Futureproof Privacy Policy

Last Updated: October 1, 2025

‍

Thank you for choosing Futureproof Ops, Inc. ("Futureproof," "we," "us," or "our"). Your privacy is important to us. This Privacy Policy explains how we collect, use, share, and protect your information when you use our AI-powered financial operations platform and related services (collectively, the "Services").

By using our Services, you agree to the practices described in this Privacy Policy. If you don't agree, please don't use our Services.

For information about how we handle your use of the Services, please see our Terms of Service.

Contact Us:

Email: privacy@runfutureproof.com
Address: 644 Holly Springs Rd, STE 80, Holly Springs, NC 27540, USA

‍

Information We Collect
How We Use Your Information
AI Training and Product Improvement
How We Share Your Information
Bank Connections and Financial Data
Data Room and Document Sharing
Third-Party Access
Cookies and Tracking Technologies
Data Security
Data Retention and Deletion
Your Privacy Rights
International Data Transfers
Children's Privacy
Changes to This Policy
Contact Us

‍

1. INFORMATION WE COLLECT

‍

Information You Provide

‍

Account Information:

Name, email address, company name
Password and authentication credentials
Billing information (credit card details, billing address)
Phone number (if provided)

Financial Data:

Transaction data from connected bank accounts and credit cards
Manually entered transactions and adjustments
Transaction categorizations and notes
Financial forecasts and projections
Cap table information and equity data
Documents uploaded to the data room
Budget data and departmental allocations

Communications:

Messages you send to our support team
Feedback and survey responses
Information you provide when participating in beta programs

‍

Information We Collect Automatically

‍

Usage Information:

Pages visited, features used, and time spent on the Services
Device information (type, operating system, browser)
IP address and general location (city/state level)
Login times and access patterns

Cookies and Similar Technologies: We use cookies, pixels, and similar technologies to collect usage data and improve the Services. See Section 8 for details.

‍

Information from Third Parties

‍

Bank Connection Services: When you connect a bank account through services like Plaid, we receive transaction data, account balances, and account details from your financial institution.

‍

CRM and HRIS Integrations: If you connect customer relationship management (CRM) or human resources information systems (HRIS) through our Services, we may receive:

Contact and customer data from your CRM (e.g., Salesforce, HubSpot)
Employee and payroll data from your HRIS (e.g., BambooHR, Gusto)
Sales pipeline and data information
Headcount and compensation data
Related metadata and usage information

These integrations are facilitated through Unified.to, our API integration partner. The data we access depends on the permissions you grant and the integrations you enable.

‍

Other Sources: We may receive information from service providers who help us operate the Services (e.g., payment processors, analytics providers).

‍

2. HOW WE USE YOUR INFORMATION

‍

We use your information to:

‍

Provide the Services:

Process and categorize your transactions
Generate financial forecasts and reports
Manage your cap table and equity
Facilitate data room document sharing
Sync data from your connected bank accounts, CRM, and HRIS systems
Enhance forecasting with sales pipeline and hiring plan data
Provide customer support

Improve the Services:

Train and improve our AI models (see Section 3)
Develop new features and enhance existing ones
Analyze usage patterns to improve user experience
Conduct internal research and analytics

Communicate with You:

Send account-related notifications and updates
Respond to your inquiries and requests
Send service announcements and feature updates
Request feedback or participation in research

Business Operations:

Process payments and prevent fraud
Comply with legal obligations
Enforce our Terms of Service
Protect our rights and the security of our Services

Marketing (with your consent):

Send promotional emails about new features
Share relevant content and resources

You can opt-out of marketing communications at any time by clicking "unsubscribe" in any email or contacting privacy@runfutureproof.com.

‍

3. AI TRAINING AND PRODUCT IMPROVEMENT

‍

During Your Active Subscription

‍

We use your financial data (in de-identified, anonymized, and aggregated form) to train our artificial intelligence models and improve the Services for all users.

‍

What This Means:

When you categorize transactions, confirm forecasts, or make corrections, our AI learns from these patterns
This helps us make categorization and forecasting more accurate for everyone
Your specific financial details and identifying information are never shared with other customers

Example: When you categorize a "Stripe" transaction as "Payment Processing," our AI learns this pattern to suggest the same for other SaaS companies. We never share your actual amounts, company name, or other identifying details.

