Privacy Policy

Last Updated: April 2, 2023.

This Privacy Policy (“Policy”) describes the information Merchant Technology Ventures, LLC (“Company”) collects about you, how Company uses and shares that information, and the privacy choices Company offers. Policy also describes the choices available to you regarding Company use of your personal information and how you can access and update such information. Policy applies to information, including personally identifiable data such as contact information and IP addresses (“Personal Data”) Company collects when you register, apply for advances, access or use Company website, mobile applications, products, and Service, or when you otherwise interact with Company (collectively, the “Service”). As used in Policy, the term “System” includes: all websites and all devices or applications operated by Company that collect personal information from you; pages within each such website, device, or application, any equivalent, mirror, replacement, substitute, or backup website, device, or application; and pages that are associated with each such website, device, or application. A portion of the Personal Data Company collect, use, share, and store may be sensitive in nature.

Your access to and use of Service is also subject to the Merchant Cash Advance Agreement, as applicable (the “Merchant Cash Advance Agreement”), when executed, and Terms of Service at available on Company’s System entitled “Terms of Service”. If there is any contradiction between Policy and another executed agreement you enter into applicable to specific aspects of Service, the other agreement shall take precedence in relation to the specific aspects of Service to which it applies.

As used in Policy, the words “you” and “your” refer to you, the user of Company’s website, device, or applications, as the party agreeing to Policy. By visiting and using System, you accept the practices described in Policy. The use of the word “including” in Policy to refer to specific examples will be construed to mean “including, without limitation” or “including but not limited to” and will not be construed to mean that the examples given are an exclusive list of the topics covered.

Please read Policy carefully. By accessing or using System or Service, you acknowledge that you have read, understood and agree to be bound by Policy. If you are entering into Policy on behalf of a company, business or other legal entity, you represent that you have the authority to bind such entity and affiliates to policy, in which case the terms “you” or “your” shall refer to such entity and its affiliates. If you do not have such authority, or if you do not agree to be bound by policy, you may not access or use System or Service.

THE USA PATRIOT ACT – IMPORTANT INFORMATION ABOUT PROCEDURES FOR OPENING AN ACCOUNT AND/OR USING SYSTEM AND SERVICE
To help the United States government fight the funding of terrorism, money laundering activities and other financial crimes, federal law requires all financial institutions to obtain, verify and record information that identifies each person who opens an account and/or uses Company System and/or Service. What this means for you: when you obtain a financial product or service offered by or in connection with Company’s relationship with a financial institution or other third-party entity, Company may ask for your name, mailing address and other information or documentation, such as a copy of your driver’s license or other identifying documents, to verify your identity and otherwise comply with the applicable federal laws and regulations.

1 COLLECTION OF INFORMATION
Company may collect personal information (including Personal Data) and other information about you, including but not limited to the following:

Registration Information: When you register for Service, you will be asked for basic registration information, such as an email address and telephone number.
Identification and Banking Information: You may also be asked to provide identification information to confirm your identity, including your first and last name, ZIP Code, social security number, business name and phone number, as well as bank statements, credit card statements, banking history and payment and transaction history.
Business Information: You may also be asked to provide business information and documentation, including company size, financial statements, bank accounts, business type, organizational documents and business plans, as well as beneficial ownership information.
Third-Party Authorization: You may also enter in certain account information for third-party sites and Internet services (“Third-Party Sites”).
Information from Third-Party Sites: In order to display information to you or to fulfill your requests for certain products and services through Service, Company may collect, on your behalf, your account and other personal information from Third Party Sites that you register under your account via Service. Company may also collect information about you from mailing list providers, publicly available sources, and other third parties, including to process and manage your application and transactions.
Information Collected by Cookies and Web Beacons: Company uses various technologies to collect information, and this may include sending cookies to your computer or mobile device. Cookies are small data files that are stored on your hard drive or in device memory by a website. Among other things, cookies support the integrity of Company registration process, retain your preferences and account settings, and help evaluate and compile aggregated statistics about user activity. Company may also collect information using web beacons. Web beacons are electronic images that may be used in Service or emails or other communication with you. Company may use web beacons to deliver cookies, count visits, understand usage, and determine whether an email or other notification has been opened and acted upon. Company may allow third-party service providers to, use cookies or other tracking technologies to collect information about your browsing activities over time and across different websites following your use of System.
Technical and Navigational Information: Company may collect your computer browser type, Internet protocol address, pages visited, GPS information, and average time spent on System. This information may be used, for example, to alert you to software compatibility issues, or it may be analyzed to improve Company System and Service.
Device ID: When you use the desktop and/or mobile versions of System, Company may collect the unique device identifier assigned to that device by hardware manufacturers, phone makers, carriers, or makers of the operating system (the “Device ID”). Device IDs allow application developers, and others to uniquely identify your device for purposes of storing application preferences and other data.
Do Not Track: Company and System currently does not respond to “Do Not Track” (DNT) signals and operates as described in Policy whether or not a DNT signal is received. If Company elects to do so in the future, Company will describe how Company does so in Policy.

