Privacy Policy
Effective date:
Slash Financial, Inc. and its affiliates and subsidiaries (collectively “Slash,” “we,” “us,” or “our”) respect your privacy. This Privacy Policy explains how we collect, use, disclose, retain, and protect Personal Information when you use our websites, mobile applications, APIs, cards, banking-related services, payments, treasury services, lending or working-capital products, analytics, automation tools, digital-asset or stablecoin-related services, customer support, events, marketing activities, and any other products or services that link to this Policy, collectively, the “Services.”
For purposes of this Policy, “Personal Information” means information that identifies, relates to, describes, or can reasonably be linked to an individual. Personal Information does not include aggregated, anonymized, or de-identified information that cannot reasonably be used to identify an individual.
Some Services may be provided with or through partner banks, financial institutions, card networks, processors, money transmitters, investment, lending, treasury, stablecoin, or other financial-service partners. Additional notices or agreements may apply to those Services. If there is a conflict between this Policy and a product-specific privacy notice required by law, the product-specific notice controls.
Please read this Policy carefully. By continuing to use or access our Services, you are consenting to the practices described in this Policy.
1. Business Customers, Authorized Users, and Other Individuals
Many Slash Services are designed for businesses. When a business uses Slash, we may process Personal Information about its owners, officers, control persons, beneficial owners, employees, contractors, administrators, authorized users, guarantors, vendors, payees, customers, and other individuals connected to that business.
If you provide Personal Information about another person to Slash, you are responsible for ensuring that you have the right to do so and that the information may be processed as described in this Policy.
If you use Slash through a business account, information about your account activity may be visible to the business, its administrators, and other authorized users according to account permissions, applicable law, and our agreements.
Depending on the context, Slash may process Personal Information for its own business and compliance purposes, or on behalf of a business customer. Where we process Personal Information on behalf of a business customer, that customer is responsible for providing required notices and handling certain privacy requests, and our agreement with that customer may govern our processing.
2. Personal Information We Collect
We collect, with your consent where required by law, only the Personal Information reasonably necessary for the purposes described in this Policy, our agreements, or as required or permitted by law. Depending on how you interact with the Services, we may collect:
- Account and contact information, such as name, email address, phone number, mailing address, business address, username, role, title, employer, and account credentials.
- Identity, eligibility, and verification information, such as date of birth, government-issued identification, Social Security number, tax identification number, beneficial ownership information, control-person information, business formation documents, sanctions-screening information, fraud-risk information, and information captured during identity or document verification.
- Financial, commercial, and transaction information, such as bank account information, payment card information, account balances, transaction history, merchant information, payment instructions, invoices, receipts, vendor and payee information, card usage, rewards activity, credit or underwriting information, repayment information, disputes, chargebacks, refunds, and records of products or services requested, obtained, or considered.
- Business information, such as company name, business type, industry, ownership details, revenue, tax information, business records, accounting information, and other information submitted by or about a business customer.
- Device, network, and usage information, such as IP address, device identifiers, browser type, operating system, device settings, log files, crash data, pages viewed, features used, referral URLs, session data, cookie identifiers, mobile advertising identifiers, and information generated through interactions with the Services.
- Location information, such as approximate location derived from IP address, business information, device information, or, where enabled and permitted, more precise location information.
- Communications and support information, such as emails, chat messages, call recordings, support tickets, survey responses, feedback, and other communications with Slash.
- Content and documents, such as files, invoices, receipts, contracts, accounting records, business documents, images, profile photographs, and other information you upload or make available through the Services.
- Integration information, such as information from bank accounts, accounting systems, ecommerce platforms, payment processors, HR systems, communication tools, expense platforms, wallets, digital-asset services, and other third-party services you or your business choose to connect.
- Digital-asset and blockchain-related information, where applicable, such as wallet addresses, blockchain transaction identifiers, on-chain transaction data, settlement information, and related compliance or monitoring information. We treat wallet addresses and related transaction data as Personal Information when they identify or can reasonably be linked to an individual.
- Inferences and risk signals, such as fraud, compliance, security, credit, eligibility, usage, product-preference, and risk inferences generated from the information described above.
- Sensitive Personal Information, such as government identifiers, financial account information, account credentials, precise geolocation where collected, biometric information where used for identity verification, and other information treated as sensitive under applicable law. We use Sensitive Personal Information only as reasonably necessary to provide the Services, verify identity, prevent fraud, maintain security, comply with law, or for other purposes permitted by law.
3. How We Use Personal Information
We may use Personal Information to:
- Provide, operate, maintain, and improve the Services, including open, administer, and service accounts, conduct KYC, KYB, sanctions, AML, fraud, security, credit, underwriting, eligibility, and risk reviews, and establish, adjust, or enforce limits.
- Process transactions, payments, transfers, invoices, rewards, disputes, chargebacks, refunds, repayments, and collections.
- Provide customer support and communicate with you about accounts, transactions, security alerts, updates, support, policy changes, and Services.
