Privacy Policy

1. Introduction

SBN Platforms, LLC ("SBN Platforms," "we," "us," or "our") operates the Settl mobile application and related services (collectively, the "Service"). This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use the Service.

Please read this Privacy Policy carefully. By accessing or using the Service, you acknowledge that you have read, understood, and agree to be bound by this Privacy Policy. If you do not agree with our policies and practices, do not use the Service.

2. Information We Collect

2.1 Information You Provide

We collect information you provide directly to us, including:

• Account Information: When you create an account, we collect your name, email address, phone number, and authentication credentials.
• Identity Verification: To comply with financial regulations and prevent fraud, we collect identity verification information through Stripe Identity, which may include date of birth, government-issued identification, and biometric data for verification purposes.
• Payment Information: When you make contributions or set up payout methods, payment information (such as bank account details or debit card information) is collected and processed by Stripe. We do not store complete payment card numbers on our servers.
• Pool Information: Information about pools you create or contribute to, including names, descriptions, goal amounts, deadlines, payout structures, and your role (organizer or contributor).
• Transaction History: Records of contributions you make, refunds you receive, and payouts you receive.
• Communications: Information you provide when you contact us for support or other inquiries.

2.2 Information Collected Automatically

When you use the Service, we automatically collect certain information, including:

• Device Information: Device type, operating system, unique device identifiers, and mobile network information.
• Usage Information: How you interact with the Service, including features used, pools viewed, and actions taken.
• Log Information: Access times, pages viewed, IP address, and the page you visited before navigating to the Service.
• Location Information: General location information based on your IP address.

2.3 Information from Third Parties

We may receive information about you from third parties, including:

• Stripe: Our payment and identity verification provider shares limited transaction information, verification status, and identity confirmation with us.
• Authentication Providers: If you sign in using a third-party service (such as Google or Apple), we receive basic profile information from that service.

3. Why We Require Identity Verification

Settl requires all users to have verified accounts. There are no anonymous or guest contributions. This requirement is fundamental to our service:

• Contractual Enforceability: Pools are binding financial agreements. All parties must be identifiable for these agreements to be enforceable.
• Trust and Transparency: Pool participants can see who has contributed, enabling accountability within groups.
• Payout Eligibility: Recipients of payouts must be verified account holders.
• Fraud Prevention: Identity verification through Stripe Identity helps prevent fraudulent activity and protects all users.
• Regulatory Compliance: Financial services regulations require us to verify the identity of our users.

4. How We Use Your Information

We use the information we collect to:

• Provide, maintain, and improve the Service
• Verify your identity and create your account
• Process transactions and send related information (confirmations, receipts, refunds)
• Enforce pool rules and deadlines
• Display your participation to other pool members (name and contribution status)
• Send you technical notices, updates, security alerts, and support messages
• Respond to your comments, questions, and customer service requests
• Monitor and analyze trends, usage, and activities in connection with the Service
• Detect, investigate, and prevent fraudulent transactions and other illegal activities
• Comply with legal obligations and enforce our Terms of Service

5. How We Share Your Information

5.1 With Other Pool Participants

When you participate in a pool, certain information is visible to other participants:

• Your name and profile information
• Your contribution status and amount
• Your votes on payout proposals (in pools with voting)
• Your role (organizer or contributor)

This transparency is essential to Settl's trust model. Pools are private to their participants, but within a pool, activity is visible to all members.

5.2 With Service Providers

We share information with third-party service providers who perform services on our behalf:

• Stripe: Our payment and identity verification provider receives payment information and identity documents to process contributions, refunds, payouts, and identity verification. Stripe's privacy policy governs their use of this data.
• Firebase/Google Cloud: Our infrastructure provider hosts our application and data.
• Analytics Providers: We may use analytics services to understand how users interact with the Service.

5.3 For Legal Reasons

We may disclose your information if we believe it is necessary to:

• Comply with applicable law, regulation, legal process, or governmental request
• Enforce our Terms of Service and other agreements
• Protect the rights, property, or safety of SBN Platforms, our users, or others
• Detect, prevent, or address fraud, security, or technical issues

5.4 Business Transfers

If SBN Platforms is involved in a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction. We will notify you of any change in ownership or uses of your information.