Company takes reasonable steps designed to ensure that Personal Data Company processes is limited to the Personal Data reasonably required in connection with the purposes set out in Policy. Company does not seek to collect or process Personal Data about race or ethnicity, political opinions, religious or philosophical beliefs, trade union membership, physical or mental health, or sexual life. Nor does Company collect any information about criminal convictions and offenses. Where Company needs to collect Personal Data by law, or under the terms of a contract Company has with you, and you fail to provide that data when requested, Company may not be able to perform the contract Company has or is trying to enter into, for example, to provide Company’s merchant with Service. In this case, Company may have to cancel Service but Company will notify you if this is the case at the time.

2 USE OF INFORMATION
Company may use, save and analyze the information you provide about yourself and about your Third-Party Sites (collectively, “Data Processing”). Such Data Processing is necessary to perform Service to you, including in connection with advancing and collecting funds under, or in anticipation of entering, the Merchant Cash Advance Agreement and Terms of Service, pursuant to Company’s legal obligations, such as “Know Your Client” and fraud protection, and Company’s legitimate business interests, including:

to fulfill your requests for Service and process and analyze your application,
to respond to your inquiries about Service and verify your identity,
to provide customer support,
to offer you other products, programs, or Service Company believes may be of interest to you,
to verify the existence and condition of your accounts and conduct due diligence,
to fulfill legal requirements,
to protect against potentially prohibited or illegal activities,
to improve (including through data analytics), monitor and personalize Service and conduct Company business and to provide targeted marketing and advertising,
to measure the performance of and improve System functionality,
to manage, administer and protect Company information technology infrastructure and System security generally; and
to otherwise assist with a transaction. For example, Company may use the account information you provide or that Company collects from Third-Party Sites to confirm your accounts are valid and to access funds from your accounts in connection with fulfillment of Service.

If information is aggregated or de-identified so it is no longer reasonably associated with an identified or identifiable natural person, Company may use it for any business purpose. Company will not reuse your Personal Data for a new purpose other than the original one(s) for which it was collected unless one or more of the following apply:

the new use is compatible with the original use such that you would reasonably expect such a similar use;
Company has notified you of the new use and given you an opportunity to authorize it; or
the new use is otherwise permitted or required by law.

By providing Company with your information, including Personal Data and any data that may be subject a privacy regime of any jurisdictions, you are explicitly consenting to Companyr use, collection, monitoring and processing of it in accordance with Policy. You acknowledge and agree that such Personal Data may be transferred from your current location to the offices and servers of Company and the authorized third parties referred to herein located in the United States or internationally. Policy does not apply to any personal information collected by Company other than personal information collected through Service. Policy shall not apply to any unsolicited information you provide to Company through Service or through any other means. This includes, but is not limited to, information posted to any public areas of Service, such as forums, any ideas for new products or modifications to existing products, and other unsolicited submissions (collectively, “Unsolicited Information”). All Unsolicited Information shall be deemed to be non-confidential and not personal information and Company shall be free to reproduce, use, disclose, and distribute such Unsolicited Information to others without limitation or attribution. Policy applies only to Service. Service may contain links to other web sites or services, and Service not operated or controlled by Company (“Linked Sites”). The policies and procedures Company described here do not apply to Linked Sites. The links from Service do not imply that Company endorses or has reviewed the Linked Sites. Company is not responsible for data depicted and/or actions of these Linked Sites. Company suggests contacting those sites directly for information on their privacy policies and/or terms of use. In an ongoing effort to better understand and serve the users of Service and improve data analytics, research and analysis may be compiled and analyzed on an anonymized basis, and Company may share this anonymized data with its affiliates, agents and business or financing partners. This aggregate information does not identify you personally. Some of Company pages utilize framing or white-labeling techniques to serve content from Company partners while preserving the look and feel of System. Please be aware that in these instances you may be providing your personal information to these third parties and not to Company.

