Privacy Policy

1. Scope and Applicability

This Privacy Notice applies to personal information we collect:

• When you visit www.tryfinanceiq.com or any of our subdomains
• When you sign up for, configure, or use the FinanceIQ Service
• When you contact us, request a demo, or subscribe to marketing communications
• When we receive information about you from third parties such as integration partners or service providers

This Privacy Notice does not apply to personal information that your employer or organization controls and provides to us under a separate subscription agreement and data processing agreement, in which case we act as a "processor" or "service provider" and process such information only on your organization's instructions.

2. Information We Collect

2.1 Information you provide to us

• Account and contact information: name, work email address, phone number, company name, job title, password
• Billing information: company name, billing address, taxpayer information, and payment card details (collected and stored by our payment processor; we do not store full card numbers)
• Customer support and feedback: messages, attachments, and other information you submit when contacting us
• Marketing preferences: subscription status to newsletters and product updates

2.2 Information collected automatically

• Device and usage information: IP address, browser type and version, operating system, device identifiers, referring URL, pages visited, time spent on pages, and click activity
• Cookies and similar technologies: see Section 8

2.3 Information from your NetSuite account

When you authorize FinanceIQ to connect to your NetSuite instance via OAuth, we read financial and operational data from your NetSuite account in order to provide the Service to your organization. This data is processed on your organization's behalf, under your organization's subscription agreement. We do not use this data for our own commercial purposes other than providing the Service.

2.4 Information from third parties

We may receive information about you from integration partners (e.g., NetSuite, when you authorize a connection), service providers that help us deliver the Service (see Section 5), and marketing partners or publicly available sources.

3. How We Use Your Information

We use personal information for the following purposes:

• To provide, operate, and improve the Service
• To create and manage your account, authenticate users, and provide customer support
• To process payments and manage subscriptions
• To send transactional communications (account notifications, security alerts, billing receipts)
• To send marketing communications about FinanceIQ products and events, where you have opted in or where permitted by law
• To analyze how the Service is used, diagnose issues, and improve features
• To comply with legal obligations, enforce our Terms of Service, and protect our rights
• For other purposes you consent to

Legal bases (EU/UK customers). We rely on (a) contract performance to deliver the Service you requested, (b) legitimate interests in operating and improving the Service and securing it against fraud and abuse, (c) consent for marketing communications and non-essential cookies, and (d) legal obligation where applicable.

4. AI Features (Finley)

FinanceIQ includes an AI-powered financial advisor called Finley. When you submit a query to Finley:

• Relevant financial data from your authorized NetSuite connection is read and combined with your query into a prompt
• The prompt is sent to our third-party large language model provider for processing
• The provider returns a response, which FinanceIQ surfaces to you

AI data commitments:

• No model training. Customer NetSuite data and queries submitted to Finley are not used to train our LLM provider's models or FinanceIQ's models. Our LLM provider is contractually committed not to use customer prompts or responses to improve its products or train its models.
• Limited retention by the LLM provider. Our LLM provider may temporarily retain prompts and responses only for limited operational purposes (such as abuse monitoring and service delivery) as described in its terms. Customer Data is not retained by the provider for product improvement or model training.
• Encryption in transit. All communication with the LLM provider uses TLS encryption.

For full details on Finley's data handling, see our AI Disclosure page. If FinanceIQ changes its LLM provider or data handling practices materially, we will update this Privacy Notice and notify customers.

5. How We Share Information

We do not sell personal information.

We share personal information only in the following circumstances:

5.1 Service providers (sub-processors)

We share information with the following categories of sub-processors, all of whom are bound by contractual confidentiality and security obligations:

• Cloud hosting and edge providers
• Managed database, authentication, and storage providers
• Payment processing
• Large language model providers (for Finley AI features)
• Web analytics and tag management
• CRM and email marketing

A current list naming each sub-processor is available to customers and prospective customers on request at contact@tryfinanceiq.com.

5.2 Legal disclosures

We may disclose information when required by law, subpoena, court order, or other legal process; to enforce our agreements; or to protect the rights, property, or safety of FinanceIQ, our users, or others.

5.3 Business transfers

If FinanceIQ (or Honey Brown, LLC) is involved in a merger, acquisition, financing, or sale of assets, your information may be transferred as part of that transaction. We will notify you and require the acquirer to honor the commitments in this Privacy Notice.

5.4 With your consent

We may share information with other parties when you authorize us to do so.

6. International Data Transfers

We are based in the United States. If you access the Service from the European Union, United Kingdom, Canada, or other jurisdictions outside the United States, your personal information will be transferred to and processed in the United States.

Where required by law, we use appropriate safeguards for such transfers, such as the European Commission's Standard Contractual Clauses, the UK International Data Transfer Addendum, and equivalent Swiss mechanisms.

7. Data Retention

We retain personal information for as long as needed to provide the Service, comply with legal obligations, resolve disputes, and enforce our agreements. After termination of your account, we delete or anonymize personal information within 90 days, except where we are required or permitted by law to retain longer (for example, financial records for tax purposes).

You may request earlier deletion by contacting us at contact@tryfinanceiq.com (see Section 13).

8. Cookies and Tracking Technologies

We use cookies and similar technologies to operate the Site, remember your preferences, analyze usage, and (with your consent) deliver marketing. Categories include:

• Strictly necessary: required for the Site to function (e.g., authentication, security)
• Analytics: third-party analytics tools used to understand how the Site is used
• Marketing: third-party advertising and marketing measurement tools
• Functional: remember your preferences

You can manage your cookie preferences through our cookie consent banner or your browser settings. Disabling certain cookies may affect Site functionality. See our Cookie Policy for more detail.

9. Your Rights

Depending on where you live, you may have the following rights regarding your personal information:

• Access: request a copy of the personal information we hold about you
• Rectification: ask us to correct inaccurate or incomplete information
• Erasure: ask us to delete your personal information
• Restriction: ask us to limit how we process your information
• Portability: receive your personal information in a structured, machine-readable format
• Objection: object to certain processing, including direct marketing
• Withdraw consent: where processing is based on consent
• Non-discrimination: for exercising privacy rights (California residents)
• Lodge a complaint: with your local data protection authority (EU/UK residents) or the Office of the Privacy Commissioner of Canada

9.1 Specific notices for U.S. state residents

California (CCPA/CPRA). We do not sell or share personal information for cross-context behavioral advertising as those terms are defined by the CPRA. California residents have the rights described above plus the right to limit use of sensitive personal information.

Colorado, Connecticut, Virginia, Utah, and other U.S. states with comprehensive privacy laws. The rights described above apply where granted by your state's law.

9.2 How to exercise your rights

Email contact@tryfinanceiq.com with the subject line "Privacy Request." We will verify your identity and respond within the timeframe required by applicable law (typically 30 to 45 days). You may authorize an agent to make a request on your behalf.

10. Children

The Service is intended for business users. We do not knowingly collect personal information from children under the age of 16. If you believe a child has provided personal information to us, please contact us and we will delete it.

11. Security

We implement appropriate technical and organizational measures to protect personal information, including:

• Encryption in transit (TLS) and at rest
• Role-based access controls and the principle of least privilege
• Multi-factor authentication for administrative access
• Regular security reviews and dependency updates
• Logical separation of customer data

No system is 100% secure. If you have reason to believe your interaction with us is no longer secure, contact us immediately at contact@tryfinanceiq.com.

12. Changes to This Privacy Notice

We may update this Privacy Notice from time to time. If we make material changes, we will notify customers by email or by posting a notice on the Site at least 30 days before the changes take effect. The "Last Updated" date at the top reflects the most recent revision.