Privacy Policy

This Privacy Policy explains how TreasuryPath Inc. (“TreasuryPath,” “we,” “us,” or “our”) collects, uses, shares, and protects information when you use our treasury management platform and related services (the “Services”). This Policy applies to our website, platform, API, and all related services.

Information We Collect

Information You Provide Directly

Business Account Information. We collect company name, legal entity type, and formation details, business address, phone number, and email address, Employer Identification Number (EIN) and tax information, industry classification and business description, and banking information and account details.

Authorized User Information. We collect names, titles, and contact information of authorized users, government-issued identification for verification purposes, digital signatures and authentication credentials, and user preferences and account settings.

Transaction Information. We collect payment instructions and recipient details, transaction amounts, currencies, and timing, payment methods and routing information, and transaction history and status updates.

Information We Collect Automatically

Platform Usage Data. We automatically collect login times, session duration, and feature usage, API calls, request and response data, and system interactions, device information including IP address, browser type, and operating system, and performance metrics and error logs.

Technical Information. We collect cookies and similar tracking technologies, website analytics and user journey data, security monitoring and fraud prevention data, and system logs and diagnostic information.

Information from Third Parties

Licensed Provider Data. We receive compliance and verification information from payment partners, banking and payment network data, credit and risk assessment information, and regulatory reporting and monitoring data.

Publicly Available Information. We may collect business registration and licensing records, sanctions lists and watch list screening results, news articles and public filings, and industry databases and directories.

How We Use Your Information

Primary Service Purposes

Platform Operations. We use your information to provide access to treasury management tools and features, process payment instructions and transaction requests, maintain account security and user authentication, and deliver customer support and technical assistance.

Business Operations

Service Improvement. We use information to analyze platform usage and performance, develop new features and functionality, conduct research and analytics, and optimize user experience and system performance.

Communication. We use your information to send service-related notifications and updates, provide account statements and transaction confirmations, share important policy or regulatory changes, and deliver marketing communications with your consent.

Licensed Providers and Service Partners

Payment and Banking Partners. We share necessary information with our licensed payment and banking partners to provide payment services. This includes business verification data, transaction instructions, and compliance information. These partners have their own privacy policies and data protection practices.

Payment Networks. Transaction information is shared with Fedwire, ACH, SWIFT, and other payment networks as necessary to process payments. Network operators may have access to routing, amount, and timing information.

Professional Service Providers

Technology and Support Services. We share information with cloud hosting providers and data centers, software vendors and technical consultants, customer support and help desk services, and security monitoring and fraud prevention services.

Professional Advisors. We share information with legal counsel for regulatory and compliance matters, accountants and auditors for financial reporting, consultants for business operations and strategy, and insurance providers for coverage and claims.

Government Authorities. We share information with law enforcement agencies pursuant to valid legal process, financial regulators for examination and oversight, tax authorities for reporting and compliance, and national security agencies as required by law.

Legal Proceedings. We may disclose information in response to court orders, subpoenas, and discovery requests, regulatory investigations and enforcement actions, litigation support and evidence production, and asset recovery and collection proceedings.

Business Transactions

Corporate Events. We may share information with potential buyers in merger, acquisition, or sale transactions, investors and financial partners for due diligence, successor entities in corporate reorganizations, and creditors and stakeholders in bankruptcy proceedings.

Data Security and Protection

Technical Safeguards

Encryption. Data is encrypted in transit using TLS and SSL protocols. Sensitive data is encrypted at rest using industry standards. API communications are protected with secure authentication, and database encryption protects stored personal information.

Access Controls. We implement multi-factor authentication for user accounts, role-based access permissions for employees, regular access reviews and privilege management, and secure API key management and rotation.

Operational Security

Monitoring and Detection. We provide 24/7 security monitoring and incident response, automated threat detection and prevention systems, regular security assessments and penetration testing, and vulnerability management and patch deployment.

Employee Training. We conduct regular privacy and security awareness training, perform background checks for personnel with data access, require confidentiality agreements and privacy obligations, and maintain incident response procedures and protocols.

Data Retention

Retention Periods. Account information is retained for 7 years after account closure. Communications are retained for 3 years for customer service purposes. Marketing data is retained until consent is withdrawn.

