be transferred to US servers. By using our platform, you consent to this transfer and acknowledge that US privacy laws may differ from regulations in your country.

Cookies and Tracking Technologies

Our website uses cookies and similar technologies to maintain functionality and improve user experience. Some cookies are essential for the platform to work, while others help us understand usage patterns.

Cookie Categories

• Essential cookies: Required for login, security, and basic platform functions
• Performance cookies: Help us understand how users interact with our services
• Functional cookies: Remember your preferences and settings
• Analytics cookies: Provide aggregated statistics about platform usage

You can manage cookie preferences through your browser settings. Blocking certain cookies may affect platform functionality. We don't use advertising cookies or share cookie data with third-party advertisers.

Children's Privacy

Our services aren't designed for or directed at individuals under 18 years old. We don't knowingly collect personal information from minors. If we discover we've inadvertently gathered data from someone under 18, we'll delete it promptly.

Parents or guardians who believe their child has provided us with personal information should contact our privacy team immediately so we can remove the data from our systems.

Changes to This Policy

Privacy practices evolve alongside technology and regulations. We update this policy periodically to reflect changes in our data handling procedures or legal requirements.

When we make significant changes, we'll notify you through email or prominent notice on our website at least 30 days before the new terms take effect. Continuing to use our services after changes become effective indicates your acceptance of the updated policy.

We maintain an archive of previous policy versions. You can request historical copies by contacting our privacy team.

Regulatory Compliance

As a financial services provider operating in the United States, we comply with relevant federal and state privacy regulations including the Gramm-Leach-Bliley Act, Fair Credit Reporting Act, and applicable state consumer privacy laws.

We're registered with the German Federal Financial Supervisory Authority (BaFin) under ID 10162865, reflecting our international corporate structure while maintaining full compliance with US regulatory requirements for services offered to American customers.

State-specific rights may apply depending on your location. Residents of California, Virginia, Colorado, and other states with comprehensive privacy laws have additional protections under those statutes. Contact us to learn about rights specific to your state.