- Personalize, test, debug, analyze, and improve the Services.
- Develop new products and features.
- Operate analytics, automation, and AI-enabled tools.
- Generate aggregated, anonymized, or de-identified information.
- Conduct audits, research, reporting, compliance monitoring, and training.
- Meet legal, regulatory, tax, accounting, payment-network, partner-bank, and contractual obligations.
- Enforce our agreements, and protect the rights, property, security, and safety of Slash and its users, partners, and vendors.
- Market or advertise Slash products and services where permitted by law.
We request affirmative consent where required by law, such as for certain marketing communications, precise location access, certain sensitive-data uses, or third-party integrations.
4. Partner Financial Institution and Partnership Data
We may receive Personal Information from partner banks, financial institutions, processors, card networks, payment networks, money transmitters, treasury, lending, stablecoin, custody, settlement, or other financial-service partners.
We use information received through those relationships only to provide, support, secure, monitor, improve, troubleshoot, and administer the relevant Services; comply with law, regulation, payment-network rules, and contractual obligations; prevent fraud and manage risk; respond to disputes, audits, investigations, and legal requests; and as otherwise authorized by the applicable partner relationship, customer direction, or law.
We do not sell Personal Information received through partner financial institution relationships for money. We do not use that information for unrelated third-party advertising or to train general-purpose AI models, unless the information has been aggregated, anonymized, or de-identified in accordance with applicable law and contract, or unless we provide additional notice or obtain required consent.
5. Artificial Intelligence and Automated Tools
We may use artificial intelligence, machine learning, automation, and similar technologies to operate, secure, support, and improve the Services, including to verify documents, categorize transactions, detect and prevent fraud, support compliance reviews, assist customer support, analyze usage, generate insights, and evaluate eligibility, credit, underwriting, or risk information where permitted.
We do not rely solely on automated processing to make decisions that produce legal or similarly significant effects concerning you, such as final decisions regarding access to consumer financial products, unless permitted by law and with any required notice, rights, or safeguards. Significant financial-services decisions involve appropriate human review or oversight where required.
AI-enabled outputs may be incomplete or inaccurate. You are responsible for reviewing outputs before relying on them. Unless expressly stated in a separate written agreement, AI-enabled features are not legal, tax, accounting, investment, or financial advice.
6. How We Disclose Personal Information
We may disclose Personal Information to:
- Affiliates and subsidiaries, for operations, administration, compliance, product development, and provision of Services.
- Service providers and contractors, including cloud hosting, infrastructure, analytics, identity verification, fraud prevention, compliance, customer support, communications, document processing, data storage, security, marketing, billing, collections, professional services, and technical-support providers.
- Business customers and account administrators, including where information relates to a business account, authorized user, employee, contractor, vendor, transaction, reimbursement, card, payment, approval workflow, or account permission.
- Financial-service partners, including partner banks, issuing banks, sponsor banks, card networks, payment processors, money transmission, treasury, investment, lending, stablecoin, custody, transfer, and settlement partners.
- Identity, risk, compliance, and credit providers, including identity-verification providers, fraud-prevention vendors, sanctions-screening providers, credit bureaus, commercial-data providers, and underwriting or financial-information providers.
- Merchants, vendors, payees, recipients, and transaction counterparties, including in connection with transactions, invoices, payments, disputes, chargebacks, refunds, tax reporting, reconciliation, or compliance reviews.
- Third-party integrations and connected services, where you or your business direct us to connect, transmit, receive, or process information through another product or service.
- Advertising, analytics, referral, rewards, and joint-marketing partners, where permitted by law and subject to applicable choices.
- Professional advisors and business transaction parties, including lawyers, auditors, insurers, accountants, consultants, financing sources, acquirers, successors, or assignees in connection with diligence, financing, merger, acquisition, reorganization, bankruptcy, sale, or transfer of all or part of our business, assets, or equity.
- Regulators, law enforcement, government authorities, payment networks, partner financial institutions, and other parties, where we believe disclosure is necessary or appropriate to comply with law, regulation, legal process, payment-network rules, partner requirements, national-security or law-enforcement requests, or to protect rights, property, security, or safety.
- Other parties, at your direction, with your consent, or as otherwise permitted by law.
We require service providers and contractors that process Personal Information on our behalf to protect that information and use it only for authorized purposes.
7. Cookies, Analytics, Advertising, and Tracking Choices
We and our service providers may use cookies, pixels, beacons, SDKs, local storage, device identifiers, and similar technologies to operate the Services, remember preferences, secure accounts, measure performance, understand usage, debug issues, prevent fraud, and improve or advertise the Services.
You can set your browser to reject or delete cookies, but some Services may not function properly. You can opt out of marketing emails or text messages by following the instructions in those messages. Even if you opt out of marketing, we may still send transactional, relationship, legal, or security-related messages.
