[Your LLC Name] — Portland, Oregon
DRAFT — NOT LEGAL ADVICE
This document is a template draft and has not been reviewed by a licensed attorney. Before using in any production environment, have all legal documents reviewed and approved by an attorney specializing in technology, privacy, and fintech law.
Last Updated: [DATE] | Effective: [DATE]
[Your LLC Name] ("Company," "we," "us," or "our") operates the Trellis platform (the "Service"). This Privacy Policy explains how we collect, use, disclose, retain, and protect your personal information when you use our Service.
Information you provide directly: Account registration data (name, email address, password); financial data you manually input (income, expenses, debts, savings goals, account balances); communications with us; billing information (processed through our third-party payment processor).
Information collected automatically: Device information (device type, operating system, browser type); usage data (features accessed, time spent); log data (IP address, access times, pages viewed); cookies and similar technologies.
Information generated by the Service: Financial projections and analysis; Ask Fig conversation history and AI-generated outputs; derived insights and categorizations.
Information we do NOT collect: We do not collect bank login credentials. Financial data aggregation connections use read-only, tokenized access provided by third-party aggregators. We never store your banking passwords.
We use your information to provide, maintain, and improve the Service; generate projections, analysis, and Fig responses; process payments; communicate about your account; detect and prevent fraud and security incidents; comply with legal obligations; and enforce our Terms of Service.
We do not and will not: sell your personal information to third parties; use your financial data for targeted advertising; share your data with data brokers; use your personal financial data to train generalized AI models.
We may share your information only with service providers under contractual obligations to protect your data; with AI service providers solely to process Fig queries under data processing agreements; to comply with legal obligations; to protect rights and safety; or in connection with a merger or acquisition.
We implement industry-standard security measures including encryption of data at rest and in transit (TLS 1.2+, AES-256); secure password hashing (bcrypt); two-factor authentication; access controls; structured security event logging; and regular security assessments.
We retain your personal information for as long as your account is active. Upon account deletion, we will delete or anonymize your personal data within 30 days, except where retention is required by law.
All users: Access your personal data; correct inaccurate data; delete your account and associated data; export your data in a portable format; withdraw consent for optional data processing.
California residents (CCPA/CPRA): Right to know what personal information is collected; right to delete; right to opt out of sale (we do not sell data); right to non-discrimination. Contact privacy@asktrellis.com to exercise these rights.
EU/EEA residents (GDPR): Additional rights including data portability, restriction of processing, objection to processing, and the right to lodge a complaint with a supervisory authority.
We use strictly necessary cookies to maintain your session and authenticate your account. We do not use advertising cookies or tracking pixels. We do not engage in cross-context behavioral advertising.
Trellis is not directed at children. The Service is intended for users aged 18 and older. We do not knowingly collect personal information from children under the age of 13 in compliance with COPPA.
When you use Ask Fig, your financial data and query are transmitted to our AI processing infrastructure. Your data is used only to generate a response to your specific query. We do not use your financial data to train general-purpose AI models. Conversation logs may be temporarily stored for session continuity. You may delete your Fig conversation history at any time.
The Service may integrate with third-party services. This Privacy Policy does not apply to third-party services. We encourage you to review their privacy policies.
We may update this Privacy Policy from time to time. Material changes will be communicated at least 30 days before taking effect.
For privacy-related inquiries:
Privacy Officer
[Your LLC Name]
Email: privacy@asktrellis.com
Portland, Oregon [ZIP]