3 SHARING OF INFORMATION
Company may share personal information about you as follows and you hereby consent to such sharing:

with Company subsidiaries and affiliates for purposes consistent with Policy;
with Company service providers, agents, consultants and related third parties to perform certain business-related functions such as offering customer service, processing diligence or secure data storage, in each case only as necessary to provide these types of services to Company;
with third parties (including insurance providers, financing sources and platforms) to provide, maintain, and improve Service, to help Company with Company business activities (such as performing due diligence, risk analysis, and know your customer compliance), capital raising and to better understand Company users;
in connection with, or during the negotiation of, any merger, sale of company stock or assets, financing, acquisition, reorganization, divestiture, or dissolution of all or a portion of Company business;
basic information (name, company name, phone number, email address and requested advance amount) with one of Company’s business partners to market their services to you;
to respond to a request of a governmental entity, subpoenas, court orders, or legal process;
to respond to claims that any posting or other content violates the rights of third parties;
if required to do so by law or in the good faith belief that such action is necessary to:
comply with any legal obligation;
investigate, prevent, defend against, or take other action regarding violations of Company Terms of Service, Merchant Cash Advance Agreement, illegal activities, suspected fraud, or situations involving potential threats to the legal rights or physical safety of any person or the security of Company network, System or Service;
generally protect against legal liability or otherwise protect Company rights; or
to protect the health and safety of Company System’s users or the general public in an urgent or emergency; or
to any other third party with your consent.

Company may use third parties to gather your data from financial institutions. By using Service, you grant Company and third-party providers the right, power, and authority to act on your behalf to access and transmit your personal and financial information from the relevant financial institution according to terms of Company and third-party provider’s policies. Company may display personal testimonials of customers on System. Company may post your testimonial along with your name. If you wish to update or delete your testimonial, you can contact Company.

4 YOUR RIGHTS TO DATA
You have the right to ask Company not to process your personal information for marketing purposes. You can do this at any time by updating your email preferences in your account or by clicking on the “unsubscribe” link in any marketing email Company sends to you, if such capability exists. You can also opt out of marketing by contacting Company.
Data protection law may give you the right to access your personal information, to object to the use of your personal information for certain purposes, and the right to erase or restrict your personal information. Further, you may request the transfer of your personal data to you, or (if technically feasible) to a third party in a machine-readable format. Note that these rights only apply to personal data which you initially provided to Company. You can make any such requests by contacting Company. Certain personal information will need to be retained for administrative, legal, security or other legitimate business purposes.
You can easily access personal information that you have submitted to Company and request the correction of any inaccurate information you have submitted to Company, via your user account. Alternatively, you can contact Company to request any corrections, or access, to your personal information.
Company will handle your requests and rights in accordance with the law. This means there may be legal reasons why Company cannot fulfill all requests. Company may need to request specific information from you to help Company confirm your identity and ensure your right to access your personal data (or to exercise any of your other rights). This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it. Company may also contact you to ask you for further information in relation to your request to speed up Company response.
You will not have to pay a fee to access your Personal Data (or to exercise any of the other rights). However, Company may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive. Alternatively, Company may refuse to comply with your request in these circumstances.
Company tries to respond to all legitimate requests within one month. Occasionally it may take Company longer than a month if your request is particularly complex or you have made a number of requests. In this case, Company will notify you and keep you updated.
You may have the right to lodge complaints with a data protection authority regarding the processing of your Personal Data. Company would, however, appreciate the chance to deal with your concerns beforehand, so please contact Company in the first instance.

