Effective Date: March 25, 2025 · Last Updated: March 25, 2025
SRT Agency ("we," "us," or "our") is committed to protecting the privacy of individuals who use our business funding application services. This Privacy Policy explains what information we collect, how we use it, and your rights regarding your data.
1. Information We Collect
When you use our application or funding portal, we may collect the following categories of information:
Contact information: First name, last name, email address, phone number
Business information: Business name, date of incorporation, monthly revenue, funding amount requested, prior loan history
Financial data: Bank statements (PDF uploads) or bank transaction history via Plaid (read-only, last 90 days)
Device and usage data: IP address, browser type, and pages visited — collected automatically via analytics tools
2. How We Use Your Information
We use the information we collect to:
Evaluate your eligibility for business funding options
Connect you with appropriate lenders or funding programs
Communicate with you about your application status
Improve our services and user experience
Comply with applicable legal and regulatory requirements
3. Bank Account Data via Plaid
With your explicit consent, we use Plaid to access read-only bank account and transaction data for income verification purposes. We request only the last 90 days of transaction history. We do not access, store, or transmit your bank login credentials. Plaid's access is governed by Plaid's End User Privacy Policy.
4. How We Share Your Information
We do not sell your personal information. We may share your information with:
Funding partners and lenders — to process your application (only as necessary)
Service providers — including Supabase (secure database), Vercel (hosting), and Plaid (bank verification)
Legal authorities — when required by law or to protect our legal rights
5. Data Security
We take reasonable steps to protect your information:
All data is transmitted over TLS 1.3 encrypted connections
Financial data is stored in an encrypted database with role-based access controls
Access to production systems is restricted to authorized personnel only
Bank statements are stored in a private, access-controlled storage environment
Administrator accounts use multi-factor authentication
6. Data Retention
We retain your information for as long as necessary to fulfill the purposes described in this policy, or as required by applicable law. You may request deletion of your data at any time by contacting us (see Section 8).
7. Your Rights
You may have the following rights regarding your personal data:
The right to access the data we hold about you
The right to correct inaccurate data
The right to request deletion of your data
The right to withdraw consent at any time
The right to opt out of marketing communications
To exercise any of these rights, contact us using the information below.
8. Contact Us
If you have questions about this Privacy Policy or wish to make a data request, please contact us:
We may update this Privacy Policy from time to time. We will notify you of significant changes by updating the "Last Updated" date at the top of this page. Continued use of our services after changes constitutes acceptance of the updated policy.