We do not sell Personal Information for money. However, some advertising or analytics activities may be considered a “sale,” “sharing,” targeted advertising, or cross-context behavioral advertising under certain privacy laws.
We do not knowingly sell or share Personal Information of individuals under 16. We do not use bank-account credentials or sensitive financial-account information to target advertising on third-party advertising platforms, except as permitted by law and with any required notice or consent.
Some browsers offer “Do Not Track” signals. Because there is no uniform industry standard for those signals, we do not currently respond to them unless required by law.
8. Your Privacy Rights and Choices
Depending on where you live and subject to applicable exceptions, you may have the right to request that we:
- Disclose the categories and specific pieces of Personal Information we have collected about you.
- Disclose the categories of sources, purposes, and recipients of Personal Information.
- Provide a portable copy of Personal Information, correct inaccurate Personal Information, delete Personal Information, or limit the use or disclosure of Sensitive Personal Information.
- Opt you out of sale, sharing, targeted advertising, or certain profiling, and not discriminate against you for exercising your rights.
We may need to verify your identity and authority before fulfilling a request. We may deny or limit requests where permitted by law, including where information must be retained for legal, regulatory, security, fraud-prevention, AML, sanctions, accounting, tax, dispute-resolution, contractual, financial-services, or recordkeeping reasons.
Authorized agents may submit requests where permitted by law, but we may require proof of authorization and identity verification.
Where we process Personal Information on behalf of a business customer, we may direct your request to that customer and support the customer as required by law and contract.
9. Retention and Deletion
We retain Personal Information for as long as reasonably necessary to provide, maintain, and improve the Services, to comply with legal, regulatory, tax, accounting, audit, sanctions, AML, partner-bank, payment-network, and contractual obligations, to prevent fraud and maintain security, to resolve disputes, to collect amounts owed, to enforce agreements, and to establish, exercise, or defend legal claims.
Because Slash operates in a regulated financial-services environment, certain identity, account, application, transaction, compliance, risk, dispute, credit, underwriting, and tax records may be retained for extended periods after an account is closed or a user is no longer active.
Where retention is no longer required, we delete, de-identify, aggregate, or otherwise process information in accordance with our policies and applicable law. Public blockchain data may be visible to others and may not be capable of being modified or deleted by Slash.
10. Security and Privacy Governance
We use administrative, technical, organizational, and physical safeguards designed to protect Personal Information against unauthorized access, disclosure, alteration, loss, misuse, or destruction. These safeguards may include access controls, encryption, monitoring, vendor controls, personnel training, incident-response procedures, and other measures appropriate to the nature of the information and our business.
We maintain privacy and security controls designed to support privacy reviews, vendor oversight, complaint escalation, data-subject request handling, incident response, employee training, and periodic testing or audit activities.
No method of transmission, storage, or processing is completely secure, and we cannot guarantee absolute security. If we are required by law to notify you of a security incident involving Personal Information, we will do so in accordance with applicable law.
11. International Transfers
Slash is headquartered in the United States. Personal Information may be transferred to, processed, and stored in the United States and other countries where Slash, its affiliates, partners, or service providers operate. These countries may have data-protection laws that differ from those in your jurisdiction.
Where required by applicable law, we use appropriate safeguards for cross-border transfers, which may include contractual protections, technical and organizational safeguards, and other lawful transfer mechanisms.
12. Third-Party Services and Integrations
The Services may contain links to third-party websites or services, or allow you or your business to connect third-party products or integrations. Third-party services are not controlled by Slash, and their collection, use, disclosure, and protection of information are governed by their own agreements and privacy policies.
When you enable an integration, we may receive, process, and disclose information through that integration at your or your business’s direction.
13. Financial Privacy Notices
Some Slash products or partner-provided financial services may be subject to additional financial privacy notices, including notices provided by partner banks, issuers, investment advisers, broker-dealers, lenders, money transmitters, stablecoin, custody, or other financial-service providers. Those notices may describe additional collection, use, disclosure, retention, and privacy-choice practices.
14. Children
The Services are intended for businesses and adults and are not directed to children under 13. We do not knowingly serve or collect Personal Information from children under 13. If you believe a child has provided Personal Information to Slash, contact us and we will take appropriate steps as required by law.
15. Changes to This Policy
We may update this Policy periodically to reflect changes in our business, Services, legal requirements, or privacy practices. The updated Policy will be effective when posted, unless a later effective date is stated.
If required by law, or if we make material changes to how we use or disclose Personal Information, we will provide additional notice or obtain consent where required. Your continued use of the Services after an updated Policy becomes effective means you acknowledge the updated Policy, subject to any rights or choices available under applicable law.
16. Contact Details
Slash Financial, Inc.
Attn: Privacy
2261 Market Street STE 4244
San Francisco, CA 9411
United States
Email: privacy@slash.com
If you have questions or comments regarding this Policy or our privacy practices, please contact us. Privacy complaints will be routed to appropriate legal, compliance, privacy, or security personnel for review and response.