Privacy Policy

1. Introduction

Welcome to the Auto Submission Processing System ("System," "we," "us," or "our"). We are committed to protecting your privacy and ensuring the security of your personal and business information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our business funding application processing platform.

This System is designed for use by Independent Sales Organizations (ISOs), underwriters, and authorized personnel involved in processing business funding applications. By accessing or using this System, you agree to the terms of this Privacy Policy.

2. Information We Collect

2.1 Business Information

We collect information about businesses seeking funding, including but not limited to:

• Business name, address, and contact information
• Employer Identification Number (EIN) / Tax ID
• Business type, industry, and date of establishment
• Monthly and annual revenue figures
• Business bank account information (account numbers, routing numbers)
• Bank statements and financial records
• Outstanding debts, existing MCA positions, and financial obligations

2.2 Personal Information of Business Owners

We collect personal information about business owners and guarantors, including:

• Full legal name and date of birth
• Social Security Number (SSN)
• Home address and contact information
• Email addresses and phone numbers
• Driver's license or government-issued ID
• Ownership percentage and role in the business

2.3 Documentation

We process and store various documents, including:

• Completed funding applications
• Bank statements (typically 3-6 months)
• Business licenses and formation documents
• Tax returns and financial statements
• Voided checks and bank verification documents
• Identity verification documents

2.4 System Usage Information

We automatically collect certain information when you use our System:

• Login credentials and authentication data
• IP addresses and browser information
• Session data and activity logs
• Actions performed within the System (audit trail)
• Timestamps of access and modifications

3. How We Use Your Information

We use the collected information for the following purposes:

3.1 Core Business Functions

• Processing and evaluating business funding applications
• Submitting applications to funding sources and lenders
• Performing financial analysis and underwriting
• Verifying business and owner information
• Communicating with funding sources regarding applications
• Tracking application status and managing deal pipelines

3.2 Automated Processing

• Using AI-powered document extraction (OCR and natural language processing)
• Automatically matching deals with eligible funding sources
• Analyzing bank statements for financial health indicators
• Identifying MCA payments and existing obligations
• Generating underwriting summaries and recommendations

3.3 System Operations

• User authentication and access control
• Maintaining audit trails for compliance
• System performance monitoring and improvement
• Security monitoring and fraud prevention
• Technical support and troubleshooting

4. Information Sharing and Disclosure

4.1 Funding Sources

We share application data with funding sources (lenders, MCA providers, and financial institutions) for the purpose of evaluating and funding business applications. This sharing is essential to our core service and is conducted in accordance with our agreements with these funding sources.

4.2 Service Providers

We may share information with third-party service providers who assist us in operating the System:

• Cloud hosting and data storage providers
• AI and document processing services (Google Gemini API, Azure Document Intelligence)
• Email and communication services
• Security and monitoring services

4.3 Legal Requirements

We may disclose information when required by law, including:

• In response to lawful requests by public authorities
• To comply with legal process, subpoenas, or court orders
• To protect our rights, privacy, safety, or property
• To investigate potential violations of our terms of service
• To respond to claims of illegal activity or fraud

4.4 Business Transfers

In the event of a merger, acquisition, or sale of assets, user information may be transferred as part of the business transaction. We will notify affected users of any change in ownership or control of their personal information.

5. Data Security

We implement comprehensive security measures to protect your information:

5.1 Technical Safeguards

• Encryption of sensitive data at rest and in transit (HTTPS/TLS)
• Secure password hashing using industry-standard algorithms (BCRYPT)
• Role-based access control (RBAC) limiting data access
• Session management with automatic timeouts
• CSRF protection on all forms and endpoints
• Input validation and sanitization to prevent injection attacks

5.2 Administrative Safeguards

• Access limited to authorized personnel only
• Comprehensive audit logging of all system activities
• Regular security assessments and vulnerability testing
• Employee training on data protection and privacy
• Incident response procedures for security breaches

5.3 Physical Safeguards

• Secure data center hosting with access controls
• Environmental controls and disaster recovery
• Regular backups with secure storage

6. Data Retention

We retain information for as long as necessary to fulfill the purposes outlined in this policy:

• Active Deals: Data is retained throughout the funding process and any subsequent servicing period
• Archived Deals: Application data may be retained for a minimum of 7 years for regulatory compliance
• Audit Logs: System activity logs are retained for security and compliance purposes
• User Accounts: Account information is retained while the account is active and for a reasonable period thereafter

Upon request, we will delete or anonymize personal information unless retention is required by law or legitimate business purposes.

7. Your Rights

Depending on your jurisdiction, you may have the following rights regarding your personal information:

7.1 Access and Portability

You have the right to request access to the personal information we hold about you and to receive a copy of that information in a portable format.

7.2 Correction

You have the right to request correction of inaccurate or incomplete personal information.

7.3 Deletion

You may request deletion of your personal information, subject to legal and contractual retention requirements.

7.4 Restriction and Objection

You may request restriction of processing or object to certain processing activities, such as automated decision-making.

7.5 Exercising Your Rights

To exercise any of these rights, please contact us using the information provided in the Contact section below. We will respond to requests within the timeframe required by applicable law.

8. Cookies and Tracking Technologies

Our System uses cookies and similar technologies for the following purposes:

8.1 Essential Cookies

• Session management and user authentication
• Security features (CSRF tokens, secure sessions)
• System functionality and preferences

8.2 Analytics and Performance

• Understanding how users interact with the System
• Identifying performance issues and improvements
• Monitoring system health and usage patterns

Most web browsers allow you to control cookies through their settings. However, disabling essential cookies may prevent you from using certain features of the System.

9. Third-Party Services

Our System integrates with the following third-party services:

9.1 AI and Document Processing

• Google Gemini API: Used for document extraction and analysis
• Azure Document Intelligence: Used for OCR and form recognition

9.2 External Integrations

• Lendsaas: Integration for deal synchronization
• Email Services: For automated communications with funders

These third-party services have their own privacy policies. We encourage you to review their policies to understand how they handle your information. We select partners who demonstrate commitment to data protection and security.

10. Children's Privacy

This System is designed for business use and is not intended for individuals under the age of 18. We do not knowingly collect personal information from children. If we become aware that we have collected information from a child under 18, we will take steps to delete that information promptly.

11. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. When we make material changes, we will:

• Update the "Last Updated" date at the top of this policy
• Notify users through the System or via email for significant changes
• Provide a summary of key changes where appropriate

We encourage you to review this Privacy Policy periodically to stay informed about how we protect your information.

12. Governing Law

This Privacy Policy and any disputes arising from or relating to it shall be governed by and construed in accordance with the laws of the State of Delaware, without regard to its conflict of law principles. Any legal action or proceeding relating to this Privacy Policy shall be brought exclusively in the state or federal courts located in Delaware.

13. Contact Information

If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

• Email: contact@fundingstreak.com
• Address: 838 Walker Rd Ste 21-2, Dover, DE 19904
• Subject Line: Privacy Policy Inquiry

We will make every effort to respond to your inquiry within 30 days.