‍

After You Cancel Your Subscription

‍

When you cancel, you have 30 days to export your data. After that:

‍

What We Retain:

De-identified, anonymized transaction patterns to continue improving our AI models
Aggregated usage data combined with hundreds of other customers

What We Delete Immediately:

Data room documents
Cap table details
Access credentials

What "Anonymized" Means:

All personally identifiable information removed (company name, specific vendor names you added, account numbers)
Data aggregated with data from many other customers
Cannot reasonably be used to re-identify you or your company

Your Options:

Opt-Out of AI Training: Email privacy@runfutureproof.com with subject "Opt-Out of AI Training" to exclude your data from future AI model training
Request Complete Deletion: Email privacy@runfutureproof.com with subject "Data Deletion Request" to have your data deleted (typically within 90 days, except data required by law)

Automatic Deletion Timeline:

After approximately 1 year: Identifiable data deleted (only anonymized patterns remain)
After approximately 7 years: All data deleted except as required by law

Actual deletion timing may vary based on system processes and backup retention schedules.

For complete details, see Section 10.

‍

4. HOW WE SHARE YOUR INFORMATION

‍

We never sell your personal information. We share your information only in the following circumstances:

‍

Service Providers

‍

We share data with third-party companies that help us operate the Services:

Plaid Technologies, Inc. - Bank connection services for importing transaction data
Unified.to - API integration platform for connecting CRM and HRIS systems (e.g., Salesforce, HubSpot, BambooHR, Gusto)
Cloud hosting providers - Data storage and infrastructure
Payment processors - Subscription billing (we don't store your full credit card number)
Email providers - Account communications and support
Analytics providers - Usage analytics and product improvement

These providers are contractually required to protect your data and use it only for specified purposes.

‍

Your Direction

‍

Data Room: When you share documents through our data room, they're accessible to the investors, advisors, or other recipients you designate. We don't monitor or review shared content.

‍

Third-Party Users: When you grant access to accountants, bookkeepers, or other professionals, they can view and use your data according to the permissions you set.

‍

Connected Systems: When you connect CRM or HRIS systems, we access data from those systems according to the permissions you grant. Your use of those systems is governed by their respective privacy policies.

‍

Business Transfers

‍

If Futureproof is involved in a merger, acquisition, or sale of assets, your data may be transferred to the acquiring entity. We'll notify you before your data is transferred and becomes subject to a different privacy policy.

‍

Legal Requirements

‍

We may disclose your information to:

Comply with legal obligations (subpoenas, court orders)
Protect our rights, property, and safety
Prevent fraud or security threats
Enforce our Terms of Service

‍

With Your Consent

‍

We may share your information in other contexts with your explicit consent.

‍

5. BANK CONNECTIONS AND FINANCIAL DATA

‍

How Bank Connections Work

‍

Our Services allow you to connect bank accounts and credit cards through third-party financial data aggregation services (primarily Plaid Technologies, Inc.).

‍

When you connect an account:

You authorize us and our service providers to access your transaction data
We receive transaction details, account balances, and account information
We do not store your banking login credentials - these are handled securely by our third-party providers
Your connection is governed by both our Privacy Policy and the third-party provider's privacy policy

Third-Party Privacy Policies:

Plaid: https://plaid.com/legal
Unified.to: https://unified.to/privacy
Review their policies to understand how they handle your credentials and data

‍

When You Disconnect a Bank Account

‍

What Stops:

Automatic import of new transactions from that account
Access to your account through the third-party service

What Remains:

Historical transaction data previously imported
Your categorizations and modifications
Financial records and reports that include data from that account

Why We Retain Historical Data:

Accurate bookkeeping requires complete historical records
Tax reporting may require prior period transaction data
Financial statements need historical comparisons
Legal and regulatory requirements may mandate retention

‍

Deleting Historical Bank Data

‍

To delete historical transaction data from a disconnected account, email privacy@runfutureproof.com with a deletion request. We'll inform you of the implications (gaps in financial records, potential tax compliance issues) before processing.