Secure Disposal. We use secure deletion of electronic data using certified methods, physical destruction of paper documents and storage media, certificate of destruction for sensitive materials, and regular purging of expired data and backups.

Your Privacy Rights and Choices

Access and Correction

Information Access. You may request copies of your personal information we maintain, review transaction history and account details, access privacy settings and communication preferences, and download your data in portable formats where feasible.

Information Updates. You may correct inaccurate or incomplete information, update business details and authorized user information, modify banking and payment preferences, and change communication and notification settings.

Communication Preferences

Marketing Communications. You may opt out of promotional emails and newsletters, unsubscribe from marketing phone calls and texts, and adjust frequency and type of communications. Please note that service-related communications cannot be disabled.

Notification Settings. You may customize transaction alerts and confirmations, set preferences for security and account notifications, configure API and system status updates, and manage emergency and compliance communications.

Account Management

Data Portability. You may request export of your transaction data, download account statements and reports, and transfer data to other service providers where technically feasible.

Account Deletion. You may request closure of your TreasuryPath account. Please note that some data must be retained for regulatory compliance. Data will be anonymized where deletion is not required, and you will receive confirmation of account closure and data handling.

Cookies and Tracking Technologies

Types of Cookies We Use

Essential Cookies. We use cookies for authentication and session management, security and fraud prevention, platform functionality and feature access, and load balancing and performance optimization.

Analytics Cookies. We use cookies to collect website usage statistics and user behavior, platform performance monitoring, feature adoption and usage patterns, and error tracking and system diagnostics.

Preference Cookies. We use cookies for user interface customizations, language and regional settings, dashboard layout and display preferences, and communication and notification preferences.

Third-Party Cookies

Service Providers. We use Google Analytics for website usage analysis, customer support platforms for help desk functionality, security services for fraud prevention and monitoring, and performance monitoring tools for system optimization.

Managing Cookies. You may use browser settings to control cookie acceptance, opt-out tools for third-party analytics, and platform settings for functional cookies. Please note that disabling essential cookies may affect functionality.

International Data Transfers

Cross-Border Processing

Data Location. Primary data processing occurs in the United States. Cloud services may involve international data transfers. Payment processing may require data sharing with foreign banks. We comply with applicable data localization requirements.

Transfer Safeguards. We use adequate jurisdiction determinations where applicable, standard contractual clauses for international transfers, vendor agreements with appropriate data protection terms, and regular review of international data handling practices.

Children’s Privacy

TreasuryPath provides business services only and does not knowingly collect personal information from individuals under 18 years of age. Our Services are not intended for use by minors. If we become aware that we have collected information from a minor, we will take steps to delete such information promptly.

California Privacy Rights

CCPA Rights for California Residents

Information Rights. California residents have the right to know what personal information we collect and how it is used, request deletion of personal information subject to legal exceptions, correct inaccurate personal information, opt out of sale or sharing of personal information, and limit use of sensitive personal information.

Non-Discrimination. We will not discriminate against you for exercising your privacy rights. We may offer financial incentives for data collection with your consent. You may decline incentive programs without penalty.

Note on Data Sales. TreasuryPath does not “sell” personal information as defined by CCPA, but we do share information with service providers as described in this Policy.

Exercising Your Rights

How to Submit Requests. You may submit privacy requests via email to privacy@treasurypath.com.

Verification Process. We will verify your identity before processing requests. Business account requests may require additional authorization. Our response timeframe is 45 days and may be extended by 45 days if the request is complex.

Changes to This Privacy Policy

Policy Updates

We may update this Privacy Policy to reflect changes in our business practices or services, new legal or regulatory requirements, enhanced privacy protections or user controls, and feedback from users or privacy authorities.

Notice of Changes

Notification Methods. We will provide email notice to account holders for material changes, prominent notice on our website and platform, in-platform notifications for significant updates, and updated effective date at the top of the policy.

Acceptance. Continued use of our Services constitutes acceptance of updated terms. Material changes may require affirmative consent. You have the right to discontinue services if you disagree with changes.

Contact Information

For questions about our privacy practices or to exercise your privacy rights, please contact:

Privacy Officer
TreasuryPath Inc.
Email: privacy@treasurypath.com

This Privacy Policy is effective as of the date listed above and governs our collection and use of information from that date forward. Please review this Policy periodically for updates and changes.