LegalLast updated: February 25, 2025

Privacy Policy

We're committed to protecting your data and being transparent about how we use it. This policy explains how we collect, use, and safeguard your information when you use our banking onboarding automation platform.

Table of Contents

1Information We Collect2How We Use Your Information3Data Storage and Security4Third-Party Sharing5Your Rights and Choices6International Data Transfers7Policy Changes8Contact Us

Information We Collect

Customer Information

When you sign up for our platform, we collect information such as:

  • Name, email address, and contact details of authorized personnel
  • Company information including business name, address, and identification numbers
  • Login credentials (encrypted) and authentication information
  • Payment and billing information
  • User preferences and settings

End User Data

Our platform processes information about your banking customers, which may include:

  • Personal identifiers such as name, address, and contact information
  • Account setup details and product configuration
  • Transaction and activity data necessary for account activation
  • Documentation and verification records

Note: You remain the data controller for all end user data. We act as a data processor and only process this data according to your instructions and our service agreement.

Usage and Technical Data

We automatically collect certain information when you use our platform:

  • IP address and device information
  • Browser type and settings
  • Usage patterns, clicks, and interactions with our platform
  • Log data, session duration, and feature usage statistics
  • Performance data and error reports

How We Use Your Information

We use the collected information for the following purposes:

Providing Our Services

We use your information to deliver, maintain, and improve our platform, facilitate account setup and activation, process transactions, and provide customer support.

Security and Compliance

We use data to protect the security of our services, detect and prevent fraud, maintain audit trails for compliance purposes, and fulfill regulatory requirements.

Analytics and Improvement

We analyze usage patterns to improve our user interface, enhance features, and develop new services. This helps us understand how users interact with our platform and identify areas for improvement.

Communication

We use contact information to send service updates, security alerts, administrative messages, and (with your consent) marketing communications about new features or services.

Data Storage and Security

Data Security Measures

We implement robust security measures to protect your information, including:

  • Encryption of data in transit and at rest using industry-standard protocols
  • Multi-factor authentication and role-based access controls
  • Regular security assessments and penetration testing
  • Continuous monitoring for unauthorized access attempts
  • Compliance with financial industry security standards

Data Retention

We retain your information for as long as your account is active or as needed to provide services, comply with legal obligations, resolve disputes, and enforce our agreements. Customer data may be retained in accordance with banking and financial regulatory requirements.

Data Processing Agreements

As a processor of banking customer data, we provide comprehensive data processing agreements that outline our security commitments, data handling practices, and compliance with applicable data protection regulations.

Third-Party Sharing

We may share information with third parties in the following circumstances:

Service Providers

We engage trusted third-party companies and individuals to facilitate our service, provide the service on our behalf, or assist in analyzing how our service is used. These third parties have access to your information only to perform these tasks and are obligated to maintain confidentiality.

Compliance and Legal Requirements

We may disclose information if required by law, regulation, legal process, or governmental request, or to protect the rights, property, or safety of our company, our customers, or others.

Business Transfers

If our company is involved in a merger, acquisition, or asset sale, your information may be transferred as part of that transaction. We will notify you via email and/or a prominent notice on our website of any change in ownership or uses of your information.

With Your Consent

We may share your information with third parties when we have your consent to do so.

Your Rights and Choices

Depending on your location, you may have certain rights regarding your personal information:

Access and Portability

You may request access to the personal information we hold about you and request a copy of your data in a structured, commonly used, and machine-readable format.

Correction and Deletion

You can request that we correct inaccurate information or delete your personal information, subject to certain exceptions related to regulatory compliance, legitimate business interests, or legal obligations.

Restriction and Objection

You may request that we restrict the processing of your information or object to our processing of your information based on our legitimate interests.

Marketing Communications

You can opt out of receiving marketing communications from us by following the unsubscribe link in our emails or contacting us directly.

End-User Data Rights

For end-user data where you are the data controller, you are responsible for responding to data subject requests. We will assist you in fulfilling these requests as outlined in our service agreement.

International Data Transfers

We may transfer, store, and process your information in countries other than your own. Our primary data processing facilities are located in the United States and the European Union.

When we transfer personal data from the European Economic Area, United Kingdom, or Switzerland to other countries, we use appropriate safeguards such as:

  • Standard Contractual Clauses approved by the European Commission
  • Data processing agreements with adequate protection measures
  • Compliance with regional data protection frameworks

For customers with specific data residency requirements, we offer regional data hosting options to ensure compliance with local regulations.

Policy Changes

We may update this Privacy Policy from time to time to reflect changes in our practices or for other operational, legal, or regulatory reasons.

We will notify you of any material changes by:

  • Posting the updated policy on our website
  • Sending an email to the primary contact on your account
  • Providing notification within our platform

We encourage you to review our Privacy Policy periodically. The "Last Updated" date at the top of this page indicates when this policy was last revised.

Contact Us

If you have any questions about this Privacy Policy or our data practices, please contact us:

Privacy Team

For general privacy inquiries:

Email: privacy@onboardramp.com

Data Protection Officer

For data protection concerns or to exercise your rights:

Email: dpo@onboardramp.com

Postal Address

OnboardRamp, Inc.
Attn: Privacy Department
8911 North Capital of Texas Hwy
Austin, TX 78759
United States

We will respond to your inquiry within 30 days or as required by applicable law.