‍

Important: Deletion is permanent and cannot be undone.

‍

6. DATA ROOM AND DOCUMENT SHARING

‍

How the Data Room Works

‍

Our data room feature allows you to securely share pitch decks, financial statements, and other documents with investors, advisors, and stakeholders.

‍

You Control Access:

You decide what to share and with whom
You set permissions for each recipient
You can revoke access at any time

Our Role:

We provide the technical infrastructure and security
We don't monitor, review, or access your shared documents
We may provide analytics on views and engagement

When You Delete or Revoke Access:

Documents are removed from our platform
Recipients who previously downloaded documents may still have copies
We're not responsible for how recipients use or retain documents they've accessed

‍

7. THIRD-PARTY ACCESS

‍

You may grant access to your Account to accountants, bookkeepers, tax preparers, or other financial professionals.

‍

When you grant access:

Third-Party Users can view and use your data according to the permissions you set
They must comply with our Terms of Service
You're responsible for managing their access and permissions

We don't:

Have direct relationships with Third-Party Users
Verify their credentials or qualifications
Monitor their use of your data

You should:

Only grant access to trusted professionals
Revoke access when no longer needed
Review permissions regularly

‍

8. COOKIES AND TRACKING TECHNOLOGIES

‍

We use cookies, pixels, web beacons, and similar technologies to:

Remember your preferences and settings
Understand how you use the Services
Improve performance and user experience
Provide security features
Analyze usage patterns

‍

Types of Cookies We Use

‍

Essential Cookies: Required for the Services to function (e.g., authentication, security)

‍

Analytics Cookies: Help us understand how users interact with the Services (e.g., Google Analytics)

‍

Preference Cookies: Remember your settings and choices

‍

Your Choices

‍

Browser Settings: Most browsers allow you to control cookies through settings. Note that blocking essential cookies may prevent you from using some features.

‍

Opt-Out Tools:

Google Analytics: https://tools.google.com/dlpage/gaoptout
Industry opt-out tools: http://optout.aboutads.info and http://optout.networkadvertising.org

‍

Do Not Track: We don't currently respond to "Do Not Track" browser signals, but you can use the opt-out tools above.

‍

9. DATA SECURITY

‍

We implement industry-standard security measures to protect your information:

Encryption: Data encrypted in transit (TLS/SSL) and at rest
Access Controls: Limited employee access based on role and need
Authentication: Secure login with optional two-factor authentication
Monitoring: Regular security audits and vulnerability assessments
Secure Infrastructure: Data hosted in SOC 2 compliant data centers

However, no system is completely secure. We cannot guarantee absolute security and are not liable for unauthorized access or security incidents beyond our reasonable control.

‍

Your Responsibility:

Use strong, unique passwords
Enable two-factor authentication when available
Keep login credentials confidential
Notify us immediately of suspected security incidents

‍

10. DATA RETENTION AND DELETION

‍

During Active Use

We retain your data for as long as your Account is active and as necessary to provide the Services.

‍

After Disconnecting Bank Accounts

When you disconnect a bank account, we retain historical transaction data as part of your bookkeeping records unless you request deletion.

‍

After Disconnecting CRM or HRIS Systems

When you disconnect CRM or HRIS integrations, we stop importing new data but retain historical data previously imported for forecasting and reporting purposes unless you request deletion.

‍

After Account Cancellation

First 30 Days:

You can log in and export your data (CSV, Excel, PDF)
Full access to all features for data retrieval

Immediately Upon Cancellation:

Data room documents deleted
Cap table details deleted
Access credentials deleted

After 30 Days:

You lose access to your data through our platform
De-identified, anonymized transaction patterns retained for AI training (unless you opt-out)
Specific financial details and identifying information not retained

After Approximately 1 Year:

Identifiable transaction data deleted
Only anonymized, aggregated patterns remain (if you haven't opted out)

After Approximately 7 Years:

All remaining data deleted except as required by law

Note on Timing: Actual deletion timing may vary based on system processes, backup rotation schedules, and technical constraints. Data in disaster recovery backups is typically deleted within 180 days but may persist longer due to backup retention schedules.