5.5 With Your Consent

We may share your information for other purposes with your explicit consent.

6. Information We Do NOT Share

We do not:

• Sell your personal information to third parties
• Share your information with advertisers for targeted advertising
• Make pools or contributions publicly discoverable (pools are invitation-only)
• Share your complete payment card information (this is handled entirely by Stripe)
• Share identity verification documents beyond what is necessary for verification

7. Data Retention

We retain your information for as long as necessary to provide the Service and fulfill the purposes described in this Privacy Policy:

• Account Information: Retained for as long as your account is active and for a reasonable period thereafter.
• Transaction Records: Retained indefinitely to maintain accurate records of pool activity, support any necessary dispute resolution, and comply with legal and regulatory requirements.
• Pool Data: Retained indefinitely as part of transaction history and for audit purposes.
• Identity Verification Records: Retained as required by applicable regulations and for fraud prevention purposes.
• Communications: Retained for as long as necessary to resolve inquiries and for quality assurance.

Even after account deletion, we may retain certain information as required by law or for legitimate business purposes (such as fraud prevention and legal compliance).

8. Data Security

We implement appropriate technical and organizational measures to protect your information against unauthorized access, alteration, disclosure, or destruction. These measures include:

• Encryption of data in transit and at rest
• Secure authentication through Firebase Authentication
• PCI-compliant payment processing through Stripe
• Identity verification through Stripe Identity with secure document handling
• Regular security assessments and monitoring
• Access controls limiting employee access to personal information

However, no method of transmission over the Internet or electronic storage is 100% secure. While we strive to protect your information, we cannot guarantee absolute security.

9. Your Rights and Choices

9.1 Account Information

You may update or correct your account information at any time through the app settings. If you wish to delete your account, please contact us at privacy@getsettl.com.

9.2 Communications

You may opt out of promotional communications by following the unsubscribe instructions in those messages. You cannot opt out of transactional communications related to your account or pool activity, as these are essential to the Service.

9.3 Data Access and Portability

You may request access to the personal information we hold about you or request a copy of your data in a portable format. Contact us at privacy@getsettl.com to make such a request.

9.4 Data Deletion

You may request deletion of your personal information. Note that we may retain certain information as required by law, for legitimate business purposes, or to complete transactions you initiated. Transaction records associated with completed pools may be retained even after account deletion to maintain the integrity of pool records.

10. State-Specific Privacy Rights

10.1 California Residents

If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA):

• Right to Know: You may request information about the categories and specific pieces of personal information we have collected about you.
• Right to Delete: You may request deletion of your personal information, subject to certain exceptions.
• Right to Non-Discrimination: We will not discriminate against you for exercising your privacy rights.
• Shine the Light: California Civil Code Section 1798.83 permits California residents to request certain information regarding disclosure of personal information to third parties for direct marketing purposes. We do not share personal information with third parties for their direct marketing purposes.

To exercise these rights, contact us at privacy@getsettl.com.

10.2 Other State Rights

Residents of other states may have additional privacy rights under their state laws. Please contact us at privacy@getsettl.com for information about rights that may apply to you.

11. Children's Privacy

The Service is not intended for individuals under the age of 18. We do not knowingly collect personal information from children under 18. If we learn that we have collected personal information from a child under 18, we will take steps to delete that information promptly. If you believe we have collected information from a child under 18, please contact us at privacy@getsettl.com.

12. Third-Party Services

The Service integrates with third-party services, including:

• Stripe: For payment processing, connected accounts, and identity verification. Stripe's collection and use of your information is governed by their privacy policy at stripe.com/privacy.
• Firebase/Google Cloud: For authentication and data storage. Google's privacy policy applies to their services.

We are not responsible for the privacy practices of these third parties. We encourage you to review their privacy policies.

13. International Users

The Service is currently available only in the United States. If you access the Service from outside the United States, please be aware that your information may be transferred to, stored, and processed in the United States where our servers are located.

14. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. If we make material changes, we will notify you through the Service or via email at least thirty (30) days before the changes take effect. Your continued use of the Service after the effective date of any changes constitutes your acceptance of the updated Privacy Policy.

We encourage you to review this Privacy Policy periodically to stay informed about our information practices.

15. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or our privacy practices, please contact us at: