About Us

Trealit and Treality LLC. (“Trealit”, “we”, “our, and “us”) provides technology and related services, including the Trealit platform and Trealit APIs, to enable technology companies to access to financial products and services offered by Trealit’s bank partners and other financial institutions (“Bank Partners”).

About This Notice

Privacy and security are extremely important to us. This Privacy Policy (“Policy”) describes how we collect, use, and share information to operate our business, to develop and improve our products and services, and as otherwise outlined in this Policy. We suggest you read this Policy carefully.

When you see the terms “you” or “your” in this Policy, it refers to you, the individual or entity who visits our websites or uses our Services (as defined below), including website visitors, current or prospective business customers (collectively, “Clients”) and customers of our Clients (“End Users”).

This Policy explains the ways we collect, use, and share information in connection with the use of our websites, products, or services, including, without limitation, the Trealit platform, dashboard, APIs, white-label application form, sandbox, and pilot (collectively, the “Services”).

This Policy covers information concerning Clients (“Client Information”), End Users (“End User Information”), website visitors and other users or potential users of our Services (“Website Visitors”). Please note that this Policy only covers information that Trealit collects, uses, and shares. This Policy does not cover any websites, products, or services provided by third parties, including any third-party websites, applications, or services that may be accessed through the Services.

By using the Services, you accept and agree to this Policy. If you do not agree to this Policy, do not use or continue to use the Services.

Client and Website Visitor Information Collection and Use

How We Collect Information from Clients and Website Visitors

We collect information from or about Clients in various ways including:  

Directly from you. Trealit collects certain information from you directly, including information you share when you:

  • Complete our “contact us” form to set up a demo or create a developer account for the Trealit sandbox;
  • Request customer support through our “Help” link;
  • Complete our due diligence application;
  • Login to our developer portal; or
  • Contact us directly.

Automatically when you visit our website or use our Services. We may collect location information, device information, online or mobile activity information and other information about you when you visit, use, or interact with our website or Services using online tracking tools or technologies as explained in more detail in the “How We Use Online Tracking Tools or Technologies” section of this Policy.

From other sources. We may also collect information about you from additional sources, including, without limitation, from our bank partners, publicly available sources, commercially available third-party sources, other members of your company or vendors that help us identify new Clients. We may combine this information with personal and other information we collect about you under this Policy.

Information We Collect from Clients and Website Visitors

When you visit our website or use the Services, we may collect certain information about or from you, depending on how you interact with the website and our Services. For example:

When you request to use our Services. We may collect:

  • Personal Identifiers (for example, your name, email address, phone number, username, or other additional information we may ask you to provide or you choose to provide);
  • Professional Information (for example, your company legal name, title, employer identification number (“EIN”) or other information relating to your business or beneficial owners, which may include Personal Identifiers described above or other additional information we may ask you to provide or you choose to provide); and
  • Financial Information (for example, financial account name and number, balance, transaction history, or other additional information we may ask you to provide or you choose to provide);
  • Inferences we derive from the information we collect.

When you browse, visit, use, or interact with our Services. We may also collect:

  • Location Information (for example, your time zone setting and device location);
  • Device Information (for example, your device type or model, web browser type and version, and operating system type and version);
  • Online or Mobile Activity Information (for example, your Internet Protocol (“IP”) address, the domain name of your Internet service provider, your browser data, search history and information about how and when you use or interact with our Services); and
  • Inferences we derive from the information we collect (for example, we may derive location information from your IP address).

From other third parties, including our Clients and bank partners, in connection with the services we provide to them. We may collect contact information and similar data to assist in providing services to our partner banks and Clients.

How We Use the Information We Collect from Clients and Website Visitors

We may use the information we collect from Clients and Website Visitors for various purposes, including, for example, for the purposes described below:

  • Provide Services: To operate, provide, and maintain our Services, including related to offering financial products or services and sending you technical notices, updates, security alerts, and administrative messages;
  • Improve Existing Services: To improve, enhance, modify, add to, and further develop our Services, including related to offering financial products or services and personalizing the Services’ experience for you;
  • Develop New Services: To develop new products and services, including communicating with you about products, services, offers, and events we offer or sponsor and providing you with news and other information that we think may be of interest to you;
  • Verify Identity: To verify your identity and the identities of other members of your company, including by conducting identity verification checks when you request or use our Services;
  • Provide Support: To respond to your comments, questions, inquiries, and customer service requests;
  • Marketing: To advertise and market our products and services to you;
  • For Analytics: To conduct analytics and research, including by examining which parts of our website you visit or which aspects of our Services you find most useful, evaluating user interface and experiences, testing features or functionality, performing debugging and error repair, and analyzing the use of our Services. We may also use aggregated and de-identified information to provide you with trends and other analytics, including by using or modifying the information described in this Policy in a manner that does not allow us to reasonably identify you.
  • Prevent Fraud: To detect and prevent fraud, malicious activity, and other illegal activities;
  • Protect Against Security Risks: To protect against security risks, including by monitoring network activity logs, detecting security incidents, and conducting data security investigations;
  • Investigate Misuse or Misconduct: To investigate any misuse of our Services, including to protect the rights, privacy, safety, or property of Trealit, its bank partners, Clients, End Users, and others;
  • For Legal Purposes: To carry out legal purposes, including to comply with applicable laws, to respond to civil, criminal, or regulatory lawsuits, subpoenas, or investigations, to exercise our rights or defend legal claims, and to resolve complaints and disputes; and

With Your Consent: For other notified purposes with your consent at your direction.

End User Information Collection and Use

How We Collect Information from End Users

We collect information from or about End Users in various ways including, without limitation:  

  • Directly from you. We collect information directly from you when you use or access Trealit’s white labeled application form (“Application Form”). The Application Form is a technology service provided to our Clients and partner banks that Clients may incorporate into their online or mobile application to obtain the information needed from End Users to apply for or otherwise obtain products and services offered by the Client or a partner bank;
  • As a service provider. We collect information about you that you provided to one or more of our Clients or partner banks. Trealit is acting as a service provider to these Clients and partner banks when we collect this information about you from them;
  • From vendors or other third parties. We may receive information about you from vendors or other third parties in connection with providing the Services.

Information We Collect from End Users

When you use our Application Form, or in our capacity as a third-party service provider to bank partners and our Clients, we may collect certain information about or from you. For example:

  • Personal Identifiers (for example, your name, email address, phone number, username, or other additional information partner banks or our Clients may ask you to provide or you choose to provide);
  • Professional Information (for example, your title, the name of your employer or other additional information partner banks or our Clients may ask you to provide or you choose to provide);
  • Financial Information (for example, financial account name and number, balance, transaction history or other additional information when you request or use a financial product or service offered by a partner bank or our Clients);
  • Location Information (for example, your time zone setting and device location);
  • Device Information (for example, your device type or model, web browser type and version, and operating system type and version);
  • Online or Mobile Activity Information (for example, your Internet Protocol (“IP”) address, the domain name of your Internet service provider, your browser data, search history and information about how and when you use or interact with our Services); and
  • Inferences we derive from the information we collect.

How We Use the Information We Collect from End Users

We may use the End User Information we collect for various purposes, including, without limitation, the purposes described below:

  • Provide Services: To operate, provide, and maintain our Services related to the offering of financial products or services to you by our Clients;
  • Improve Existing Services: To improve, enhance, modify, add to, and further develop our Services related to the offering financial products or services to you by our Clients;
  • Protect Against Security Risks: To protect against security risks, including by monitoring network activity logs, detecting security incidents, and conducting data security investigations;
  • For Legal Purposes: To carry out legal purposes, including to comply with applicable laws, to respond to civil, criminal, or regulatory lawsuits, subpoenas, or investigations, to exercise our rights or defend legal claims, and to resolve complaints and disputes; and 
  • With Your Consent: For other notified purposes with your consent at your direction.

How We Share Information We Collect

We may share information we collect for various purposes, including, without limitation:

  • Affiliates, Subsidiaries or Parents. We may share your information with our affiliates, subsidiaries or parents when permitted under relevant laws and regulations.
  • Business Partners. We may share your information with our bank partners and other companies that we work with.
  • Service Providers. We may use other companies to provide services on our behalf and to help us run our business. We may share your information with these service providers or they may collect information on our behalf, for various business purposes. For example, we may use service providers for hosting and securing our information systems, detecting and preventing fraud, or to help us qualify Clients or their End Users to receive products or services from our partner banks.
  • Third Parties You Authorize or Direct Us to Share Your Information With. We may share your information with your consent or at your direction.
  • Government Entities and Other Third Parties with Whom We Share Your Information for Legal or Necessary Purposes.  We may share your information with government agencies or similar entities for legal and necessary purposes, such as:
  1. To respond to requests from regulators or to respond to a warrant, subpoena, government audit or investigation, law enforcement request, legal order, or other legal process;
  2. To facilitate a merger, acquisition, sale, bankruptcy, or other change in ownership or control of some or all of our assets or business; and
  3. For other legal purposes, such as to enforce our Terms of Use, exercise or defend legal claims, or if we determine disclosure is necessary or appropriate to protect the rights, safety, or property of Trealit, our partner banks, End Users, Clients, or third-parties related to the Services.

How We Use Online Tracking Tools or Technologies 

Services. We and third-party service providers acting on our behalf may use various online tools and technologies to collect information about you when you visit, interact with, or use our Services. For example, we or these third-parties may use these tools to provide analytics services and serve advertisements on our behalf across the internet, including Google Analytics. We or our third-party service providers  may use online tracking tools or technologies to collect information about your use of the Services and other websites and online services, including your IP address, web browser, pages viewed, time spent on pages, links clicked, and conversion information, that include, but are not limited to:

  • Cookies: Cookies are small amounts of data that a website’s server stores in your web browser. Cookies allow companies to recognize your device and store information about your preferences or areas of interest. For example we or our third-party service providers may use cookies to store information about pages you visited in our Services, your relationship with us, or other information we have associated with your device. Cookies may also allow us or our third-party service providers to relate your use of our Services to personalize your experience. Most web browsers allow you to manage or adjust your browser settings to decline or delete cookies but doing so may limit access to some of our Services and related features.
  • Web beacons: Web beacons are images or small strings of code that may be placed in a website, advertisement, email, or other marketing message. They allow companies to set or read cookies or transfer information to their servers when you load a webpage or interact with online content. For example, we or our third-party service providers may use web beacons to determine whether you interacted with a specific feature of our Services, viewed a particular advertisement, or opened a specific email. We or our third-party service providers may also use web beacons to help us recognize users, assess traffic or use patterns, and measure engagement with our Services, advertisements, emails, or other marketing campaigns.

Purposes.  Trealit and our third-party service providers use the information collected from online tracking tools or technologies  for various purposes including analyzing and tracking data, determining the popularity of certain content, delivering advertising and content targeted to your interests (“interest-based advertising”), and better understanding your online activity.

More information. For more information about interest-based ads, including to learn how you may be able to opt out of having your web browsing information used for interest-based or behavioral advertising purposes, please visit www.aboutads.info/choices. For more information about how Google uses your data, please visit www.google.com/policies/privacy/partners/.

International Data

To the extent that Trealit collects personal data or information, it is collected and stored in the United States. We do not transfer personal data or information outside the United States. The Services are controlled and operated by us from the United States and are not intended to subject us to the laws or jurisdictions of any state, country, or territory other than that of the United States.

Your Choices

Updating your information. You may update information you provide to us as part of your online developer account by logging into your account. In addition, or for other data rectification requests, you may contact us at the address provided in the “Contact Us” section.

Privacy rights of California residents. If you are a California resident, you have certain rights under the California Consumer Privacy Act (“CCPA”) regarding the personal information  we collect, use, or share, which may include the right to request access to or deletion of the personal information we collect about you. You may learn more about your rights in the “Rights of California Residents” section of this Policy.

Access of Services by Children

Our Services are not directed at children under 13. We do not knowingly collect personal information from children under 13. If a parent or guardian becomes aware that his or her child has provided us with personal information without the parent’s or guardian’s consent, he or she should contact us using the information provided in the “Contact Us” section of this Policy.

Changes to the Policy

We may update or change this Policy periodically. If we make any updates or changes, we will notify you by updating the effective date at the top of this Policy. We may also provide notice of any changes through other means, such as by sending you an email. We encourage you to review the Policy whenever you use or access the Services or otherwise interact with us to stay informed about our privacy practices and the choices available to you.

Reporting Security Incidents

We take privacy and security very seriously and request that our Clients, End Users, or other third- parties report suspected security incidents involving any of our Services that Clients, End Users or other third-parties become aware of, by contacting us at corp(at)reality.io.

Contact Us

Please contact us at corp(at)treality.io with any questions about this Policy or Trealit’s privacy practices.

Rights of California Residents

This section of the Policy details how we collect, use, and disclose personal information subject to the CCPA. It describes the types of personal information Trealit may collect about California residents subject to the CCPA, the sources of information from which we may collect personal information, and the ways that we use and disclose personal information. We also describe the privacy rights of California residents under the CCPA and how they can exercise those rights. “You” or “Your” as used in this section means, you, the individual who visits our websites, uses our Services, or when you otherwise interact with us.

California residents have the following rights regarding their personal information:

  • The right to request the specific pieces of personal information we collect about you; the categories of personal information we collect; the categories of sources we use to collect your personal information; the business or commercial purposes for collecting your personal information; and the categories of third-parties with whom we share your personal information, each as it pertains to our activities in the preceding twelve (12) months;
  • The right to request, on legitimate grounds, deletion of your personal information we collect;
  • The right to have someone you authorize to make a request on your behalf; and
  • The right not to be discriminated against for exercising any of your rights.

In some instances, we may decline to honor your request. For example, we may decline to honor your request if we cannot verify your identity or confirm the personal information we maintain relates to you, or if we cannot verify you have the authority to make a request on behalf of another individual. We may also decline to honor your request when an exception applies, such as where disclosure of personal information would adversely affect the rights and freedoms of another consumer or where the personal information we maintain about you is not subject to the CCPA.

Categories of Personal Information We Collect

The CCPA defines “personal information” as information that identifies, relates to, or could reasonably be linked (directly or indirectly) with a particular California resident or household. The CCPA generally does not apply to certain information, including personal information collected, processed, sold or disclosed pursuant to the federal Gramm-Leach-Bliley Act (“GLBA”) and its implementing regulations. The GLBA requires companies that offer consumers financial products or services to explain their information-sharing practices to their customers and to safeguard sensitive data.

Most of the personal information we collect about California residents is collected in the context of enabling our Clients to make available to End Users financial products and services from our bank partners pursuant to the GLBA and is not subject to the CCPA.

The categories of personal information we collect, use and disclose about a California resident depends on our specific relationship or interaction with that individual.

Categories of Our Sources of Personal Information

We have collected in the preceding 12 months personal information relating to California residents from the following sources. The examples provided below are for illustrative purposes only.

Sources
Illustrative Examples
Directly from California residents:
Applications for a product or service, bank transactions, interactions with our websites or mobile apps, calls to our call centers
Affiliates:
Companies related by common ownership or control, which may be financial or non-financial.
Business partners, Bank partners, Service providers, Software providers, communication services, fraud prevention services, data analytics providers, data security providers, data providers.
Third parties that California residents authorize or direct to share their information with us:
Payment processors, lenders, credit reporting agencies.
Government or public sources:
Public data published by state or federal governments

Purposes for Which We Use Personal Information

The purposes for which we use the personal information we collect depend on our relationship or interaction with a specific California resident. We may use personal information relating to California residents for one or more of the following business purposes:

  • Providing and maintaining our products and services;
  • Verifying your identity;
  • Detecting and preventing fraud;
  • Protecting against security risks;
  • Conducting research and data analysis;
  • Maintaining our facilities, systems, and infrastructure;
  • Improving our products and services;
  • Carrying out our legal and business purposes, such as complying with applicable laws, responding to civil, criminal, or regulatory lawsuits, or investigations, exercising our rights or defending against legal claims, resolving complaints and disputes, performing compliance activities, performing institutional risk control, and otherwise operating, managing, and maintaining our business; and
  • As otherwise disclosed to you at or before the point of collecting your personal information.

We may also use personal information relating to California residents for one or more of the specific “business purposes” listed in the CCPA:

  • Detecting security incidents, protecting against malicious, deceptive, fraudulent, or illegal activity, and prosecuting those responsible for that activity;
  • De-bugging to identify and repair errors that impair existing intended functionality;
  • Short-term, transient use;
  • Performing services on our behalf or on behalf of our service providers, including maintaining or servicing accounts, providing customer service, processing or fulfilling orders and transactions, verifying customer information, processing payments, providing financing, providing analytic services, or providing similar services on our behalf or on behalf of our service providers;
  • Undertaking internal research for technological development and demonstration; and
  • Undertaking activities to verify or maintain the quality of or safety of a service we own or control, and to improve, upgrade, or enhance the service that we own or control

Disclosure of Personal Information to Third Parties

In the preceding 12 months, we have disclosed each of the categories of personal information discussed above relating to California residents for our business purposes to one or more of the following categories of third-parties. The examples listed below are for illustrative purposes only.

Third Parties
Illustrative Examples
Affiliates;
Companies related by common ownership or control, which may be financial or non-financial.
Consumers:
You, your family, your associates, or your representatives
Business partners
Bank partners
Service providers
Software providers, communication services, fraud prevention services, data analytics providers, data providers, data security providers
Third parties that California residents authorize or direct to share their information with us
Payment processors, lenders, credit reporting agencies
Government entities and others when we share information for legal or necessary purposes
Regulatory and law enforcement agencies
Professional advisors
Accountant auditors, financial advisors, lawyers, and other outside professional advisors to us, subject to confidentiality

Sale of Personal Information

We do not offer an opt-out from the sale of personal information because we do not “sell” personal information about California residents within the meaning of the CCPA. For purposes of this section “sell” means the disclosure of personal information for monetary or other valuable consideration.

How to Exercise Your Rights 

If you are a California resident and would like to exercise your rights, please submit your request by emailing us at corp(at)reality.io.

Once we receive your request, we will try to verify your identity through accounts you have with us or by requesting additional information sufficient to confirm your identity, such as photos of your government-issued identification. We will also ask you questions to verify your identity. We may use also use a third-party identity verification service to verify your identity.

If you would like to use an agent or other person you authorize to exercise your CCPA rights or if you are an agent or authorized person seeking to exercise CCPA rights on behalf of another person, please contact us using one of the methods indicated above.