Privacy Policy

Last updated: March 22, 2026

1. Introduction

Finortal ("we", "us", "our") operates an AI-native deductions and accounts receivable automation platform for consumer packaged goods companies. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our services.

2. Information We Collect

  • Account information: Name, email address, organization name, and role, collected when you sign up via Clerk authentication.
  • Business data: Deduction records, invoice data, customer information, remittances, and documents that you upload or import into Finortal.
  • Usage data: Log data, IP addresses, browser type, and pages visited, collected automatically when you use the platform.
  • Communications: Any support requests or correspondence you send us.

3. How We Use Your Information

  • To provide, operate, and improve the Finortal platform
  • To process deductions, generate AI classifications, and produce dispute letters
  • To send workflow notifications and operational alerts
  • To comply with legal obligations
  • To detect and prevent fraud or security incidents
We do not sell your data to third parties. We do not use your business data to train AI models without your explicit consent.

4. Data Storage and Security

Your data is stored in a PostgreSQL database hosted on Neon (AWS us-east-1). All data is encrypted at rest (AES-256) and in transit (TLS 1.3). Each organization's data is logically isolated via tenant-scoped access controls — no user can access another organization's data.

5. Third-Party Services

We use the following sub-processors:
  • Clerk — Authentication and user management (SOC 2 Type 2)
  • Neon — PostgreSQL database hosting (SOC 2 Type 2)
  • Vercel — Application hosting and serverless functions (SOC 2 Type 2)
  • Anthropic — AI processing for deduction classification and dispute letters (data not retained for training)
  • Vercel Blob — Document file storage

6. Your Rights (GDPR / CCPA)

Depending on your location, you may have the right to:
  • Access: Request a copy of your data via Settings → Privacy → Export your data
  • Portability: Download your data in JSON format at any time
  • Erasure: Request deletion of your data via Settings → Privacy → Delete data
  • Rectification: Correct inaccurate data directly in the platform
  • Restriction: Contact us to restrict processing of your data
To exercise any right, use the in-app controls or contact us at privacy@finortal.com.

7. Data Retention

We retain your data for as long as your account is active. Upon account deletion, all data is permanently removed within 30 days. Audit logs may be retained for up to 90 days for legal compliance before deletion.

8. Cookies

We use session cookies required for authentication (via Clerk). We do not use advertising or tracking cookies.

9. Changes to This Policy

We will notify you of material changes by email or in-app notification at least 30 days before they take effect.

10. Contact

For privacy questions or requests: privacy@finortal.com
Finortal Inc. · privacy@finortal.com