Back to signup

Privacy Policy

Effective Date: February 20, 2026

Sociatty LLC (“Company,” “we,” “us,” or “our”) is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use the ExpenseTerminal platform (“Platform”), including when you connect financial accounts through third-party aggregators such as Stripe Financial Connections.

1. Information We Collect

1.1 Information You Provide Directly

  • Account registration data (name, email address, password, billing information)
  • User profile information you choose to provide
  • CSV files and other financial data files you upload to the Platform
  • Communications you send to us (support requests, feedback)

1.2 Financial Account Data via Third-Party Aggregators

When you connect financial accounts through Stripe Financial Connections or similar services, we may receive:

  • Account balances and transaction histories
  • Account identifiers (account numbers, routing numbers as applicable)
  • Institution names and account types
  • Investment holdings and tax-relevant financial data

This data is retrieved only with your explicit authorization and is used solely to provide the Platform's tax analysis features.

1.3 Automatically Collected Data

  • Log data (IP address, browser type, pages visited, timestamps)
  • Device information (operating system, browser version, device identifiers)
  • Usage data (features used, session duration, clicks)
  • Cookies and similar tracking technologies (see Section 7 and our Cookie Policy)

2. How We Use Your Information

We use the information we collect to:

  • Provide, operate, maintain, and improve the Platform
  • Process and analyze your uploaded financial data to generate tax insights
  • Manage your account, subscriptions, and billing
  • Send you service-related communications (account updates, security alerts)
  • Send you optional marketing communications (with your consent, where required)
  • Detect, prevent, and investigate fraud, abuse, and security incidents
  • Comply with legal obligations and enforce our Terms of Service
  • Conduct internal analytics and product development (using anonymized/aggregated data)

We do NOT sell, rent, or lease your personal data or financial data to third parties. We do NOT use your uploaded financial data to train machine learning models without your explicit consent.

3. Legal Bases for Processing (For EEA/UK Users)

If you are located in the European Economic Area or United Kingdom, our legal bases for processing include:

  • Contract performance — processing necessary to provide the Platform services
  • Legitimate interests — security, fraud prevention, product improvement
  • Legal compliance — meeting applicable regulatory requirements
  • Consent — where you have provided explicit consent (e.g., optional analytics, marketing)

4. Information Sharing & Disclosure

4.1 Service Providers

We share data with trusted third-party service providers who assist in operating the Platform, including cloud hosting, payment processing, analytics, and customer support. These providers are contractually bound to use your data only as directed by us and in compliance with this Privacy Policy.

4.2 Financial Data Partners

Your financial account data may be shared with or retrieved through Stripe Financial Connections or other aggregators solely to facilitate account connectivity. These partners operate under their own privacy policies, which we encourage you to review.

4.3 Legal Requirements

We may disclose your information if required to do so by law, subpoena, court order, or other governmental request, or when we believe in good faith that disclosure is necessary to protect our rights, prevent fraud, or respond to an emergency.

4.4 Business Transfers

In the event of a merger, acquisition, bankruptcy, or sale of all or substantially all of our assets, your information may be transferred as part of that transaction. We will notify you via email and/or prominent notice on the Platform before your information is transferred and becomes subject to a different privacy policy.

4.5 Aggregate/Anonymized Data

We may share aggregated or de-identified data that cannot reasonably be used to identify you for research, analytics, or business purposes.

5. Data Retention

We retain your personal and financial data for as long as your account is active or as needed to provide the Platform's services. Specifically:

  • Account data is retained until account deletion plus a 90-day grace period
  • Uploaded financial files are retained for as long as you maintain them on the Platform; you may delete them at any time
  • Financial connection data retrieved via aggregators is retained for the duration of your authorized connection plus 30 days following revocation
  • Log and usage data is retained for up to 24 months
  • Data required for legal compliance may be retained for longer periods as required by law

Upon account deletion, we will delete or anonymize your personal data within 30 days, except where retention is required by law.

6. Data Security

We implement industry-standard technical and organizational security measures designed to protect your information from unauthorized access, use, alteration, or destruction. These measures include:

  • Encryption of data in transit (TLS 1.2+) and at rest (AES-256)
  • Access controls limiting employee access to personal data on a need-to-know basis
  • Regular security assessments and vulnerability testing
  • Incident response and breach notification procedures

However, no method of transmission over the internet or method of electronic storage is 100% secure. While we strive to use commercially acceptable means to protect your information, we cannot guarantee absolute security. You are responsible for maintaining the security of your account credentials.

7. Cookies & Tracking Technologies

We use cookies and similar technologies to maintain your logged-in session and Platform preferences, analyze Platform usage and performance (via analytics tools), and prevent fraud and enhance security.

You may control cookie preferences through your browser settings. Disabling certain cookies may impact Platform functionality. We do not currently respond to Do Not Track (DNT) browser signals, but you may opt out of analytics tracking as described in our Cookie Policy.

8. Your Privacy Rights

Depending on your jurisdiction, you may have the following rights regarding your personal data:

  • Access & Portability — Request a copy of the personal data we hold about you in a portable format
  • Correction — Request correction of inaccurate or incomplete personal data
  • Deletion — Request deletion of your personal data, subject to legal retention obligations
  • Restriction — Request that we restrict processing of your data in certain circumstances
  • Objection — Object to processing based on legitimate interests
  • Withdrawal of Consent — Where processing is based on consent, withdraw it at any time without affecting prior processing
  • Opt-Out of Sale/Sharing — We do not sell personal data; if this changes, you will have the right to opt out

To exercise any of these rights, submit a request to expenseterminal@outlook.com. We will respond within 30 days (or as required by applicable law). We may need to verify your identity before fulfilling requests.

You also have the right to lodge a complaint with the applicable data protection supervisory authority in your jurisdiction.

9. California Privacy Rights (CCPA/CPRA)

If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA) as amended by the California Privacy Rights Act (CPRA):

  • Right to Know — The categories and specific pieces of personal information collected about you
  • Right to Delete — Deletion of personal information we have collected, subject to exceptions
  • Right to Correct — Correction of inaccurate personal information
  • Right to Opt-Out — Opt out of the sale or sharing of personal information (we do not sell or share personal information for cross-context behavioral advertising)
  • Right to Limit Use of Sensitive Personal Information — Limit our use of sensitive personal information to what is necessary for providing the service
  • Right to Non-Discrimination — We will not discriminate against you for exercising your CCPA/CPRA rights

To submit a CCPA/CPRA request, contact us at expenseterminal@outlook.com or call (201) 657-6035. We will verify your identity and respond within 45 days.

10. Children's Privacy

The Platform is not directed to individuals under the age of 18. We do not knowingly collect personal information from children. If we become aware that a child under 18 has provided us with personal information without parental consent, we will take steps to delete such information promptly. If you believe we may have collected information from a child, please contact us at expenseterminal@outlook.com.

11. International Data Transfers

Your information may be transferred to and processed in countries other than your country of residence, including the United States, where data protection laws may differ from those in your jurisdiction. For transfers from the EEA or UK, we rely on appropriate safeguards such as Standard Contractual Clauses (SCCs) approved by the European Commission. By using the Platform, you consent to such transfers.

12. Third-Party Links & Integrations

The Platform may contain links to third-party websites or integrate with third-party services. This Privacy Policy does not apply to third-party services. We encourage you to review the privacy policies of any third-party services you interact with. We are not responsible for the privacy practices of third-party services.

13. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. When we make material changes, we will notify you by email to your registered address and/or by posting a prominent notice on the Platform at least 30 days before the effective date of the changes. Your continued use of the Platform after the effective date constitutes acceptance of the revised Privacy Policy.

14. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact:

Sociatty LLC

Privacy Team: expenseterminal@outlook.com

Mailing Address: Tenafly, New Jersey 07670

This Privacy Policy was last updated on: February 20, 2026