5 DATA RETENTION
Company will only retain your personal data for as long as necessary to fulfill the purposes Company collected it for, including for the purposes of satisfying any legal, administrative, security, compliance, accounting, or reporting requirements. Company will need to retain your information for as long as your account is active and for legitimate business interests, including if any amounts, including Specified Amounts (as defined in a Merchant Cash Advance Agreement) are outstanding. Company will retain and use your information as necessary to comply with, and demonstrate compliance with, Company legal obligations, resolve disputes, collect on amounts owing and enforce Company agreements. In some circumstances Company may anonymize your Personal Data, so that it can no longer be associated with you, for research or statistical purposes in which case Company may use this information indefinitely without further notice to you.

6 SECURITY
Company takes reasonable measures, including firewall barriers, SSL encryption techniques, and authentication procedures, to help protect personal information from loss, theft, misuse, and unauthorized access, disclosure, alteration, and destruction. However, no Internet or email transmission is ever fully secure or error-free. In particular, email sent to or from Service may not be secure. Therefore, you should take special care in deciding what information you send to Company via email. Please keep this in mind when disclosing any personal information to Company via the Internet. If you have any questions regarding the security of your personal information, you can contact Company.

7 EMAIL COMMUNICATIONS
Company may provide Company registered customers with summaries of their account information and email alerts. Company may also allow users to subscribe to email newsletters and from time to time may transmit emails promoting Company or third-party goods or Service.
You have the ability to opt out of receiving Company promotional emails and to terminate Company newsletter subscriptions by following the instructions in the emails or by contacting Company. Opting out in this manner will not end transmission of service-related emails, such as email alerts.

8 CHANGES TO POLICY
Company reserve the right, at Company discretion, to make changes to Policy from time to time without notice, so please review it frequently. You may review updates to Policy by visiting links on System. You agree to accept electronic communications and/or postings of revised versions of Policy on System, and agree that such electronic communications or postings constitute notice to you of the revised version of Policy. Changes take effect immediately upon posting. Your continued use of Service after any changes or revisions to Policy shall indicate your agreement with the terms of such revised Policy.

9 CHILDREN
Company does not knowingly collect Personal Data from or provide Service to persons under the age of 18. If you are under the age of 18, please do not submit any Personal Data or use Service. Company encourages parents and legal guardians to monitor their children’s Internet usage and to help enforce Company Policy by instructing their children never to provide Personal Data on Service without their permission. If you have reason to believe that a person under the age of 18 has provided Personal Data to Company through Service, please contact Company, and Company will endeavor to delete that information from Company databases.

10 YOUR CARLIFONIA PRIVACY RIGHTS
If you are a California resident, the California Consumer Privacy Act of 2018 (“CCPA”) permits you to obtain certain disclosures about information you have shared with Company in connection with your use of Service. CCPA also provides you with certain rights with respect to this information. This section outlines those CCPA required disclosures and details those rights that apply to “personal information” subject to the CCPA. Personal information does not include information that is publicly available (as defined by the CCPA), deidentified, or aggregated.

11 ACESSIBILITY
You may access Policy through the use of a standard screen reader. You can also print a copy of Policy by using your “Print” function on your computer. If you are having difficulty viewing or navigating Policy, please contact Company.

12 INFORMATION COMPANY COLLECTS In the past 12 months, Company has collected the following categories and examples of personal information about California residents who are website visitors, users, and businesses that access Service provided by or through Company:

Identifiers. First and last name, mailing address, online identifier (e.g. username), Internet Protocol (IP) address, email address, social security number, driver’s license number, passport number, or other similar identifiers
Categories of information described in the California Customer Records Statute. First and last name, social security number, address, primary telephone number, job title, bank account number, or any other financial information
Commercial or transaction information. Products or services purchased, obtained, or considered
Internet or other electronic network activity information. Information about your internet connection, the equipment used to access System and usage details, operating system, browser version, IP address, mobile device type, device unique identifier, mobile network information, web pages, content, communications, advertisements, referring and/or exit pages, clickstream data, and information that you search for using Service
Sensory data. Audio
Professional or employment-related information. Job title

Company collects the information listed above from the following categories of sources: (i) information provided by you, (ii) information Company collected when you use Service, or (iii) information received from third parties.

13 USE OF PERSONAL INFORMATION
Company may use or disclose the personal information Company collects from you for a number of purposes compatible for which it was collected or authorized by you, including for, but not limited to, the following purposes:

Providing, supporting, promoting, and improving Service;
Communicating with you;
Marketing and advertising;
Complying with law and Company own obligations; and
For other purposes for which Company provides notice to you at the time of collection or for which Company obtains your consent.

