Privacy Policy

Effective Date: August 15, 2025

This Privacy Policy describes how Antithesis Finance Inc. ("Antithesis Finance," "we," "us," or "our") collects, uses, discloses, and safeguards your personal information when you use SpendPilot, our financial management platform, including our website, applications, integrations, and related services (collectively, the "Services").

1. Who We Are

SpendPilot is a product owned and operated by Antithesis Finance Inc., a Delaware corporation located at:

Antithesis Finance Inc.
131 Continental Dr, Suite 305
Newark, DE 19713
United States

We are the data controller responsible for the personal data we process about you. For data protection inquiries, please contact us at privacy@spendpilot.io.

2. Information We Collect

2.1 Information You Provide Directly

  • Account Information: Name, email address, company name, job title, phone number, billing address
  • Profile Information: User preferences, settings, and profile customizations
  • Communication Data: Information you provide when contacting support, feedback, or surveys
  • Payment Information: Billing details (processed securely by our payment processors)

2.2 Information We Collect Automatically

  • Usage Data: Feature usage, session duration, navigation patterns, and interaction with our Services
  • Technical Data: IP address, browser type, device information, operating system, referring URLs
  • Log Data: Server logs, error reports, performance metrics, and security logs
  • Cookies and Tracking: Data collected through cookies and similar technologies (see Section 10)

2.3 Financial Integration Data

  • QuickBooks Integration: Financial data, account information, transaction data, and OAuth tokens
  • Slack Integration: Workspace metadata, channel information, user IDs, and authorized tokens
  • Other Integrations: Data necessary to maintain connections with authorized third-party services

2.4 Information from Third Parties

  • Authentication Providers: Basic profile information when you sign in through third-party services
  • Business Partners: Information from authorized integrations and partnerships

We do not knowingly collect sensitive personal information unless explicitly required for specific features and with your consent.

3. How We Use Your Information

We process your personal data for the following purposes:

3.1 Service Provision

  • Providing, operating, and maintaining SpendPilot
  • Processing financial data and generating insights
  • Managing subscriptions and processing transactions
  • Personalizing your experience and providing customized features
  • Facilitating integrations with QuickBooks, Slack, and other services

3.2 Communication

  • Sending service-related notifications and alerts
  • Responding to support requests and inquiries
  • Providing customer support and technical assistance
  • Sending marketing communications (with your consent)

3.3 Improvement and Analytics

  • Analyzing usage patterns to improve our Services
  • Developing new features and functionality
  • Conducting research and analytics
  • Monitoring service performance and security

3.4 Legal and Security

  • Complying with legal obligations and regulations
  • Protecting against fraud, abuse, and security threats
  • Enforcing our Terms of Service
  • Resolving disputes and legal claims

4. Legal Basis for Processing

We process your data based on:

  • Consent: When you provide explicit consent for specific purposes
  • Contract Performance: To provide our Services and fulfill our obligations
  • Legitimate Interests: To improve our Services, ensure security, and conduct business operations
  • Legal Compliance: To comply with applicable laws and regulations

5. Data Sharing and Disclosure

5.1 Service Providers

We may share your data with trusted third-party service providers who assist us in:

  • Cloud hosting and infrastructure
  • Payment processing
  • Analytics and monitoring services
  • Customer support platforms
  • Email and communication services

All service providers are contractually obligated to protect your data and use it only for specified purposes.

5.2 Business Transfers

In the event of a merger, acquisition, reorganization, or sale of all or a portion of our assets, your data may be transferred as part of the business transaction. We will notify you via email and/or prominent notice on our Services of any such transfer and any choices you may have regarding your data.

5.3 Legal Requirements

We may disclose your data when required by law, court order, or to:

  • Comply with legal processes and regulatory requirements
  • Protect the rights, property, or safety of Antithesis Finance Inc., our users, or others
  • Investigate potential violations of our Terms of Service
  • Respond to emergency situations

5.4 With Your Consent

We may share your data for other purposes with your explicit consent.

