Privacy Policy

Account Information:

• Name, email address, phone number
• Business name, address, and tax identification numbers
• Job title and role within your organization
• Password and authentication credentials

Financial Information:

• Bank account details and routing numbers
• Payment method information (credit cards, ACH details)
• Invoice data and payment records
• Transaction history and amounts
• Customer payment information

Business Data:

• Customer lists and contact information
• Invoice details and payment terms
• Accounting system data (QuickBooks integration)
• Communication preferences and settings

Usage Information:

• Log data including IP addresses, browser type, and device information
• Pages visited, features used, and time spent on the Service
• Click patterns, navigation paths, and user interactions
• Error logs and performance metrics

Technical Information:

• Device identifiers and operating system information
• Browser settings and installed plugins
• Network connection details and ISP information
• Cookies and similar tracking technologies

Location Information:

• IP-based location data for security and fraud prevention
• Time zone information for scheduling and notifications

Integration Partners:

• Data from QuickBooks, banks, and payment processors
• Customer information from connected accounting systems
• Transaction data from financial institutions
• Verification data from identity services

Service Providers:

• Analytics data from website and application monitoring services
• Communication data from email service providers
• Security information from fraud prevention services

• Payment Processing: Match payments to invoices and reconcile accounts
• Customer Management: Track customer information and payment history
• Reporting: Generate financial reports and analytics
• Integration: Connect with accounting systems and financial institutions
• Communication: Send payment reminders and service notifications

• Account Management: Create and maintain user accounts
• Customer Support: Respond to inquiries and resolve issues
• Billing: Process subscription payments and transaction fees
• Security: Detect and prevent fraud, unauthorized access, and security threats
• Compliance: Meet legal and regulatory requirements

• Analytics: Analyze usage patterns to improve features and performance
• Development: Develop new features and enhance existing functionality
• Testing: Conduct A/B testing and quality assurance
• Research: Understand user needs and market trends

• Compliance: Comply with financial regulations and reporting requirements
• Legal Obligations: Respond to legal requests and court orders
• Risk Management: Assess and mitigate business and operational risks
• Audit: Support internal and external auditing processes

We may share your information with third parties when you explicitly consent or direct us to do so.

We share information with trusted service providers who assist us in operating our business:

• Cloud Infrastructure: AWS, Google Cloud, or similar providers for data hosting
• Payment Processing: Stripe, banks, and payment networks for transaction processing
• Communication: Email service providers for notifications
• Analytics: Analytics platforms for service improvement
• Security: Fraud prevention and security monitoring services

When you connect third-party services to SettleWise:

• Accounting Systems: QuickBooks and other accounting software
• Financial Institutions: Banks and payment processors for transaction data
• Business Tools: CRM systems, invoicing platforms, and other business applications

We may disclose information when required by law or to:

• Comply with legal processes, court orders, or government requests
• Enforce our Terms of Service and other agreements
• Protect the rights, property, or safety of SettleWise, users, or others
• Investigate and prevent fraud, security threats, or illegal activities

In the event of a merger, acquisition, or sale of assets, your information may be transferred to the acquiring entity.

We implement comprehensive security measures to protect your information:

• Encryption: Data is encrypted in transit and at rest using industry-standard protocols
• Access Controls: Role-based access controls and multi-factor authentication
• Network Security: Firewalls, intrusion detection, and secure network architecture
• Monitoring: Continuous security monitoring and incident response procedures
• Compliance: SOC 2 Type II and other security certifications

Given the sensitive nature of financial information:

• PCI Compliance: Payment card data is processed in compliance with PCI DSS standards
• Bank-Level Security: Financial data is protected with bank-grade security measures
• Segregation: Customer data is logically separated and access-controlled
• Audit Trails: Comprehensive logging of all data access and modifications

• Background Checks: All employees undergo background verification
• Training: Regular security and privacy training for all staff
• Need-to-Know: Access to customer data is limited to authorized personnel only
• Monitoring: Employee access is monitored and audited regularly

We retain your information for different periods based on the type of data and business needs:

• Account Information: Retained while your account is active and for 7 years after closure
• Financial Records: Retained for 7 years to comply with financial regulations
• Communication Data: Retained for 3 years for customer service and legal purposes
• Usage Analytics: Aggregated and anonymized data may be retained indefinitely

You may request deletion of your personal information, subject to:

• Legal and regulatory retention requirements
• Legitimate business needs (e.g., fraud prevention, dispute resolution)
• Technical limitations in our systems

• Access: Request copies of your personal information
• Portability: Export your data in a machine-readable format
• Correction: Update or correct inaccurate information

• Deletion: Request deletion of your personal information (subject to limitations)
• Restriction: Limit how we process your information
• Objection: Object to certain types of processing

• Marketing: Opt out of marketing communications
• Notifications: Control service-related notifications and alerts

California Residents (CCPA/CPRA):

• Right to know what personal information is collected and how it's used
• Right to delete personal information (subject to exceptions)
• Right to opt out of the sale of personal information (we do not sell personal information)
• Right to non-discrimination for exercising privacy rights

European Residents (GDPR):

• Right to access, rectify, erase, and port personal data
• Right to restrict or object to processing
• Right to withdraw consent where processing is based on consent
• Right to lodge a complaint with supervisory authorities

We use various types of cookies and similar technologies:

• Essential Cookies: Required for basic functionality and security
• Analytics Cookies: Help us understand how users interact with our Service
• Preference Cookies: Remember your settings and preferences
• Marketing Cookies: Used for targeted advertising (with your consent)

You can control cookies through:

• Browser Settings: Most browsers allow you to block or delete cookies
• Opt-Out Tools: Industry opt-out tools for advertising cookies
• Our Settings: Cookie preferences in your account settings

SettleWise operates primarily in the United States, but we may transfer data internationally to:

• Service providers and partners in other countries
• Support global business operations
• Comply with legal requirements in different jurisdictions

When transferring data internationally, we implement appropriate safeguards:

• Adequacy Decisions: Transfers to countries with adequate privacy protections
• Standard Contractual Clauses: EU-approved contractual protections
• Certification Programs: Participation in recognized privacy frameworks
• Binding Corporate Rules: Internal privacy standards for data transfers

If you have questions about this Privacy Policy or our privacy practices:

As a financial technology company, we comply with various regulations:

• Bank Secrecy Act (BSA): Anti-money laundering and reporting requirements
• Gramm-Leach-Bliley Act: Financial privacy and data security requirements
• Payment Card Industry (PCI DSS): Credit card data security standards
• State Money Transmitter Laws: Where applicable to our services

We comply with applicable privacy laws including:

• California Consumer Privacy Act (CCPA/CPRA)
• General Data Protection Regulation (GDPR)
• State privacy laws in jurisdictions where we operate