14 SHARING PERSONAL INFORMATION
As noted in the Sharing of Information section of Policy, Company may disclose your personal information to a third party for a business purpose, including, but not limited to, sharing with service providers to assist Company in providing Service, and to Company business partners, including Company bank partners. When Company discloses your personal information to a third party for a business purpose, such disclosure is subject to a contract that describes the business purpose and requires such party to keep the information confidential and not use it for any purpose other than performing the contract. Company further requires the party to certify that it understands and agrees to comply with such restrictions.

As also described in Sharing of Information section, Company may also disclose your personal information: (i) to affiliates and subsidiaries; (ii) as required by law; (iii) in connection with corporate changes; (iv) in anonymized or aggregate form; or (v) with your consent.

In the past 12 months, Company has disclosed the following categories of personal information, in accordance with the Sharing of Information section contained in Policy, for a business purpose: (i) identifiers; (ii) categories of information described in the California Customer Records Statute (such as first and last name, social security number, address, primary telephone number, job title, bank account number, or any other financial information); (iii) commercial or transaction information; (iv) internet or other electronic network activity information; (v) sensory data, and (vi) professional or employment-related information.

15 SALE OF PERSONAL INFORMATION
Company may sell your personal information. Company may share your personal information with third parties for the specific purposes as described in Policy.

16 YOUR RIGHTS REGARDING PERSONAL INFORMATION
California residents may exercise the following rights regarding their personal information, subject to certain exceptions and limitations. While the CCPA became effective on January 1, 2020, some individuals may not be able to invoke these rights until January 1, 2021 due to a temporary legislative period of delay. For example, where an individual is acting on behalf of a company (e.g., as an employee, owner, director, officer, or contractor), access and deletion rights are temporarily unavailable for the personal information reflecting a written or verbal communication or transaction between Company and the individual where the communication or transaction occurs solely within the context of the individual’s company receiving a product or service from us.

Right to Know. You have the right to request that Company disclose certain information Company has collected, used and disclosed in the past 12 months. You have the right to know:
- the categories and specific pieces of personal information Company has collected about you;
- the categories of sources from which your personal information was collected;
- the purposes for collecting your personal information;
- the categories of third parties with whom Company has shared personal information; and
- if your information is sold, lists of the categories of personal information sold and disclosed for a business purpose.
Right to Delete. You have the right to request that Company delete any personal information Company has collected from you. Company will also direct any service providers with whom Company has shared your personal information to delete such information from their records. CCPA provides certain exceptions to the Right to Delete. If any of these exceptions apply, Company will not be able to comply and will be forced to deny your request to delete, for example when the personal information is necessary to complete a transaction for which Company collected it or to comply with a legal obligation. Company uses a two-step process for online requests to delete personal information. You will be asked to clearly submit your request to delete and to separately confirm your choice.
Right to Opt-out of Sale(s). Company may sell your personal information to third parties.
Right to Non-Discrimination. You have the right not to receive discriminatory treatment for the exercise of the privacy rights conferred by the CCPA.

To exercise any of the above rights, you may submit a verifiable request by contacting Company.

17 RESPONDING TO YOUR REQUEST
When you submit a request through one of the designated methods for submitting requests, it may take Company up to 45 days from receiving your verifiable request to disclose and deliver the required information. In some cases, it may take Company longer to respond to your request. If Company requires more time (up to 90 days), Company will provide you with notice of the extension period.
Company may need to request additional information from you to verify your identity or understand the scope of your request, although you will not be required to create a Company account to submit a request or have it fulfilled. If you do not have credentials-protected account with Company, Company will require you to provide additional information to verify your identity. If Company is unable to verify your identity to a reasonable degree of certainty, Company will not be able to provide the requested information.

18 AUTHORIZED AGENT
You may designate an authorized agent to make a CCPA request to know or delete on your behalf based on: (i) your written permission authorizing the agent to submit the request and the agent verifying their identity in accordance with the verification process outlined above; or (ii) providing the agent with power of attorney to act on your behalf. Company will require copies of such written authorization or power of attorney.

19 CONTRACT COMPANY
Company’s contact information is available on System entitled “Contact” or “Contact Us” section, and is usually located at the bottom or footer of System.