We do not sell, rent, or trade your personal data to third parties for their marketing purposes.

6. International Data Transfers

Your data may be transferred to and processed in countries outside your country of residence, including the United States. When we transfer data internationally, we ensure appropriate safeguards are in place, including:

  • Standard Contractual Clauses approved by relevant authorities
  • Other legally recognized transfer mechanisms
  • Appropriate technical and organizational measures

7. Data Security

We implement industry-standard technical and organizational measures to protect your data, including:

  • Encryption of data in transit (TLS/SSL) and at rest
  • Regular security assessments and vulnerability testing
  • Access controls and multi-factor authentication
  • Employee training on data protection and security
  • Incident response and breach notification procedures

While we strive to protect your personal information, no method of transmission or storage is 100% secure. We cannot guarantee absolute security but will notify you of any material security breaches as required by applicable law.

8. Data Retention

We retain your personal data only for as long as necessary to:

  • Provide our Services and fulfill our obligations
  • Comply with legal, accounting, or reporting requirements
  • Resolve disputes and enforce our agreements
  • Pursue legitimate business interests

Specific retention periods:

  • Account Data: Retained while your account is active and for up to 7 years after closure for legal and tax compliance
  • Financial Data: Retained in accordance with applicable financial regulations (typically 7 years)
  • Usage Data: Typically retained for 2-3 years for analytics purposes
  • Support Data: Retained for up to 5 years to maintain service quality
  • Marketing Data: Retained until you withdraw consent or for up to 3 years from last engagement

9. Your Privacy Rights

Depending on your location, you may have the following rights:

9.1 Access and Portability

  • Right of Access: Request copies of your personal data
  • Data Portability: Receive your data in a structured, machine-readable format

9.2 Correction and Deletion

  • Correction: Update or correct inaccurate or incomplete data
  • Deletion: Request deletion of your data (subject to legal obligations)

9.3 Processing Controls

  • Opt-out: Unsubscribe from marketing communications
  • Restriction: Limit how we process your data
  • Objection: Object to certain types of processing

9.4 California Privacy Rights

If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA):

  • Right to know what personal information we collect, use, disclose, and sell
  • Right to delete personal information
  • Right to opt-out of the sale of personal information (we do not sell personal information)
  • Right to non-discrimination for exercising your privacy rights

To exercise your rights, contact us at privacy@spendpilot.io. We will respond within 30 days of receiving your request (or as otherwise required by applicable law).

10. Cookies and Tracking Technologies

We use cookies and similar technologies to:

  • Maintain your session and authentication state
  • Remember your preferences and settings
  • Analyze usage patterns and improve our Services
  • Provide targeted content and features

You can manage cookie preferences through your browser settings. Note that disabling certain cookies may affect the functionality of our Services.

11. Children's Privacy

Our Services are not intended for individuals under 18 years of age. We do not knowingly collect personal data from children. If you become aware that a child has provided us with personal data, please contact us immediately at privacy@spendpilot.io.

12. State-Specific Privacy Rights

12.1 California Residents

In addition to CCPA rights listed above, California residents have rights under the California Privacy Rights Act (CPRA) and other California privacy laws.

12.2 Other States

We comply with applicable state privacy laws including those of Colorado, Connecticut, Utah, and Virginia, and will update this policy as new legislation takes effect.

13. Changes to This Policy

We may update this Privacy Policy periodically to reflect changes in our practices, technologies, legal requirements, or other factors. Material changes will be communicated through:

  • Email notification to registered users
  • Prominent notice on our website or within the SpendPilot application
  • Update to the "Effective Date" at the top of this policy

Your continued use of our Services after such changes constitutes acceptance of the updated policy.

14. Contact Information

For questions about this Privacy Policy or our data practices, please contact:

Antithesis Finance Inc.
Attn: Privacy Team
131 Continental Dr, Suite 305
Newark, DE 19713
United States
Email: privacy@spendpilot.io

For data protection officer inquiries: dpo@spendpilot.io