‍

Legal and Regulatory Retention

We may retain certain data longer as required by:

Tax laws and regulations (typically 3-7 years for financial records)
Anti-money laundering and fraud prevention laws
Legal process (subpoenas, court orders, pending litigation)
Legitimate business interests (enforcing our Terms, protecting our rights)

‍

Beta Features

Data created using Beta Features may be lost, corrupted, or deleted if features are modified or discontinued. You're responsible for backing up important data from Beta Features.

‍

Our Commitment

While we strive to meet the timelines outlined above, actual deletion may vary based on technical and operational constraints, backup procedures, and system architecture. We will always comply with applicable legal retention requirements and data protection regulations.

‍

11. YOUR PRIVACY RIGHTS

‍

Depending on your location, you may have the following rights:

‍

Access and Portability

Request a copy of your personal data
Export your financial data in common formats (available directly in the Services)

‍

Correction

Request correction of inaccurate data
Update account information directly in your settings

‍

Deletion

Request deletion of your data (subject to legal retention requirements)
See Section 10 for deletion timelines and processes

‍

Restriction and Objection

Object to certain data processing activities
Restrict how we process your data in certain circumstances

‍

Opt-Out of AI Training

After cancellation, opt-out of having your anonymized data used for AI training
Email privacy@runfutureproof.com with subject "Opt-Out of AI Training"

‍

Withdraw Consent

Withdraw consent for marketing communications or other optional data uses

‍

How to Exercise Your Rights

Email privacy@runfutureproof.com with your request. Include:

Your name and Account email
Specific right you're exercising
Any relevant details

We'll typically respond within 30 days (or as required by applicable law). We may need to verify your identity before processing certain requests. Response times may vary based on the complexity of the request and volume of requests received.

‍

California Residents (CCPA)

Under the California Consumer Privacy Act, you have additional rights:

Right to Know: What personal information we collect, use, and share
Right to Delete: Request deletion of your personal information
Right to Opt-Out: We don't "sell" personal information for monetary consideration, but you can opt-out of AI training after cancellation
Right to Non-Discrimination: We won't discriminate against you for exercising your privacy rights

‍

European Residents (GDPR)

If you're in the European Economic Area, UK, or Switzerland, you have additional rights under GDPR:

Legal Basis: We process your data based on contract performance, legitimate interests, legal obligations, or consent
Right to Lodge a Complaint: You can file a complaint with your local data protection authority
Data Protection Officer: Contact privacy@runfutureproof.com for data protection inquiries

‍

12. INTERNATIONAL DATA TRANSFERS

‍

Futureproof is based in the United States. If you're located outside the U.S., your information will be transferred to and processed in the United States.

‍

Data Protection: We take appropriate safeguards to protect your information when transferred internationally, including:

Standard Contractual Clauses (SCCs) where applicable
Ensuring service providers maintain adequate data protection
Compliance with applicable data transfer regulations

By using our Services, you consent to the transfer of your information to the United States and other countries where we or our service providers operate.

‍

13. CHILDREN'S PRIVACY

‍

Our Services are not intended for individuals under 18 years old. We don't knowingly collect personal information from minors under 18.

‍

If we become aware that we've collected data from a person under 18, we'll take steps to delete it promptly. If you believe we've collected information from a minor, please contact us at privacy@runfutureproof.com.

‍

14. CHANGES TO THIS POLICY

‍

We may update this Privacy Policy periodically to reflect changes in our practices, technology, legal requirements, or other factors.

When We Make Changes:

We'll update the "Last Updated" date at the top
For material changes, we'll make reasonable efforts to notify you by email or prominent notice on the Services
Changes become effective when posted unless we specify otherwise

Your Continued Use: Your continued use of the Services after changes become effective means you accept the updated Privacy Policy.

‍

Review Regularly: We encourage you to review this Privacy Policy periodically to stay informed about how we protect your information.

‍

15. CONTACT US

‍

If you have questions about this Privacy Policy or want to exercise your privacy rights, please contact us:

Futureproof Ops, Inc. 644 Holly Springs Rd, STE 80 Holly Springs, NC 27540 USA

‍

Email: privacy@runfutureproof.com

Privacy Policy

TABLE OF CONTENTS